$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft File: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft (raw, json) Hash identifier: /mwgeqVkn+408dKtLvHVXT2MbNGuHGzeiklBBlio2Go= Subject key identifier: F6:31:D4:5E:BC:13:92:7B:DF:0E:6C:8D:D0:A1:FE:B2:3A:66:25:2F Authority key identifier: 29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 Certificate issuer: /CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Certificate serial: 10CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft Manifest number: 23E6 Signing time: Sat 14 Jun 2025 16:58:12 +0000 Manifest this update: Sat 14 Jun 2025 16:58:12 +0000 Manifest next update: Sat 21 Jun 2025 16:58:12 +0000 Files and hashes: 1: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl (hash: TH0VH5PfLV4TY23xbDhh3aNXb03VtONkdDMNsoZ/C3o=) 2: DE0A75A605EB11EA94CD7287C4F9AE02.roa (hash: rQZ+LsPDuc4EXnC/GiBOmzFAxUE3pMz5tb4kdOhgWwA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 16:58:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4302 (0x10ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F, serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Validity Not Before: Jun 14 16:58:12 2025 GMT Not After : Jun 21 16:58:12 2025 GMT Subject: CN=684daa24-5bda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:17:90:2a:24:67:5e:a3:e8:1c:84:a1:46:23: 76:98:fe:85:cc:06:6f:8b:0c:c5:6b:f2:46:f7:8d: d1:33:18:63:98:ea:69:d1:24:9e:ce:82:1b:3a:19: 7f:10:91:a8:44:8e:c1:ee:37:ee:9b:9b:71:05:4d: 3b:b7:e2:8c:1f:ea:07:2d:e2:43:2b:0a:d9:bf:df: 02:46:f7:6d:ba:56:9b:ca:79:11:6a:11:a3:02:34: e6:a8:b9:78:40:f5:49:9c:fe:c8:c2:2b:41:74:e9: c1:ce:4e:4d:3a:87:fc:59:dc:cf:9e:81:ea:a8:0d: 1e:11:db:0e:c5:4d:ed:1f:7c:17:a6:e2:8e:8f:cd: ee:df:49:52:0c:bb:a0:f9:3c:27:b6:0b:78:b2:9e: d1:14:28:da:fc:b6:52:51:dc:ff:e7:bf:c5:9f:41: 8c:7d:00:97:7d:6c:af:b1:5f:5a:0a:f8:b7:a8:b3: e6:51:be:c3:be:2f:39:4b:4c:2b:df:79:c5:6e:38: cd:2f:43:2a:6e:57:4f:fe:b7:66:03:45:0e:c0:a2: ba:fc:ce:32:ab:49:2a:bd:e6:75:30:89:36:db:a1: 9e:c9:df:6a:f2:7d:9a:2a:00:fb:63:99:8a:4e:ba: ff:35:ec:be:d6:1f:1a:f7:fe:49:df:ac:34:a0:5f: 29:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:31:D4:5E:BC:13:92:7B:DF:0E:6C:8D:D0:A1:FE:B2:3A:66:25:2F X509v3 Authority Key Identifier: keyid:29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:d8:05:22:d1:e4:b0:8f:cf:cf:a6:d0:1a:e2:bc:7c:1b:37: 03:84:f9:4c:0a:c8:bc:72:f5:94:fb:b9:c6:a3:0a:e5:5c:c9: 83:ae:f3:39:c2:c2:33:2d:6b:3e:4c:7e:5a:4f:0c:70:18:93: 2a:39:50:4f:f8:6c:30:a9:56:52:30:29:44:f4:85:44:e0:4b: 99:45:0b:20:71:e1:cc:4a:79:82:d2:3b:6d:c5:5f:9f:13:d0: b7:59:e7:a9:f2:2b:0f:d3:d0:3f:03:8e:eb:b8:28:09:db:69: da:81:5a:35:6e:5f:df:cf:e7:e8:91:14:a1:00:51:96:a4:f2: b0:08:52:76:30:0f:ea:3d:24:2c:db:ea:0f:37:f2:10:e5:57: 3b:6b:da:d7:d7:d8:62:94:56:72:33:61:6b:51:d8:a4:67:85: dd:36:1b:1a:65:c3:5a:2d:88:0c:fa:b9:2b:8b:6f:2e:14:9c: d2:6e:42:22:c8:29:c8:8e:1a:5c:77:4b:47:59:1f:aa:4f:75: 81:5e:51:c7:89:68:c8:ec:34:e0:61:e0:81:5e:c5:f6:a7:b0: e5:47:50:38:35:5b:24:9b:e9:ae:2d:af:d4:09:67:dd:5a:99: 60:7f:6e:97:8d:5b:66:93:6e:5e:30:01:ca:70:4d:6d:21:c1: a0:40:43:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDI5RDE2Qzk4REIzRDVCRjY0QjZCOTIwNEMwOTYwMDg2 MENEMjk0NTIwHhcNMjUwNjE0MTY1ODEyWhcNMjUwNjIxMTY1ODEyWjAYMRYwFAYD VQQDEw02ODRkYWEyNC01YmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3xeQKiRnXqPoHIShRiN2mP6FzAZviwzFa/JG943RMxhjmOpp0SSezoIbOhl/ EJGoRI7B7jfum5txBU07t+KMH+oHLeJDKwrZv98CRvdtulabynkRahGjAjTmqLl4 QPVJnP7IwitBdOnBzk5NOof8WdzPnoHqqA0eEdsOxU3tH3wXpuKOj83u30lSDLug +Twntgt4sp7RFCja/LZSUdz/57/Fn0GMfQCXfWyvsV9aCvi3qLPmUb7Dvi85S0wr 33nFbjjNL0MqbldP/rdmA0UOwKK6/M4yq0kqveZ1MIk226Geyd9q8n2aKgD7Y5mK Trr/Ney+1h8a9/5J36w0oF8p4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPYx1F68 E5J73w5sjdCh/rI6ZiUvMB8GA1UdIwQYMBaAFCnRbJjbPVv2S2uSBMCWAIYM0pRS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdfWkxhNUlFd0pZQWhnelNs RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkRnNtTnM5V19aTGE1SUV3SllBaGd6U2xGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdf WkxhNUlFd0pZQWhnelNsRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCK2AUi0eSwj8/PptAa4rx8GzcDhPlMCsi8cvWU+7nGowrlXMmDrvM5 wsIzLWs+TH5aTwxwGJMqOVBP+GwwqVZSMClE9IVE4EuZRQsgceHMSnmC0jttxV+f E9C3Weep8isP09A/A47ruCgJ22nagVo1bl/fz+fokRShAFGWpPKwCFJ2MA/qPSQs 2+oPN/IQ5Vc7a9rX19hilFZyM2FrUdikZ4XdNhsaZcNaLYgM+rkri28uFJzSbkIi yCnIjhpcd0tHWR+qT3WBXlHHiWjI7DTgYeCBXsX2p7DlR1A4NVskm+muLa/UCWfd Wplgf26XjVtmk25eMAHKcE1tIcGgQEON -----END CERTIFICATE-----Generated at Sat Jun 14 19:32:22 2025 by rpki-client