$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft File: KHuwzWb71-W3qIumZ4kSTAsExXg.mft (raw, json) Hash identifier: lz1wcRNALDbrJu7QJQ2C4qWVtDpdVeeMqjLADXOhtz8= Subject key identifier: C1:34:36:3E:71:8B:D2:F1:C8:87:07:08:98:8D:96:B0:67:76:D7:6D Authority key identifier: 28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 Certificate issuer: /CN=A91EAE25/serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Certificate serial: 0BA9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft Manifest number: 0B9C Signing time: Wed 20 Aug 2025 19:04:24 +0000 Manifest this update: Wed 20 Aug 2025 19:04:23 +0000 Manifest next update: Wed 27 Aug 2025 19:04:23 +0000 Files and hashes: 1: KHuwzWb71-W3qIumZ4kSTAsExXg.crl (hash: T+MUPfjypzb0f4D5FQIx8Fd/qZP5zSbvEJ9lxc3zzoE=) 2: 2BA212DC306D11EA81D19B38C4F9AE02.roa (hash: t1CbmrYkwmBmGPrreNUR9MWvKRnTUYs/Z13bobbplHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 19:04:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2985 (0xba9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE25, serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Validity Not Before: Aug 20 19:04:23 2025 GMT Not After : Aug 27 19:04:23 2025 GMT Subject: CN=68a61c38-3f7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9f:97:6b:a3:46:74:37:ae:31:6f:18:37:ca: bf:b4:0f:5c:16:da:57:bb:e1:2c:ad:c7:09:92:df: 68:26:f7:a4:b9:31:e3:01:b1:f4:e6:2c:25:b2:ae: 22:b0:e5:1c:d7:a6:a2:c3:f3:76:ed:db:c4:ed:32: ca:4b:e2:30:4e:12:72:88:e7:f9:5b:c4:cb:1f:6d: 4d:ae:a0:6b:a4:4a:4d:b7:64:87:0d:57:32:a5:54: fd:d1:74:e5:a1:13:07:d7:09:22:46:45:60:13:ae: 38:6d:68:3a:59:2d:a3:1c:30:66:fd:74:76:66:a9: 90:77:a0:6a:d2:17:a8:ba:e1:88:b8:ec:c7:1b:d7: 01:64:99:0e:97:1e:26:46:a6:46:fe:b9:ac:e1:3a: 63:eb:eb:8f:4d:40:41:2a:9c:d9:dd:8e:43:83:17: 0d:bf:13:d1:d0:7d:56:50:b3:49:d8:1d:f3:da:64: 40:ab:75:52:b8:17:ad:40:9f:9d:78:53:0d:9b:96: b8:d3:af:0e:b6:52:e6:71:68:71:e7:f7:ca:62:19: cb:de:84:d7:6c:e7:af:36:f0:8f:97:f0:84:84:34: f2:9a:c2:0a:3e:db:9b:a4:22:b9:97:26:50:10:7a: 27:56:56:73:1e:c9:49:19:1a:cd:da:de:9a:d1:a2: d3:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:34:36:3E:71:8B:D2:F1:C8:87:07:08:98:8D:96:B0:67:76:D7:6D X509v3 Authority Key Identifier: keyid:28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:b4:1f:14:a6:a3:8b:84:46:ac:00:eb:9e:7c:61:64:de:d6: d9:ab:ee:33:c1:d1:3a:06:82:dd:62:5f:1c:3b:5d:04:46:9d: 69:94:90:e2:9f:d9:fd:ae:94:c0:fe:97:f3:ab:d2:e8:83:b8: 6d:8b:3a:28:39:fc:d8:3b:03:29:fb:de:f7:94:05:f9:f2:ad: ec:5d:5d:36:76:45:ce:83:69:f7:63:da:df:d6:41:da:98:09: 5a:a5:8f:69:19:24:ab:6b:89:31:ee:43:6b:e5:41:5f:41:67: 0d:30:f8:dc:b9:b1:90:80:71:69:d8:33:74:e9:cc:55:00:e6: fe:90:6f:0f:da:e7:47:55:ad:9b:36:21:54:28:7c:b2:73:0a: 20:23:2c:d9:87:99:a1:2d:d3:f6:98:26:c2:af:94:12:4e:09: dc:2a:44:5e:0c:5f:50:a0:6d:29:08:41:f1:16:b9:e6:ac:27: 30:7b:ae:b9:2c:5d:6f:4b:58:bf:5f:52:09:f6:c3:8d:0b:b8: 21:ce:2f:90:c4:f0:f2:db:81:f8:1c:3a:6c:8d:a1:01:4b:63: 73:43:ed:9d:88:cb:de:24:71:27:aa:60:1d:7d:cb:d0:d7:f9: c4:d2:2c:b2:e8:9c:f1:a1:08:1e:d5:32:e8:5d:71:9b:03:0d: 21:7d:b2:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFMjUxMTAvBgNVBAUTKDI4N0JCMENENjZGQkQ3RTVCN0E4OEJBNjY3ODkxMjRD MEIwNEM1NzgwHhcNMjUwODIwMTkwNDIzWhcNMjUwODI3MTkwNDIzWjAYMRYwFAYD VQQDEw02OGE2MWMzOC0zZjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtJ+Xa6NGdDeuMW8YN8q/tA9cFtpXu+EsrccJkt9oJvekuTHjAbH05iwlsq4i sOUc16aiw/N27dvE7TLKS+IwThJyiOf5W8TLH21NrqBrpEpNt2SHDVcypVT90XTl oRMH1wkiRkVgE644bWg6WS2jHDBm/XR2ZqmQd6Bq0heouuGIuOzHG9cBZJkOlx4m RqZG/rms4Tpj6+uPTUBBKpzZ3Y5DgxcNvxPR0H1WULNJ2B3z2mRAq3VSuBetQJ+d eFMNm5a4068OtlLmcWhx5/fKYhnL3oTXbOevNvCPl/CEhDTymsIKPtubpCK5lyZQ EHonVlZzHslJGRrN2t6a0aLTowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFME0Nj5x i9LxyIcHCJiNlrBndtdtMB8GA1UdIwQYMBaAFCh7sM1m+9flt6iLpmeJEkwLBMV4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUyNS82OEU1N0FFRTMw NjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEtVzNxSXVtWjRrU1RBc0V4 WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIdXd6V2I3MS1XM3FJdW1aNGtTVEFzRXhYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUyNS82OEU1N0FFRTMwNjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEt VzNxSXVtWjRrU1RBc0V4WGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHtB8UpqOLhEasAOuefGFk3tbZq+4zwdE6BoLdYl8cO10ERp1plJDi n9n9rpTA/pfzq9Log7htizooOfzYOwMp+973lAX58q3sXV02dkXOg2n3Y9rf1kHa mAlapY9pGSSra4kx7kNr5UFfQWcNMPjcubGQgHFp2DN06cxVAOb+kG8P2udHVa2b NiFUKHyycwogIyzZh5mhLdP2mCbCr5QSTgncKkReDF9QoG0pCEHxFrnmrCcwe665 LF1vS1i/X1IJ9sONC7ghzi+QxPDy24H4HDpsjaEBS2NzQ+2diMveJHEnqmAdfcvQ 1/nE0iyy6JzxoQge1TLoXXGbAw0hfbKY -----END CERTIFICATE-----Generated at Fri Aug 22 16:27:41 2025 by rpki-client