$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft File: KQN7v5LysPTDMKHN1KdiVs16VCI.mft (raw, json) Hash identifier: waTulVqmT3K9W+hfFROknLc0ip5W4z71sZXFmXAEUxA= Subject key identifier: 28:AA:D0:2E:C4:64:2A:67:56:3C:49:3A:6F:09:70:40:FC:20:3F:9C Authority key identifier: 29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 Certificate issuer: /CN=A91E9B89/serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft Manifest number: 8A Signing time: Sat 31 May 2025 06:06:48 +0000 Manifest this update: Sat 31 May 2025 06:06:47 +0000 Manifest next update: Sat 07 Jun 2025 06:06:47 +0000 Files and hashes: 1: KQN7v5LysPTDMKHN1KdiVs16VCI.crl (hash: j1TfIZFvexAbwqHOm6ay71IQUZlvU5Q4leuQDFZsAao=) 2: 2025BD6C6C3311EF99E0EF34C4F9AE02.roa (hash: v8gSdO2Oyevi0udRA9oSIzZPAk2F5XphTGY0llKdCYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:06:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9B89, serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Validity Not Before: May 31 06:06:47 2025 GMT Not After : Jun 7 06:06:47 2025 GMT Subject: CN=683a9c78-fc6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:60:97:9a:c6:b0:3b:d3:d6:74:ee:21:7e:d7: 61:f4:cc:ce:96:3e:b9:b6:3f:e7:39:55:df:0a:ec: 66:65:3b:41:5f:92:12:d1:65:40:e9:4c:eb:55:b3: 1c:17:8a:f3:96:3e:69:b8:8d:bd:b8:ac:2d:75:df: bf:1e:36:5d:61:d1:96:c7:fe:8e:76:36:ee:dd:0f: 4a:ba:9e:0b:73:21:1c:79:12:20:a1:c4:c1:f4:69: 62:ae:f6:2d:44:4a:5b:48:6a:54:72:30:d1:e2:62: 0d:47:34:34:f4:5d:2a:59:b0:71:8d:39:6e:eb:62: b1:b3:7d:b9:90:f0:e7:cc:4d:fd:7a:f8:9a:37:a6: be:bc:1a:1d:0d:1b:21:cc:29:02:5d:f2:96:2b:06: c6:a7:86:27:7a:86:ae:29:b0:38:87:5e:57:b1:fe: 8c:27:4c:9b:1d:7d:0f:b2:21:0c:3f:23:e2:ae:c2: a2:4a:33:b2:93:2f:ad:2e:55:bc:a5:ce:5e:36:05: 08:75:12:4e:5a:ce:66:d3:8a:56:8a:15:c4:7e:38: 6e:e4:87:18:9c:a1:b1:d9:9e:96:5b:6b:d6:d2:22: 62:7c:c1:60:51:bf:05:59:d5:ae:c0:61:31:ab:09: 5f:c5:ef:7a:1b:a3:72:f9:93:be:a4:be:ec:c1:e2: 0d:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:AA:D0:2E:C4:64:2A:67:56:3C:49:3A:6F:09:70:40:FC:20:3F:9C X509v3 Authority Key Identifier: keyid:29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:74:7a:bd:5f:20:7c:ee:fd:69:86:b6:fe:18:03:e2:49:2d: b1:ea:e1:f9:14:49:f7:d4:ed:6d:65:ae:b7:0b:d0:51:0c:47: 1e:2f:55:1a:27:8e:73:c8:33:8b:9e:11:70:e0:70:d4:2e:30: 01:fc:45:dc:e5:40:d9:3c:ae:f1:44:e2:24:3d:45:7d:a7:eb: 10:da:6e:69:b3:d9:6c:dc:d8:08:02:a5:4a:b7:91:a4:d8:df: 16:dd:42:0d:48:fc:07:cd:41:b2:e0:a3:5f:ae:bf:cd:1b:f0: ac:36:a7:1e:c3:bb:f6:ec:11:43:b2:5e:f3:3e:23:dc:21:05: ec:14:50:1f:81:61:c0:fe:d8:a7:a9:62:47:28:96:32:08:2d: d2:4e:27:1d:a8:6b:c2:b5:e4:d8:b4:88:ae:d8:4e:55:4b:1b: 41:17:81:f2:ff:7e:b4:3f:fa:e1:1f:ed:92:48:7e:5e:5d:38: 90:12:b8:78:e6:8c:24:d0:77:f8:94:57:48:16:c6:6b:2e:ff: 3d:6c:b9:23:c4:29:17:63:4a:72:a8:fb:40:33:6d:87:1f:ac: c4:ca:af:3d:29:b1:69:fd:18:aa:40:b6:19:68:50:72:2e:49: 0c:86:01:af:df:14:0d:c7:86:7b:e1:59:64:22:94:41:c9:0c: d3:6f:dd:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlCODkxMTAvBgNVBAUTKDI5MDM3QkJGOTJGMkIwRjRDMzMwQTFDREQ0QTc2MjU2 Q0Q3QTU0MjIwHhcNMjUwNTMxMDYwNjQ3WhcNMjUwNjA3MDYwNjQ3WjAYMRYwFAYD VQQDEw02ODNhOWM3OC1mYzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApmCXmsawO9PWdO4hftdh9MzOlj65tj/nOVXfCuxmZTtBX5IS0WVA6UzrVbMc F4rzlj5puI29uKwtdd+/HjZdYdGWx/6Odjbu3Q9Kup4LcyEceRIgocTB9GlirvYt REpbSGpUcjDR4mINRzQ09F0qWbBxjTlu62Kxs325kPDnzE39eviaN6a+vBodDRsh zCkCXfKWKwbGp4YneoauKbA4h15Xsf6MJ0ybHX0PsiEMPyPirsKiSjOyky+tLlW8 pc5eNgUIdRJOWs5m04pWihXEfjhu5IcYnKGx2Z6WW2vW0iJifMFgUb8FWdWuwGEx qwlfxe96G6Ny+ZO+pL7sweINLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCiq0C7E ZCpnVjxJOm8JcED8ID+cMB8GA1UdIwQYMBaAFCkDe7+S8rD0wzChzdSnYlbNelQi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUI4OS80MzY3QzIwRTZD MTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQVERNS0hOMUtkaVZzMTZW Q0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRTjd2NUx5c1BURE1LSE4xS2RpVnMxNlZDSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUI4OS80MzY3QzIwRTZDMTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQ VERNS0hOMUtkaVZzMTZWQ0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZdHq9XyB87v1phrb+GAPiSS2x6uH5FEn31O1tZa63C9BRDEceL1Ua J45zyDOLnhFw4HDULjAB/EXc5UDZPK7xROIkPUV9p+sQ2m5ps9ls3NgIAqVKt5Gk 2N8W3UINSPwHzUGy4KNfrr/NG/CsNqcew7v27BFDsl7zPiPcIQXsFFAfgWHA/tin qWJHKJYyCC3STicdqGvCteTYtIiu2E5VSxtBF4Hy/360P/rhH+2SSH5eXTiQErh4 5owk0Hf4lFdIFsZrLv89bLkjxCkXY0pyqPtAM22HH6zEyq89KbFp/RiqQLYZaFBy LkkMhgGv3xQNx4Z74VlkIpRByQzTb909 -----END CERTIFICATE-----Generated at Sat May 31 17:11:28 2025 by rpki-client