$ rpki-client -vvf rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft File: _-KgNynzLTIiepnJJRWMgspUuVc.mft (raw, json) Hash identifier: +7EH6ZuwR3M+4vSk6hGl0E+vkOR5fWomwO2jFlVtnSw= Subject key identifier: 60:BA:E4:C1:1E:F7:54:BD:DD:ED:B4:76:F0:EA:0B:23:73:99:F0:DF Authority key identifier: FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 Certificate issuer: /CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Certificate serial: 34A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft Manifest number: 3494 Signing time: Sat 10 May 2025 14:23:19 +0000 Manifest this update: Sat 10 May 2025 14:23:18 +0000 Manifest next update: Sat 17 May 2025 14:23:18 +0000 Files and hashes: 1: _-KgNynzLTIiepnJJRWMgspUuVc.crl (hash: RXkZkf2wG47IFWxJacYvoeb0AcZb0xE+511rpyJ6BKU=) 2: A0121BD4871711EA924C6626C4F9AE02.roa (hash: nOTO05trzCD6uEEv4FInP/xVHgXMSyk7YCzU2yFeaPI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 14:23:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13477 (0x34a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917225D, serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Validity Not Before: May 10 14:23:18 2025 GMT Not After : May 17 14:23:18 2025 GMT Subject: CN=681f6157-30ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:59:5a:64:b5:2f:d7:99:c2:57:20:76:93:db: 5f:df:5b:4c:7a:f5:b1:6d:79:be:ac:e1:8e:a6:4c: 2a:58:18:0d:07:71:94:28:b9:da:6e:6c:20:60:13: 2a:99:0e:78:8a:02:0b:56:77:b4:9e:6c:18:7f:88: bd:29:c4:1a:92:9f:e6:85:b0:67:c8:ec:8b:9a:f2: 62:eb:8b:83:e7:bb:22:af:4d:82:b8:33:87:b6:c8: 36:da:1c:14:fb:94:38:56:dc:a7:28:a0:4e:f7:74: 39:e0:a3:66:7d:ce:6d:02:66:3b:90:e8:3a:35:19: 5c:97:26:12:f7:50:df:ec:fd:4d:06:6d:76:52:1a: dc:85:c1:cf:74:e6:7a:37:75:3d:33:66:49:33:f9: 84:5f:29:c3:d6:3c:da:f9:3b:a8:74:27:9f:e9:ce: b9:25:8b:0c:64:43:c2:c1:2a:ce:8d:0c:06:1c:e7: cd:9a:a7:90:c1:0c:4b:50:ee:e8:2a:35:29:10:8c: 44:14:43:d4:b3:a0:00:98:41:19:13:6f:6f:98:58: 8a:9f:c1:19:64:a0:15:97:84:10:77:9a:2f:b5:7c: 54:65:5c:b7:31:86:f2:44:40:50:af:0e:14:e6:e0: 7a:ae:86:90:28:7c:f2:46:8a:fd:5a:25:3a:ae:f3: 6d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:BA:E4:C1:1E:F7:54:BD:DD:ED:B4:76:F0:EA:0B:23:73:99:F0:DF X509v3 Authority Key Identifier: keyid:FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:09:b3:6e:32:23:00:c6:54:17:35:95:be:f0:6c:c4:bb:df: 86:ac:b6:ab:ec:3d:20:65:5b:fb:cd:db:eb:86:ce:f3:38:15: c2:5f:4e:57:75:c1:53:cb:a6:ee:70:b9:fe:c2:30:29:74:1d: cc:94:72:94:ed:0c:25:64:5d:36:72:c0:a0:0c:8e:a3:ff:79: 5e:6f:f2:5a:d2:63:aa:e7:e4:2f:2e:3e:93:c8:08:55:a6:dd: 41:16:4b:55:a4:44:e8:28:f7:01:1b:b9:db:62:e6:53:8a:29: 81:04:50:98:0f:4a:91:c5:3e:f1:8c:ce:22:6d:a6:92:30:34: f2:09:a4:3c:03:dc:76:6a:45:5a:62:7d:a7:2f:f8:03:9b:fb: 33:0a:bc:39:c2:99:67:85:d3:f2:61:57:54:a8:6c:aa:cf:62: 58:65:ab:c8:c4:04:18:95:18:18:34:1e:87:14:3b:aa:39:22: 92:65:59:e9:23:1d:ee:d1:36:ef:6a:98:04:a5:00:62:44:b4: dc:9e:e5:bd:06:50:01:67:3a:b3:19:e5:69:b6:67:e4:e8:92: bc:48:6b:2d:7b:bd:29:5b:3c:7a:0e:f9:8e:37:ff:f3:ba:19: f0:ae:00:38:f7:7c:4d:2a:fd:67:4f:bb:3e:a1:fd:98:34:94: 5b:cb:56:3a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzIyNUQxMTAvBgNVBAUTKEZGRTJBMDM3MjlGMzJEMzIyMjdBOTlDOTI1MTU4Qzgy Q0E1NEI5NTcwHhcNMjUwNTEwMTQyMzE4WhcNMjUwNTE3MTQyMzE4WjAYMRYwFAYD VQQDEw02ODFmNjE1Ny0zMGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVlaZLUv15nCVyB2k9tf31tMevWxbXm+rOGOpkwqWBgNB3GUKLnabmwgYBMq mQ54igILVne0nmwYf4i9KcQakp/mhbBnyOyLmvJi64uD57sir02CuDOHtsg22hwU +5Q4VtynKKBO93Q54KNmfc5tAmY7kOg6NRlclyYS91Df7P1NBm12UhrchcHPdOZ6 N3U9M2ZJM/mEXynD1jza+TuodCef6c65JYsMZEPCwSrOjQwGHOfNmqeQwQxLUO7o KjUpEIxEFEPUs6AAmEEZE29vmFiKn8EZZKAVl4QQd5ovtXxUZVy3MYbyREBQrw4U 5uB6roaQKHzyRor9WiU6rvNtXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGC65MEe 91S93e20dvDqCyNzmfDfMB8GA1UdIwQYMBaAFP/ioDcp8y0yInqZySUVjILKVLlX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjI1RC8xRjU1MDgzMDFE ODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxUSWllcG5KSlJXTWdzcFV1 VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18tS2dOeW56TFRJaWVwbkpKUldNZ3NwVXVWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjI1RC8xRjU1MDgzMDFEODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxU SWllcG5KSlJXTWdzcFV1VmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABCbNuMiMAxlQXNZW+8GzEu9+GrLar7D0gZVv7zdvrhs7zOBXCX05X dcFTy6bucLn+wjApdB3MlHKU7QwlZF02csCgDI6j/3leb/Ja0mOq5+QvLj6TyAhV pt1BFktVpEToKPcBG7nbYuZTiimBBFCYD0qRxT7xjM4ibaaSMDTyCaQ8A9x2akVa Yn2nL/gDm/szCrw5wplnhdPyYVdUqGyqz2JYZavIxAQYlRgYNB6HFDuqOSKSZVnp Ix3u0TbvapgEpQBiRLTcnuW9BlABZzqzGeVptmfk6JK8SGste70pWzx6DvmON//z uhnwrgA493xNKv1nT7s+of2YNJRby1Y6 -----END CERTIFICATE-----Generated at Sun May 11 22:34:09 2025 by rpki-client