$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: 41ESrRHHUzKRaqndP02ua5BdnLx6UlYpS5FvV2okFRQ= Subject key identifier: 65:65:74:34:EA:73:DC:FC:CE:B5:EC:00:A2:6C:57:94:7F:A0:BD:F7 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DB1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0D95 Signing time: Fri 16 May 2025 18:11:51 +0000 Manifest this update: Fri 16 May 2025 18:11:51 +0000 Manifest next update: Fri 23 May 2025 18:11:51 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: qSS+50KPpmLOv2h71tajQIFdu0gFlJoWknyyald0Hg0=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: F8kcefS3I97Fp9Z0ACrQ84pOuyd0pejyLJ6D0xqjqYQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 18:11:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3505 (0xdb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: May 16 18:11:51 2025 GMT Not After : May 23 18:11:51 2025 GMT Subject: CN=68277fe7-eb56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d8:8f:01:86:3e:d8:bc:d7:6c:af:f6:39:c4: 2f:af:9e:d4:25:20:64:46:5e:77:71:ce:78:21:4d: e9:11:ae:a5:c7:66:8c:f8:94:67:26:14:fc:50:57: 72:07:c9:3c:d1:95:bd:01:4e:72:3d:4a:e5:13:48: 0c:4f:5e:83:89:29:f1:f0:5b:5d:67:02:f0:99:a4: 3b:e2:35:45:85:6a:c8:7c:05:45:91:8b:a7:fc:45: 98:1b:0e:de:42:97:72:29:e4:c5:e2:a6:90:00:1b: 3c:36:44:19:0c:c6:cd:cb:b5:5a:99:62:40:e1:67: 09:db:f3:b3:38:b8:73:3a:a6:a1:0c:23:af:de:fc: 37:b3:5d:3d:eb:7c:b3:8e:1c:77:f1:69:34:98:0b: 30:a4:55:a8:9c:64:e0:ba:47:8d:c0:d7:2d:03:44: ac:39:e6:bc:a1:de:ee:f3:1b:f1:4b:ef:f4:e9:84: 4d:48:fb:d0:ca:46:66:23:27:9b:0f:fe:4c:8a:03: 84:14:95:b3:66:c8:a7:a8:3b:0b:d1:43:8f:33:a6: c4:42:c6:91:69:16:75:7a:6a:8e:c9:fd:03:ac:2c: 4b:1e:34:e5:cb:d1:44:04:09:6f:ed:34:c4:57:46: 85:f5:1e:3a:57:fb:74:61:ca:b9:6d:7a:7c:b1:ae: ed:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:65:74:34:EA:73:DC:FC:CE:B5:EC:00:A2:6C:57:94:7F:A0:BD:F7 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:d2:36:f6:19:6d:63:27:d1:d9:1d:97:ae:db:0f:2b:44:8d: c8:9d:69:b7:7b:72:74:75:af:1d:63:71:66:ed:d3:66:0b:b6: b2:09:57:d0:c0:44:4b:20:6e:ee:2d:40:b1:6c:b5:09:b8:f9: 91:65:e9:6b:1d:79:da:8a:bb:4d:51:67:b7:8a:02:76:9a:df: 2b:80:f0:b2:19:b7:b1:93:4f:6c:55:3a:e3:01:34:4f:93:69: 7e:5a:d3:12:4e:4f:46:67:9b:5d:ce:c3:f8:55:55:d3:c4:ce: f7:64:a7:21:39:20:02:44:75:4b:e6:38:65:23:0b:57:7c:f8: ea:9e:a1:5a:38:50:4f:5f:42:6d:c9:59:a6:b1:a2:9e:f5:15: 72:d3:9c:cb:e2:70:d2:9c:8a:96:31:03:09:f4:88:69:4b:db: 24:01:22:80:90:8d:c7:87:ae:6e:25:f0:0d:a2:1a:a8:ab:0b: e1:67:b4:90:ad:46:88:0e:b9:87:cf:ce:bd:80:98:87:df:5d: 67:4a:4d:1d:75:b9:1c:4d:49:cb:b9:73:ce:6a:41:af:8d:7d: e0:43:3d:ec:ae:e8:ed:ba:29:c6:00:6c:54:e1:18:86:61:ed: 7f:2e:de:ab:5d:98:ed:32:c3:64:97:48:64:1a:cd:85:82:06: cb:8e:47:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwNTE2MTgxMTUxWhcNMjUwNTIzMTgxMTUxWjAYMRYwFAYD VQQDEw02ODI3N2ZlNy1lYjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwtiPAYY+2LzXbK/2OcQvr57UJSBkRl53cc54IU3pEa6lx2aM+JRnJhT8UFdy B8k80ZW9AU5yPUrlE0gMT16DiSnx8FtdZwLwmaQ74jVFhWrIfAVFkYun/EWYGw7e QpdyKeTF4qaQABs8NkQZDMbNy7VamWJA4WcJ2/OzOLhzOqahDCOv3vw3s10963yz jhx38Wk0mAswpFWonGTgukeNwNctA0SsOea8od7u8xvxS+/06YRNSPvQykZmIyeb D/5MigOEFJWzZsinqDsL0UOPM6bEQsaRaRZ1emqOyf0DrCxLHjTly9FEBAlv7TTE V0aF9R46V/t0Ycq5bXp8sa7tCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGVldDTq c9z8zrXsAKJsV5R/oL33MB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZ0jb2GW1jJ9HZHZeu2w8rRI3InWm3e3J0da8dY3Fm7dNmC7ayCVfQ wERLIG7uLUCxbLUJuPmRZelrHXnairtNUWe3igJ2mt8rgPCyGbexk09sVTrjATRP k2l+WtMSTk9GZ5tdzsP4VVXTxM73ZKchOSACRHVL5jhlIwtXfPjqnqFaOFBPX0Jt yVmmsaKe9RVy05zL4nDSnIqWMQMJ9IhpS9skASKAkI3Hh65uJfANohqoqwvhZ7SQ rUaIDrmHz869gJiH311nSk0ddbkcTUnLuXPOakGvjX3gQz3srujtuinGAGxU4RiG Ye1/Lt6rXZjtMsNkl0hkGs2FggbLjkel -----END CERTIFICATE-----Generated at Sat May 17 10:32:45 2025 by rpki-client