$ rpki-client -vvf rpki.apnic.net/member_repository/A91651CF/3043635C86D711EF854DD47BC4F9AE02/KaAJAT90Md42nADKtUcWypNFJtM.mft File: KaAJAT90Md42nADKtUcWypNFJtM.mft (raw, json) Hash identifier: cgRHZ5ZaPgvTJd4YV7wx1Il/DKBTdG/4k4qoYhEhPug= Subject key identifier: D7:95:CE:68:26:57:01:63:DB:1D:FF:9D:62:72:66:65:9E:FE:F0:04 Authority key identifier: 29:A0:09:01:3F:74:31:DE:36:9C:00:CA:B5:47:16:CA:93:45:26:D3 Certificate issuer: /CN=A91651CF/serialNumber=29A009013F7431DE369C00CAB54716CA934526D3 Certificate serial: 70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KaAJAT90Md42nADKtUcWypNFJtM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91651CF/3043635C86D711EF854DD47BC4F9AE02/KaAJAT90Md42nADKtUcWypNFJtM.mft Manifest number: 70 Signing time: Tue 13 May 2025 06:01:56 +0000 Manifest this update: Tue 13 May 2025 06:01:55 +0000 Manifest next update: Tue 20 May 2025 06:01:55 +0000 Files and hashes: 1: KaAJAT90Md42nADKtUcWypNFJtM.crl (hash: dXioxeH4JEVJsHJWnQH742+GfdVcPKTMp9ucnN+J2X4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91651CF/3043635C86D711EF854DD47BC4F9AE02/KaAJAT90Md42nADKtUcWypNFJtM.crl rsync://rpki.apnic.net/member_repository/A91651CF/3043635C86D711EF854DD47BC4F9AE02/KaAJAT90Md42nADKtUcWypNFJtM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KaAJAT90Md42nADKtUcWypNFJtM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 06:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 112 (0x70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91651CF, serialNumber=29A009013F7431DE369C00CAB54716CA934526D3 Validity Not Before: May 13 06:01:55 2025 GMT Not After : May 20 06:01:55 2025 GMT Subject: CN=6822e053-34d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d1:6c:8e:2a:46:2d:ed:73:6a:f3:ce:c0:b9: e1:f2:ac:8c:0a:d1:a7:2b:26:aa:ab:d8:ce:4d:1c: 53:a7:ba:8a:57:8f:ff:25:1b:7f:b8:7b:de:ac:ef: 58:63:db:07:7d:9e:d0:b0:49:91:6e:44:91:8d:5f: cb:a5:39:15:6e:cf:7c:47:89:df:bc:a2:e5:89:55: 45:7a:26:3b:8f:9e:ba:4d:f9:8e:ad:8e:4e:c9:37: f2:61:38:d1:04:fc:27:61:b6:13:0b:8e:67:8f:38: ce:d0:eb:64:ba:56:b6:e3:05:b6:f0:1b:20:75:ca: e0:f7:b1:85:49:e2:94:de:cb:f4:ac:58:79:9e:3e: 11:84:bf:42:5e:4a:f2:24:ca:fd:ce:2e:ab:d8:cd: 99:a9:fd:99:77:d9:aa:18:67:df:af:08:bd:14:79: b4:dd:aa:73:f8:f6:6b:76:52:86:11:71:b8:09:d9: e7:63:0d:86:ff:65:c2:f7:38:50:bb:61:ca:16:2d: 8b:da:15:fb:1e:96:3f:e0:a6:8b:19:2d:fd:7e:f8: bf:2b:97:62:9e:8f:9b:f2:41:a6:99:ef:f5:dd:ce: 8c:a1:93:c8:8a:17:b2:60:e6:48:f3:e5:b0:9a:63: b5:5a:be:b1:68:2f:66:fb:34:5a:9f:86:f1:43:7f: 7b:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:95:CE:68:26:57:01:63:DB:1D:FF:9D:62:72:66:65:9E:FE:F0:04 X509v3 Authority Key Identifier: keyid:29:A0:09:01:3F:74:31:DE:36:9C:00:CA:B5:47:16:CA:93:45:26:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91651CF/3043635C86D711EF854DD47BC4F9AE02/KaAJAT90Md42nADKtUcWypNFJtM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KaAJAT90Md42nADKtUcWypNFJtM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91651CF/3043635C86D711EF854DD47BC4F9AE02/KaAJAT90Md42nADKtUcWypNFJtM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d7:1e:49:d0:67:3d:85:72:92:f9:08:26:1e:88:ac:41:b9:f7: 4a:84:fc:b1:0c:7d:9f:3b:f2:e9:1a:f4:a8:55:99:b4:fc:e1: c0:fa:01:2a:24:d6:07:f9:63:1f:a6:5d:9c:b7:54:35:dc:2a: 72:b5:48:6f:54:c6:24:be:11:9e:e5:74:72:01:a7:a7:47:48: d1:9a:c4:a4:fb:68:53:00:11:e4:8f:24:3b:37:ba:6b:71:f1: 99:31:ff:06:8a:55:b5:de:46:cf:c7:0d:15:08:2e:07:42:ad: 89:c8:d2:e4:b6:f6:9b:d8:ef:78:3a:8c:41:fe:e0:3e:9b:8b: 59:b2:5d:6a:3d:8c:93:f8:9d:63:d5:6a:04:2d:b9:9a:29:9a: 7d:ed:7c:e0:44:77:b8:58:67:fb:8a:ae:a3:fc:8d:81:2b:28: d9:10:42:93:c6:6d:a6:86:81:1e:6e:d2:0e:68:88:e5:a7:5f: 1c:a1:a2:f6:7a:bb:d2:76:1f:c1:4d:c5:ba:7d:52:03:25:af: 57:0f:05:6c:e8:00:7d:ee:5d:47:02:c2:15:9f:25:f5:44:27: a6:3d:9c:71:10:a7:1b:43:a2:1a:82:78:5b:5b:28:6f:94:f6: 6b:29:66:9a:29:cc:8a:5a:b8:6d:b1:bf:99:2d:94:26:f7:ab: fa:9f:d9:93 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NTFDRjExMC8GA1UEBRMoMjlBMDA5MDEzRjc0MzFERTM2OUMwMENBQjU0NzE2Q0E5 MzQ1MjZEMzAeFw0yNTA1MTMwNjAxNTVaFw0yNTA1MjAwNjAxNTVaMBgxFjAUBgNV BAMTDTY4MjJlMDUzLTM0ZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJ0WyOKkYt7XNq887AueHyrIwK0acrJqqr2M5NHFOnuopXj/8lG3+4e96s71hj 2wd9ntCwSZFuRJGNX8ulORVuz3xHid+8ouWJVUV6JjuPnrpN+Y6tjk7JN/JhONEE /CdhthMLjmePOM7Q62S6VrbjBbbwGyB1yuD3sYVJ4pTey/SsWHmePhGEv0JeSvIk yv3OLqvYzZmp/Zl32aoYZ9+vCL0UebTdqnP49mt2UoYRcbgJ2edjDYb/ZcL3OFC7 YcoWLYvaFfselj/gposZLf1++L8rl2Kej5vyQaaZ7/Xdzoyhk8iKF7Jg5kjz5bCa Y7VavrFoL2b7NFqfhvFDf3u3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU15XOaCZX AWPbHf+dYnJmZZ7+8AQwHwYDVR0jBBgwFoAUKaAJAT90Md42nADKtUcWypNFJtMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1MUNGLzMwNDM2MzVDODZE NzExRUY4NTRERDQ3QkM0RjlBRTAyL0thQUpBVDkwTWQ0Mm5BREt0VWNXeXBORkp0 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2FBSkFUOTBNZDQybkFES3RVY1d5cE5GSnRNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1 MUNGLzMwNDM2MzVDODZENzExRUY4NTRERDQ3QkM0RjlBRTAyL0thQUpBVDkwTWQ0 Mm5BREt0VWNXeXBORkp0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANceSdBnPYVykvkIJh6IrEG590qE/LEMfZ878uka9KhVmbT84cD6ASok 1gf5Yx+mXZy3VDXcKnK1SG9UxiS+EZ7ldHIBp6dHSNGaxKT7aFMAEeSPJDs3umtx 8Zkx/waKVbXeRs/HDRUILgdCrYnI0uS29pvY73g6jEH+4D6bi1myXWo9jJP4nWPV agQtuZopmn3tfOBEd7hYZ/uKrqP8jYErKNkQQpPGbaaGgR5u0g5oiOWnXxyhovZ6 u9J2H8FNxbp9UgMlr1cPBWzoAH3uXUcCwhWfJfVEJ6Y9nHEQpxtDohqCeFtbKG+U 9mspZpopzIpauG2xv5ktlCb3q/qf2ZM= -----END CERTIFICATE-----Generated at Tue May 13 15:22:23 2025 by rpki-client