$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft File: KUrNCNoZE4w376-ydKHndXceRT4.mft (raw, json) Hash identifier: EPNHbSBIz2kRItO7mVMbD2lIVGanty0J+LlnNjjHAgU= Subject key identifier: 95:97:E0:D1:D7:72:B0:39:2D:E5:3E:5B:5D:45:89:35:92:5B:0D:6D Authority key identifier: 29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E Certificate issuer: /CN=A919C8F9/serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Certificate serial: 0525 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft Manifest number: 051F Signing time: Mon 12 May 2025 23:21:06 +0000 Manifest this update: Mon 12 May 2025 23:21:05 +0000 Manifest next update: Mon 19 May 2025 23:21:05 +0000 Files and hashes: 1: KUrNCNoZE4w376-ydKHndXceRT4.crl (hash: LyoKmeivB4mhGzBF/0V6sb6z+CiPDw54YyHE/xkkiuU=) 2: 2D7BD4EA03DD11ECA448405BC4F9AE02.roa (hash: KKWKrtsh/34nl8r+0Ut1+Gkgstz0StRYtgWm9ide930=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 23:21:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1317 (0x525) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8F9, serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Validity Not Before: May 12 23:21:05 2025 GMT Not After : May 19 23:21:05 2025 GMT Subject: CN=68228262-5cdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7b:73:32:88:15:09:28:c7:3e:08:a3:e7:e7: ac:4d:ba:00:ba:15:42:1f:99:6b:2c:19:46:c2:f3: 6b:25:4d:77:79:01:fe:1e:0c:65:fc:35:fe:24:d6: 3e:3e:c7:f5:a0:bc:8e:13:cd:e8:b9:83:42:ed:63: b3:1e:41:59:61:98:79:06:80:9c:43:e0:84:23:26: a7:94:72:9b:f6:ef:b0:a8:75:3e:14:09:2d:12:c3: 2c:e1:ca:b3:6b:41:67:29:d0:c6:10:45:ad:1e:9b: 6e:72:7f:69:d9:c6:87:bd:e1:7f:eb:d0:e6:6e:da: 32:96:d5:88:88:9f:5c:61:e9:f0:00:8c:ac:91:dd: 11:1d:a1:66:cb:19:5a:a8:1b:72:35:37:86:78:e8: be:04:d8:f7:15:87:ba:c3:34:36:44:c6:5b:8f:e7: 53:d6:2b:46:25:db:56:63:d1:28:32:38:42:79:40: 97:82:ca:89:4d:85:1a:e0:d0:d0:5d:e7:da:4c:42: ef:d1:08:f0:0d:a0:9d:a5:80:80:67:44:f3:c5:cb: 88:a9:85:eb:ba:fa:3b:b8:bf:22:a1:3d:3d:39:ac: e9:32:fb:f9:1f:3a:81:a9:de:a2:5e:6b:39:4d:8a: a1:c8:85:c8:e1:9a:65:d0:4e:68:a9:4c:91:3d:69: 4e:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:97:E0:D1:D7:72:B0:39:2D:E5:3E:5B:5D:45:89:35:92:5B:0D:6D X509v3 Authority Key Identifier: keyid:29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:34:92:14:99:50:bc:34:6b:7a:64:a7:70:94:99:99:4b:0e: 07:db:1d:54:9b:f2:22:aa:a9:b7:9b:15:af:7f:ab:7e:c6:af: 5c:4a:80:ac:f9:b1:cf:5b:50:80:31:d5:c5:f7:f8:c2:6f:73: b7:32:b3:f1:36:a5:e1:bb:94:a6:1f:b7:28:1b:2b:d3:6e:f6: 93:30:9b:82:fc:21:43:9c:67:66:e0:7f:b8:c3:b2:36:22:0b: ad:bc:a1:1e:5c:97:10:59:8c:35:0f:71:da:64:c1:09:d2:e8: ee:0a:6d:ea:46:ff:0d:20:ae:ea:a1:43:3f:a0:db:fd:0a:da: da:de:d2:12:00:2b:38:42:8b:15:ba:57:9f:d8:6b:d0:75:62: cd:57:74:2e:09:e7:b1:4b:45:1e:4a:39:70:97:49:f3:05:0d: ef:71:b5:ad:65:2a:40:9b:61:45:a5:19:4b:03:b6:72:64:ab: ba:88:d5:1a:7a:7b:9e:a0:bb:12:b1:a7:15:ed:6b:08:57:80: 31:0f:3e:5b:82:73:32:d8:07:c0:67:7b:d6:bc:5a:e2:41:75: 13:a5:53:a4:70:b9:d7:7e:4d:72:af:21:21:f7:c0:b9:4c:77: 16:83:34:a4:12:e1:31:fc:7b:4b:fe:19:4b:ef:af:ff:d7:75: c0:50:ad:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4RjkxMTAvBgNVBAUTKDI5NEFDRDA4REExOTEzOEMzN0VGQUZCMjc0QTFFNzc1 NzcxRTQ1M0UwHhcNMjUwNTEyMjMyMTA1WhcNMjUwNTE5MjMyMTA1WjAYMRYwFAYD VQQDEw02ODIyODI2Mi01Y2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArntzMogVCSjHPgij5+esTboAuhVCH5lrLBlGwvNrJU13eQH+Hgxl/DX+JNY+ Psf1oLyOE83ouYNC7WOzHkFZYZh5BoCcQ+CEIyanlHKb9u+wqHU+FAktEsMs4cqz a0FnKdDGEEWtHptucn9p2caHveF/69DmbtoyltWIiJ9cYenwAIyskd0RHaFmyxla qBtyNTeGeOi+BNj3FYe6wzQ2RMZbj+dT1itGJdtWY9EoMjhCeUCXgsqJTYUa4NDQ XefaTELv0QjwDaCdpYCAZ0TzxcuIqYXruvo7uL8ioT09OazpMvv5HzqBqd6iXms5 TYqhyIXI4Zpl0E5oqUyRPWlO8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJWX4NHX crA5LeU+W11FiTWSWw1tMB8GA1UdIwQYMBaAFClKzQjaGROMN++vsnSh53V3HkU+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhGOS9EQzZCMzYxNEZF NkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0dzM3Ni15ZEtIbmRYY2VS VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVck5DTm9aRTR3Mzc2LXlkS0huZFhjZVJUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzhGOS9EQzZCMzYxNEZFNkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0 dzM3Ni15ZEtIbmRYY2VSVDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmNJIUmVC8NGt6ZKdwlJmZSw4H2x1Um/Iiqqm3mxWvf6t+xq9cSoCs +bHPW1CAMdXF9/jCb3O3MrPxNqXhu5SmH7coGyvTbvaTMJuC/CFDnGdm4H+4w7I2 IgutvKEeXJcQWYw1D3HaZMEJ0ujuCm3qRv8NIK7qoUM/oNv9Ctra3tISACs4QosV ulef2GvQdWLNV3QuCeexS0UeSjlwl0nzBQ3vcbWtZSpAm2FFpRlLA7ZyZKu6iNUa enueoLsSsacV7WsIV4AxDz5bgnMy2AfAZ3vWvFriQXUTpVOkcLnXfk1yryEh98C5 THcWgzSkEuEx/HtL/hlL76//13XAUK3O -----END CERTIFICATE-----Generated at Tue May 13 16:08:28 2025 by rpki-client