$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: wEiANPEOyf63W9jINFmwBrKI8k6G6Ry46/8r9QM2mgM= Subject key identifier: 4C:90:9B:D4:A1:75:82:FB:F2:9D:F6:CD:5E:22:0A:FC:78:B1:1A:31 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0BFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0BF1 Signing time: Mon 12 May 2025 18:38:45 +0000 Manifest this update: Mon 12 May 2025 18:38:44 +0000 Manifest next update: Mon 19 May 2025 18:38:44 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: 5eix4Pc7KNATq2lRQikQnnIW1m1IIpbog5Qg+vKdypo=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: o7cey+AS0R8fVuMf4POftZacKVzAhG2qKeR3u+WEUgU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:38:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3071 (0xbff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: May 12 18:38:44 2025 GMT Not After : May 19 18:38:44 2025 GMT Subject: CN=68224035-d7b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:ab:53:fe:15:b7:23:5b:cc:c1:fc:3c:2e:cc: a6:d1:39:92:dc:d3:d2:4f:1e:96:53:02:04:4f:29: f3:78:78:34:6c:be:7b:7d:f2:f9:b6:e5:21:13:5c: 44:24:04:93:dc:5f:a2:32:98:19:2d:7b:66:cf:ce: a9:df:6d:d4:23:ac:7f:2b:e5:d9:cd:ad:17:75:b9: 09:88:b3:01:97:7a:a6:27:65:14:a7:15:65:1e:e3: f9:02:fd:99:8c:98:20:10:1c:ac:98:00:51:be:56: 35:4a:3a:48:d6:2a:3f:fc:e2:ce:a7:7a:c0:fa:e5: 5e:90:96:c4:85:19:92:3d:26:ed:d2:8e:3e:06:d6: 0d:43:0d:4d:e1:0e:42:b3:56:2c:8a:54:49:35:fc: 4f:be:73:6a:38:7e:3a:4b:0f:08:8d:f7:43:51:4f: bc:94:80:a2:75:5c:c4:23:56:cd:93:17:c9:ee:c7: e5:cf:8d:98:b0:3b:58:0e:c1:3a:4e:09:31:8b:7c: dd:51:c0:e4:64:2a:f0:89:81:b1:57:87:be:08:8e: 74:0b:87:08:46:f2:bb:1e:a7:02:e7:02:97:40:ce: bc:4b:03:e8:5f:a6:46:e6:bf:c6:d8:57:30:12:30: ad:0c:38:ff:47:6c:07:fa:0b:af:5b:3d:cf:cc:84: 43:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:90:9B:D4:A1:75:82:FB:F2:9D:F6:CD:5E:22:0A:FC:78:B1:1A:31 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:76:d3:d1:b6:cc:0e:24:b7:f4:03:08:39:59:ff:e8:ea:bf: 0e:53:95:3d:6b:e9:70:c9:10:04:d5:5d:27:d1:35:99:14:e5: 0b:01:40:dc:f2:0c:05:ab:94:a4:91:f6:1a:29:3c:e5:09:49: 66:53:ab:81:5e:73:09:1d:bd:35:c2:a0:3d:4d:c2:12:6b:0a: ec:8f:0b:6b:90:54:53:c3:d3:5f:88:af:01:04:78:a2:16:2b: 31:84:ce:6a:b9:a7:96:a3:71:6f:0c:b1:d1:fb:94:87:94:c4: 9e:1f:2f:3c:23:d9:13:01:fe:86:cc:48:72:5b:92:c8:2f:c0: 98:66:86:b0:b2:cf:f9:e8:e6:ab:7c:c3:69:d1:79:9d:32:46: cd:3b:2c:65:7b:77:db:c0:c6:88:fc:ec:2d:97:c2:d0:48:6c: 4d:23:93:07:9d:51:0f:94:64:58:c4:1c:b3:77:e0:e1:e1:4a: d2:53:70:dc:72:78:3a:d3:2d:47:72:5e:1d:ad:9f:d3:ac:62: df:fd:aa:fa:b3:3e:d2:30:de:30:e2:90:cf:08:55:ca:44:38: 12:2a:e5:b0:89:84:02:0d:a1:cf:88:9e:4f:55:22:ad:7a:65: a1:dc:c8:bb:66:dc:09:0c:22:5a:18:ba:45:60:d5:7e:b3:9e: f7:8b:e6:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUwNTEyMTgzODQ0WhcNMjUwNTE5MTgzODQ0WjAYMRYwFAYD VQQDEw02ODIyNDAzNS1kN2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6qtT/hW3I1vMwfw8Lsym0TmS3NPSTx6WUwIETynzeHg0bL57ffL5tuUhE1xE JAST3F+iMpgZLXtmz86p323UI6x/K+XZza0XdbkJiLMBl3qmJ2UUpxVlHuP5Av2Z jJggEBysmABRvlY1SjpI1io//OLOp3rA+uVekJbEhRmSPSbt0o4+BtYNQw1N4Q5C s1YsilRJNfxPvnNqOH46Sw8IjfdDUU+8lICidVzEI1bNkxfJ7sflz42YsDtYDsE6 Tgkxi3zdUcDkZCrwiYGxV4e+CI50C4cIRvK7HqcC5wKXQM68SwPoX6ZG5r/G2Fcw EjCtDDj/R2wH+guvWz3PzIRDiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEyQm9Sh dYL78p32zV4iCvx4sRoxMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADdtPRtswOJLf0Awg5Wf/o6r8OU5U9a+lwyRAE1V0n0TWZFOULAUDc 8gwFq5SkkfYaKTzlCUlmU6uBXnMJHb01wqA9TcISawrsjwtrkFRTw9NfiK8BBHii FisxhM5quaeWo3FvDLHR+5SHlMSeHy88I9kTAf6GzEhyW5LIL8CYZoawss/56Oar fMNp0XmdMkbNOyxle3fbwMaI/Owtl8LQSGxNI5MHnVEPlGRYxByzd+Dh4UrSU3Dc cng60y1Hcl4drZ/TrGLf/ar6sz7SMN4w4pDPCFXKRDgSKuWwiYQCDaHPiJ5PVSKt emWh3Mi7ZtwJDCJaGLpFYNV+s573i+aN -----END CERTIFICATE-----Generated at Wed May 14 08:27:51 2025 by rpki-client