$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: j19mXaNfRqpxvl9ThNQ0mJCJTiEV0KXrlKu19a5XhfE= Subject key identifier: 44:92:99:2E:EC:B3:AB:05:95:CB:ED:0F:1A:12:B1:5F:9C:E4:16:20 Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01C6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01BC Signing time: Sun 29 Jun 2025 02:18:28 +0000 Manifest this update: Sun 29 Jun 2025 02:18:27 +0000 Manifest next update: Sun 06 Jul 2025 02:18:27 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: igOAjnqYFyOpsqQRmTsFv8Vnni8vL02hPSsl7/Ed5t4=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 02:18:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 454 (0x1c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Jun 29 02:18:27 2025 GMT Not After : Jul 6 02:18:27 2025 GMT Subject: CN=6860a273-470d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:11:ee:97:88:2f:d1:4f:8e:eb:f8:b6:b8:af: 53:16:1d:bf:55:f6:b6:b0:c1:46:bf:2e:7f:73:e3: 36:f0:9c:25:a2:25:25:93:9b:e6:9f:73:bc:12:b2: b9:de:81:9b:b1:f4:fe:91:99:a1:30:7f:53:31:ed: 04:aa:82:3b:3a:c7:9f:43:28:e8:c4:cf:df:27:5e: ee:9f:4c:18:a5:e9:2a:ed:44:df:f3:f5:5a:43:31: 58:6b:b2:92:7b:4b:f5:11:b7:b3:af:82:f5:42:98: a5:e9:de:42:c2:77:0c:e9:42:62:ff:ec:6e:4e:3c: 5f:04:fc:e4:39:12:e4:eb:99:72:a3:6b:7e:1c:8a: 98:67:e1:3d:17:45:1d:21:38:f4:a3:4d:a7:43:6a: 21:e6:68:76:4d:7d:20:f7:1a:51:05:69:1e:f5:1b: 18:f7:ba:96:90:d6:bc:0a:61:04:a6:d9:a9:0a:34: e7:ff:18:06:23:04:85:3c:24:70:d6:78:96:e1:c9: 12:e0:42:7c:98:06:f8:55:1e:c9:78:b8:ea:3b:3e: 56:01:9b:86:91:75:2c:53:d1:b8:96:eb:99:8a:4d: 44:b3:71:e1:13:71:b8:02:4f:a6:d3:a6:d9:22:f2: da:75:fa:30:29:22:7c:ee:23:e2:fb:53:2c:6e:ed: 1f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:92:99:2E:EC:B3:AB:05:95:CB:ED:0F:1A:12:B1:5F:9C:E4:16:20 X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:fc:d4:ad:87:87:f2:7e:63:59:48:4f:30:85:33:d1:e8:34: da:ef:4e:41:aa:96:03:f8:62:28:f1:e0:b9:e0:60:57:4a:a9: a5:4e:05:76:e3:77:7f:1d:8e:ab:58:dd:5a:0d:cd:ea:db:79: af:92:96:97:47:21:35:93:bf:b8:31:3d:45:b7:13:16:6c:b1: e7:89:26:d0:18:b9:b9:0b:3e:50:e0:7a:a5:6e:1e:03:c0:e2: 55:eb:e4:b2:8d:ee:6c:68:12:1a:58:1e:33:bd:46:4e:46:be: bb:00:e9:ea:47:7a:82:35:37:39:47:16:43:54:f9:2d:68:6a: a0:4f:e6:c1:5e:43:51:d1:2a:9e:aa:f3:ae:85:fb:5d:f8:8b: 1b:15:d3:f9:b5:df:09:8b:ac:b6:c8:fc:7a:da:eb:25:bb:ab: 60:66:68:5e:6f:f6:1c:6c:02:2b:1b:e2:dd:20:1b:72:79:3d: 63:d3:04:e2:df:51:ad:f9:8c:4f:e6:11:8c:f0:94:8f:eb:6e: 85:45:f1:84:94:2c:b4:e4:3e:4d:79:e0:b7:1d:d6:83:75:b3: ae:6e:6c:33:89:e8:09:c7:9a:0c:ac:77:9d:aa:cf:47:6d:ca: 42:e2:5c:2e:d9:37:c2:a7:c1:a8:aa:d9:4f:63:eb:2b:13:24: e4:51:86:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwNjI5MDIxODI3WhcNMjUwNzA2MDIxODI3WjAYMRYwFAYD VQQDEw02ODYwYTI3My00NzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3hHul4gv0U+O6/i2uK9TFh2/Vfa2sMFGvy5/c+M28JwloiUlk5vmn3O8ErK5 3oGbsfT+kZmhMH9TMe0EqoI7OsefQyjoxM/fJ17un0wYpekq7UTf8/VaQzFYa7KS e0v1Ebezr4L1Qpil6d5CwncM6UJi/+xuTjxfBPzkORLk65lyo2t+HIqYZ+E9F0Ud ITj0o02nQ2oh5mh2TX0g9xpRBWke9RsY97qWkNa8CmEEptmpCjTn/xgGIwSFPCRw 1niW4ckS4EJ8mAb4VR7JeLjqOz5WAZuGkXUsU9G4luuZik1Es3HhE3G4Ak+m06bZ IvLadfowKSJ87iPi+1Msbu0f9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFESSmS7s s6sFlcvtDxoSsV+c5BYgMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBy/NSth4fyfmNZSE8whTPR6DTa705BqpYD+GIo8eC54GBXSqmlTgV2 43d/HY6rWN1aDc3q23mvkpaXRyE1k7+4MT1FtxMWbLHniSbQGLm5Cz5Q4Hqlbh4D wOJV6+Syje5saBIaWB4zvUZORr67AOnqR3qCNTc5RxZDVPktaGqgT+bBXkNR0Sqe qvOuhftd+IsbFdP5td8Ji6y2yPx62uslu6tgZmheb/YcbAIrG+LdIBtyeT1j0wTi 31Gt+YxP5hGM8JSP626FRfGElCy05D5NeeC3HdaDdbOubmwziegJx5oMrHedqs9H bcpC4lwu2TfCp8GoqtlPY+srEyTkUYYW -----END CERTIFICATE-----Generated at Sun Jun 29 19:26:15 2025 by rpki-client