$ rpki-client -vvf rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft File: KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft (raw, json) Hash identifier: Vz8MSI/Oj2cNG42SwHxhUVNoiuTnwy22gzNC0PAXOxY= Subject key identifier: 14:52:26:51:45:02:2E:50:73:24:5C:FF:51:25:8D:B7:EE:E2:EB:A7 Authority key identifier: 28:75:29:DC:20:CA:0E:CE:95:A7:A5:56:E1:0B:CD:FD:72:37:D8:D8 Certificate issuer: /CN=A91602ED/serialNumber=287529DC20CA0ECE95A7A556E10BCDFD7237D8D8 Certificate serial: 066E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft Manifest number: 0668 Signing time: Sat 10 May 2025 21:59:45 +0000 Manifest this update: Sat 10 May 2025 21:59:44 +0000 Manifest next update: Sat 17 May 2025 21:59:44 +0000 Files and hashes: 1: KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl (hash: +/h9w7nd2sxbzoxTHG+GBD2M99MgCI1kJiqiOgX7vOU=) 2: 7883418E943A11EBB6706530C4F9AE02.roa (hash: TnZM67noo4lbQHfXpAgCtw+JAFkneMpGmuhyQRw2ydg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 21:59:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1646 (0x66e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91602ED, serialNumber=287529DC20CA0ECE95A7A556E10BCDFD7237D8D8 Validity Not Before: May 10 21:59:44 2025 GMT Not After : May 17 21:59:44 2025 GMT Subject: CN=681fcc50-c842 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:7a:46:9b:46:f5:0b:23:cd:22:2c:0c:0e:6f: 08:d9:70:c8:bb:68:55:d0:0b:a1:3e:4e:30:6c:32: 0f:bc:a8:0f:e6:23:0e:66:6b:e1:f2:41:87:1e:4b: 8b:12:48:0a:3c:b1:75:ac:2d:18:c0:99:81:99:00: a0:ea:f9:6f:8d:0a:71:e8:ee:f9:4c:df:c6:0b:18: 56:53:e6:06:1a:52:40:8c:f3:de:28:92:91:f3:3a: a0:1f:70:e9:91:b0:63:34:a0:31:bd:b7:d2:4a:eb: 73:90:ca:f4:27:51:ef:6d:30:40:22:2c:10:5c:ce: eb:d7:81:de:2f:29:f7:8f:59:43:b6:3f:4b:83:87: a2:e6:28:9f:41:a7:31:7b:2c:17:4f:51:1b:b7:dc: 49:9b:c2:c5:91:f7:9c:f7:0a:2e:5f:f1:ac:cf:54: c6:71:14:59:3d:d8:05:ab:33:ed:b3:8e:dd:4f:cc: 7f:2d:c5:2c:c9:f5:90:ce:75:79:a7:67:6b:cf:84: eb:07:2a:00:08:72:d3:b4:09:ea:69:ca:c3:d7:6e: 47:fd:13:17:74:37:6f:23:8a:d6:73:6b:99:9b:64: 49:ac:1d:68:cf:43:6c:a3:9e:e6:6a:bf:cf:1d:1b: c0:07:1b:37:5b:0e:28:c8:61:ac:9e:72:2a:f5:11: de:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:52:26:51:45:02:2E:50:73:24:5C:FF:51:25:8D:B7:EE:E2:EB:A7 X509v3 Authority Key Identifier: keyid:28:75:29:DC:20:CA:0E:CE:95:A7:A5:56:E1:0B:CD:FD:72:37:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:29:69:dd:70:94:d3:82:5a:53:81:56:a6:b8:7e:f1:0c:97: a8:08:64:0e:21:2a:ed:69:63:16:6a:c8:d8:25:a9:3e:07:22: be:ab:f3:28:5f:3f:66:09:79:9c:0d:56:e6:a6:1a:9b:5f:8e: a1:ee:8f:52:1e:89:83:7e:ae:7d:49:f4:ce:9e:b5:09:f0:b4: 55:41:a0:f0:67:f9:ec:3c:ef:f2:ef:f7:57:44:b1:f3:b1:77: 13:b0:8e:a2:ba:6b:4a:f2:13:46:c0:86:67:07:01:ec:fe:da: ab:96:94:d4:45:6e:e2:33:3c:9f:20:d7:fb:0a:3b:89:1c:1d: b8:65:2d:83:7d:eb:14:46:7f:7c:5e:9e:54:45:f3:1e:8d:a9: da:16:79:df:9f:82:5b:b6:7c:0d:a2:a6:fb:e9:b1:f6:6e:4a: 52:8a:b2:65:7d:4c:5f:d1:41:f7:24:6c:0c:c0:5b:96:b5:e5: 3a:3f:c5:94:9e:7c:41:e5:82:09:14:bb:fb:43:83:bd:28:d3: 45:d8:23:87:fc:96:df:e8:8d:fe:36:7a:4e:64:f2:6f:cf:ad: a6:be:03:a5:20:1d:5e:04:1e:ed:9a:73:b1:b7:27:c6:da:e4: 99:95:5a:ce:77:23:c6:89:54:98:64:b0:b5:55:62:fb:a7:8a: f3:fc:e2:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyRUQxMTAvBgNVBAUTKDI4NzUyOURDMjBDQTBFQ0U5NUE3QTU1NkUxMEJDREZE NzIzN0Q4RDgwHhcNMjUwNTEwMjE1OTQ0WhcNMjUwNTE3MjE1OTQ0WjAYMRYwFAYD VQQDEw02ODFmY2M1MC1jODQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3npGm0b1CyPNIiwMDm8I2XDIu2hV0AuhPk4wbDIPvKgP5iMOZmvh8kGHHkuL EkgKPLF1rC0YwJmBmQCg6vlvjQpx6O75TN/GCxhWU+YGGlJAjPPeKJKR8zqgH3Dp kbBjNKAxvbfSSutzkMr0J1HvbTBAIiwQXM7r14HeLyn3j1lDtj9Lg4ei5iifQacx eywXT1Ebt9xJm8LFkfec9wouX/Gsz1TGcRRZPdgFqzPts47dT8x/LcUsyfWQznV5 p2drz4TrByoACHLTtAnqacrD125H/RMXdDdvI4rWc2uZm2RJrB1oz0Nso57mar/P HRvABxs3Ww4oyGGsnnIq9RHe+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBRSJlFF Ai5QcyRc/1Eljbfu4uunMB8GA1UdIwQYMBaAFCh1Kdwgyg7OlaelVuELzf1yN9jY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDJFRC8xNjdCQzYzQzdD MUIxMUVCOUYzRjNDNjVDNEY5QUUwMi9LSFVwM0NES0RzNlZwNlZXNFF2Tl9YSTMy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIVXAzQ0RLRHM2VnA2Vlc0UXZOX1hJMzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDJFRC8xNjdCQzYzQzdDMUIxMUVCOUYzRjNDNjVDNEY5QUUwMi9LSFVwM0NES0Rz NlZwNlZXNFF2Tl9YSTMyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNKWndcJTTglpTgVamuH7xDJeoCGQOISrtaWMWasjYJak+ByK+q/Mo Xz9mCXmcDVbmphqbX46h7o9SHomDfq59SfTOnrUJ8LRVQaDwZ/nsPO/y7/dXRLHz sXcTsI6iumtK8hNGwIZnBwHs/tqrlpTURW7iMzyfINf7CjuJHB24ZS2DfesURn98 Xp5URfMejanaFnnfn4JbtnwNoqb76bH2bkpSirJlfUxf0UH3JGwMwFuWteU6P8WU nnxB5YIJFLv7Q4O9KNNF2COH/Jbf6I3+NnpOZPJvz62mvgOlIB1eBB7tmnOxtyfG 2uSZlVrOdyPGiVSYZLC1VWL7p4rz/OJ5 -----END CERTIFICATE-----Generated at Sun May 11 17:09:41 2025 by rpki-client