$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: 4HzlisXxJhQccdURciJROwbyF8VQ16fW3QJcYe40qJo= Subject key identifier: 5A:8C:34:56:EF:DE:61:FB:27:FF:6C:10:3F:9C:F6:65:66:E8:E8:12 Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: CC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: CA Signing time: Tue 09 Sep 2025 05:48:20 +0000 Manifest this update: Tue 09 Sep 2025 05:48:20 +0000 Manifest next update: Tue 16 Sep 2025 05:48:20 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: 7mMkZ3tfKw0fdUlp5LH11bZiCfV3xReA7mHS6yBAFfE=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ku0nQgImAfjqlfmOWSwIKN/zsrk6kYnMycZSjI2lh3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 05:48:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 204 (0xcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7, serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: Sep 9 05:48:20 2025 GMT Not After : Sep 16 05:48:20 2025 GMT Subject: CN=68bfbfa4-5961 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:77:f6:85:16:3b:02:a5:d6:09:06:c8:9a:f9: e9:7c:d5:9e:70:fe:7c:66:40:c4:7e:1d:c3:25:51: 7e:fe:6e:be:21:f5:94:55:ca:09:85:74:e8:8c:9d: 3e:34:1c:db:0c:13:40:93:2c:15:92:fa:f3:2e:8c: 25:0b:4e:25:a9:be:d2:c5:8e:7a:3d:2e:a1:34:19: 89:f3:b2:a7:b3:29:86:1e:25:da:de:63:8a:75:1b: b3:d6:18:51:e1:66:ed:04:8f:f9:38:04:2f:33:47: b8:67:39:a7:1e:d0:51:ca:74:e7:d2:07:c0:d5:1c: d0:77:81:fe:2d:54:fb:f3:37:ab:27:36:ce:60:3b: 57:12:26:b9:73:40:f7:5c:cd:f5:26:91:22:8e:5d: f4:b1:63:da:53:ad:07:3c:f4:fc:70:32:85:44:a1: e6:dc:73:5f:02:64:e9:59:ec:14:7e:bf:72:67:8d: 77:9e:07:b1:6a:0f:ee:c8:e9:e7:ab:3b:5e:c8:ce: 9a:6a:d8:4f:7b:96:4e:a1:67:a4:a8:aa:8b:23:5c: 97:e2:72:b6:ff:30:7c:eb:d2:2f:c1:37:7d:71:4d: fc:5c:48:ed:25:15:06:62:63:23:59:89:e8:9c:80: d6:c2:20:17:57:1c:c4:2e:c6:37:5b:0a:b1:6a:9a: e4:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:8C:34:56:EF:DE:61:FB:27:FF:6C:10:3F:9C:F6:65:66:E8:E8:12 X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:f1:83:e9:ed:70:59:94:f3:99:33:db:20:56:8c:87:72:14: d4:ca:34:1b:cf:a1:87:9b:3e:df:32:b4:57:24:ce:96:cd:95: 6c:00:6e:26:9d:54:09:ea:12:3f:c0:17:ff:64:f4:ca:29:20: a5:f4:33:b9:f8:d8:12:76:27:7b:79:49:9f:6f:04:da:28:50: d0:a8:e6:7c:14:a3:84:65:43:68:d0:88:49:20:b4:d4:5b:54: b6:25:87:ef:b7:92:87:09:2a:88:6c:5c:8f:8b:1c:1f:4b:35: f6:bd:51:6d:09:39:89:e6:bb:d6:84:25:e0:3d:b1:37:f7:05: fa:b7:3a:cd:53:6c:f2:2a:22:4e:67:3e:54:3b:e8:6e:35:c3: 56:69:52:1b:e7:f5:4e:44:65:68:eb:b6:82:a2:25:42:e8:2e: cd:30:3e:b9:1f:cb:03:50:4c:87:c5:08:06:65:9d:60:e1:76: 0c:38:10:3b:5f:bc:15:5f:c2:9f:3a:bc:94:2b:6b:0f:0c:21: 9c:02:0b:17:c9:0e:ed:3d:76:85:92:b0:48:46:ef:51:60:50: d6:75:3a:22:cf:9a:cd:9f:2c:57:65:b0:a0:e1:9e:f7:8a:14: 58:98:cd:a3:ef:3a:2d:fa:8c:ba:3e:cc:49:f9:fd:13:c2:7b: 14:5d:e3:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDRTcxMTAvBgNVBAUTKDkwMUE5RjlFOEFFNDA2MkU1MjE5Qjc2NTJEOEU5RkVF N0VDNUFFMzMwHhcNMjUwOTA5MDU0ODIwWhcNMjUwOTE2MDU0ODIwWjAYMRYwFAYD VQQDEw02OGJmYmZhNC01OTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoHf2hRY7AqXWCQbImvnpfNWecP58ZkDEfh3DJVF+/m6+IfWUVcoJhXTojJ0+ NBzbDBNAkywVkvrzLowlC04lqb7SxY56PS6hNBmJ87KnsymGHiXa3mOKdRuz1hhR 4WbtBI/5OAQvM0e4ZzmnHtBRynTn0gfA1RzQd4H+LVT78zerJzbOYDtXEia5c0D3 XM31JpEijl30sWPaU60HPPT8cDKFRKHm3HNfAmTpWewUfr9yZ413ngexag/uyOnn qzteyM6aathPe5ZOoWekqKqLI1yX4nK2/zB869IvwTd9cU38XEjtJRUGYmMjWYno nIDWwiAXVxzELsY3WwqxaprkgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFqMNFbv 3mH7J/9sED+c9mVm6OgSMB8GA1UdIwQYMBaAFJAan56K5AYuUhm3ZS2On+5+xa4z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNFNy83MkY3NUI5ODVB REQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0JpNVNHYmRsTFk2ZjduN0Zy ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJqTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNFNy83MkY3NUI5ODVBREQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0Jp NVNHYmRsTFk2ZjduN0Zyak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAV8YPp7XBZlPOZM9sgVoyHchTUyjQbz6GHmz7fMrRXJM6WzZVsAG4m nVQJ6hI/wBf/ZPTKKSCl9DO5+NgSdid7eUmfbwTaKFDQqOZ8FKOEZUNo0IhJILTU W1S2JYfvt5KHCSqIbFyPixwfSzX2vVFtCTmJ5rvWhCXgPbE39wX6tzrNU2zyKiJO Zz5UO+huNcNWaVIb5/VORGVo67aCoiVC6C7NMD65H8sDUEyHxQgGZZ1g4XYMOBA7 X7wVX8KfOryUK2sPDCGcAgsXyQ7tPXaFkrBIRu9RYFDWdToiz5rNnyxXZbCg4Z73 ihRYmM2j7zot+oy6PsxJ+f0TwnsUXeNS -----END CERTIFICATE-----Generated at Tue Sep 9 14:08:03 2025 by rpki-client