$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft File: kof26C-PO6JOCdnGMXilwLLaAd4.mft (raw, json) Hash identifier: 1PNm1LYwzfCh8D4TYCryiWyDIviWF7jOkjwxEIG8TOo= Subject key identifier: EB:BF:01:41:A8:08:06:A7:E6:A6:5E:2D:1A:80:45:C2:BB:31:A5:BC Authority key identifier: 92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE Certificate issuer: /CN=A91847A2/serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE Certificate serial: 0B70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft Manifest number: 0B03 Signing time: Thu 12 Jun 2025 19:22:34 +0000 Manifest this update: Thu 12 Jun 2025 19:22:34 +0000 Manifest next update: Thu 19 Jun 2025 19:22:34 +0000 Files and hashes: 1: kof26C-PO6JOCdnGMXilwLLaAd4.crl (hash: FwB6AQhXz41fkPmgOPeQosG38SMtkaOT22i7ujg/QII=) 2: 449FE2BE594411EA962D7646C4F9AE02.roa (hash: 3y9BDXWhIindn9fV5yRhLvjaXOZjwz7wE89JCwHuZfU=) 3: 71AD02DC194F11ED818A3C66C4F9AE02.roa (hash: DOBTNH4GGNPUe/CVItieZfmqwMcwBWdfPDr7AZPstYA=) 4: 7978E3F6602811EFB5954527C4F9AE02.roa (hash: I/yFDnonwjcIdEyDMRzyxAMhULYfijDfUDeIkoqzyfk=) 5: 72E17FF2194F11ED818A3C66C4F9AE02.roa (hash: uU9R+G2quDutiuaDSqaRQis0/8oF8eouaABisexnp3Y=) 6: AB988312177211EBAC79CC7EC4F9AE02.roa (hash: 2efUF6FV6lzagFO6ixmFLw5grpZeZdNkHznhn486HIY=) 7: B1986BCE2E2411EB8AF6BB67C4F9AE02.roa (hash: 1Oowb0Op5/Cu+8FSjA8UF2OrKzh23X2j+ax5PBrX1iA=) 8: 4B82FA441A8611ECB908E939C4F9AE02.roa (hash: ioPHlw0sW6GeE8i+5W/iQUIzBchZcQHPRQo5hhiTaFw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 19:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2928 (0xb70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847A2, serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE Validity Not Before: Jun 12 19:22:34 2025 GMT Not After : Jun 19 19:22:34 2025 GMT Subject: CN=684b28fa-e93b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:47:9f:68:f0:61:49:02:3c:92:6d:66:c2:8c: 68:d3:f5:a4:c5:df:2d:cf:f2:f0:68:8e:39:63:00: 50:c4:19:2b:a5:34:ae:3b:89:d8:13:97:9f:a4:90: 1a:49:f3:f9:18:da:81:95:bc:9e:44:04:b0:db:09: fc:b4:66:8b:eb:b4:28:64:4a:76:96:4e:e8:97:f5: 88:ac:35:82:e7:ad:14:fe:bf:8e:81:ff:9a:a2:5e: 6c:b9:b3:98:74:cb:5e:a0:c4:2b:fa:56:12:13:dd: b5:db:c4:fc:b3:8f:08:84:b4:5c:ee:8c:a2:ec:ce: 2e:a9:a3:c8:1d:12:04:1d:c7:56:65:2c:e5:51:fc: 22:72:58:d8:30:a7:a8:01:73:fb:fd:2b:c8:b0:54: c5:8d:16:15:94:cb:0c:3a:c8:7a:a3:d2:89:72:b6: 4c:35:f4:b7:10:01:08:60:ac:82:e0:3f:44:17:a4: 10:78:dc:09:81:4d:c5:44:58:71:f0:2f:0e:d1:b3: 17:3e:49:48:1f:b7:2f:24:4e:27:c3:36:f4:ef:96: 52:22:d1:ea:3b:01:25:42:f0:9c:46:39:ac:5b:77: 27:f3:b2:b4:ef:f5:fe:0c:62:a3:9b:01:4f:af:5a: 36:3f:43:4e:c6:3a:46:61:56:ba:35:7f:32:3c:c4: e6:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:BF:01:41:A8:08:06:A7:E6:A6:5E:2D:1A:80:45:C2:BB:31:A5:BC X509v3 Authority Key Identifier: keyid:92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:29:b4:bb:02:7c:12:0c:7d:c0:86:ca:34:f6:49:bf:9f:52: bb:d9:d2:3a:eb:7d:3d:c8:c3:1c:5a:df:93:c0:27:cc:2a:3e: d5:dc:98:e9:ff:51:bf:96:7c:07:29:6b:6b:b1:1b:21:40:bd: 2e:b1:20:1f:98:d4:7a:7d:0f:41:8b:5e:d0:ed:72:ae:8f:ef: ce:42:93:03:e5:19:b3:8c:d7:14:31:30:18:44:6f:91:40:b7: 64:6d:8a:b8:f6:e4:62:99:bf:66:c5:0a:f1:f1:6a:8b:dc:73: 45:06:c8:46:e6:84:37:9a:2f:4e:80:ab:dc:b1:e8:dd:e7:53: a5:fb:a6:8d:e2:7f:0f:6c:62:bd:33:2a:c7:09:1d:71:2f:e9: b3:71:cf:21:43:29:bf:5c:b1:0b:21:87:24:0d:25:72:f8:aa: a4:1b:26:99:e6:a9:bf:84:11:71:11:81:92:7d:8c:fb:16:73: 63:25:37:24:55:f2:f5:8c:26:3a:f4:ee:5e:82:38:eb:e3:90: 1d:93:8d:26:6e:96:16:62:14:11:b8:09:86:e1:a3:bb:af:64: f7:69:ca:82:89:05:e7:d6:83:72:fd:7b:fb:ed:61:da:f6:dc: fb:fc:87:33:52:23:1f:20:05:7c:a3:61:82:52:b6:80:1e:84: 54:91:96:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QTIxMTAvBgNVBAUTKDkyODdGNkU4MkY4RjNCQTI0RTA5RDlDNjMxNzhBNUMw QjJEQTAxREUwHhcNMjUwNjEyMTkyMjM0WhcNMjUwNjE5MTkyMjM0WjAYMRYwFAYD VQQDEw02ODRiMjhmYS1lOTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA00efaPBhSQI8km1mwoxo0/Wkxd8tz/LwaI45YwBQxBkrpTSuO4nYE5efpJAa SfP5GNqBlbyeRASw2wn8tGaL67QoZEp2lk7ol/WIrDWC560U/r+Ogf+aol5subOY dMteoMQr+lYSE92128T8s48IhLRc7oyi7M4uqaPIHRIEHcdWZSzlUfwicljYMKeo AXP7/SvIsFTFjRYVlMsMOsh6o9KJcrZMNfS3EAEIYKyC4D9EF6QQeNwJgU3FRFhx 8C8O0bMXPklIH7cvJE4nwzb075ZSItHqOwElQvCcRjmsW3cn87K07/X+DGKjmwFP r1o2P0NOxjpGYVa6NX8yPMTmCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOu/AUGo CAan5qZeLRqARcK7MaW8MB8GA1UdIwQYMBaAFJKH9ugvjzuiTgnZxjF4pcCy2gHe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9CNTc3M0FBQzU5 NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rb2YyNkMtUE82Sk9DZG5HTVhpbHdMTGFB ZDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tvZjI2Qy1QTzZKT0NkbkdNWGlsd0xMYUFkNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDdBMi9CNTc3M0FBQzU5NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rb2YyNkMtUE82 Sk9DZG5HTVhpbHdMTGFBZDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOKbS7AnwSDH3Ahso09km/n1K72dI66309yMMcWt+TwCfMKj7V3Jjp /1G/lnwHKWtrsRshQL0usSAfmNR6fQ9Bi17Q7XKuj+/OQpMD5RmzjNcUMTAYRG+R QLdkbYq49uRimb9mxQrx8WqL3HNFBshG5oQ3mi9OgKvcsejd51Ol+6aN4n8PbGK9 MyrHCR1xL+mzcc8hQym/XLELIYckDSVy+KqkGyaZ5qm/hBFxEYGSfYz7FnNjJTck VfL1jCY69O5egjjr45Adk40mbpYWYhQRuAmG4aO7r2T3acqCiQXn1oNy/Xv77WHa 9tz7/IczUiMfIAV8o2GCUraAHoRUkZb8 -----END CERTIFICATE-----Generated at Sat Jun 14 17:20:04 2025 by rpki-client