$ rpki-client -vvf rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft File: KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft (raw, json) Hash identifier: 3/2PCzTkbMhdwf4EMln02vi4Hpza3fgefrIKhYLNjKc= Subject key identifier: 12:BA:05:F3:29:E1:FB:17:15:68:18:22:A3:C3:50:6D:62:74:AC:4F Authority key identifier: 28:75:29:DC:20:CA:0E:CE:95:A7:A5:56:E1:0B:CD:FD:72:37:D8:D8 Certificate issuer: /CN=A91602ED/serialNumber=287529DC20CA0ECE95A7A556E10BCDFD7237D8D8 Certificate serial: 0666 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft Manifest number: 0660 Signing time: Thu 24 Apr 2025 22:11:56 +0000 Manifest this update: Thu 24 Apr 2025 22:11:56 +0000 Manifest next update: Thu 01 May 2025 22:11:56 +0000 Files and hashes: 1: KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl (hash: TeJtIgg0N5rBPTijg0Q3do3G9KkqVSN8B/25SxKAkGM=) 2: 7883418E943A11EBB6706530C4F9AE02.roa (hash: TnZM67noo4lbQHfXpAgCtw+JAFkneMpGmuhyQRw2ydg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:11:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1638 (0x666) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91602ED, serialNumber=287529DC20CA0ECE95A7A556E10BCDFD7237D8D8 Validity Not Before: Apr 24 22:11:56 2025 GMT Not After : May 1 22:11:56 2025 GMT Subject: CN=680ab72c-5936 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:0d:da:ea:86:89:2b:16:dd:17:7a:9c:91:03: 32:b1:f8:5f:6c:bd:de:b0:4c:bc:73:a6:2e:f5:bd: 50:cc:45:58:58:6b:0a:56:81:b0:5e:54:3f:57:fd: 6e:82:14:19:14:d1:a2:e7:e0:6d:78:ab:17:e9:f0: 39:a9:69:9b:4b:c7:26:cc:66:6d:2f:a2:07:e9:90: 87:8a:a9:cf:1e:ba:5e:94:5c:7c:fc:1c:a3:3b:cd: 81:17:74:0a:cf:7f:d4:d3:40:51:ef:32:a7:f2:dd: 25:14:5c:8c:eb:b7:89:11:af:f6:1a:a7:5a:79:62: ea:56:22:3d:08:10:1e:d0:6c:06:50:0b:0b:61:59: c1:b4:a6:da:c1:28:a4:4a:8a:59:56:59:2f:96:b6: d2:09:3a:0c:cd:d7:8b:e9:7b:d8:5d:bc:c7:0f:c6: 37:07:b4:9a:94:6a:dd:30:02:51:bb:76:52:7c:16: 03:49:42:74:91:8c:f6:8c:8c:b8:7f:a3:81:ac:cd: 14:05:5e:02:93:31:d9:2f:9c:0f:3d:c5:98:00:48: cb:e6:5b:dd:21:2b:63:4f:5e:90:33:f8:cf:ef:3a: 31:59:1d:cc:82:56:fd:03:f4:fc:f4:2d:cb:88:41: e1:9f:9d:e1:6a:22:cb:93:76:3f:5d:98:69:1c:e7: 58:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:BA:05:F3:29:E1:FB:17:15:68:18:22:A3:C3:50:6D:62:74:AC:4F X509v3 Authority Key Identifier: keyid:28:75:29:DC:20:CA:0E:CE:95:A7:A5:56:E1:0B:CD:FD:72:37:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:20:a5:e0:f9:c6:64:c7:8e:ff:d0:45:f0:3f:ea:ec:14:cb: f6:77:9e:16:16:d9:a8:3d:2f:f6:a9:ee:b7:f1:d8:71:83:da: df:16:1b:75:03:c6:f6:75:13:17:6c:87:8f:2b:af:e9:87:8b: cf:44:09:cc:f4:44:c0:2f:71:1f:09:55:b8:83:22:7d:4e:5e: 67:49:bd:b9:f2:98:5a:b6:53:5a:c3:36:f7:3f:d5:51:54:9a: 2b:4b:67:a9:31:4e:0f:a2:2e:45:ce:f4:8f:07:3e:88:83:c1: ba:e5:52:cb:a9:5e:d2:dd:bc:0b:1b:6e:1b:70:e1:b9:0c:3c: 84:45:b9:84:50:a3:ab:ed:6d:90:23:56:93:aa:86:4f:7d:00: 43:57:a5:50:c4:a5:6a:e8:7d:f7:be:e3:5f:92:f3:9f:07:63: ed:b6:eb:ba:78:22:64:81:24:99:d4:58:dc:25:e6:26:5f:2e: cd:c9:11:04:17:a6:26:21:b1:ff:e8:12:cb:2f:2d:aa:f7:1d: c8:33:f6:ab:a3:ee:f6:61:19:1b:72:5c:61:4d:7a:c9:1d:a0: 6a:d1:a1:9d:3c:d7:b2:2b:38:a0:ad:d5:9e:64:6c:e7:fc:cb: 36:35:ee:16:b2:76:37:71:53:9c:5b:34:0c:a6:7c:ee:52:20: 3c:dd:5a:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyRUQxMTAvBgNVBAUTKDI4NzUyOURDMjBDQTBFQ0U5NUE3QTU1NkUxMEJDREZE NzIzN0Q4RDgwHhcNMjUwNDI0MjIxMTU2WhcNMjUwNTAxMjIxMTU2WjAYMRYwFAYD VQQDEw02ODBhYjcyYy01OTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAow3a6oaJKxbdF3qckQMysfhfbL3esEy8c6Yu9b1QzEVYWGsKVoGwXlQ/V/1u ghQZFNGi5+BteKsX6fA5qWmbS8cmzGZtL6IH6ZCHiqnPHrpelFx8/ByjO82BF3QK z3/U00BR7zKn8t0lFFyM67eJEa/2GqdaeWLqViI9CBAe0GwGUAsLYVnBtKbawSik SopZVlkvlrbSCToMzdeL6XvYXbzHD8Y3B7SalGrdMAJRu3ZSfBYDSUJ0kYz2jIy4 f6OBrM0UBV4CkzHZL5wPPcWYAEjL5lvdIStjT16QM/jP7zoxWR3Mglb9A/T89C3L iEHhn53haiLLk3Y/XZhpHOdYvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBK6BfMp 4fsXFWgYIqPDUG1idKxPMB8GA1UdIwQYMBaAFCh1Kdwgyg7OlaelVuELzf1yN9jY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDJFRC8xNjdCQzYzQzdD MUIxMUVCOUYzRjNDNjVDNEY5QUUwMi9LSFVwM0NES0RzNlZwNlZXNFF2Tl9YSTMy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIVXAzQ0RLRHM2VnA2Vlc0UXZOX1hJMzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDJFRC8xNjdCQzYzQzdDMUIxMUVCOUYzRjNDNjVDNEY5QUUwMi9LSFVwM0NES0Rz NlZwNlZXNFF2Tl9YSTMyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwIKXg+cZkx47/0EXwP+rsFMv2d54WFtmoPS/2qe638dhxg9rfFht1 A8b2dRMXbIePK6/ph4vPRAnM9ETAL3EfCVW4gyJ9Tl5nSb258phatlNawzb3P9VR VJorS2epMU4Poi5FzvSPBz6Ig8G65VLLqV7S3bwLG24bcOG5DDyERbmEUKOr7W2Q I1aTqoZPfQBDV6VQxKVq6H33vuNfkvOfB2Pttuu6eCJkgSSZ1FjcJeYmXy7NyREE F6YmIbH/6BLLLy2q9x3IM/aro+72YRkbclxhTXrJHaBq0aGdPNeyKzigrdWeZGzn /Ms2Ne4WsnY3cVOcWzQMpnzuUiA83Vqe -----END CERTIFICATE-----Generated at Sat Apr 26 12:25:33 2025 by rpki-client