$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: ff6tUQPlu33t3fC05C630v4TXWDZc2zv1aAPYixh8P4= Subject key identifier: 14:80:25:E0:CC:78:83:C3:5C:9D:5B:78:AC:A1:CE:D2:75:94:28:F4 Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: 98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: 96 Signing time: Sat 31 May 2025 05:54:29 +0000 Manifest this update: Sat 31 May 2025 05:54:29 +0000 Manifest next update: Sat 07 Jun 2025 05:54:29 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: ooAGLv08jcoIIx8uM6GvZSkVpsGQSL1fvyTJ/I5UdP4=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ku0nQgImAfjqlfmOWSwIKN/zsrk6kYnMycZSjI2lh3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:54:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 152 (0x98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7, serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: May 31 05:54:29 2025 GMT Not After : Jun 7 05:54:29 2025 GMT Subject: CN=683a9995-fd84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:53:27:da:66:b2:da:dc:df:05:dc:77:b6:a4: 47:fc:c0:e3:36:a1:b3:cd:8a:23:0e:9d:a0:72:bc: 76:51:01:84:32:4d:db:ed:aa:4e:0e:40:34:08:81: 86:fc:40:cd:5e:76:b3:c7:cb:9d:d5:58:c1:3b:cd: 2d:68:a6:0e:68:26:4a:a8:a2:0b:ee:1a:1d:eb:b2: d6:17:7a:65:04:47:a6:0d:d9:8a:ff:4a:18:a4:1e: d3:30:f4:14:21:98:c9:ff:d0:c7:aa:ef:8b:99:ae: b4:51:6c:e8:b7:64:64:35:15:40:04:12:05:93:63: 8a:8d:07:16:dc:94:df:5a:87:b1:a0:92:80:62:65: b3:c7:51:76:aa:a2:10:f2:74:65:78:15:51:0a:f7: e7:c8:b9:57:9a:b0:e3:e5:1f:67:8c:69:f8:7a:05: bd:71:46:bc:16:ae:6e:3e:52:c0:ec:ba:6d:c8:74: d0:77:84:8f:f9:fc:b0:6f:71:bf:ff:c2:d3:75:25: d6:38:72:94:03:bf:d3:b7:0f:06:64:c7:09:e2:73: 60:3a:8a:5e:a4:ba:ac:ad:4c:ef:4d:b8:96:59:40: ab:38:96:e1:e6:97:10:f3:29:2f:ee:fb:bb:ea:59: 3f:b2:60:e8:9b:e4:54:46:4d:8c:a6:0f:dc:f5:1c: 8a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:80:25:E0:CC:78:83:C3:5C:9D:5B:78:AC:A1:CE:D2:75:94:28:F4 X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:c0:14:b3:64:c3:c9:2f:0a:2f:ea:36:cc:fe:47:59:c5:e0: eb:82:eb:dc:b4:c7:c4:73:bf:56:e8:07:d6:72:d5:41:2a:74: 9c:ed:41:34:1a:91:d8:25:3a:8f:30:e2:d4:f0:21:38:9b:33: ae:ea:7a:f5:7a:25:2b:d4:15:9f:b2:a8:ca:60:03:1e:fb:2b: 61:53:1b:1d:39:61:0d:68:8d:9d:c3:81:c6:97:8d:00:ba:e0: d3:40:68:fc:63:99:c0:bb:58:0c:68:7d:1a:55:b1:a0:1e:dc: f2:e1:7d:a1:e0:68:e0:5e:e5:cb:06:82:26:cb:6c:3f:13:e4: 2e:6c:b2:a6:5b:40:5e:82:c1:88:0a:83:4c:00:ef:24:11:9f: 9d:51:99:4e:2e:39:b5:7a:af:b7:3a:e2:1c:7d:ab:6b:0e:22: c8:49:73:d9:fc:bc:0e:56:fd:c9:fd:9a:09:d9:ff:59:3e:08: 47:14:37:09:80:6f:72:3a:2a:22:a3:3a:33:cc:8f:9a:b3:43: ce:ce:a9:b2:12:50:f9:79:c8:95:33:ad:ad:b8:4b:a4:3f:f9: bc:3b:f5:b2:c5:78:ee:81:a1:9c:4c:8f:5a:dd:5d:df:7a:82: d9:a9:0e:62:f1:c0:39:03:8c:10:b4:f4:b6:f3:3b:a4:ef:59: d2:23:4b:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDRTcxMTAvBgNVBAUTKDkwMUE5RjlFOEFFNDA2MkU1MjE5Qjc2NTJEOEU5RkVF N0VDNUFFMzMwHhcNMjUwNTMxMDU1NDI5WhcNMjUwNjA3MDU1NDI5WjAYMRYwFAYD VQQDEw02ODNhOTk5NS1mZDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvVMn2may2tzfBdx3tqRH/MDjNqGzzYojDp2gcrx2UQGEMk3b7apODkA0CIGG /EDNXnazx8ud1VjBO80taKYOaCZKqKIL7hod67LWF3plBEemDdmK/0oYpB7TMPQU IZjJ/9DHqu+Lma60UWzot2RkNRVABBIFk2OKjQcW3JTfWoexoJKAYmWzx1F2qqIQ 8nRleBVRCvfnyLlXmrDj5R9njGn4egW9cUa8Fq5uPlLA7LptyHTQd4SP+fywb3G/ /8LTdSXWOHKUA7/Ttw8GZMcJ4nNgOopepLqsrUzvTbiWWUCrOJbh5pcQ8ykv7vu7 6lk/smDom+RURk2Mpg/c9RyKhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBSAJeDM eIPDXJ1beKyhztJ1lCj0MB8GA1UdIwQYMBaAFJAan56K5AYuUhm3ZS2On+5+xa4z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNFNy83MkY3NUI5ODVB REQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0JpNVNHYmRsTFk2ZjduN0Zy ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJqTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNFNy83MkY3NUI5ODVBREQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0Jp NVNHYmRsTFk2ZjduN0Zyak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXwBSzZMPJLwov6jbM/kdZxeDrguvctMfEc79W6AfWctVBKnSc7UE0 GpHYJTqPMOLU8CE4mzOu6nr1eiUr1BWfsqjKYAMe+ythUxsdOWENaI2dw4HGl40A uuDTQGj8Y5nAu1gMaH0aVbGgHtzy4X2h4GjgXuXLBoImy2w/E+QubLKmW0BegsGI CoNMAO8kEZ+dUZlOLjm1eq+3OuIcfatrDiLISXPZ/LwOVv3J/ZoJ2f9ZPghHFDcJ gG9yOioiozozzI+as0POzqmyElD5eciVM62tuEukP/m8O/WyxXjugaGcTI9a3V3f eoLZqQ5i8cA5A4wQtPS28zuk71nSI0vm -----END CERTIFICATE-----Generated at Sat May 31 17:12:51 2025 by rpki-client