$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft File: kBUoySF5F9lWch0caFZlNFvrVv0.mft (raw, json) Hash identifier: YQF2+WtEQQPKNIzq/WGnRPhHEIF2/rkfgmFCdPXrsB8= Subject key identifier: E2:63:85:17:3F:51:97:BA:54:5B:D5:95:8A:62:92:E1:EC:A3:15:5B Authority key identifier: 90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD Certificate issuer: /CN=A91CFAB9/serialNumber=901528C9217917D956721D1C685665345BEB56FD Certificate serial: 0325 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft Manifest number: 0321 Signing time: Fri 09 May 2025 00:37:59 +0000 Manifest this update: Fri 09 May 2025 00:37:59 +0000 Manifest next update: Fri 16 May 2025 00:37:59 +0000 Files and hashes: 1: kBUoySF5F9lWch0caFZlNFvrVv0.crl (hash: gmLpQLcJ0ApEX/ZzvdZDOyImmMNFUBVr8KGa0kGuMXw=) 2: 39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa (hash: NmvW/sg0pEXjTHBegEg6TihBwGGc4JodMMQnzVosHvc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 00:37:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 805 (0x325) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=901528C9217917D956721D1C685665345BEB56FD Validity Not Before: May 9 00:37:59 2025 GMT Not After : May 16 00:37:59 2025 GMT Subject: CN=681d4e67-e2dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4c:64:02:c9:3e:05:57:36:bb:72:63:2d:ae: e5:f5:ae:4c:81:a9:87:30:ba:29:76:4e:6b:f5:bd: 77:4e:99:e6:e1:6b:46:19:8f:fb:45:b8:4d:2f:0d: f7:86:1a:89:96:70:37:1a:fd:e3:05:24:e5:ff:83: a6:20:c3:d5:6a:99:69:9f:16:4f:47:97:c0:ec:e1: 53:29:f1:d2:04:38:f9:68:45:64:e1:47:7f:74:39: 04:bb:21:fb:c2:cf:d8:26:f3:94:5b:1e:0c:8b:a7: 01:81:10:18:a2:18:9d:4b:c0:e7:ed:3b:75:db:39: a9:da:c3:49:96:c2:ad:41:36:3a:32:8d:ad:83:b8: 83:88:52:4f:75:9c:45:a2:52:b3:65:25:60:de:57: 13:35:3d:99:b4:a5:da:e1:14:d7:e3:70:48:a7:90: f3:7a:a7:5a:1f:19:15:c7:c5:73:cb:d6:ba:3e:9c: fc:93:35:45:74:ee:6f:de:67:96:65:3a:fe:13:5f: 47:c1:74:60:05:b2:8c:ea:5b:68:70:f4:e4:3e:2a: f0:46:b2:56:4e:47:d6:11:d9:75:f6:26:b0:79:d6: e6:79:42:88:c3:89:87:1e:9d:06:7c:fb:92:07:6b: 2e:8c:6c:6d:bf:a7:33:87:dc:a5:5b:04:2f:fb:3a: 17:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:63:85:17:3F:51:97:BA:54:5B:D5:95:8A:62:92:E1:EC:A3:15:5B X509v3 Authority Key Identifier: keyid:90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:3d:85:8a:35:b8:ac:ba:bd:06:32:76:7c:9d:d3:73:43:fa: 27:7f:58:17:ca:d7:f2:cc:f4:aa:8c:58:35:b7:fe:6e:3d:b4: df:af:5a:8f:ef:0f:3b:b3:d0:7b:e3:08:e3:75:69:cf:3b:5b: 65:22:45:a8:45:6d:6a:4c:12:e9:7d:49:32:31:f5:aa:eb:d9: 6f:fc:a2:02:5f:cf:71:ab:c2:71:ca:c2:19:e0:7e:a1:b4:73: 6e:07:13:12:a8:e3:00:5f:07:b8:9a:e9:e9:8a:36:ee:ce:ee: e2:1f:65:7f:0b:d9:51:41:3a:fe:c3:21:eb:7f:a7:4c:b0:21: a4:51:80:6b:2f:b7:04:7d:09:eb:75:78:6c:ec:0a:bc:97:35: 20:e5:c2:8a:3b:8e:85:79:0a:eb:31:0c:f9:c6:ad:ab:ad:f5: 0a:53:60:39:0a:6d:8f:7d:83:cc:7e:9c:ad:cd:f3:e3:90:a0: 68:e4:93:8c:84:95:c5:6a:54:be:08:33:cb:b9:ea:37:cf:c5: ec:a8:13:b4:1e:4b:07:a3:6f:ec:ad:89:74:4e:42:af:8f:95: 67:d2:e0:83:8e:bd:b5:a0:33:0b:8b:b9:a4:48:f0:c9:56:80: 95:57:dd:77:0e:04:bd:3a:ae:2a:01:b1:1b:ea:4c:88:9f:0b: 8c:cd:90:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAyUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKDkwMTUyOEM5MjE3OTE3RDk1NjcyMUQxQzY4NTY2NTM0 NUJFQjU2RkQwHhcNMjUwNTA5MDAzNzU5WhcNMjUwNTE2MDAzNzU5WjAYMRYwFAYD VQQDEw02ODFkNGU2Ny1lMmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx0xkAsk+BVc2u3JjLa7l9a5MgamHMLopdk5r9b13Tpnm4WtGGY/7RbhNLw33 hhqJlnA3Gv3jBSTl/4OmIMPVaplpnxZPR5fA7OFTKfHSBDj5aEVk4Ud/dDkEuyH7 ws/YJvOUWx4Mi6cBgRAYohidS8Dn7Tt12zmp2sNJlsKtQTY6Mo2tg7iDiFJPdZxF olKzZSVg3lcTNT2ZtKXa4RTX43BIp5DzeqdaHxkVx8Vzy9a6Ppz8kzVFdO5v3meW ZTr+E19HwXRgBbKM6ltocPTkPirwRrJWTkfWEdl19iawedbmeUKIw4mHHp0GfPuS B2sujGxtv6czh9ylWwQv+zoX6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOJjhRc/ UZe6VFvVlYpikuHsoxVbMB8GA1UdIwQYMBaAFJAVKMkheRfZVnIdHGhWZTRb61b9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS8xQ0Q0NEY5RUM3 N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5bFdjaDBjYUZabE5GdnJW djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tCVW95U0Y1RjlsV2NoMGNhRlpsTkZ2clZ2MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkFCOS8xQ0Q0NEY5RUM3N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5 bFdjaDBjYUZabE5GdnJWdjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkPYWKNbisur0GMnZ8ndNzQ/onf1gXytfyzPSqjFg1t/5uPbTfr1qP 7w87s9B74wjjdWnPO1tlIkWoRW1qTBLpfUkyMfWq69lv/KICX89xq8JxysIZ4H6h tHNuBxMSqOMAXwe4munpijbuzu7iH2V/C9lRQTr+wyHrf6dMsCGkUYBrL7cEfQnr dXhs7Aq8lzUg5cKKO46FeQrrMQz5xq2rrfUKU2A5Cm2PfYPMfpytzfPjkKBo5JOM hJXFalS+CDPLueo3z8XsqBO0HksHo2/srYl0TkKvj5Vn0uCDjr21oDMLi7mkSPDJ VoCVV913DgS9Oq4qAbEb6kyInwuMzZBj -----END CERTIFICATE-----Generated at Sat May 10 10:02:27 2025 by rpki-client