$ rpki-client -vvf rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft File: kB-Ykfv38n1Bah7gazGwFlquHcU.mft (raw, json) Hash identifier: 6y+stS9KU8PQRviMpKvPFuIek0lsMsbILDFPmnqG3bQ= Subject key identifier: 97:23:99:73:2C:B3:F7:49:D2:19:F6:AD:AF:2A:E3:7C:24:AE:B7:33 Authority key identifier: 90:1F:98:91:FB:F7:F2:7D:41:6A:1E:E0:6B:31:B0:16:5A:AE:1D:C5 Certificate issuer: /CN=A9132D93/serialNumber=901F9891FBF7F27D416A1EE06B31B0165AAE1DC5 Certificate serial: 03D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kB-Ykfv38n1Bah7gazGwFlquHcU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft Manifest number: 03D2 Signing time: Fri 25 Apr 2025 00:21:34 +0000 Manifest this update: Fri 25 Apr 2025 00:21:33 +0000 Manifest next update: Fri 02 May 2025 00:21:33 +0000 Files and hashes: 1: kB-Ykfv38n1Bah7gazGwFlquHcU.crl (hash: +xeb4qh3yEuGvXw0255w8Z938+dKiTD7BBb33xaThcs=) 2: 4E0503CA7F3F11ECBB0EA972C4F9AE02.roa (hash: zGO+SfCUiN93pLbUpzCLUs56wrah6tVni3k+tYi9qSM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.crl rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kB-Ykfv38n1Bah7gazGwFlquHcU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:21:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 982 (0x3d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132D93, serialNumber=901F9891FBF7F27D416A1EE06B31B0165AAE1DC5 Validity Not Before: Apr 25 00:21:33 2025 GMT Not After : May 2 00:21:33 2025 GMT Subject: CN=680ad58d-9dc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:b6:c2:79:6b:53:a6:89:f9:00:5d:8e:b3:d0: 4c:cc:32:e9:b5:f4:24:93:9c:db:cd:5c:a0:b5:bd: 6c:9f:37:ad:34:1e:b4:b5:56:0d:ae:89:ad:35:cd: 6a:d4:48:3f:c4:4d:8c:50:17:87:b2:49:85:38:93: fa:d3:38:8d:bf:f4:e5:58:59:19:69:1c:51:c2:50: ea:2a:9e:08:7f:aa:98:63:ed:4d:06:71:b1:39:24: 8b:1e:c6:f2:b3:44:28:97:ef:d6:00:fb:d5:e1:3a: ef:45:35:3a:7c:bb:e8:46:5a:77:9e:fb:39:b0:9a: 48:a9:08:ec:b2:fb:25:0d:97:fc:b9:43:c2:1f:06: 0f:e0:9f:8e:66:0f:09:ea:93:81:fe:80:99:9f:d8: c5:6f:19:81:77:23:c3:06:8d:cc:a2:4f:75:b1:6d: 56:bc:4c:6a:4b:7f:07:2a:7d:80:fd:55:92:d0:97: 70:31:38:96:80:80:25:64:b5:ee:53:9b:99:25:8b: db:1a:07:c6:ec:d3:82:d9:c3:53:8f:cd:3d:c8:e2: 4e:62:02:a3:ec:07:2d:d8:43:4f:54:7e:85:91:1e: f1:86:c6:75:6a:54:f5:39:56:6a:63:0e:a7:c4:f2: 5a:ae:d8:60:ea:17:b5:c3:e4:68:85:a8:dc:1e:91: e2:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:23:99:73:2C:B3:F7:49:D2:19:F6:AD:AF:2A:E3:7C:24:AE:B7:33 X509v3 Authority Key Identifier: keyid:90:1F:98:91:FB:F7:F2:7D:41:6A:1E:E0:6B:31:B0:16:5A:AE:1D:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kB-Ykfv38n1Bah7gazGwFlquHcU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:f4:23:5d:c3:0f:b3:bc:c0:41:14:96:b1:f8:84:04:c3:e5: 26:12:49:b2:22:1e:75:9a:f0:d3:2d:4f:cb:5d:e1:4e:62:4e: 32:75:6c:ee:ff:6e:36:29:ce:03:44:3a:12:65:4c:b8:36:9c: 56:2a:51:50:b3:c5:4b:2e:05:0b:5d:e1:14:fb:2f:1b:21:7a: 6e:af:43:ce:dc:4a:45:a6:be:21:c1:68:db:2d:2b:d1:3e:de: 14:dc:aa:41:37:d9:a7:ab:91:4c:e8:c0:a7:ab:97:b0:90:7e: 39:bc:d6:3f:3c:d4:67:f2:72:10:45:17:5b:19:a8:a8:f6:01: f7:c4:db:51:6e:71:ea:dc:89:46:f1:30:2a:3c:82:90:39:80: a7:f1:4d:c1:45:ea:7b:3c:ea:45:36:e5:48:92:bd:81:95:ce: fc:71:c7:0b:c4:e2:79:f4:d3:89:6c:32:15:a4:55:7b:d3:77: 64:d0:23:8c:a1:f1:d7:fc:5c:27:da:86:ca:2e:b8:5c:17:6a: b6:f4:2e:32:e9:dd:cd:44:bf:41:2a:53:53:2a:ef:25:bf:32: cf:1a:3c:95:f8:81:85:eb:81:01:16:0c:e2:e6:f1:d5:2d:56: cc:8b:83:42:b6:42:0e:61:b9:e0:31:25:18:c2:a9:f9:86:4d: 61:94:0b:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJEOTMxMTAvBgNVBAUTKDkwMUY5ODkxRkJGN0YyN0Q0MTZBMUVFMDZCMzFCMDE2 NUFBRTFEQzUwHhcNMjUwNDI1MDAyMTMzWhcNMjUwNTAyMDAyMTMzWjAYMRYwFAYD VQQDEw02ODBhZDU4ZC05ZGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5LbCeWtTpon5AF2Os9BMzDLptfQkk5zbzVygtb1snzetNB60tVYNromtNc1q 1Eg/xE2MUBeHskmFOJP60ziNv/TlWFkZaRxRwlDqKp4If6qYY+1NBnGxOSSLHsby s0Qol+/WAPvV4TrvRTU6fLvoRlp3nvs5sJpIqQjssvslDZf8uUPCHwYP4J+OZg8J 6pOB/oCZn9jFbxmBdyPDBo3Mok91sW1WvExqS38HKn2A/VWS0JdwMTiWgIAlZLXu U5uZJYvbGgfG7NOC2cNTj809yOJOYgKj7Act2ENPVH6FkR7xhsZ1alT1OVZqYw6n xPJarthg6he1w+RohajcHpHi/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJcjmXMs s/dJ0hn2ra8q43wkrrczMB8GA1UdIwQYMBaAFJAfmJH79/J9QWoe4GsxsBZarh3F MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkQ5My8wRjg3NEE3NDdG M0QxMUVDOEExRENDNzFDNEY5QUUwMi9rQi1Za2Z2MzhuMUJhaDdnYXpHd0ZscXVI Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCLVlrZnYzOG4xQmFoN2dhekd3RmxxdUhjVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkQ5My8wRjg3NEE3NDdGM0QxMUVDOEExRENDNzFDNEY5QUUwMi9rQi1Za2Z2Mzhu MUJhaDdnYXpHd0ZscXVIY1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCC9CNdww+zvMBBFJax+IQEw+UmEkmyIh51mvDTLU/LXeFOYk4ydWzu /242Kc4DRDoSZUy4NpxWKlFQs8VLLgULXeEU+y8bIXpur0PO3EpFpr4hwWjbLSvR Pt4U3KpBN9mnq5FM6MCnq5ewkH45vNY/PNRn8nIQRRdbGaio9gH3xNtRbnHq3IlG 8TAqPIKQOYCn8U3BRep7POpFNuVIkr2Blc78cccLxOJ59NOJbDIVpFV703dk0COM ofHX/Fwn2obKLrhcF2q29C4y6d3NRL9BKlNTKu8lvzLPGjyV+IGF64EBFgzi5vHV LVbMi4NCtkIOYbngMSUYwqn5hk1hlAtM -----END CERTIFICATE-----Generated at Sat Apr 26 15:24:18 2025 by rpki-client