$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft File: KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft (raw, json) Hash identifier: SnewvIW/0ZDxU9HaQ8t221dxnt9CpSNp6JXtX2bI7q0= Subject key identifier: A4:6F:59:8C:36:E5:48:92:5D:9A:46:A9:94:39:53:E7:E3:DD:A3:2C Authority key identifier: 28:1D:DA:09:71:75:C0:43:29:43:FD:E5:7C:A3:3D:28:E5:07:3B:C4 Certificate issuer: /CN=A91A7F56/serialNumber=281DDA097175C0432943FDE57CA33D28E5073BC4 Certificate serial: FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft Manifest number: FD Signing time: Thu 15 May 2025 04:27:09 +0000 Manifest this update: Thu 15 May 2025 04:27:09 +0000 Manifest next update: Thu 22 May 2025 04:27:09 +0000 Files and hashes: 1: KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.crl (hash: MmqmIPkX53t79PRrnzL2jlFKI8IR5Xijd6IjjmyDM9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.crl rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 04:27:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 253 (0xfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7F56, serialNumber=281DDA097175C0432943FDE57CA33D28E5073BC4 Validity Not Before: May 15 04:27:09 2025 GMT Not After : May 22 04:27:09 2025 GMT Subject: CN=68256d1d-f30c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:dd:0e:9a:ab:13:27:43:4b:16:62:9f:b7:59: 38:be:b5:6f:7d:f5:55:9c:1a:5a:2b:0f:95:0d:a2: 1a:65:e7:12:a2:f9:44:a3:b8:1e:56:9f:04:7c:11: 01:53:2d:08:35:d3:d9:6d:2b:01:d9:c3:b3:90:92: 07:33:5e:02:17:ba:c6:8c:bb:0b:42:d6:da:c1:fb: 17:12:27:f1:1c:dc:46:30:d4:5e:7c:a5:7a:63:bb: 6a:45:c9:b7:9e:b1:4c:65:94:bb:e7:5d:dd:ce:46: 14:b2:61:66:6d:df:89:5f:bd:6b:ea:ca:dc:4b:06: 90:13:6a:ec:16:41:f2:90:79:aa:26:d0:46:78:10: e7:69:a5:86:43:bd:6f:0e:d6:0e:d2:c2:b3:bb:97: 86:eb:d8:54:3c:0e:3f:fd:ad:25:17:6a:4f:f8:fc: 17:27:43:e3:5d:d7:7b:5b:6b:a4:8e:49:96:0a:35: 07:98:97:59:3c:36:23:87:ed:e9:ea:66:6d:9f:a0: 17:86:0c:e2:a2:58:0a:25:7a:f4:37:8e:a9:35:c7: 03:1b:0f:9c:67:4d:77:25:5c:a6:cc:04:74:99:b1: 3a:fa:22:44:93:5b:c6:a2:84:7e:68:53:bf:70:7f: 5d:bd:e3:8f:56:93:63:25:3e:88:1f:b9:40:f7:af: a5:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:6F:59:8C:36:E5:48:92:5D:9A:46:A9:94:39:53:E7:E3:DD:A3:2C X509v3 Authority Key Identifier: keyid:28:1D:DA:09:71:75:C0:43:29:43:FD:E5:7C:A3:3D:28:E5:07:3B:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:9d:09:98:57:ad:69:e2:48:74:7c:41:a1:2a:1d:80:7a:75: 53:99:2e:1d:54:a5:8e:88:8d:d3:e0:41:4e:a8:e8:bf:00:00: ea:3b:aa:ad:ca:3e:d0:cb:41:f2:3b:89:7b:1c:6f:eb:5f:35: b7:29:2f:71:3e:c4:e5:0d:f0:6a:c1:d4:2c:6f:d6:2f:12:0f: de:22:55:09:6f:36:d6:f1:c2:00:0e:27:0d:ed:0d:52:fa:21: 1a:9b:a3:fb:3f:c5:fa:56:47:a3:84:66:c2:aa:38:af:b5:9d: c3:fc:75:79:ba:65:46:ab:58:7d:3c:96:b8:d9:4d:89:c7:21: 2a:2e:07:71:6d:14:4c:e9:f6:8b:11:19:1b:56:eb:ad:ac:e2: 8f:ce:d3:fd:f5:5e:8f:6c:36:f2:d6:7a:3a:b2:21:30:46:9b: 6e:e0:7b:38:33:ab:22:dc:8f:3d:78:58:20:4a:13:0e:a2:2f: c9:32:f4:73:a9:ab:ad:73:3d:92:f5:e7:c9:a8:6d:f9:e2:59: 59:e0:30:10:ad:8a:f4:a6:a7:b6:34:7d:1f:f5:24:75:01:5a: 31:95:6f:cd:db:09:d2:2f:7e:68:c4:25:0a:42:12:c6:a4:28: 00:d9:c8:af:46:68:cf:b1:bd:38:77:88:e0:d1:68:1d:e2:9d: 97:22:c0:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdGNTYxMTAvBgNVBAUTKDI4MUREQTA5NzE3NUMwNDMyOTQzRkRFNTdDQTMzRDI4 RTUwNzNCQzQwHhcNMjUwNTE1MDQyNzA5WhcNMjUwNTIyMDQyNzA5WjAYMRYwFAYD VQQDEw02ODI1NmQxZC1mMzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx90OmqsTJ0NLFmKft1k4vrVvffVVnBpaKw+VDaIaZecSovlEo7geVp8EfBEB Uy0INdPZbSsB2cOzkJIHM14CF7rGjLsLQtbawfsXEifxHNxGMNRefKV6Y7tqRcm3 nrFMZZS7513dzkYUsmFmbd+JX71r6srcSwaQE2rsFkHykHmqJtBGeBDnaaWGQ71v DtYO0sKzu5eG69hUPA4//a0lF2pP+PwXJ0PjXdd7W2ukjkmWCjUHmJdZPDYjh+3p 6mZtn6AXhgziolgKJXr0N46pNccDGw+cZ013JVymzAR0mbE6+iJEk1vGooR+aFO/ cH9dveOPVpNjJT6IH7lA96+lRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKRvWYw2 5UiSXZpGqZQ5U+fj3aMsMB8GA1UdIwQYMBaAFCgd2glxdcBDKUP95XyjPSjlBzvE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0Y1Ni85RTFDODlBNkFD Q0QxMUVFODEwNjkwNTBDNEY5QUUwMi9LQjNhQ1hGMXdFTXBRXzNsZktNOUtPVUhP OFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCM2FDWEYxd0VNcFFfM2xmS005S09VSE84US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0Y1Ni85RTFDODlBNkFDQ0QxMUVFODEwNjkwNTBDNEY5QUUwMi9LQjNhQ1hGMXdF TXBRXzNsZktNOUtPVUhPOFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXnQmYV61p4kh0fEGhKh2AenVTmS4dVKWOiI3T4EFOqOi/AADqO6qt yj7Qy0HyO4l7HG/rXzW3KS9xPsTlDfBqwdQsb9YvEg/eIlUJbzbW8cIADicN7Q1S +iEam6P7P8X6VkejhGbCqjivtZ3D/HV5umVGq1h9PJa42U2JxyEqLgdxbRRM6faL ERkbVuutrOKPztP99V6PbDby1no6siEwRptu4Hs4M6si3I89eFggShMOoi/JMvRz qautcz2S9efJqG354llZ4DAQrYr0pqe2NH0f9SR1AVoxlW/N2wnSL35oxCUKQhLG pCgA2civRmjPsb04d4jg0Wgd4p2XIsCK -----END CERTIFICATE-----Generated at Fri May 16 09:48:33 2025 by rpki-client