$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft File: KgD9XV6u-B8ysAsuXILF7NrBJpM.mft (raw, json) Hash identifier: LMSfBJHDaFgANnuDtXbnH+AifTwhLQThTWjykvwVECY= Subject key identifier: 0B:1D:6F:73:AA:C8:3A:29:59:59:0C:82:DF:3C:4B:F7:E9:DB:4D:A1 Authority key identifier: 2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 Certificate issuer: /CN=A91B6B4B/serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Certificate serial: 0B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft Manifest number: 0A Signing time: Thu 15 May 2025 07:25:44 +0000 Manifest this update: Thu 15 May 2025 07:25:44 +0000 Manifest next update: Thu 22 May 2025 07:25:44 +0000 Files and hashes: 1: KgD9XV6u-B8ysAsuXILF7NrBJpM.crl (hash: +p96YGwoN1X3QyJ0Yn2cK/7+ex6eaWwY6HIKd+ymOvg=) 2: B3F95F9A24C411F0A4C45287C4F9AE02.roa (hash: SpbPHZ/krAG/WpD65rr9pmBtHMuwVfhmB9bAKCP8oRU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 07:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6B4B, serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Validity Not Before: May 15 07:25:44 2025 GMT Not After : May 22 07:25:44 2025 GMT Subject: CN=682596f8-c7a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8a:d8:f5:54:ea:e6:3e:58:26:e2:04:08:40: 91:4c:96:2b:21:e2:70:de:bb:32:13:4e:10:b0:1c: c4:2e:6c:dd:ff:fb:0b:5f:b8:e5:26:ab:52:95:54: 9d:4e:4a:1a:93:4d:c3:e4:d3:71:04:63:4b:59:82: da:e0:08:27:2c:4f:a2:f1:a0:2c:e4:bc:d2:47:03: 8a:c6:e1:cf:09:8a:3e:ea:92:73:d6:51:9d:6e:ff: f0:69:bb:f8:a5:73:74:86:20:09:e3:ba:62:54:81: 79:c6:71:fb:47:dc:cb:30:3c:24:a0:a2:12:cb:da: 34:58:ac:c3:53:95:e7:3a:fd:21:93:4e:73:49:db: bf:97:53:ea:46:be:c3:31:22:0b:d4:e1:37:0a:72: 20:62:ab:07:6c:10:f1:12:76:2c:25:a1:49:05:87: 66:dc:57:0c:5e:65:37:09:97:fc:03:15:5d:70:71: a8:e5:6a:80:a0:19:27:de:9e:d4:0c:5c:fc:79:30: 0c:d5:e6:5f:15:bb:c1:15:93:34:f6:2d:ee:e7:21: cd:d9:c4:14:9c:3e:49:7f:07:ce:9e:f1:5c:f3:72: a6:b3:1b:cd:c1:08:2d:bd:9b:3f:6e:12:b3:37:8a: 39:0e:cf:2b:a9:b2:46:fa:a8:6d:0c:43:2b:23:4b: 51:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:1D:6F:73:AA:C8:3A:29:59:59:0C:82:DF:3C:4B:F7:E9:DB:4D:A1 X509v3 Authority Key Identifier: keyid:2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:dc:bd:f4:da:2e:d1:f9:de:ba:e8:2b:87:74:84:f2:5b:09: c4:ca:9b:c8:4b:80:bf:ca:e1:3e:19:b9:ea:8f:73:31:f7:b1: 99:6d:6b:0a:f4:07:04:bf:00:52:98:4c:ac:72:d9:a1:4e:db: 12:67:ad:4a:68:13:4c:dd:c2:b1:29:f7:75:c6:ba:f9:5c:6a: eb:8a:d2:9f:8f:d1:ec:d7:aa:38:ab:e4:97:bb:dd:7e:c9:5c: 63:41:c4:08:0f:03:92:48:24:19:56:43:3a:c9:a1:0b:62:01: 53:ae:43:1f:4e:b3:63:85:ba:78:d7:e6:82:14:1b:92:44:64: 46:2f:73:24:8b:f8:de:e4:a7:48:41:a8:97:bc:bd:0b:04:28: 31:d9:33:90:f8:54:82:24:2a:1f:6e:ae:55:01:c0:b5:20:d5: 47:b2:08:67:18:c4:e8:aa:ce:10:27:bd:a7:22:72:d4:d9:69: 4a:1a:14:d5:53:63:9f:52:fc:73:2a:21:9b:3b:98:f3:3f:34: 1f:dc:28:2d:31:a0:2e:82:1a:80:58:12:ef:83:33:fd:98:f7: e3:ea:e5:b7:1b:60:c8:d7:c8:d5:b5:7b:9e:62:d3:3b:2a:93: dc:10:51:43:33:78:e7:eb:06:df:aa:06:28:c2:c3:e5:f6:80: 65:04:18:e7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NkI0QjExMC8GA1UEBRMoMkEwMEZENUQ1RUFFRjgxRjMyQjAwQjJFNUM4MkM1RUNE QUMxMjY5MzAeFw0yNTA1MTUwNzI1NDRaFw0yNTA1MjIwNzI1NDRaMBgxFjAUBgNV BAMTDTY4MjU5NmY4LWM3YTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0itj1VOrmPlgm4gQIQJFMlish4nDeuzITThCwHMQubN3/+wtfuOUmq1KVVJ1O ShqTTcPk03EEY0tZgtrgCCcsT6LxoCzkvNJHA4rG4c8Jij7qknPWUZ1u//Bpu/il c3SGIAnjumJUgXnGcftH3MswPCSgohLL2jRYrMNTlec6/SGTTnNJ27+XU+pGvsMx IgvU4TcKciBiqwdsEPESdiwloUkFh2bcVwxeZTcJl/wDFV1wcajlaoCgGSfentQM XPx5MAzV5l8Vu8EVkzT2Le7nIc3ZxBScPkl/B86e8VzzcqazG83BCC29mz9uErM3 ijkOzyupskb6qG0MQysjS1GXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUCx1vc6rI OilZWQyC3zxL9+nbTaEwHwYDVR0jBBgwFoAUKgD9XV6u+B8ysAsuXILF7NrBJpMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2QjRCL0JCNDJDMURFMjRD MzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4eXNBc3VYSUxGN05yQkpw TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS2dEOVhWNnUtQjh5c0FzdVhJTEY3TnJCSnBNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2 QjRCL0JCNDJDMURFMjRDMzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4 eXNBc3VYSUxGN05yQkpwTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIXcvfTaLtH53rroK4d0hPJbCcTKm8hLgL/K4T4ZueqPczH3sZltawr0 BwS/AFKYTKxy2aFO2xJnrUpoE0zdwrEp93XGuvlcauuK0p+P0ezXqjir5Je73X7J XGNBxAgPA5JIJBlWQzrJoQtiAVOuQx9Os2OFunjX5oIUG5JEZEYvcySL+N7kp0hB qJe8vQsEKDHZM5D4VIIkKh9urlUBwLUg1UeyCGcYxOiqzhAnvacictTZaUoaFNVT Y59S/HMqIZs7mPM/NB/cKC0xoC6CGoBYEu+DM/2Y9+Pq5bcbYMjXyNW1e55i0zsq k9wQUUMzeOfrBt+qBijCw+X2gGUEGOc= -----END CERTIFICATE-----Generated at Fri May 16 03:20:17 2025 by rpki-client