$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: Q9wCeL4+GbPja4Yno/lEPYm2ZizWVqaByo85q8dw6DI= Subject key identifier: 54:AE:65:D9:BA:F9:8B:7D:26:83:9E:A5:C1:4A:BB:E8:02:4F:49:E4 Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: 90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: 8E Signing time: Tue 13 May 2025 05:37:19 +0000 Manifest this update: Tue 13 May 2025 05:37:19 +0000 Manifest next update: Tue 20 May 2025 05:37:19 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: AApanGxj8zXMrt5Jg8UggW2IPPjei2gJORzQCMqukgE=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ku0nQgImAfjqlfmOWSwIKN/zsrk6kYnMycZSjI2lh3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 05:37:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 144 (0x90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7, serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: May 13 05:37:19 2025 GMT Not After : May 20 05:37:19 2025 GMT Subject: CN=6822da8f-0b54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:53:97:22:7d:2c:19:87:f3:ed:05:2b:2a:54: 9d:2f:8f:11:ba:56:8a:94:a6:32:13:5b:2b:e5:f6: 1f:4e:2a:af:c9:0b:12:1b:9a:72:04:9f:12:22:c1: 7f:eb:2b:44:e1:65:8a:a5:a1:03:a1:2c:b1:98:1c: 74:32:2e:7d:ef:de:f4:ce:c3:88:55:2e:02:6e:a8: 68:70:67:2e:64:e5:24:81:ea:cb:10:4e:90:55:7b: 3f:00:69:b2:6e:c0:d7:cc:b4:79:df:91:da:74:40: db:c7:95:41:d1:46:8c:49:c1:2a:c6:20:4b:c7:05: 29:84:2f:87:02:22:00:df:ab:17:86:82:28:b3:25: 58:1f:b3:dd:9f:c4:c0:95:01:40:0e:12:56:05:13: 94:98:ea:50:94:ea:56:4d:ea:48:ca:ba:08:40:1c: 70:87:53:0b:15:ab:55:70:f4:11:3a:65:01:20:89: 8b:bf:2b:d7:fc:67:be:bf:60:48:44:d8:07:d2:90: f5:c2:bd:02:2c:22:4c:1a:c9:3d:c6:27:96:0f:a0: 45:e9:71:3a:8c:aa:bd:cd:9c:fb:31:48:eb:25:a6: e8:c4:a8:2f:4f:3c:a0:c3:31:70:8c:21:74:97:cd: 40:65:38:7d:fa:05:c9:64:44:40:da:17:1f:56:a2: c0:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:AE:65:D9:BA:F9:8B:7D:26:83:9E:A5:C1:4A:BB:E8:02:4F:49:E4 X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:5d:cf:9b:27:c7:56:f3:7a:40:c5:66:a7:99:be:4a:f7:b8: 48:4c:77:6a:7c:a2:e5:6d:7a:b1:36:35:3c:e6:89:c5:ae:08: 7d:3a:f5:97:eb:56:3e:30:45:9d:49:b9:08:72:28:83:ed:dd: 34:d4:5c:6f:ee:98:ae:cc:ed:62:7f:0c:6e:55:a6:2a:9c:56: 72:b1:58:75:fb:30:c8:4a:f9:d1:d5:38:fd:79:5f:14:7a:1f: f6:56:2d:6d:98:fb:c3:5a:9c:f8:29:7e:8d:d9:12:f9:3c:62: 67:4f:54:13:fe:2e:b5:b9:fe:67:1c:fe:d4:b6:93:21:44:f4: 88:63:ee:1e:07:29:bd:2e:82:05:d9:9a:5b:71:86:fc:1c:88: 03:55:8f:2a:51:47:20:00:d0:b6:61:50:b2:8e:e3:96:ce:a4: 4b:64:62:03:a8:0e:a8:e7:b5:36:83:4e:1a:df:af:a7:9c:3f: d4:6f:75:1d:89:0b:f6:35:a8:a9:30:e3:6a:fb:c7:6b:d2:7e: bc:47:a6:df:de:8e:6c:2f:bd:62:bd:3e:4f:84:08:da:54:6d: a6:b2:dd:c8:3e:90:d4:e7:24:96:98:d7:8b:fc:04:ba:64:01: f0:91:99:2d:79:d6:f2:e7:dd:c9:96:0a:c2:a9:1c:40:84:9b: 6b:6d:17:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDRTcxMTAvBgNVBAUTKDkwMUE5RjlFOEFFNDA2MkU1MjE5Qjc2NTJEOEU5RkVF N0VDNUFFMzMwHhcNMjUwNTEzMDUzNzE5WhcNMjUwNTIwMDUzNzE5WjAYMRYwFAYD VQQDEw02ODIyZGE4Zi0wYjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6lOXIn0sGYfz7QUrKlSdL48RulaKlKYyE1sr5fYfTiqvyQsSG5pyBJ8SIsF/ 6ytE4WWKpaEDoSyxmBx0Mi597970zsOIVS4CbqhocGcuZOUkgerLEE6QVXs/AGmy bsDXzLR535HadEDbx5VB0UaMScEqxiBLxwUphC+HAiIA36sXhoIosyVYH7Pdn8TA lQFADhJWBROUmOpQlOpWTepIyroIQBxwh1MLFatVcPQROmUBIImLvyvX/Ge+v2BI RNgH0pD1wr0CLCJMGsk9xieWD6BF6XE6jKq9zZz7MUjrJaboxKgvTzygwzFwjCF0 l81AZTh9+gXJZERA2hcfVqLAAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFSuZdm6 +Yt9JoOepcFKu+gCT0nkMB8GA1UdIwQYMBaAFJAan56K5AYuUhm3ZS2On+5+xa4z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNFNy83MkY3NUI5ODVB REQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0JpNVNHYmRsTFk2ZjduN0Zy ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJqTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNFNy83MkY3NUI5ODVBREQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0Jp NVNHYmRsTFk2ZjduN0Zyak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwXc+bJ8dW83pAxWanmb5K97hITHdqfKLlbXqxNjU85onFrgh9OvWX 61Y+MEWdSbkIciiD7d001Fxv7piuzO1ifwxuVaYqnFZysVh1+zDISvnR1Tj9eV8U eh/2Vi1tmPvDWpz4KX6N2RL5PGJnT1QT/i61uf5nHP7UtpMhRPSIY+4eBym9LoIF 2ZpbcYb8HIgDVY8qUUcgANC2YVCyjuOWzqRLZGIDqA6o57U2g04a36+nnD/Ub3Ud iQv2NaipMONq+8dr0n68R6bf3o5sL71ivT5PhAjaVG2mst3IPpDU5ySWmNeL/AS6 ZAHwkZktedby593JlgrCqRxAhJtrbRd6 -----END CERTIFICATE-----Generated at Wed May 14 08:00:27 2025 by rpki-client