$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: lHoi7+i5b7dY624nvO9poxku1+DWlBIkIq/OHF/MDgY= Subject key identifier: 09:1E:ED:76:84:C7:32:E4:25:C0:E1:F7:37:FF:ED:3B:33:93:54:2F Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01D7 Signing time: Thu 21 Aug 2025 02:57:56 +0000 Manifest this update: Thu 21 Aug 2025 02:57:56 +0000 Manifest next update: Thu 28 Aug 2025 02:57:56 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: pvs+t/uYHNml3bx2KjYmVtIxGoyOGQv/HQRIZBKpuHE=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:57:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 481 (0x1e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Aug 21 02:57:56 2025 GMT Not After : Aug 28 02:57:56 2025 GMT Subject: CN=68a68b34-64e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b6:da:3d:60:3c:4e:78:fe:7b:c4:80:f4:3e: 4e:c6:72:8d:ba:ec:35:0a:cc:a1:0f:92:3c:e0:60: 0b:eb:2c:ac:bd:fd:09:51:9d:57:2d:c5:68:de:fc: 84:3e:a8:ce:81:20:50:a5:04:91:f7:fc:2b:47:8f: 33:fb:db:92:93:32:32:fa:e2:32:33:de:46:87:1f: 5c:a4:80:bf:5b:ba:2c:cc:26:ac:f8:f0:71:26:ef: c7:cd:e0:9b:7d:c0:61:6e:bf:38:3e:72:df:22:0e: c4:33:22:ae:07:fc:17:63:83:c3:29:bf:2f:2e:fd: 7c:2b:83:be:de:07:e3:36:6e:04:00:d4:33:8b:3f: 21:3b:ca:2f:48:31:5a:9f:54:81:38:b7:8a:8f:a8: 45:43:d1:3e:08:ad:6d:5e:0d:c9:43:01:5a:8a:a6: 0b:43:d4:78:c0:9f:65:4c:69:10:48:0d:c4:74:9b: e6:2d:5f:6f:1b:50:1f:29:cf:69:9a:2c:0b:11:ce: d0:0c:1d:08:09:59:ac:b7:ef:d7:22:53:b7:5b:06: 83:11:91:b7:43:12:40:00:a5:e3:50:14:94:3e:06: 6b:f3:27:a6:b8:9e:08:a9:0f:9a:31:8b:ff:d8:e1: 7d:da:be:70:dd:eb:7b:5d:4f:78:9a:e6:f9:32:d9: 6c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:1E:ED:76:84:C7:32:E4:25:C0:E1:F7:37:FF:ED:3B:33:93:54:2F X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:25:e2:ac:5e:06:d2:57:8e:d0:2c:33:8c:bb:68:51:cb:19: f5:5c:01:8d:34:18:ee:f7:4a:6c:d0:aa:3a:0c:1f:08:d9:d5: ee:27:2c:37:f6:f0:31:f9:db:1f:4a:fb:69:86:64:22:aa:b7: 3b:6d:95:42:c6:04:bf:3d:f9:b2:31:6e:ce:b4:63:e6:cf:8a: c4:5e:c9:66:ed:3c:7e:78:58:14:e7:ea:b8:7b:2a:6f:10:6a: 93:69:51:1e:3a:54:5b:0c:66:87:d1:c2:d9:d8:f4:ae:e0:15: c7:de:4f:e9:60:90:42:ae:2f:5b:04:21:60:16:9b:8e:58:cc: f0:e6:9c:08:2f:7b:2b:11:91:9d:ae:55:aa:6f:24:45:a0:80: 3b:54:4c:85:e5:cf:73:ea:a2:d3:88:6c:19:bc:ad:f5:e8:3a: e6:7d:46:05:0b:9d:ad:93:93:d1:16:99:40:5b:82:25:15:e2: e8:37:af:69:8d:30:d7:b4:03:dc:76:5c:30:7b:ef:df:2e:19: 9e:de:5e:28:cf:f5:f6:85:93:70:fc:c4:a8:b7:bc:e5:e1:48: 90:ba:33:5a:bd:8a:7d:f9:ee:9f:f0:f8:b7:0c:be:8a:e0:25: a4:1c:1e:a2:e8:b5:49:c1:38:49:b9:c7:a3:e7:b1:61:59:2d: 9b:5d:d3:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwODIxMDI1NzU2WhcNMjUwODI4MDI1NzU2WjAYMRYwFAYD VQQDEw02OGE2OGIzNC02NGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx7baPWA8Tnj+e8SA9D5OxnKNuuw1CsyhD5I84GAL6yysvf0JUZ1XLcVo3vyE PqjOgSBQpQSR9/wrR48z+9uSkzIy+uIyM95Ghx9cpIC/W7oszCas+PBxJu/HzeCb fcBhbr84PnLfIg7EMyKuB/wXY4PDKb8vLv18K4O+3gfjNm4EANQziz8hO8ovSDFa n1SBOLeKj6hFQ9E+CK1tXg3JQwFaiqYLQ9R4wJ9lTGkQSA3EdJvmLV9vG1AfKc9p miwLEc7QDB0ICVmst+/XIlO3WwaDEZG3QxJAAKXjUBSUPgZr8yemuJ4IqQ+aMYv/ 2OF92r5w3et7XU94mub5MtlsWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAke7XaE xzLkJcDh9zf/7Tszk1QvMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2JeKsXgbSV47QLDOMu2hRyxn1XAGNNBju90ps0Ko6DB8I2dXuJyw3 9vAx+dsfSvtphmQiqrc7bZVCxgS/PfmyMW7OtGPmz4rEXslm7Tx+eFgU5+q4eypv EGqTaVEeOlRbDGaH0cLZ2PSu4BXH3k/pYJBCri9bBCFgFpuOWMzw5pwIL3srEZGd rlWqbyRFoIA7VEyF5c9z6qLTiGwZvK316DrmfUYFC52tk5PRFplAW4IlFeLoN69p jTDXtAPcdlwwe+/fLhme3l4oz/X2hZNw/MSot7zl4UiQujNavYp9+e6f8Pi3DL6K 4CWkHB6i6LVJwThJucej57FhWS2bXdMp -----END CERTIFICATE-----Generated at Thu Aug 21 07:17:02 2025 by rpki-client