$ rpki-client -vvf rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft File: KrJDLDrVEo7XPpnEYNBhH69NIg4.mft (raw, json) Hash identifier: AApLs8pq011Jf7mAZJk23+J+tF2cL++AX106ofE/ueg= Subject key identifier: 08:97:E2:7D:FB:16:EE:F6:33:5A:9D:1D:14:BB:59:83:04:8A:94:1C Authority key identifier: 2A:B2:43:2C:3A:D5:12:8E:D7:3E:99:C4:60:D0:61:1F:AF:4D:22:0E Certificate issuer: /CN=A9153850/serialNumber=2AB2432C3AD5128ED73E99C460D0611FAF4D220E Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KrJDLDrVEo7XPpnEYNBhH69NIg4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft Manifest number: 21 Signing time: Fri 25 Apr 2025 06:58:13 +0000 Manifest this update: Fri 25 Apr 2025 06:58:12 +0000 Manifest next update: Fri 02 May 2025 06:58:12 +0000 Files and hashes: 1: KrJDLDrVEo7XPpnEYNBhH69NIg4.crl (hash: iy1xF75hP/jqj4VxGZhtzP/Wy/Bp2EK86miTQIPfwk8=) 2: E40AC356018611F0B7E46C83C4F9AE02.roa (hash: xnpORZ2MtPoqtzWOcmsiFxPYNxl3p5FaKDYctBVtkjc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.crl rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KrJDLDrVEo7XPpnEYNBhH69NIg4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153850, serialNumber=2AB2432C3AD5128ED73E99C460D0611FAF4D220E Validity Not Before: Apr 25 06:58:12 2025 GMT Not After : May 2 06:58:12 2025 GMT Subject: CN=680b3285-807a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:10:dc:f5:24:b0:c9:17:6b:01:45:c7:9d:c0: 1b:d8:f5:fb:26:c2:a7:6f:5c:d4:40:ad:d6:2c:f5: 9a:72:8c:07:4f:32:91:ab:20:75:6c:0f:ce:c4:56: 6c:19:32:3c:2e:1f:f5:6f:42:85:64:80:a7:50:2e: 16:36:53:8f:46:67:bc:26:73:9a:81:84:3b:ce:ef: e9:38:4a:8e:89:e6:e0:7e:59:93:84:8b:c4:e2:92: bb:07:f7:74:3d:5a:15:69:f5:dd:6e:f0:d1:6c:ea: aa:e6:bc:d2:a2:c5:9d:31:6b:79:39:dc:42:4d:b9: 24:fb:d7:72:75:f7:a3:ab:6c:59:9f:c2:69:8d:5e: 53:7a:dd:d0:56:ca:25:24:9d:36:3d:08:f4:57:ab: ac:92:42:cc:a4:a6:32:09:b0:1c:f2:45:ff:3d:ec: 5f:0b:13:25:c5:c0:74:6e:c5:39:95:fb:7b:c3:72: 41:58:2a:ee:88:8a:5e:bf:b9:35:f4:1d:a8:82:6a: f4:ba:b5:70:54:01:94:b4:94:eb:17:03:a7:44:13: fa:c1:d9:d6:e7:3c:c4:ad:17:de:bc:d0:5a:33:bd: d8:c3:22:dc:45:bc:93:e8:42:da:bd:7a:1b:29:97: 2d:92:62:6e:96:3b:88:d3:e0:d2:03:9c:7b:34:f1: 2f:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:97:E2:7D:FB:16:EE:F6:33:5A:9D:1D:14:BB:59:83:04:8A:94:1C X509v3 Authority Key Identifier: keyid:2A:B2:43:2C:3A:D5:12:8E:D7:3E:99:C4:60:D0:61:1F:AF:4D:22:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KrJDLDrVEo7XPpnEYNBhH69NIg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:36:37:89:a0:ac:2a:8a:d5:6c:9f:57:fa:87:88:66:f5:93: 0f:b9:86:b2:e6:ba:a4:de:92:ae:48:84:2b:f3:43:06:92:1b: 03:db:f3:8a:47:a0:d6:a9:f5:b1:79:1d:dc:0e:85:47:19:fc: f9:ac:5c:3c:d2:2b:97:a8:45:cf:80:99:ba:98:bc:31:6f:19: 75:74:1b:89:ea:cc:15:5d:ae:11:4f:3d:5c:df:3e:e4:18:9e: 7e:3d:6a:48:d8:3b:e3:94:b8:49:ed:a2:66:ff:80:88:6b:e1: ed:ab:28:0d:26:c9:5f:94:3f:1f:f5:b3:dc:6f:3b:ed:66:de: a1:7c:aa:27:27:65:94:cb:c2:73:2a:3f:b8:d7:90:e4:4e:3a: bd:39:2d:6e:e5:39:89:80:3e:ea:bd:13:60:42:1c:71:dc:ce: 7e:7b:c1:97:35:c8:cc:5c:ab:be:a0:dd:5e:b7:e5:4d:29:c7: 00:13:bf:b8:07:0d:ea:03:54:ea:e6:3a:4d:14:7a:f9:04:2e: bb:b2:81:60:ff:37:4e:e5:f0:8d:5b:82:40:ce:f9:5a:38:7f: 4a:9d:be:6f:1a:cc:f0:24:60:10:12:7b:2e:0b:42:32:7f:0f: 68:66:6d:a4:47:0d:ef:ac:9f:3e:83:fc:04:57:fa:de:5a:8f: 53:e6:29:6b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 Mzg1MDExMC8GA1UEBRMoMkFCMjQzMkMzQUQ1MTI4RUQ3M0U5OUM0NjBEMDYxMUZB RjREMjIwRTAeFw0yNTA0MjUwNjU4MTJaFw0yNTA1MDIwNjU4MTJaMBgxFjAUBgNV BAMTDTY4MGIzMjg1LTgwN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8ENz1JLDJF2sBRcedwBvY9fsmwqdvXNRArdYs9ZpyjAdPMpGrIHVsD87EVmwZ MjwuH/VvQoVkgKdQLhY2U49GZ7wmc5qBhDvO7+k4So6J5uB+WZOEi8TikrsH93Q9 WhVp9d1u8NFs6qrmvNKixZ0xa3k53EJNuST713J196OrbFmfwmmNXlN63dBWyiUk nTY9CPRXq6ySQsykpjIJsBzyRf897F8LEyXFwHRuxTmV+3vDckFYKu6Iil6/uTX0 HaiCavS6tXBUAZS0lOsXA6dEE/rB2dbnPMStF9680FozvdjDItxFvJPoQtq9ehsp ly2SYm6WO4jT4NIDnHs08S+lAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUCJfiffsW 7vYzWp0dFLtZgwSKlBwwHwYDVR0jBBgwFoAUKrJDLDrVEo7XPpnEYNBhH69NIg4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzODUwLzdCM0IzN0Q0MDE4 NjExRjBCMDVCNEM1OUM0RjlBRTAyL0tySkRMRHJWRW83WFBwbkVZTkJoSDY5Tkln NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS3JKRExEclZFbzdYUHBuRVlOQmhINjlOSWc0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUz ODUwLzdCM0IzN0Q0MDE4NjExRjBCMDVCNEM1OUM0RjlBRTAyL0tySkRMRHJWRW83 WFBwbkVZTkJoSDY5TklnNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKE2N4mgrCqK1WyfV/qHiGb1kw+5hrLmuqTekq5IhCvzQwaSGwPb84pH oNap9bF5HdwOhUcZ/PmsXDzSK5eoRc+AmbqYvDFvGXV0G4nqzBVdrhFPPVzfPuQY nn49akjYO+OUuEntomb/gIhr4e2rKA0myV+UPx/1s9xvO+1m3qF8qicnZZTLwnMq P7jXkOROOr05LW7lOYmAPuq9E2BCHHHczn57wZc1yMxcq76g3V635U0pxwATv7gH DeoDVOrmOk0UevkELruygWD/N07l8I1bgkDO+Vo4f0qdvm8azPAkYBASey4LQjJ/ D2hmbaRHDe+snz6D/ARX+t5aj1PmKWs= -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:49 2025 by rpki-client