$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: 9hhJrJ4gU03Pkfcxj5OXES1hrxdxoK6fqi7N2fR6qJ0= Subject key identifier: DB:EA:95:33:65:04:03:57:E5:A4:5A:9F:EF:F6:D4:96:BD:36:C2:4B Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DAC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0D90 Signing time: Tue 06 May 2025 17:56:36 +0000 Manifest this update: Tue 06 May 2025 17:56:35 +0000 Manifest next update: Tue 13 May 2025 17:56:35 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: jzmYrxtV4s7WPsicQv+AYGNjztcbpr06KdG7cSP2wBg=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: F8kcefS3I97Fp9Z0ACrQ84pOuyd0pejyLJ6D0xqjqYQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 17:56:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3500 (0xdac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: May 6 17:56:35 2025 GMT Not After : May 13 17:56:35 2025 GMT Subject: CN=681a4d53-b60b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:6b:61:e3:79:a7:52:3e:8e:18:90:0c:70:21: 4a:fd:14:d7:6c:1d:e6:61:ab:c3:0e:36:67:be:4c: 9e:46:91:ad:15:de:80:73:20:69:54:b5:b5:1e:d8: d6:87:e0:02:c7:6c:d1:36:d1:9a:3d:85:07:ab:4c: 46:25:d5:5c:70:22:37:00:43:b0:4f:e9:d7:ce:f6: a0:5f:a7:92:b1:08:71:fc:75:bc:41:13:bf:1e:0d: e0:68:75:41:e6:71:36:f8:26:31:a3:4c:65:f7:5e: fb:98:04:64:91:a6:a2:37:7f:a6:e1:6a:2d:e7:da: 3a:3f:47:64:d3:b5:29:bf:15:2b:de:20:d1:7a:5d: 41:c3:db:9e:41:9f:31:24:2b:7d:3e:ed:ea:8d:73: fe:71:bf:94:ba:4f:31:2d:f3:89:b6:1e:37:52:df: 6f:8e:83:0c:d6:a3:8e:05:60:bd:32:6e:42:36:80: d5:df:93:f0:5d:80:57:58:57:4b:5b:61:a8:99:a4: dd:4a:42:1c:6a:bf:3c:a8:6b:d3:2b:47:af:a1:af: d8:13:8a:57:25:ed:36:b7:5e:84:4f:18:90:7e:46: df:92:26:42:77:66:1a:c6:32:a8:20:44:bc:c1:a4: b3:5c:91:f3:4b:a0:0e:00:29:7d:60:0d:78:5e:8d: d9:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:EA:95:33:65:04:03:57:E5:A4:5A:9F:EF:F6:D4:96:BD:36:C2:4B X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:f4:db:6d:b5:2c:4b:c8:3c:d8:71:a8:68:8f:ad:43:2d:77: 9f:8b:ed:22:ac:fc:5f:21:a6:cf:70:87:a6:af:58:36:b9:38: b2:e5:b6:f5:93:f7:71:b4:bf:3d:d1:29:45:97:eb:60:69:a7: a8:c4:80:4e:4a:15:a7:e6:d0:b9:bb:09:4f:f1:df:ca:3d:09: 6e:b0:4f:9f:f4:49:32:0e:4f:cb:d6:7a:04:7b:6c:63:35:12: 7e:ba:fa:2a:a0:5d:ca:b0:e1:40:06:96:58:13:21:ad:77:24: dc:3f:b5:9d:0c:34:31:92:45:e6:99:cd:ba:b9:4f:f6:59:89: 22:f2:c1:80:ba:a9:ea:81:66:03:03:bc:c1:c0:21:47:6e:56: 0c:1a:5e:a1:f2:2d:f2:25:52:56:41:48:94:26:fa:8e:30:16: 11:eb:e0:aa:1d:56:16:bc:b3:54:e3:e7:33:00:43:85:59:7a: 45:37:de:0c:1d:79:ab:00:87:10:f2:b4:ad:2e:17:90:34:ac: 62:7e:f8:74:88:ed:93:ca:67:e3:68:58:01:f4:6b:91:5b:bb: 5d:8f:d3:fb:c6:d4:c2:48:a3:83:a8:e4:bc:24:bc:ae:f3:12: 55:ee:44:0c:c0:0e:b1:b0:d8:28:61:c6:d4:61:c9:c4:7c:1f: 66:ca:85:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwNTA2MTc1NjM1WhcNMjUwNTEzMTc1NjM1WjAYMRYwFAYD VQQDEw02ODFhNGQ1My1iNjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqWth43mnUj6OGJAMcCFK/RTXbB3mYavDDjZnvkyeRpGtFd6AcyBpVLW1HtjW h+ACx2zRNtGaPYUHq0xGJdVccCI3AEOwT+nXzvagX6eSsQhx/HW8QRO/Hg3gaHVB 5nE2+CYxo0xl9177mARkkaaiN3+m4Wot59o6P0dk07UpvxUr3iDRel1Bw9ueQZ8x JCt9Pu3qjXP+cb+Uuk8xLfOJth43Ut9vjoMM1qOOBWC9Mm5CNoDV35PwXYBXWFdL W2GomaTdSkIcar88qGvTK0evoa/YE4pXJe02t16ETxiQfkbfkiZCd2YaxjKoIES8 waSzXJHzS6AOACl9YA14Xo3ZmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNvqlTNl BANX5aRan+/21Ja9NsJLMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZ9NtttSxLyDzYcahoj61DLXefi+0irPxfIabPcIemr1g2uTiy5bb1 k/dxtL890SlFl+tgaaeoxIBOShWn5tC5uwlP8d/KPQlusE+f9EkyDk/L1noEe2xj NRJ+uvoqoF3KsOFABpZYEyGtdyTcP7WdDDQxkkXmmc26uU/2WYki8sGAuqnqgWYD A7zBwCFHblYMGl6h8i3yJVJWQUiUJvqOMBYR6+CqHVYWvLNU4+czAEOFWXpFN94M HXmrAIcQ8rStLheQNKxifvh0iO2TymfjaFgB9GuRW7tdj9P7xtTCSKODqOS8JLyu 8xJV7kQMwA6xsNgoYcbUYcnEfB9myoVG -----END CERTIFICATE-----Generated at Wed May 7 08:24:40 2025 by rpki-client