$ rpki-client -vvf rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft File: KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft (raw, json) Hash identifier: mdS1oEmmPXbETAaVMag1ZbV2CA36k5fsbWmcth8HAKA= Subject key identifier: D7:73:A2:B7:EA:DD:3C:BF:03:B6:62:E7:C9:DF:D1:9D:89:21:5E:B6 Authority key identifier: 2A:69:D6:99:F1:3C:04:1B:FD:A3:DA:A5:7E:21:FF:AB:3C:53:ED:5F Certificate issuer: /CN=A9171927/serialNumber=2A69D699F13C041BFDA3DAA57E21FFAB3C53ED5F Certificate serial: 01BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmnWmfE8BBv9o9qlfiH_qzxT7V8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft Manifest number: 01B2 Signing time: Fri 13 Jun 2025 02:15:13 +0000 Manifest this update: Fri 13 Jun 2025 02:15:13 +0000 Manifest next update: Fri 20 Jun 2025 02:15:13 +0000 Files and hashes: 1: KmnWmfE8BBv9o9qlfiH_qzxT7V8.crl (hash: sxzDq0/SjVVZ5OMKWzhy8dhfBvISlhCQD3DP9P9fZbs=) 2: 6AA5FC16905211EE840DED1DC4F9AE02.roa (hash: MC0BNQ8WSdb9k6lw5PW7hJBMQ3Zo5Nq5ihUjlKmX1lo=) 3: FD41FC5EEA6811EDBE3EE23CC4F9AE02.roa (hash: RACB3YknB3cdpFyJZW5lQ48vMsl9eTtZug3dtaWvByM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.crl rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmnWmfE8BBv9o9qlfiH_qzxT7V8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 02:15:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 445 (0x1bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171927, serialNumber=2A69D699F13C041BFDA3DAA57E21FFAB3C53ED5F Validity Not Before: Jun 13 02:15:13 2025 GMT Not After : Jun 20 02:15:13 2025 GMT Subject: CN=684b89b1-e7b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:b1:31:cd:65:49:ab:9f:e1:c0:3e:c7:fe:29: 6f:ba:0c:d8:4b:9c:1d:bb:c3:25:42:fa:cb:aa:51: af:39:b5:a3:2c:cb:2c:91:e7:56:8a:c8:d6:5e:ff: 77:4a:4d:8b:ae:d2:5f:9f:da:ec:0e:8f:3f:bc:64: 0e:75:73:a1:94:10:99:b8:df:d0:f2:64:3e:c1:2d: 5e:17:5d:b4:60:80:78:47:0c:01:05:54:07:1c:6f: 21:a6:7f:c8:e1:8a:e3:72:db:99:c7:b9:58:29:d9: 33:1c:b7:d5:e5:c4:df:20:8a:5b:bd:84:3b:11:d7: 60:2d:88:8f:8f:a3:39:9f:86:a4:f2:32:98:12:97: be:2b:99:12:a1:81:98:48:b8:00:90:b0:1a:a9:53: f0:0f:0a:ef:57:9f:fc:a7:d6:04:5d:f7:d1:3d:24: c2:ad:67:9f:3b:93:c2:3a:5e:bb:25:ac:ca:f8:c2: 49:ba:f8:4a:2a:b2:ac:9d:f2:a5:67:2f:ec:d9:d5: d5:4a:3b:e0:5d:08:1e:52:f1:83:ae:d5:36:97:12: 11:5e:f4:22:50:0b:8c:4f:49:e1:1b:70:a7:ae:2a: 7f:6f:98:26:bf:c3:02:e1:fa:86:5c:6f:23:9a:9c: d1:14:37:46:a9:73:98:d2:bf:f4:e8:8d:13:e9:e1: 37:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:73:A2:B7:EA:DD:3C:BF:03:B6:62:E7:C9:DF:D1:9D:89:21:5E:B6 X509v3 Authority Key Identifier: keyid:2A:69:D6:99:F1:3C:04:1B:FD:A3:DA:A5:7E:21:FF:AB:3C:53:ED:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmnWmfE8BBv9o9qlfiH_qzxT7V8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:c2:13:45:36:d1:65:75:d2:3d:2b:df:55:fa:ed:42:cd:68: a3:b3:e4:e6:1b:df:27:ce:9d:24:0f:54:a2:a8:14:bf:b3:f9: 88:7f:58:c5:fa:42:30:2e:d0:09:72:80:80:58:bb:ec:ec:df: 7f:40:44:4e:fd:4d:6c:a9:80:2b:dd:98:78:33:8b:77:e9:96: aa:90:d2:56:ea:5c:0e:31:b3:1b:82:9f:88:db:4d:e0:a5:a4: eb:80:9d:21:2a:14:36:8d:b7:25:14:e0:51:18:0a:ea:23:4d: 5c:82:81:53:49:12:59:41:10:90:93:59:f0:fe:79:b7:b2:39: 38:e9:91:62:31:42:7e:05:9a:af:60:d5:32:10:68:e7:a2:be: 37:5d:63:2b:fa:c3:a5:aa:6a:84:78:73:98:53:e3:e4:48:e3: 40:97:3e:b5:61:18:55:9b:34:f2:1f:91:b3:82:23:a7:74:c1: 2c:2a:d9:23:e0:7d:8b:11:e5:d0:4d:8e:63:6e:60:50:01:06: 80:f4:5a:4b:29:4d:6b:13:81:ab:63:a0:97:d9:40:17:06:d4: 2d:c1:0d:00:fa:02:0b:96:ed:13:c4:1d:52:ae:f5:d0:e8:61: 59:e8:6c:af:cb:3c:c5:4a:19:96:59:a3:a2:83:dd:92:46:91: 7f:ed:1f:a7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE5MjcxMTAvBgNVBAUTKDJBNjlENjk5RjEzQzA0MUJGREEzREFBNTdFMjFGRkFC M0M1M0VENUYwHhcNMjUwNjEzMDIxNTEzWhcNMjUwNjIwMDIxNTEzWjAYMRYwFAYD VQQDEw02ODRiODliMS1lN2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp7ExzWVJq5/hwD7H/ilvugzYS5wdu8MlQvrLqlGvObWjLMsskedWisjWXv93 Sk2LrtJfn9rsDo8/vGQOdXOhlBCZuN/Q8mQ+wS1eF120YIB4RwwBBVQHHG8hpn/I 4YrjctuZx7lYKdkzHLfV5cTfIIpbvYQ7EddgLYiPj6M5n4ak8jKYEpe+K5kSoYGY SLgAkLAaqVPwDwrvV5/8p9YEXffRPSTCrWefO5PCOl67JazK+MJJuvhKKrKsnfKl Zy/s2dXVSjvgXQgeUvGDrtU2lxIRXvQiUAuMT0nhG3Cnrip/b5gmv8MC4fqGXG8j mpzRFDdGqXOY0r/06I0T6eE3WQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNdzorfq 3Ty/A7Zi58nf0Z2JIV62MB8GA1UdIwQYMBaAFCpp1pnxPAQb/aPapX4h/6s8U+1f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkyNy9GRDhCMjJCMEJD MkYxMUVEQThGNzY1M0VDNEY5QUUwMi9LbW5XbWZFOEJCdjlvOXFsZmlIX3F6eFQ3 VjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ttbldtZkU4QkJ2OW85cWxmaUhfcXp4VDdWOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTkyNy9GRDhCMjJCMEJDMkYxMUVEQThGNzY1M0VDNEY5QUUwMi9LbW5XbWZFOEJC djlvOXFsZmlIX3F6eFQ3VjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYwhNFNtFlddI9K99V+u1CzWijs+TmG98nzp0kD1SiqBS/s/mIf1jF +kIwLtAJcoCAWLvs7N9/QERO/U1sqYAr3Zh4M4t36ZaqkNJW6lwOMbMbgp+I203g paTrgJ0hKhQ2jbclFOBRGArqI01cgoFTSRJZQRCQk1nw/nm3sjk46ZFiMUJ+BZqv YNUyEGjnor43XWMr+sOlqmqEeHOYU+PkSONAlz61YRhVmzTyH5GzgiOndMEsKtkj 4H2LEeXQTY5jbmBQAQaA9FpLKU1rE4GrY6CX2UAXBtQtwQ0A+gILlu0TxB1SrvXQ 6GFZ6GyvyzzFShmWWaOig92SRpF/7R+n -----END CERTIFICATE-----Generated at Sat Jun 14 18:46:54 2025 by rpki-client