$ rpki-client -vvf rpki.apnic.net/member_repository/A9148F80/071DEA407CCE11EBBB882976C4F9AE02/bKLPpoi9-eLWVhYIZ3owyRUkPQw.mft File: bKLPpoi9-eLWVhYIZ3owyRUkPQw.mft (raw, json) Hash identifier: fZ6L2khsBWE6pKw2fsZ/bqjTP+7j04l9PSWQ/gKifaE= Subject key identifier: 1A:62:5B:59:E4:D7:AE:EE:3D:C7:59:71:19:D7:2B:A3:E9:90:9D:4B Authority key identifier: 6C:A2:CF:A6:88:BD:F9:E2:D6:56:16:08:67:7A:30:C9:15:24:3D:0C Certificate issuer: /CN=A9148F80/serialNumber=6CA2CFA688BDF9E2D6561608677A30C915243D0C Certificate serial: 0674 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKLPpoi9-eLWVhYIZ3owyRUkPQw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148F80/071DEA407CCE11EBBB882976C4F9AE02/bKLPpoi9-eLWVhYIZ3owyRUkPQw.mft Manifest number: 066D Signing time: Thu 24 Apr 2025 22:12:19 +0000 Manifest this update: Thu 24 Apr 2025 22:12:19 +0000 Manifest next update: Thu 01 May 2025 22:12:19 +0000 Files and hashes: 1: bKLPpoi9-eLWVhYIZ3owyRUkPQw.crl (hash: UA+Nwym0WQQaRpGFRe6+pg+C2NU24ySHOb2at6jqETM=) 2: 1C93BF747CD011EB9F876E78C4F9AE02.roa (hash: vUduh0w3eSZesFepaO929FwqL1Ap+OkfqL7IQgJ/yu0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148F80/071DEA407CCE11EBBB882976C4F9AE02/bKLPpoi9-eLWVhYIZ3owyRUkPQw.crl rsync://rpki.apnic.net/member_repository/A9148F80/071DEA407CCE11EBBB882976C4F9AE02/bKLPpoi9-eLWVhYIZ3owyRUkPQw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKLPpoi9-eLWVhYIZ3owyRUkPQw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:12:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1652 (0x674) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148F80, serialNumber=6CA2CFA688BDF9E2D6561608677A30C915243D0C Validity Not Before: Apr 24 22:12:19 2025 GMT Not After : May 1 22:12:19 2025 GMT Subject: CN=680ab743-39ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:26:c2:40:77:61:a4:e9:68:d6:40:88:ff:c4: a5:b0:9e:3e:d0:c0:04:65:61:ce:d6:bd:32:5e:91: ad:41:e6:e0:61:f8:d5:a2:41:79:0f:a3:29:47:28: e8:ef:97:74:22:82:dc:3b:02:d1:1d:7e:f7:f4:97: 65:1e:41:70:ce:db:f6:92:26:7a:4b:ad:d7:72:d4: 5e:49:bc:d3:37:86:67:4b:95:a4:fc:d3:46:45:df: 1a:6e:91:40:5c:d6:0d:1d:18:09:12:64:05:84:28: 69:4e:e9:17:6e:46:fa:26:79:04:8e:e0:65:13:05: da:16:0b:30:77:0f:51:81:d8:54:3b:3b:9d:21:e7: 85:70:8e:65:af:cb:43:9a:65:26:cc:db:62:5c:58: ea:45:55:02:92:98:9a:f5:14:fe:19:49:80:39:2b: 6d:da:2b:a6:ff:d3:9f:0e:8a:34:0b:72:a3:09:8c: 72:08:17:9d:65:50:83:19:e4:92:ab:ac:bb:03:28: 0b:bf:0e:8f:b0:70:66:27:ed:40:28:02:81:11:1d: f8:18:4d:49:58:24:a9:66:f9:a1:fc:20:aa:e7:47: 2f:da:bf:d1:79:f1:42:aa:1a:5d:3b:a7:8d:7e:ee: 8d:81:4e:e7:61:31:54:46:1a:f9:79:e8:5d:6f:c4: 7f:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:62:5B:59:E4:D7:AE:EE:3D:C7:59:71:19:D7:2B:A3:E9:90:9D:4B X509v3 Authority Key Identifier: keyid:6C:A2:CF:A6:88:BD:F9:E2:D6:56:16:08:67:7A:30:C9:15:24:3D:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148F80/071DEA407CCE11EBBB882976C4F9AE02/bKLPpoi9-eLWVhYIZ3owyRUkPQw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKLPpoi9-eLWVhYIZ3owyRUkPQw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148F80/071DEA407CCE11EBBB882976C4F9AE02/bKLPpoi9-eLWVhYIZ3owyRUkPQw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:21:cd:bd:8d:2a:0b:dd:62:34:c0:80:a8:cd:76:d4:3f:b7: 3b:a5:8a:37:db:c1:55:91:b1:67:ab:f5:c6:31:4e:c8:73:62: 6e:53:b2:72:e0:5b:51:da:81:d8:92:bc:3d:4c:58:0d:ca:bc: a5:c3:de:1f:57:6d:f2:19:f2:b2:08:3f:a0:02:f8:c1:8c:b5: 54:51:2e:85:e4:2b:53:87:1f:0b:5d:62:0c:c6:b2:1a:9f:8b: ac:d5:0e:f6:d8:d2:36:04:74:18:e6:af:b8:d3:70:0a:0a:19: 15:8f:4d:c9:fc:97:4d:ca:90:e1:5c:d2:80:df:af:78:b7:e9: f2:d5:44:45:73:47:d7:07:fd:02:80:de:90:4c:07:74:4f:b4: aa:a0:d8:91:4b:d5:c0:06:18:b0:6c:94:90:f6:6c:b5:de:ce: 7d:8d:c9:7b:43:cf:0b:a2:4b:6e:a6:d7:a7:8e:76:3b:1f:6a: 93:9c:0a:6f:15:9e:a7:77:fb:9e:2f:f3:01:85:79:db:d2:71: 35:66:79:b7:fa:9a:7a:6f:d2:03:79:e7:80:e8:7a:3e:22:c5: 37:fd:46:2f:7e:52:61:1d:78:0d:6d:59:97:01:15:65:65:e9: 88:bc:58:e5:01:80:db:2f:a7:b1:64:bf:24:74:39:7e:56:46: b6:a4:53:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhGODAxMTAvBgNVBAUTKDZDQTJDRkE2ODhCREY5RTJENjU2MTYwODY3N0EzMEM5 MTUyNDNEMEMwHhcNMjUwNDI0MjIxMjE5WhcNMjUwNTAxMjIxMjE5WjAYMRYwFAYD VQQDEw02ODBhYjc0My0zOWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoSbCQHdhpOlo1kCI/8SlsJ4+0MAEZWHO1r0yXpGtQebgYfjVokF5D6MpRyjo 75d0IoLcOwLRHX739JdlHkFwztv2kiZ6S63XctReSbzTN4ZnS5Wk/NNGRd8abpFA XNYNHRgJEmQFhChpTukXbkb6JnkEjuBlEwXaFgswdw9RgdhUOzudIeeFcI5lr8tD mmUmzNtiXFjqRVUCkpia9RT+GUmAOStt2ium/9OfDoo0C3KjCYxyCBedZVCDGeSS q6y7AygLvw6PsHBmJ+1AKAKBER34GE1JWCSpZvmh/CCq50cv2r/RefFCqhpdO6eN fu6NgU7nYTFURhr5eehdb8R/twIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBpiW1nk 167uPcdZcRnXK6PpkJ1LMB8GA1UdIwQYMBaAFGyiz6aIvfni1lYWCGd6MMkVJD0M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEY4MC8wNzFERUE0MDdD Q0UxMUVCQkI4ODI5NzZDNEY5QUUwMi9iS0xQcG9pOS1lTFdWaFlJWjNvd3lSVWtQ UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JLTFBwb2k5LWVMV1ZoWUlaM293eVJVa1BRdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEY4MC8wNzFERUE0MDdDQ0UxMUVCQkI4ODI5NzZDNEY5QUUwMi9iS0xQcG9pOS1l TFdWaFlJWjNvd3lSVWtQUXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFIc29jSoL3WI0wICozXbUP7c7pYo328FVkbFnq/XGMU7Ic2JuU7Jy 4FtR2oHYkrw9TFgNyrylw94fV23yGfKyCD+gAvjBjLVUUS6F5CtThx8LXWIMxrIa n4us1Q722NI2BHQY5q+403AKChkVj03J/JdNypDhXNKA3694t+ny1URFc0fXB/0C gN6QTAd0T7SqoNiRS9XABhiwbJSQ9my13s59jcl7Q88LoktuptenjnY7H2qTnApv FZ6nd/ueL/MBhXnb0nE1Znm3+pp6b9IDeeeA6Ho+IsU3/UYvflJhHXgNbVmXARVl ZemIvFjlAYDbL6exZL8kdDl+Vka2pFPf -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:03 2025 by rpki-client