$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft File: KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft (raw, json) Hash identifier: XXTx7MDpBrLodORuUL/TmggglPsL5gVxYCbj/D08epY= Subject key identifier: B9:E7:77:FA:7D:77:BA:B6:A8:68:E1:C5:66:9E:6B:06:12:EB:94:05 Authority key identifier: 29:0C:40:10:FA:DC:47:69:47:E0:09:3F:43:F7:00:4F:0D:7C:5C:1C Certificate issuer: /CN=A91A3456/serialNumber=290C4010FADC476947E0093F43F7004F0D7C5C1C Certificate serial: 0B08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft Manifest number: 0B02 Signing time: Mon 12 May 2025 19:08:49 +0000 Manifest this update: Mon 12 May 2025 19:08:49 +0000 Manifest next update: Mon 19 May 2025 19:08:49 +0000 Files and hashes: 1: KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl (hash: gHxDnRrk++U2b3zDj9PRw+5xCW/yrFMTsL3Vbs13HsQ=) 2: 496096EE41A311EABAADCE0AC4F9AE02.roa (hash: c6hB6o27DTn4G9KshxwwCrACiildcNHuM9kyD7kWDTE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:08:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2824 (0xb08) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3456, serialNumber=290C4010FADC476947E0093F43F7004F0D7C5C1C Validity Not Before: May 12 19:08:49 2025 GMT Not After : May 19 19:08:49 2025 GMT Subject: CN=68224741-ff99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ac:b8:38:90:51:38:86:a5:70:2e:03:76:40: 5c:59:f8:b1:6c:0e:a0:08:23:c6:b4:e9:9e:e5:55: 09:09:a8:68:23:7f:14:a0:af:e9:b8:d0:a5:81:c0: 10:76:e8:40:21:bf:58:62:84:3c:3a:28:f2:e7:43: 91:fd:71:cc:f2:0c:16:d0:3f:0e:bd:72:7b:be:a9: 2e:1b:f0:2d:50:36:1a:5a:f6:81:59:fd:f3:73:c8: f3:96:09:65:8c:bb:20:c8:c0:a6:da:27:ee:09:eb: 1f:0f:3b:4f:fd:04:f1:04:93:7e:3a:72:13:af:22: ac:9f:25:81:c5:28:1f:ec:d6:79:7f:35:bf:6e:f6: 5e:91:85:33:ba:9c:5c:8d:a2:ff:da:b6:77:bb:a8: e8:21:db:d7:ae:27:e3:ec:20:7c:c3:89:83:0b:b1: 60:bd:9b:37:98:97:65:0a:0b:24:43:1c:5a:a8:7a: b4:24:c7:a5:a9:cb:eb:92:f3:7d:bb:bd:cb:0c:29: 95:b3:08:39:c1:54:41:48:df:97:16:28:b9:b0:46: 8b:fc:2f:ac:bf:ae:98:98:26:f3:5d:7e:68:61:55: 02:ec:44:05:a5:81:28:b4:50:10:80:54:65:fb:89: 7e:af:4b:3a:fd:46:fe:91:a5:3c:cc:11:5c:de:cd: fb:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:E7:77:FA:7D:77:BA:B6:A8:68:E1:C5:66:9E:6B:06:12:EB:94:05 X509v3 Authority Key Identifier: keyid:29:0C:40:10:FA:DC:47:69:47:E0:09:3F:43:F7:00:4F:0D:7C:5C:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d5:62:63:03:9d:c6:37:32:63:38:11:56:be:70:bb:35:dd:63: 4a:33:e0:1e:37:a4:bd:d0:bf:51:aa:a8:9f:24:36:4f:d5:e4: 99:a6:96:3d:75:31:8e:1a:34:83:42:99:a4:82:27:b0:a5:06: 0d:7f:99:c1:ce:f7:c4:83:08:00:cd:d7:ec:20:e5:9f:e4:8d: 06:02:e8:6f:61:e0:50:03:66:dc:25:6a:a5:2a:c2:81:43:e3: 9a:7b:d0:c7:41:c1:ef:d9:bf:40:94:54:46:83:d1:ed:90:5b: db:1d:8a:62:b0:a6:94:f9:e3:40:64:52:61:ec:6a:37:6f:6e: 38:ec:21:9c:bc:95:2c:65:f6:fe:da:64:5b:37:7b:a4:3d:32: 8e:75:7f:88:64:1d:32:ce:b2:f6:b0:3b:cc:30:26:c3:02:7c: 28:32:df:36:9c:fe:81:a0:f9:49:71:be:b7:3f:79:0d:e7:75: 38:e9:a9:7e:28:55:9b:13:eb:6b:36:e2:16:6f:d3:10:1e:1e: d2:eb:a2:d8:10:92:6d:4b:77:1d:f9:a8:42:01:9b:c5:7c:f7: d4:76:f8:f4:a4:42:05:df:70:04:62:fe:41:a3:db:84:04:f9: 4b:b0:9d:8f:9e:05:70:e3:35:f3:e9:d8:cb:43:89:4f:b9:2f: 7c:63:d1:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM0NTYxMTAvBgNVBAUTKDI5MEM0MDEwRkFEQzQ3Njk0N0UwMDkzRjQzRjcwMDRG MEQ3QzVDMUMwHhcNMjUwNTEyMTkwODQ5WhcNMjUwNTE5MTkwODQ5WjAYMRYwFAYD VQQDEw02ODIyNDc0MS1mZjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyqy4OJBROIalcC4DdkBcWfixbA6gCCPGtOme5VUJCahoI38UoK/puNClgcAQ duhAIb9YYoQ8Oijy50OR/XHM8gwW0D8OvXJ7vqkuG/AtUDYaWvaBWf3zc8jzlgll jLsgyMCm2ifuCesfDztP/QTxBJN+OnITryKsnyWBxSgf7NZ5fzW/bvZekYUzupxc jaL/2rZ3u6joIdvXrifj7CB8w4mDC7FgvZs3mJdlCgskQxxaqHq0JMelqcvrkvN9 u73LDCmVswg5wVRBSN+XFii5sEaL/C+sv66YmCbzXX5oYVUC7EQFpYEotFAQgFRl +4l+r0s6/Ub+kaU8zBFc3s37qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLnnd/p9 d7q2qGjhxWaeawYS65QFMB8GA1UdIwQYMBaAFCkMQBD63EdpR+AJP0P3AE8NfFwc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzQ1Ni82QzI3RjI1QTQx QTExMUVBQTQ3RDFFODZDNEY5QUUwMi9LUXhBRVByY1IybEg0QWtfUV9jQVR3MThY QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tReEFFUHJjUjJsSDRBa19RX2NBVHcxOFhCdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MzQ1Ni82QzI3RjI1QTQxQTExMUVBQTQ3RDFFODZDNEY5QUUwMi9LUXhBRVByY1Iy bEg0QWtfUV9jQVR3MThYQncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDVYmMDncY3MmM4EVa+cLs13WNKM+AeN6S90L9RqqifJDZP1eSZppY9 dTGOGjSDQpmkgiewpQYNf5nBzvfEgwgAzdfsIOWf5I0GAuhvYeBQA2bcJWqlKsKB Q+Oae9DHQcHv2b9AlFRGg9HtkFvbHYpisKaU+eNAZFJh7Go3b2447CGcvJUsZfb+ 2mRbN3ukPTKOdX+IZB0yzrL2sDvMMCbDAnwoMt82nP6BoPlJcb63P3kN53U46al+ KFWbE+trNuIWb9MQHh7S66LYEJJtS3cd+ahCAZvFfPfUdvj0pEIF33AEYv5Bo9uE BPlLsJ2PngVw4zXz6djLQ4lPuS98Y9Hj -----END CERTIFICATE-----Generated at Tue May 13 15:16:17 2025 by rpki-client