$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft File: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft (raw, json) Hash identifier: 4iFD6UpQXqpjJapyl2oF/gMdBEJD3JiaQGqWnlSMrzA= Subject key identifier: 47:BA:6B:70:23:4E:C6:F2:70:A2:18:AF:AC:A7:DD:5D:6B:1E:A4:B3 Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 Certificate issuer: /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Certificate serial: 0731 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft Manifest number: 071A Signing time: Sat 10 May 2025 21:32:07 +0000 Manifest this update: Sat 10 May 2025 21:32:07 +0000 Manifest next update: Sat 17 May 2025 21:32:07 +0000 Files and hashes: 1: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl (hash: ggWSP9i42Tcnz3NoOw4BbIt9D8PDfn2AmM5XW/Qwx6Q=) 2: C42CEC7ECC3611EF9C79665CC4F9AE02.roa (hash: +9I46oBmobqbn5rox7c5LlYsiP1+hncBa8w/SO0pYyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 21:32:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1841 (0x731) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5021, serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Validity Not Before: May 10 21:32:07 2025 GMT Not After : May 17 21:32:07 2025 GMT Subject: CN=681fc5d7-54dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3b:e8:f4:8a:ba:a9:fa:16:6c:e5:f4:03:48: 0c:0b:41:30:d7:3c:0a:f4:68:38:a6:4a:0e:80:5b: 5e:c1:a1:d9:8f:20:6d:e7:11:0f:cc:4d:8e:c6:cb: aa:30:34:a4:86:ec:f5:c4:a6:ee:65:92:1c:02:ab: 60:7b:01:30:51:cc:9c:7d:af:4f:32:9d:b3:39:f1: 32:cf:bf:17:01:4e:df:e2:eb:8b:52:3a:10:d3:3b: 42:36:9a:8d:92:72:dc:bb:92:b1:3d:8e:ff:c1:e5: ff:8d:da:e9:33:6d:3c:73:5f:98:75:3c:06:e5:7a: a9:65:41:68:53:84:b9:0a:06:34:4d:37:39:67:85: d2:60:cd:c1:fa:b9:ec:06:15:71:f1:a1:3c:d7:f9: 35:fb:6f:f9:5e:7c:fd:78:08:a0:e8:2f:d1:5d:83: 21:b4:ce:57:7b:4a:be:7f:3a:3a:bd:de:a0:50:fa: fe:30:a6:76:0a:08:0d:c0:a8:43:82:d7:62:6d:e4: 83:7a:08:89:16:62:34:78:d1:33:e5:bc:f0:45:33: 3b:aa:95:80:79:16:5c:d8:aa:8c:26:9f:c0:ed:0f: 22:0f:ea:e9:15:ab:14:c6:27:4f:5a:c8:d8:60:13: 1e:08:48:2d:65:cd:85:a6:3f:67:93:a8:b4:70:18: 60:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:BA:6B:70:23:4E:C6:F2:70:A2:18:AF:AC:A7:DD:5D:6B:1E:A4:B3 X509v3 Authority Key Identifier: keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:dd:09:7f:fb:55:29:e7:10:3f:f7:ae:d3:a4:77:a4:49:51: eb:09:a5:6a:d0:be:93:3a:6a:d2:ba:87:09:84:6d:4e:c4:0d: 06:97:70:9c:30:bd:33:7f:df:f7:fa:46:0e:ce:36:39:33:75: ae:ee:6a:59:f0:4a:32:89:e3:3e:5f:e0:76:1a:e1:22:ac:9f: f1:55:e4:e8:37:12:02:76:9d:ee:c9:2b:15:b2:13:77:39:72: cf:65:26:69:5c:ee:07:3d:7a:66:a0:50:1d:4f:87:90:fe:c2: 0d:94:65:aa:59:28:b7:dc:cb:91:01:47:93:6e:b2:82:8b:52: 10:a3:1a:83:61:ca:89:45:9f:ec:c8:66:f9:b7:c3:ae:07:3b: 8a:5b:3c:af:24:78:69:9b:4e:2c:bc:60:bb:21:98:c3:32:12: 68:c0:1b:29:ce:8d:ce:85:8f:5e:96:e3:80:69:fa:23:e1:fc: 54:55:1c:14:53:0a:18:65:63:3c:4a:b8:17:7f:72:26:b6:14: 77:e8:c8:28:f0:17:b6:32:ac:09:69:f9:60:8c:39:e8:ef:d5: 8d:ba:e7:75:1f:42:f9:64:27:c3:af:0a:b5:ea:99:54:66:56: 95:03:fb:d9:a8:a4:8f:7f:86:77:1c:bf:81:aa:3c:f0:fc:3b: a6:18:4b:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF QjdEM0U5MDIwHhcNMjUwNTEwMjEzMjA3WhcNMjUwNTE3MjEzMjA3WjAYMRYwFAYD VQQDEw02ODFmYzVkNy01NGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvzvo9Iq6qfoWbOX0A0gMC0Ew1zwK9Gg4pkoOgFtewaHZjyBt5xEPzE2Oxsuq MDSkhuz1xKbuZZIcAqtgewEwUcycfa9PMp2zOfEyz78XAU7f4uuLUjoQ0ztCNpqN knLcu5KxPY7/weX/jdrpM208c1+YdTwG5XqpZUFoU4S5CgY0TTc5Z4XSYM3B+rns BhVx8aE81/k1+2/5Xnz9eAig6C/RXYMhtM5Xe0q+fzo6vd6gUPr+MKZ2CggNwKhD gtdibeSDegiJFmI0eNEz5bzwRTM7qpWAeRZc2KqMJp/A7Q8iD+rpFasUxidPWsjY YBMeCEgtZc2Fpj9nk6i0cBhgewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEe6a3Aj TsbycKIYr6yn3V1rHqSzMB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2 UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTAyMS85QUZENDg2QzNCQkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhL TzZhanBLaDlhT25yZlQ2UUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAc3Ql/+1Up5xA/967TpHekSVHrCaVq0L6TOmrSuocJhG1OxA0Gl3Cc ML0zf9/3+kYOzjY5M3Wu7mpZ8EoyieM+X+B2GuEirJ/xVeToNxICdp3uySsVshN3 OXLPZSZpXO4HPXpmoFAdT4eQ/sINlGWqWSi33MuRAUeTbrKCi1IQoxqDYcqJRZ/s yGb5t8OuBzuKWzyvJHhpm04svGC7IZjDMhJowBspzo3OhY9eluOAafoj4fxUVRwU UwoYZWM8SrgXf3ImthR36Mgo8Be2MqwJaflgjDno79WNuud1H0L5ZCfDrwq16plU ZlaVA/vZqKSPf4Z3HL+Bqjzw/DumGEvO -----END CERTIFICATE-----Generated at Sun May 11 15:57:53 2025 by rpki-client