$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: 2Cp68JsAANiarij0wPSIU+csGw956pbv08DkKG73PGw= Subject key identifier: E6:B9:76:B3:4A:B7:BD:22:78:4C:AB:97:3E:30:92:AD:80:9E:67:EA Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 061F Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 061A Signing time: Thu 24 Apr 2025 22:18:33 +0000 Manifest this update: Thu 24 Apr 2025 22:18:33 +0000 Manifest next update: Thu 01 May 2025 22:18:33 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: eBpBK/pUWtPiPzgkM2CQTjDdEUp1aJUwGvCv416gwfw=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: GBv0Bwrza6PzeZcBlfUxDT4tM9xuaZtoH+l5x8EcaKE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:18:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1567 (0x61f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Apr 24 22:18:33 2025 GMT Not After : May 1 22:18:33 2025 GMT Subject: CN=680ab8b9-b947 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f7:77:32:47:f6:67:3c:2d:67:6a:49:e6:65: e6:9c:e0:8a:b1:48:7a:4b:b8:f7:b4:6d:4f:cb:09: c6:17:41:d0:8c:0c:14:89:40:c7:a2:33:cf:01:2c: 85:db:7b:d3:28:94:f9:92:3c:bd:41:72:fe:2c:b3: 26:ee:84:c5:01:1e:89:84:29:e1:71:67:4d:f4:f4: 75:0e:4f:b3:e1:39:c1:6d:7c:e9:05:4d:75:04:01: bd:86:5b:4e:86:f9:82:04:99:6e:66:6f:3b:66:64: 89:da:bd:55:db:f6:70:c9:6d:fd:b6:c2:3b:54:fe: 98:99:f8:af:1b:20:e9:a6:b9:5a:54:d0:0e:34:06: df:07:e1:12:49:53:49:11:b2:73:59:e6:97:d1:2f: b3:0f:10:4f:db:28:29:d9:c7:94:8f:d0:25:bd:89: 7c:82:b9:38:3c:7e:b7:ec:9e:cd:4f:f9:f5:05:da: e2:9e:75:93:df:89:cf:fa:49:5f:c7:74:91:4d:69: b5:74:d1:b7:2b:9d:96:ba:aa:4b:8c:6c:60:ee:58: f2:5f:9a:87:3d:6c:25:13:90:57:b4:e3:31:08:99: 3a:18:18:a4:81:f1:dc:95:31:bd:c9:58:9e:da:de: 51:60:1b:17:20:7e:aa:38:ee:91:67:6f:81:d6:c1: 54:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:B9:76:B3:4A:B7:BD:22:78:4C:AB:97:3E:30:92:AD:80:9E:67:EA X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:28:4c:47:dc:3b:f9:e1:a3:fb:69:e7:4b:1d:59:2e:05:07: 4e:0f:46:71:61:74:4f:54:e4:3d:8f:b2:98:04:e0:83:cc:61: 75:29:a8:c9:da:6a:a9:96:b2:79:8e:21:bf:05:f8:c2:c8:a2: bb:17:42:02:dc:b9:4c:dd:d8:c0:1b:9a:5c:d1:32:14:b8:d4: 3b:f1:32:24:b2:88:12:4e:b3:46:3c:d6:fb:b4:a8:76:1c:ab: 66:6b:cd:a2:2d:ed:f6:82:16:14:be:7a:de:fa:44:44:b3:de: aa:44:b0:8d:9b:07:f7:e3:c6:8c:e8:a2:1f:44:dd:23:08:99: 04:84:1d:49:2b:d3:9f:fe:ba:0a:e0:f9:7f:43:12:a9:8a:17: dc:21:cb:bd:f9:94:dd:54:88:ff:6e:13:bd:e6:ed:52:aa:0e: bb:1e:ab:87:ac:b1:e7:8c:ff:95:e7:3c:ad:4a:c6:ce:2e:40: ea:77:b2:3d:dd:a0:30:f2:d7:fe:8a:3d:08:b9:fc:d2:8e:65: 7c:aa:b4:d0:ab:39:af:90:00:43:ea:05:89:ad:c1:cc:98:ff: 34:60:77:e7:74:73:d7:4c:f0:ba:df:c5:02:88:27:1b:ae:9d: 43:57:1d:8f:b9:e0:7b:05:45:f5:d2:cd:70:c4:a3:88:ea:1b: ab:4e:c9:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwNDI0MjIxODMzWhcNMjUwNTAxMjIxODMzWjAYMRYwFAYD VQQDEw02ODBhYjhiOS1iOTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqPd3Mkf2ZzwtZ2pJ5mXmnOCKsUh6S7j3tG1PywnGF0HQjAwUiUDHojPPASyF 23vTKJT5kjy9QXL+LLMm7oTFAR6JhCnhcWdN9PR1Dk+z4TnBbXzpBU11BAG9hltO hvmCBJluZm87ZmSJ2r1V2/ZwyW39tsI7VP6YmfivGyDpprlaVNAONAbfB+ESSVNJ EbJzWeaX0S+zDxBP2ygp2ceUj9AlvYl8grk4PH637J7NT/n1BdrinnWT34nP+klf x3SRTWm1dNG3K52WuqpLjGxg7ljyX5qHPWwlE5BXtOMxCJk6GBikgfHclTG9yVie 2t5RYBsXIH6qOO6RZ2+B1sFUtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOa5drNK t70ieEyrlz4wkq2AnmfqMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhKExH3Dv54aP7aedLHVkuBQdOD0ZxYXRPVOQ9j7KYBOCDzGF1KajJ 2mqplrJ5jiG/BfjCyKK7F0IC3LlM3djAG5pc0TIUuNQ78TIksogSTrNGPNb7tKh2 HKtma82iLe32ghYUvnre+kREs96qRLCNmwf348aM6KIfRN0jCJkEhB1JK9Of/roK 4Pl/QxKpihfcIcu9+ZTdVIj/bhO95u1Sqg67HquHrLHnjP+V5zytSsbOLkDqd7I9 3aAw8tf+ij0IufzSjmV8qrTQqzmvkABD6gWJrcHMmP80YHfndHPXTPC638UCiCcb rp1DVx2PueB7BUX10s1wxKOI6hurTsng -----END CERTIFICATE-----Generated at Sat Apr 26 15:11:08 2025 by rpki-client