$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: T9Nuuu2axk21vTiTLZDPQSOo7QzEIty++WlhKydK3bI= Subject key identifier: 66:83:4C:E4:D0:A6:09:FA:13:B4:F1:7F:23:0F:03:98:3E:6D:09:97 Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01A2 Signing time: Wed 07 May 2025 02:41:12 +0000 Manifest this update: Wed 07 May 2025 02:41:12 +0000 Manifest next update: Wed 14 May 2025 02:41:12 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: e/L28XwTUvgKT/anasgvM/UO1qxKzYpe3k3QXifa1VM=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 02:41:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 428 (0x1ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: May 7 02:41:12 2025 GMT Not After : May 14 02:41:12 2025 GMT Subject: CN=681ac848-6e36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a0:c8:90:c2:1f:ba:0f:45:15:bf:f6:5a:6f: b2:3c:fe:a8:2f:e1:b2:df:33:56:9d:32:02:2c:90: df:07:f9:ab:f8:39:de:2a:c2:18:e1:1f:c3:5d:67: 35:b5:8b:e9:21:ee:a6:8d:7a:5b:01:57:c0:5b:fd: 15:6f:27:97:1b:6a:9d:6c:02:62:5d:28:db:33:80: d8:74:ca:0d:2a:63:ee:e7:99:38:61:5e:11:25:89: 61:74:47:74:17:7e:dd:df:ba:7e:f1:d0:56:2d:cd: 44:82:d7:01:56:bd:4e:4d:e8:83:b6:c7:64:9e:a4: b1:5f:f1:c1:2a:4a:75:02:67:be:a9:b5:71:0a:9b: 52:db:43:83:05:38:d7:c8:96:36:6b:9f:44:67:a0: 57:6e:e1:7e:2d:af:96:43:db:83:21:ea:bb:7c:30: a5:89:e3:66:62:b3:61:27:4c:11:3f:71:10:16:58: 17:bb:e2:e7:2b:0f:2b:ce:8f:49:10:a2:4d:b8:34: 65:0b:c8:c7:bd:3e:69:10:d5:15:34:ff:95:dd:2b: 14:6f:d7:59:1f:5e:cc:e1:f2:e5:56:17:75:81:2c: 70:15:09:71:0f:a3:2d:c3:0f:42:93:7c:f8:78:2f: 6e:b7:67:28:6c:d1:66:e7:ff:45:1a:cb:1b:31:06: 75:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:83:4C:E4:D0:A6:09:FA:13:B4:F1:7F:23:0F:03:98:3E:6D:09:97 X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:ae:69:29:53:8e:5e:06:56:19:46:da:43:ea:ed:70:39:ed: 42:36:a7:07:22:92:15:34:49:65:72:a6:48:53:7d:74:c6:04: e3:43:40:ff:ea:b5:7f:f6:a1:36:94:09:5c:ec:19:a7:48:ce: fa:9c:a0:9f:23:04:fe:3d:1a:9c:de:32:b4:75:ef:b4:8b:99: e7:6c:30:44:3c:df:85:4d:3b:03:9a:5f:e0:cc:cd:df:55:1c: 12:53:cd:40:b5:f5:fa:cd:75:96:5b:cd:18:08:d3:33:b3:80: 0e:36:82:b0:1a:f9:60:25:f9:83:78:c3:2e:1f:30:60:3f:4e: 62:45:ee:20:7d:82:37:54:da:38:6d:7f:07:ce:76:7a:01:d2: e0:f4:61:a5:91:d1:1f:c5:9c:3c:4f:c7:cf:84:4d:1a:f7:c8: 54:e1:a8:74:70:41:ad:6c:6a:9d:79:e2:0a:ee:25:ba:33:1b: 07:78:12:78:b9:d8:9a:ca:93:c3:a9:7a:be:8a:e2:f0:dd:d3: bc:b8:6c:d0:9f:78:96:2d:d4:ed:4c:ea:bd:6d:60:53:df:ba: 34:52:51:7a:0a:3c:45:55:16:59:bb:c2:6c:58:47:a1:67:4c: fe:f4:a9:d6:c7:77:ca:14:2c:28:2e:01:ba:09:2e:4a:f3:da: 2d:ee:37:27 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwNTA3MDI0MTEyWhcNMjUwNTE0MDI0MTEyWjAYMRYwFAYD VQQDEw02ODFhYzg0OC02ZTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA76DIkMIfug9FFb/2Wm+yPP6oL+Gy3zNWnTICLJDfB/mr+DneKsIY4R/DXWc1 tYvpIe6mjXpbAVfAW/0VbyeXG2qdbAJiXSjbM4DYdMoNKmPu55k4YV4RJYlhdEd0 F37d37p+8dBWLc1EgtcBVr1OTeiDtsdknqSxX/HBKkp1Ame+qbVxCptS20ODBTjX yJY2a59EZ6BXbuF+La+WQ9uDIeq7fDClieNmYrNhJ0wRP3EQFlgXu+LnKw8rzo9J EKJNuDRlC8jHvT5pENUVNP+V3SsUb9dZH17M4fLlVhd1gSxwFQlxD6Mtww9Ck3z4 eC9ut2cobNFm5/9FGssbMQZ1XwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGaDTOTQ pgn6E7TxfyMPA5g+bQmXMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOrmkpU45eBlYZRtpD6u1wOe1CNqcHIpIVNEllcqZIU310xgTjQ0D/ 6rV/9qE2lAlc7BmnSM76nKCfIwT+PRqc3jK0de+0i5nnbDBEPN+FTTsDml/gzM3f VRwSU81AtfX6zXWWW80YCNMzs4AONoKwGvlgJfmDeMMuHzBgP05iRe4gfYI3VNo4 bX8HznZ6AdLg9GGlkdEfxZw8T8fPhE0a98hU4ah0cEGtbGqdeeIK7iW6MxsHeBJ4 udiaypPDqXq+iuLw3dO8uGzQn3iWLdTtTOq9bWBT37o0UlF6CjxFVRZZu8JsWEeh Z0z+9KnWx3fKFCwoLgG6CS5K89ot7jcn -----END CERTIFICATE-----Generated at Thu May 8 20:47:51 2025 by rpki-client