$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: 5GiOO7FfXiSYLkxXkgj7bx2oQBTo9qdOAnhBOiWgpQw= Subject key identifier: 7F:47:CD:B0:7E:8F:29:94:AF:65:38:A4:C2:D2:21:3A:54:DB:B8:9D Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 062C Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 0626 Signing time: Wed 14 May 2025 22:32:25 +0000 Manifest this update: Wed 14 May 2025 22:32:24 +0000 Manifest next update: Wed 21 May 2025 22:32:24 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: SILBqFV6JlCvVQq+XGkj8dKVnnPi289/r8u4NDdJomk=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 22:32:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1580 (0x62c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: May 14 22:32:24 2025 GMT Not After : May 21 22:32:24 2025 GMT Subject: CN=682519f9-ddbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:0a:07:28:20:eb:60:73:bc:c5:d0:c4:e9:f4: be:59:c9:8c:db:2d:04:12:70:f1:6e:3f:d5:b5:f1: 58:d4:d4:90:d5:76:01:75:8b:72:e0:e2:32:ea:55: f1:03:28:30:34:b1:94:bb:1f:58:af:d1:fb:0e:a9: 7e:67:16:5c:ba:f6:6e:e5:fc:ee:64:bb:99:86:8a: 7d:d4:8f:ff:bd:29:2b:b3:7c:6a:32:fb:3a:21:68: 38:83:f0:78:b5:53:c1:88:c4:1d:dd:02:ba:02:83: 78:e8:fc:7c:c5:5f:7d:fd:fd:20:a2:93:b0:ea:03: f0:7e:b8:a0:f0:7c:20:13:a9:0f:8a:e9:a6:f9:0f: b8:8a:d6:30:12:62:c1:b9:86:d0:3b:64:3c:77:ed: c3:c7:3d:8a:05:ef:a9:30:8b:a0:27:71:63:a3:45: 2d:ca:a2:8f:ec:33:9e:07:cb:43:77:61:53:c9:9a: ca:95:32:13:6c:2e:47:87:5e:1b:3c:e9:aa:a8:1f: 44:4d:c7:39:9d:e3:9f:53:a2:af:ea:37:25:4a:de: 57:8e:a5:70:fe:69:6b:8b:c8:3f:47:b6:b5:96:7c: 2c:4e:00:c4:5b:2e:8a:a2:4a:f6:6b:21:95:81:df: ae:df:dc:2b:36:11:98:12:dd:df:a8:77:dd:a2:7e: e8:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:47:CD:B0:7E:8F:29:94:AF:65:38:A4:C2:D2:21:3A:54:DB:B8:9D X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:52:28:8b:f7:11:56:bc:23:63:f5:ee:02:0c:3a:33:98:7f: 83:26:cc:3d:f3:23:0d:ba:9f:39:32:bb:9c:b7:9a:16:cb:c6: 0f:ab:1c:da:4e:11:36:17:73:65:04:57:e2:b6:98:67:aa:bf: 0e:e8:8f:05:6e:84:aa:1b:98:e1:b4:79:2d:8d:62:f6:ae:0a: 4a:56:b5:a6:a1:44:14:6a:67:a6:ce:37:f0:52:14:69:07:d4: 5a:3e:b7:37:e9:f9:93:e8:54:76:ae:68:0b:65:73:28:df:df: da:a5:ba:3f:4b:9d:e6:e8:2c:70:91:d5:ae:ba:2d:85:7b:7a: 2e:e7:da:71:1f:59:81:bf:3e:90:cb:f9:ee:c3:3b:c4:d5:99: 21:d7:b8:91:7a:b8:a6:b2:2c:58:3a:da:7e:f1:eb:84:97:7a: ec:40:ac:d4:81:46:eb:15:c6:b4:8d:7d:a5:42:1b:12:08:5d: d2:a4:5a:59:01:32:84:d4:1f:ee:d3:66:e9:bd:73:7f:fd:a2: 61:60:32:21:17:3f:e8:47:07:9e:d8:df:8b:c4:4c:3a:81:8b: 9b:6b:3b:14:63:7e:e4:88:b1:e4:51:a9:42:be:5a:f1:47:3e: c7:85:be:e9:e7:8b:0f:41:59:f1:dd:e5:51:78:18:16:1c:1a: 93:5d:e5:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwNTE0MjIzMjI0WhcNMjUwNTIxMjIzMjI0WjAYMRYwFAYD VQQDEw02ODI1MTlmOS1kZGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2woHKCDrYHO8xdDE6fS+WcmM2y0EEnDxbj/VtfFY1NSQ1XYBdYty4OIy6lXx AygwNLGUux9Yr9H7Dql+ZxZcuvZu5fzuZLuZhop91I//vSkrs3xqMvs6IWg4g/B4 tVPBiMQd3QK6AoN46Px8xV99/f0gopOw6gPwfrig8HwgE6kPiumm+Q+4itYwEmLB uYbQO2Q8d+3Dxz2KBe+pMIugJ3Fjo0UtyqKP7DOeB8tDd2FTyZrKlTITbC5Hh14b POmqqB9ETcc5neOfU6Kv6jclSt5XjqVw/mlri8g/R7a1lnwsTgDEWy6Kokr2ayGV gd+u39wrNhGYEt3fqHfdon7oGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH9HzbB+ jymUr2U4pMLSITpU27idMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVUiiL9xFWvCNj9e4CDDozmH+DJsw98yMNup85Mruct5oWy8YPqxza ThE2F3NlBFfitphnqr8O6I8FboSqG5jhtHktjWL2rgpKVrWmoUQUamemzjfwUhRp B9RaPrc36fmT6FR2rmgLZXMo39/apbo/S53m6CxwkdWuui2Fe3ou59pxH1mBvz6Q y/nuwzvE1Zkh17iRerimsixYOtp+8euEl3rsQKzUgUbrFca0jX2lQhsSCF3SpFpZ ATKE1B/u02bpvXN//aJhYDIhFz/oRwee2N+LxEw6gYubazsUY37kiLHkUalCvlrx Rz7Hhb7p54sPQVnx3eVReBgWHBqTXeXJ -----END CERTIFICATE-----Generated at Fri May 16 22:23:03 2025 by rpki-client