$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft File: KKyX2Zh-eNvuncufA3NcKDvOGGI.mft (raw, json) Hash identifier: WyD6SqOyhW6jEMSh+Eogs68bJh6VvfQX/1FgBu2PiY0= Subject key identifier: 77:63:A3:7A:86:59:6C:EA:EE:A8:D9:BD:44:03:AE:38:8E:88:DA:D5 Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 01AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft Manifest number: 01AC Signing time: Fri 25 Apr 2025 02:24:31 +0000 Manifest this update: Fri 25 Apr 2025 02:24:31 +0000 Manifest next update: Fri 02 May 2025 02:24:30 +0000 Files and hashes: 1: KKyX2Zh-eNvuncufA3NcKDvOGGI.crl (hash: c0ZTJVV0XnRYp3/IUXXDcknh8A0L2dKRmPw5NaUz4gs=) 2: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (hash: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:24:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 431 (0x1af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: Apr 25 02:24:31 2025 GMT Not After : May 2 02:24:30 2025 GMT Subject: CN=680af25f-36b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:a1:9b:2b:71:b7:7e:7e:a8:35:ba:56:49:f1: 40:4b:4b:44:4b:6c:9c:93:bb:ed:f8:0c:4c:d1:d8: dc:b0:6f:ba:62:2b:77:c4:fd:11:fc:a7:f3:f4:83: 01:b4:d9:31:d0:d5:ec:b1:96:64:bc:65:bf:91:bb: e2:0c:b8:2a:a0:45:ea:e5:73:8e:cb:a1:cf:be:d9: c9:06:13:f4:7a:08:c5:e4:0c:86:bc:64:39:93:df: 3d:64:ce:bd:84:1e:42:e3:31:ce:0a:16:93:cd:ff: d7:50:b7:6a:b1:2e:f4:75:55:fa:14:8b:50:2a:b0: c6:6f:6b:2d:4c:c2:b9:8d:5c:e0:e2:b0:50:d3:04: 8d:aa:03:de:4d:81:03:a4:38:9a:6b:7a:2f:34:00: f9:e2:25:72:ff:12:2e:f6:85:3c:9d:68:3b:c8:a3: 50:6a:86:d7:d2:b4:fe:e3:c3:dc:fc:1a:2e:18:02: c8:ff:1f:61:d9:6e:56:fc:33:47:e6:bd:1c:e2:a7: 11:06:0a:2c:c1:6b:62:5b:fc:b2:ed:72:3d:c8:70: 35:ea:c0:47:7d:df:9a:c4:08:3d:3a:e4:df:64:01: 06:5a:28:da:65:99:a6:90:94:45:84:db:c2:7f:e3: 82:a8:b6:cc:cc:87:e7:57:2f:62:26:ab:a0:74:b3: 6d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:63:A3:7A:86:59:6C:EA:EE:A8:D9:BD:44:03:AE:38:8E:88:DA:D5 X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:cb:f7:b3:66:d3:8d:e0:ed:e8:16:0d:41:c7:f6:22:09:9e: aa:2c:34:fe:37:19:7e:b9:d8:7d:6d:64:64:22:a1:40:ab:c0: ac:7a:f0:57:c3:a3:66:0c:e3:46:9f:3c:81:c9:4f:9d:bf:89: e1:94:7e:a4:b2:53:cb:a2:83:16:70:94:28:b7:b3:75:b6:53: c4:c8:8e:4e:da:a4:03:63:a8:75:bb:ac:b4:a2:d2:fb:0d:da: a2:88:bc:c3:0e:e8:d8:c7:ef:b5:f2:f4:e9:86:0f:12:c5:82: 83:72:f8:20:14:53:fe:cd:08:2a:3b:6f:81:65:f7:71:f9:fb: f1:a8:e2:20:52:57:1e:a4:17:21:88:4d:29:10:46:1b:f9:f3: bb:3a:f2:44:8e:6b:51:40:fc:09:b0:11:ca:40:72:92:65:90: f0:91:cc:dd:01:a0:0d:13:78:30:ac:78:c3:d0:a6:37:39:96: 50:a1:f0:e6:e6:5f:c2:d6:88:dc:31:5a:f3:99:34:bd:34:d0: 6b:d9:97:59:a8:e7:7e:8d:85:15:ff:85:dd:66:40:ca:c6:b2: a1:2f:38:cb:0b:ac:3f:91:cc:30:9e:bc:d1:18:ef:f1:56:e0: 06:18:4f:36:92:ac:e8:38:be:de:89:42:30:2a:f6:86:b7:29: 45:c6:59:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUwNDI1MDIyNDMxWhcNMjUwNTAyMDIyNDMwWjAYMRYwFAYD VQQDEw02ODBhZjI1Zi0zNmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApqGbK3G3fn6oNbpWSfFAS0tES2yck7vt+AxM0djcsG+6Yit3xP0R/Kfz9IMB tNkx0NXssZZkvGW/kbviDLgqoEXq5XOOy6HPvtnJBhP0egjF5AyGvGQ5k989ZM69 hB5C4zHOChaTzf/XULdqsS70dVX6FItQKrDGb2stTMK5jVzg4rBQ0wSNqgPeTYED pDiaa3ovNAD54iVy/xIu9oU8nWg7yKNQaobX0rT+48Pc/BouGALI/x9h2W5W/DNH 5r0c4qcRBgoswWtiW/yy7XI9yHA16sBHfd+axAg9OuTfZAEGWijaZZmmkJRFhNvC f+OCqLbMzIfnVy9iJqugdLNtswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHdjo3qG WWzq7qjZvUQDrjiOiNrVMB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0JDMy83MDhFNkY2ODkyNjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVO dnVuY3VmQTNOY0tEdk9HR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByy/ezZtON4O3oFg1Bx/YiCZ6qLDT+Nxl+udh9bWRkIqFAq8CsevBX w6NmDONGnzyByU+dv4nhlH6kslPLooMWcJQot7N1tlPEyI5O2qQDY6h1u6y0otL7 DdqiiLzDDujYx++18vTphg8SxYKDcvggFFP+zQgqO2+BZfdx+fvxqOIgUlcepBch iE0pEEYb+fO7OvJEjmtRQPwJsBHKQHKSZZDwkczdAaANE3gwrHjD0KY3OZZQofDm 5l/C1ojcMVrzmTS9NNBr2ZdZqOd+jYUV/4XdZkDKxrKhLzjLC6w/kcwwnrzRGO/x VuAGGE82kqzoOL7eiUIwKvaGtylFxlmh -----END CERTIFICATE-----Generated at Sat Apr 26 05:05:59 2025 by rpki-client