$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft File: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft (raw, json) Hash identifier: pJ8X/ygefFtnuJPnQUyzEZn1aXWiaAuy+YR1AT2jSM0= Subject key identifier: 13:64:BD:BF:C0:01:48:4C:E9:A6:C9:71:C9:19:6B:D1:61:87:DA:CF Authority key identifier: 29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 Certificate issuer: /CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Certificate serial: 10B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft Manifest number: 23B2 Signing time: Thu 24 Apr 2025 17:03:00 +0000 Manifest this update: Thu 24 Apr 2025 17:02:59 +0000 Manifest next update: Thu 01 May 2025 17:02:59 +0000 Files and hashes: 1: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl (hash: lUb8k7RTqSn5LF1lP6i/LDn2C9w37ZVU9t8HvwNJEFU=) 2: DE0A75A605EB11EA94CD7287C4F9AE02.roa (hash: rQZ+LsPDuc4EXnC/GiBOmzFAxUE3pMz5tb4kdOhgWwA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:02:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4276 (0x10b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F, serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Validity Not Before: Apr 24 17:02:59 2025 GMT Not After : May 1 17:02:59 2025 GMT Subject: CN=680a6ec4-bea3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c7:2c:9c:e0:78:60:90:dd:85:9e:98:50:2c: 3b:38:55:65:7f:db:8f:60:ff:28:aa:ba:79:b2:7c: 94:24:1b:9c:33:c2:bc:93:66:45:54:c6:aa:4a:4a: bb:8a:be:bc:28:21:32:5a:a6:b3:26:b3:37:3e:25: 5b:61:34:da:0d:56:67:d6:0d:8e:45:87:b9:f6:29: 77:f8:3a:44:cc:b8:9d:c4:30:d0:0e:c6:0b:f9:c9: 7f:e5:b0:6a:d7:22:09:f4:97:b4:e4:66:23:ad:92: d3:f5:f4:e4:ee:60:25:12:1b:11:6f:8d:0b:ce:98: fe:62:59:5d:ed:1b:69:70:e3:e5:59:af:bd:d8:c4: 0a:0d:03:1e:c1:4d:70:ac:5e:b1:f7:92:22:8d:73: 81:81:05:b2:07:14:56:ed:78:c0:71:26:40:02:65: a7:b2:5a:90:39:67:a1:9f:93:ab:4c:72:a7:20:5c: 99:f3:5d:2f:39:02:91:74:73:2f:93:f1:dc:db:21: 10:14:c6:5d:e1:d0:21:0a:38:bd:9a:55:c0:02:d0: dd:2b:b7:e3:8d:80:05:94:74:7a:ca:a7:7c:9d:e7: 47:a7:c2:8e:22:fc:ec:f6:04:01:f5:16:3d:4c:e7: a9:2c:bf:6a:e5:be:75:9e:c3:db:e5:8e:5e:ae:89: 43:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:64:BD:BF:C0:01:48:4C:E9:A6:C9:71:C9:19:6B:D1:61:87:DA:CF X509v3 Authority Key Identifier: keyid:29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:0d:e3:3d:93:28:41:c2:4e:eb:49:9b:d2:af:74:e2:cf:af: 73:eb:c0:4f:4a:ad:72:98:53:97:c9:81:12:22:dc:39:b8:22: a7:07:7f:f1:61:7f:1b:33:d2:8a:89:6c:46:9b:e5:1c:c2:9a: e7:3a:3b:c0:70:a8:b8:f0:f6:aa:96:b2:f1:02:57:15:70:63: e8:d5:3e:86:12:a3:89:c6:5c:05:76:9c:42:ef:49:60:e8:1a: 23:ac:35:44:22:7f:a9:e3:2b:e8:e0:90:84:3e:39:36:d3:fe: 23:ac:0e:e7:97:a5:b2:89:c9:15:99:98:28:8c:da:68:b5:56: 4f:fd:7c:98:80:b2:63:9b:69:35:bc:28:71:87:9e:b3:69:50: 03:34:cd:b5:83:c8:c7:c7:c3:8d:24:f1:23:72:6e:98:cf:23: 38:bc:fa:13:e7:3e:90:81:b0:ec:f6:c4:bd:ef:90:db:1c:bc: 2b:bf:13:a6:fe:c2:ad:54:70:df:f0:2b:be:d1:5a:00:07:d7: 34:47:b5:9d:dd:a2:a6:e2:a6:65:c1:42:f4:61:be:20:d9:cc: cd:6a:70:1c:92:36:22:58:74:c5:4a:f9:5a:86:93:15:fc:3f: 67:8b:83:a0:89:ae:b2:7c:46:24:3e:30:c8:60:44:4a:d8:4e: f4:40:45:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICELQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDI5RDE2Qzk4REIzRDVCRjY0QjZCOTIwNEMwOTYwMDg2 MENEMjk0NTIwHhcNMjUwNDI0MTcwMjU5WhcNMjUwNTAxMTcwMjU5WjAYMRYwFAYD VQQDEw02ODBhNmVjNC1iZWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzMcsnOB4YJDdhZ6YUCw7OFVlf9uPYP8oqrp5snyUJBucM8K8k2ZFVMaqSkq7 ir68KCEyWqazJrM3PiVbYTTaDVZn1g2ORYe59il3+DpEzLidxDDQDsYL+cl/5bBq 1yIJ9Je05GYjrZLT9fTk7mAlEhsRb40Lzpj+Ylld7RtpcOPlWa+92MQKDQMewU1w rF6x95IijXOBgQWyBxRW7XjAcSZAAmWnslqQOWehn5OrTHKnIFyZ810vOQKRdHMv k/Hc2yEQFMZd4dAhCji9mlXAAtDdK7fjjYAFlHR6yqd8nedHp8KOIvzs9gQB9RY9 TOepLL9q5b51nsPb5Y5erolD2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBNkvb/A AUhM6abJcckZa9Fhh9rPMB8GA1UdIwQYMBaAFCnRbJjbPVv2S2uSBMCWAIYM0pRS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdfWkxhNUlFd0pZQWhnelNs RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkRnNtTnM5V19aTGE1SUV3SllBaGd6U2xGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdf WkxhNUlFd0pZQWhnelNsRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkDeM9kyhBwk7rSZvSr3Tiz69z68BPSq1ymFOXyYESItw5uCKnB3/x YX8bM9KKiWxGm+UcwprnOjvAcKi48PaqlrLxAlcVcGPo1T6GEqOJxlwFdpxC70lg 6BojrDVEIn+p4yvo4JCEPjk20/4jrA7nl6WyickVmZgojNpotVZP/XyYgLJjm2k1 vChxh56zaVADNM21g8jHx8ONJPEjcm6YzyM4vPoT5z6QgbDs9sS975DbHLwrvxOm /sKtVHDf8Cu+0VoAB9c0R7Wd3aKm4qZlwUL0Yb4g2czNanAckjYiWHTFSvlahpMV /D9ni4Ogia6yfEYkPjDIYERK2E70QEWr -----END CERTIFICATE-----Generated at Sat Apr 26 17:08:17 2025 by rpki-client