$ rpki-client -vvf rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.mft File: KBiMFu7JB0JxcnjCic-C9QTyWqk.mft (raw, json) Hash identifier: IVGHnnAJ5Jb1z9Hm4k0ph7yJfHFoziyjIKxrXsImAXI= Subject key identifier: 37:AA:60:57:FD:53:3D:8E:88:F2:A1:43:62:A0:69:8F:6D:C5:7D:6F Authority key identifier: 28:18:8C:16:EE:C9:07:42:71:72:78:C2:89:CF:82:F5:04:F2:5A:A9 Certificate issuer: /CN=A912F387/serialNumber=28188C16EEC90742717278C289CF82F504F25AA9 Certificate serial: FB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KBiMFu7JB0JxcnjCic-C9QTyWqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.mft Manifest number: F5 Signing time: Fri 25 Apr 2025 03:59:57 +0000 Manifest this update: Fri 25 Apr 2025 03:59:56 +0000 Manifest next update: Fri 02 May 2025 03:59:56 +0000 Files and hashes: 1: KBiMFu7JB0JxcnjCic-C9QTyWqk.crl (hash: nbNrj2vsYhCyYN3bpvSfQUHa5xjBaFx/Jh4O6C8vkMs=) 2: FCA046066C8611EFBF35D221C4F9AE02.roa (hash: LLGlR1swQUGpHRHzrbzk96I6Zx3kb8thD/xfxQf3uHA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.crl rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KBiMFu7JB0JxcnjCic-C9QTyWqk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:59:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 251 (0xfb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F387, serialNumber=28188C16EEC90742717278C289CF82F504F25AA9 Validity Not Before: Apr 25 03:59:56 2025 GMT Not After : May 2 03:59:56 2025 GMT Subject: CN=680b08bd-d996 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:85:c8:76:aa:30:f2:5c:1c:68:7a:59:3b:b2: 0f:3f:99:f2:e0:c1:2e:5a:0b:81:16:b0:13:4d:08: 48:2a:82:ff:01:cd:d2:14:ef:26:7a:0a:04:dc:c3: 11:ee:84:88:23:a2:3b:70:be:5f:3b:67:40:69:84: aa:33:bd:a1:fe:9c:a5:bd:59:f6:89:15:43:a2:49: 9a:fa:1e:92:78:ee:fd:42:28:25:53:b8:cf:8c:60: 5b:d2:4f:e2:39:c7:67:8a:8e:a9:9a:7c:fd:fc:89: 8e:5c:a1:b1:a7:d9:ed:58:d3:29:d3:da:c1:2a:67: e9:4a:a1:29:ce:c7:65:1b:8e:91:b3:a3:5d:9b:f2: 52:3c:49:60:24:c2:4d:b3:1b:87:ed:33:ba:01:6a: 79:a9:28:a4:3e:85:28:9a:ac:2f:64:2f:c1:cc:1f: dd:b7:9e:ba:ec:79:63:4a:47:8d:bb:33:60:38:43: 97:48:d2:92:a0:1d:a7:37:7d:c2:a1:5c:44:e1:da: b3:97:92:a4:72:cd:70:93:78:89:2b:a0:9d:12:bd: a1:5f:b5:3c:fd:98:d4:ca:51:9d:7f:38:89:7f:93: 6b:4a:f2:f9:1d:32:ae:dc:a0:4c:e0:ab:26:97:bf: a2:1d:8c:4c:f9:00:5b:40:eb:99:71:05:35:0f:9d: 15:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:AA:60:57:FD:53:3D:8E:88:F2:A1:43:62:A0:69:8F:6D:C5:7D:6F X509v3 Authority Key Identifier: keyid:28:18:8C:16:EE:C9:07:42:71:72:78:C2:89:CF:82:F5:04:F2:5A:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KBiMFu7JB0JxcnjCic-C9QTyWqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:76:02:83:d2:7e:42:84:75:0e:6c:7d:2a:24:7d:b9:23:46: bb:16:4b:4a:59:b8:9b:da:23:c7:83:65:a9:3a:22:bf:9d:13: b7:0f:fc:70:09:2f:82:2f:0e:10:4a:e7:1e:92:a5:ee:c0:8e: e5:36:93:95:7d:04:80:1e:bd:bb:19:7a:14:93:df:b2:7e:26: 29:e9:a6:33:bc:5d:f7:29:ba:c8:7a:f5:f6:b8:0b:63:c8:a9: 08:14:db:98:64:a2:8f:a1:20:3d:15:46:54:10:cc:c6:51:33: 46:5b:d7:0d:0b:a7:c9:4e:b5:16:42:8b:f5:ee:07:0a:f0:ac: 52:62:d8:a3:21:a5:ab:90:e8:5b:e0:9c:29:60:64:0f:6d:84: 11:d5:7a:21:b3:2e:97:87:d9:d8:bb:ae:e2:3f:83:43:34:74: b6:f8:77:6d:59:0d:67:1a:65:40:6b:49:0c:db:7f:57:2e:b2: 75:88:bf:92:48:58:72:e7:bc:09:6b:e8:0f:b3:be:b1:b9:8b: 26:0d:6b:81:b4:68:6e:76:53:a5:d0:9f:50:dd:c2:bc:f3:b1: d0:61:40:b2:e8:c3:17:e2:58:ac:bb:1b:db:13:cb:fc:02:15: 14:fe:6e:3f:5a:9b:22:ba:f5:5d:25:aa:e6:f3:0c:87:e7:99: 9c:2a:42:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkYzODcxMTAvBgNVBAUTKDI4MTg4QzE2RUVDOTA3NDI3MTcyNzhDMjg5Q0Y4MkY1 MDRGMjVBQTkwHhcNMjUwNDI1MDM1OTU2WhcNMjUwNTAyMDM1OTU2WjAYMRYwFAYD VQQDEw02ODBiMDhiZC1kOTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvIXIdqow8lwcaHpZO7IPP5ny4MEuWguBFrATTQhIKoL/Ac3SFO8megoE3MMR 7oSII6I7cL5fO2dAaYSqM72h/pylvVn2iRVDokma+h6SeO79QiglU7jPjGBb0k/i Ocdnio6pmnz9/ImOXKGxp9ntWNMp09rBKmfpSqEpzsdlG46Rs6Ndm/JSPElgJMJN sxuH7TO6AWp5qSikPoUomqwvZC/BzB/dt5667HljSkeNuzNgOEOXSNKSoB2nN33C oVxE4dqzl5Kkcs1wk3iJK6CdEr2hX7U8/ZjUylGdfziJf5NrSvL5HTKu3KBM4Ksm l7+iHYxM+QBbQOuZcQU1D50VmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDeqYFf9 Uz2OiPKhQ2KgaY9txX1vMB8GA1UdIwQYMBaAFCgYjBbuyQdCcXJ4wonPgvUE8lqp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjM4Ny9GRTRENzhFMkI1 QzExMUVFOTVCNTgzNDFDNEY5QUUwMi9LQmlNRnU3SkIwSnhjbmpDaWMtQzlRVHlX cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tCaU1GdTdKQjBKeGNuakNpYy1DOVFUeVdxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RjM4Ny9GRTRENzhFMkI1QzExMUVFOTVCNTgzNDFDNEY5QUUwMi9LQmlNRnU3SkIw SnhjbmpDaWMtQzlRVHlXcWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBidgKD0n5ChHUObH0qJH25I0a7FktKWbib2iPHg2WpOiK/nRO3D/xw CS+CLw4QSucekqXuwI7lNpOVfQSAHr27GXoUk9+yfiYp6aYzvF33KbrIevX2uAtj yKkIFNuYZKKPoSA9FUZUEMzGUTNGW9cNC6fJTrUWQov17gcK8KxSYtijIaWrkOhb 4JwpYGQPbYQR1Xohsy6Xh9nYu67iP4NDNHS2+HdtWQ1nGmVAa0kM239XLrJ1iL+S SFhy57wJa+gPs76xuYsmDWuBtGhudlOl0J9Q3cK887HQYUCy6MMX4lisuxvbE8v8 AhUU/m4/WpsiuvVdJarm8wyH55mcKkJF -----END CERTIFICATE-----Generated at Sat Apr 26 15:16:16 2025 by rpki-client