$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft File: KKyX2Zh-eNvuncufA3NcKDvOGGI.mft (raw, json) Hash identifier: i28J4Z/PrkDwwBSt4Ba5SmN7iHQ0V+M7VlcjWlSY/Xw= Subject key identifier: ED:C0:E5:9D:58:46:CD:DA:D8:FB:99:DF:99:AB:1D:80:75:36:99:6A Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 01B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft Manifest number: 01B4 Signing time: Sun 11 May 2025 02:08:04 +0000 Manifest this update: Sun 11 May 2025 02:08:03 +0000 Manifest next update: Sun 18 May 2025 02:08:03 +0000 Files and hashes: 1: KKyX2Zh-eNvuncufA3NcKDvOGGI.crl (hash: wetNhLrsJatJxBHT2slaFIpWIIIB9NYKPAHWpAZs+WQ=) 2: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (hash: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:08:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 439 (0x1b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: May 11 02:08:03 2025 GMT Not After : May 18 02:08:03 2025 GMT Subject: CN=68200684-f956 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:23:b7:a9:e4:ef:31:e0:d2:b3:28:35:79:aa: d5:4e:74:cc:94:2a:95:a1:d5:3f:95:28:dd:99:27: eb:6d:90:42:a8:fd:ac:06:7a:61:a4:74:6e:15:e0: 40:aa:ee:a9:2d:cf:00:54:36:ad:d0:f6:70:00:45: ab:42:32:75:df:80:80:57:5f:56:6f:a1:a2:53:d9: 4b:34:37:5c:b6:ce:32:c9:7c:f1:11:28:c1:cd:28: 70:72:a5:44:c3:39:cd:1d:f1:0d:29:ac:f6:35:3f: 4f:a9:99:87:fe:58:26:18:e0:06:16:d5:65:72:26: 2f:5b:31:70:e6:21:9c:17:e6:3b:5a:da:7a:6d:ab: 3a:21:bd:53:9f:9f:52:39:69:f7:59:12:05:4d:1c: 94:1a:c7:d8:ff:57:e1:76:8f:fe:00:e7:2d:8d:b2: 60:08:08:34:d4:7d:6c:ca:9e:41:9d:13:e2:23:6f: f7:29:f4:c0:51:6c:b4:70:db:40:d1:8f:29:ea:10: 88:af:14:05:fa:9c:2c:4c:c4:5e:f2:64:c5:b5:39: 6e:a1:05:d6:f1:81:bf:8c:cc:b1:dc:06:03:ef:fb: 00:c0:fc:d0:5a:bb:c0:d7:f2:55:55:9b:23:f0:ea: a6:3e:4d:98:d0:36:fc:fa:8e:7b:92:0b:38:a7:11: 4a:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:C0:E5:9D:58:46:CD:DA:D8:FB:99:DF:99:AB:1D:80:75:36:99:6A X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:0e:cb:ba:53:f5:f9:6e:3a:b8:ef:06:b1:80:a0:de:71:50: 3d:16:77:0f:1b:51:dc:56:b4:23:70:4f:0f:d8:0e:3b:2f:f3: 89:cc:e6:bf:5d:db:33:99:45:21:54:cf:62:b6:dd:ea:07:63: 07:7e:f4:bb:4d:14:a0:59:30:17:f4:8e:5d:34:3e:b4:b4:12: 93:d9:91:f9:86:b2:d9:5c:04:d1:66:43:71:a5:47:c8:1a:d6: 8d:c0:d8:76:5b:ab:06:46:70:43:ac:a0:2d:d1:20:b0:b5:bf: fe:f2:22:50:d6:8d:a0:1a:a2:59:39:e7:b8:85:d9:55:70:16: e8:9e:3a:3f:2f:9d:bd:4b:17:52:16:14:23:f3:61:15:fd:a9: 11:ac:70:21:be:29:be:19:48:0c:77:74:db:11:ca:f0:cf:48: 2c:59:40:bf:2f:30:54:9f:2c:d1:39:ae:06:c0:df:6e:34:04: 96:53:9f:7e:13:60:8e:25:8a:3c:64:51:01:84:9e:4d:38:7e: ac:ab:8a:1c:80:08:86:36:11:23:81:4e:b9:d9:b0:6e:8f:59: 7c:c5:d7:82:55:47:b3:99:54:5e:14:bb:30:61:e4:28:a3:82: 8d:a6:a9:5f:d1:69:3a:21:a0:51:85:09:91:f3:9e:c0:00:a9: f7:70:01:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUwNTExMDIwODAzWhcNMjUwNTE4MDIwODAzWjAYMRYwFAYD VQQDEw02ODIwMDY4NC1mOTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2yO3qeTvMeDSsyg1earVTnTMlCqVodU/lSjdmSfrbZBCqP2sBnphpHRuFeBA qu6pLc8AVDat0PZwAEWrQjJ134CAV19Wb6GiU9lLNDdcts4yyXzxESjBzShwcqVE wznNHfENKaz2NT9PqZmH/lgmGOAGFtVlciYvWzFw5iGcF+Y7Wtp6bas6Ib1Tn59S OWn3WRIFTRyUGsfY/1fhdo/+AOctjbJgCAg01H1syp5BnRPiI2/3KfTAUWy0cNtA 0Y8p6hCIrxQF+pwsTMRe8mTFtTluoQXW8YG/jMyx3AYD7/sAwPzQWrvA1/JVVZsj 8OqmPk2Y0Db8+o57kgs4pxFKgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO3A5Z1Y Rs3a2PuZ35mrHYB1NplqMB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0JDMy83MDhFNkY2ODkyNjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVO dnVuY3VmQTNOY0tEdk9HR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmDsu6U/X5bjq47waxgKDecVA9FncPG1HcVrQjcE8P2A47L/OJzOa/ XdszmUUhVM9itt3qB2MHfvS7TRSgWTAX9I5dND60tBKT2ZH5hrLZXATRZkNxpUfI GtaNwNh2W6sGRnBDrKAt0SCwtb/+8iJQ1o2gGqJZOee4hdlVcBbonjo/L529SxdS FhQj82EV/akRrHAhvim+GUgMd3TbEcrwz0gsWUC/LzBUnyzROa4GwN9uNASWU59+ E2COJYo8ZFEBhJ5NOH6sq4ocgAiGNhEjgU652bBuj1l8xdeCVUezmVReFLswYeQo o4KNpqlf0Wk6IaBRhQmR857AAKn3cAHX -----END CERTIFICATE-----Generated at Tue May 13 02:30:35 2025 by rpki-client