$ rpki-client -vvf rpki.apnic.net/member_repository/A9115CB5/D9FD2DFEF37F11EBB283E74AC4F9AE02/kfSTmrrtQPo2bsx2NZ3KK8tozkc.mft File: kfSTmrrtQPo2bsx2NZ3KK8tozkc.mft (raw, json) Hash identifier: JDPI75eXikOdd3l7Ts2BqBra7W8aTwKYSv6zN48Egv4= Subject key identifier: 8F:59:9D:05:DC:EA:C0:CE:19:00:54:EE:93:8B:28:7D:F0:EE:44:EC Authority key identifier: 91:F4:93:9A:BA:ED:40:FA:36:6E:CC:76:35:9D:CA:2B:CB:68:CE:47 Certificate issuer: /CN=A9115CB5/serialNumber=91F4939ABAED40FA366ECC76359DCA2BCB68CE47 Certificate serial: 0540 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfSTmrrtQPo2bsx2NZ3KK8tozkc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9115CB5/D9FD2DFEF37F11EBB283E74AC4F9AE02/kfSTmrrtQPo2bsx2NZ3KK8tozkc.mft Manifest number: 0535 Signing time: Thu 24 Apr 2025 23:16:08 +0000 Manifest this update: Thu 24 Apr 2025 23:16:08 +0000 Manifest next update: Thu 01 May 2025 23:16:08 +0000 Files and hashes: 1: kfSTmrrtQPo2bsx2NZ3KK8tozkc.crl (hash: WGfAIQsmeW0fS0Z28wQE2OFxGvrtlpKUYJN8lZWHP/4=) 2: C41538940B4711EC99840631C4F9AE02.roa (hash: li3UtGYjrBf3C8NwlkMmtocNy8KFUcDjCj/BKLVAeWQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9115CB5/D9FD2DFEF37F11EBB283E74AC4F9AE02/kfSTmrrtQPo2bsx2NZ3KK8tozkc.crl rsync://rpki.apnic.net/member_repository/A9115CB5/D9FD2DFEF37F11EBB283E74AC4F9AE02/kfSTmrrtQPo2bsx2NZ3KK8tozkc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfSTmrrtQPo2bsx2NZ3KK8tozkc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:16:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1344 (0x540) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9115CB5, serialNumber=91F4939ABAED40FA366ECC76359DCA2BCB68CE47 Validity Not Before: Apr 24 23:16:08 2025 GMT Not After : May 1 23:16:08 2025 GMT Subject: CN=680ac638-89a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:da:c8:c0:6a:bc:ed:ca:9c:c8:9b:6e:2f:e3: 50:36:c2:c0:63:f3:af:a2:1e:0c:4e:bc:60:69:48: 51:e4:e4:a3:89:e9:05:06:2e:62:56:33:77:6f:d1: 06:ae:b7:83:dd:71:20:51:71:54:58:8b:45:7b:75: bc:2d:2b:65:e9:e1:61:42:f1:69:fc:c6:79:81:0b: 71:b9:d2:e5:10:58:0f:c1:60:2b:ab:06:18:7f:cd: f5:d1:1d:fa:96:88:07:ab:ca:4c:05:50:cc:0b:f2: 7e:cf:a5:48:62:9c:87:b9:93:86:45:4d:42:2c:a7: 8a:e2:6c:e9:3e:c3:12:c5:32:54:fe:de:ca:de:cf: ba:7e:3f:a1:47:a8:b6:45:ff:9a:60:70:94:38:65: 67:73:07:11:d8:6d:7b:1c:d6:a8:94:a8:87:7a:81: 90:bd:e5:3a:ae:bc:81:d3:ec:5f:41:78:fd:c3:96: 46:32:3a:78:f3:a0:31:eb:ca:44:14:7a:dd:4d:02: af:78:8b:ee:0d:77:bf:ae:dd:e9:79:32:78:6f:90: 89:c3:18:37:9d:2a:1b:7e:88:2d:e2:72:ce:c3:a1: e3:c2:60:c7:8b:2a:17:b5:12:be:89:75:9d:db:3e: 57:9e:85:9b:c7:52:90:bf:19:5c:48:a7:79:2e:ea: 92:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:59:9D:05:DC:EA:C0:CE:19:00:54:EE:93:8B:28:7D:F0:EE:44:EC X509v3 Authority Key Identifier: keyid:91:F4:93:9A:BA:ED:40:FA:36:6E:CC:76:35:9D:CA:2B:CB:68:CE:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9115CB5/D9FD2DFEF37F11EBB283E74AC4F9AE02/kfSTmrrtQPo2bsx2NZ3KK8tozkc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfSTmrrtQPo2bsx2NZ3KK8tozkc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115CB5/D9FD2DFEF37F11EBB283E74AC4F9AE02/kfSTmrrtQPo2bsx2NZ3KK8tozkc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:99:c0:80:2e:ab:79:8a:45:86:4d:e8:7f:43:d6:99:43:c8: 3a:4b:22:78:56:47:1b:90:32:84:53:54:51:65:2c:1a:60:b2: dd:a3:34:03:d5:a4:6d:33:d7:a3:db:75:a0:ff:35:42:93:d3: 4a:d2:5b:d6:42:af:14:7b:c8:b5:14:4e:d5:54:7c:f4:de:cb: 0d:33:51:7a:e3:58:32:d9:b8:cf:39:81:4e:57:5d:d7:31:4a: 07:a6:ed:e0:6b:57:27:de:3f:1f:cf:f3:3f:ab:a9:08:52:d4: 5e:a1:f8:33:eb:40:51:59:0b:49:f5:8e:42:e9:40:16:30:ea: 43:3e:e4:97:90:33:9e:fb:51:14:05:16:6a:da:15:9f:c0:67: c8:b8:a0:a2:9c:5c:3f:0b:fc:c4:52:21:50:7d:c7:0e:2b:df: d6:16:af:36:d5:aa:3c:be:76:7c:e7:3f:06:4f:a2:59:97:93: f1:0d:bc:fc:6c:75:81:96:ea:eb:1e:06:f1:dc:89:bf:40:34: bc:e2:fd:e8:ab:91:ec:a8:a3:9e:c2:4a:64:34:4e:36:95:e9: 68:39:75:4f:2c:00:1b:b0:ad:43:30:26:b7:30:fa:c4:40:c8: 66:6b:dd:97:c7:1d:19:2c:15:c0:a5:7e:02:f6:e3:82:43:3c: 0d:4f:f3:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTVDQjUxMTAvBgNVBAUTKDkxRjQ5MzlBQkFFRDQwRkEzNjZFQ0M3NjM1OURDQTJC Q0I2OENFNDcwHhcNMjUwNDI0MjMxNjA4WhcNMjUwNTAxMjMxNjA4WjAYMRYwFAYD VQQDEw02ODBhYzYzOC04OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4drIwGq87cqcyJtuL+NQNsLAY/Ovoh4MTrxgaUhR5OSjiekFBi5iVjN3b9EG rreD3XEgUXFUWItFe3W8LStl6eFhQvFp/MZ5gQtxudLlEFgPwWArqwYYf8310R36 logHq8pMBVDMC/J+z6VIYpyHuZOGRU1CLKeK4mzpPsMSxTJU/t7K3s+6fj+hR6i2 Rf+aYHCUOGVncwcR2G17HNaolKiHeoGQveU6rryB0+xfQXj9w5ZGMjp486Ax68pE FHrdTQKveIvuDXe/rt3peTJ4b5CJwxg3nSobfogt4nLOw6HjwmDHiyoXtRK+iXWd 2z5XnoWbx1KQvxlcSKd5LuqSmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI9ZnQXc 6sDOGQBU7pOLKH3w7kTsMB8GA1UdIwQYMBaAFJH0k5q67UD6Nm7MdjWdyivLaM5H MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNUNCNS9EOUZEMkRGRUYz N0YxMUVCQjI4M0U3NEFDNEY5QUUwMi9rZlNUbXJydFFQbzJic3gyTlozS0s4dG96 a2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tmU1RtcnJ0UVBvMmJzeDJOWjNLSzh0b3prYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NUNCNS9EOUZEMkRGRUYzN0YxMUVCQjI4M0U3NEFDNEY5QUUwMi9rZlNUbXJydFFQ bzJic3gyTlozS0s4dG96a2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQmcCALqt5ikWGTeh/Q9aZQ8g6SyJ4VkcbkDKEU1RRZSwaYLLdozQD 1aRtM9ej23Wg/zVCk9NK0lvWQq8Ue8i1FE7VVHz03ssNM1F641gy2bjPOYFOV13X MUoHpu3ga1cn3j8fz/M/q6kIUtReofgz60BRWQtJ9Y5C6UAWMOpDPuSXkDOe+1EU BRZq2hWfwGfIuKCinFw/C/zEUiFQfccOK9/WFq821ao8vnZ85z8GT6JZl5PxDbz8 bHWBlurrHgbx3Im/QDS84v3oq5HsqKOewkpkNE42leloOXVPLAAbsK1DMCa3MPrE QMhma92Xxx0ZLBXApX4C9uOCQzwNT/PV -----END CERTIFICATE-----Generated at Sat Apr 26 13:41:28 2025 by rpki-client