$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft File: kof26C-PO6JOCdnGMXilwLLaAd4.mft (raw, json) Hash identifier: m4NVmkTSAkwsDyOgULDXzIJrlOOkSJ6FCkrZp6ily8E= Subject key identifier: 41:02:AD:2F:74:EC:3F:BD:7C:57:A1:D2:A7:68:E0:80:46:37:6E:E2 Authority key identifier: 92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE Certificate issuer: /CN=A91847A2/serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE Certificate serial: 0B58 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft Manifest number: 0AEB Signing time: Thu 24 Apr 2025 19:30:16 +0000 Manifest this update: Thu 24 Apr 2025 19:30:16 +0000 Manifest next update: Thu 01 May 2025 19:30:16 +0000 Files and hashes: 1: kof26C-PO6JOCdnGMXilwLLaAd4.crl (hash: PGsZGGpn+J4jwOy9o/2sEqJhQ7SsXGpWqqdYDsfAhuc=) 2: 449FE2BE594411EA962D7646C4F9AE02.roa (hash: 3y9BDXWhIindn9fV5yRhLvjaXOZjwz7wE89JCwHuZfU=) 3: 7978E3F6602811EFB5954527C4F9AE02.roa (hash: I/yFDnonwjcIdEyDMRzyxAMhULYfijDfUDeIkoqzyfk=) 4: 71AD02DC194F11ED818A3C66C4F9AE02.roa (hash: DOBTNH4GGNPUe/CVItieZfmqwMcwBWdfPDr7AZPstYA=) 5: 72E17FF2194F11ED818A3C66C4F9AE02.roa (hash: uU9R+G2quDutiuaDSqaRQis0/8oF8eouaABisexnp3Y=) 6: AB988312177211EBAC79CC7EC4F9AE02.roa (hash: 2efUF6FV6lzagFO6ixmFLw5grpZeZdNkHznhn486HIY=) 7: B1986BCE2E2411EB8AF6BB67C4F9AE02.roa (hash: 1Oowb0Op5/Cu+8FSjA8UF2OrKzh23X2j+ax5PBrX1iA=) 8: 4B82FA441A8611ECB908E939C4F9AE02.roa (hash: ioPHlw0sW6GeE8i+5W/iQUIzBchZcQHPRQo5hhiTaFw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:30:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2904 (0xb58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847A2, serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE Validity Not Before: Apr 24 19:30:16 2025 GMT Not After : May 1 19:30:16 2025 GMT Subject: CN=680a9148-f2c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:02:c4:fd:f2:a1:90:82:88:9c:44:ae:d4:7b: 70:05:64:c8:7d:57:33:c3:1f:d3:9f:99:bb:2b:a3: 92:cc:00:6c:dd:56:6b:85:86:8f:82:56:e1:16:7e: 61:d8:e5:5b:7f:81:c4:17:ed:80:72:b7:1c:84:5c: 7f:8b:c7:b9:9b:26:bc:7e:4f:3d:8d:02:ad:27:55: fe:12:56:93:8a:78:43:84:9b:72:9e:6f:8a:c8:9a: 31:36:b7:06:98:a3:60:07:b4:90:32:4f:77:df:ad: 0a:18:03:5a:14:ec:5f:00:bd:f6:d5:28:97:d5:34: ae:42:fe:f3:dd:d4:38:22:81:c7:fb:75:59:6f:6b: 11:ce:d3:f5:2d:fb:1a:ad:32:0d:94:17:ef:2e:34: b6:60:cf:ba:c1:a1:5d:a3:d9:f1:d0:d9:92:a6:80: a7:e3:c1:eb:93:cd:5d:72:31:49:99:22:c6:5b:5a: ab:0f:8d:7d:59:dc:81:45:1b:c4:b8:e9:7d:e2:da: bb:90:5c:03:8e:3c:fb:c1:a8:d8:ba:55:67:3e:5d: 61:d3:42:8c:aa:5c:f9:2c:4c:f3:76:8d:e3:c7:8f: 4e:c4:42:32:f7:42:ce:cb:0a:c4:b5:0f:b5:ce:28: aa:f4:8b:87:ce:79:f1:8f:54:ee:a7:4d:ee:8d:60: 51:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:02:AD:2F:74:EC:3F:BD:7C:57:A1:D2:A7:68:E0:80:46:37:6E:E2 X509v3 Authority Key Identifier: keyid:92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:69:6b:eb:2e:3d:74:42:b5:8b:ae:56:e5:0b:a4:76:5d:2e: ef:d2:d8:ef:01:3a:fa:3e:f4:38:ea:76:1c:32:d0:76:6f:4f: 2c:0e:bb:60:c3:fd:05:b7:f0:e8:42:0a:51:b0:6c:43:20:9d: a3:72:11:28:97:2a:94:1b:c3:a3:dd:01:5a:17:99:24:40:b0: c6:9b:c4:80:80:ed:70:5b:6f:0a:83:93:f6:a4:11:0a:7f:f8: cc:a2:3f:f5:46:38:c8:06:89:d1:f9:fd:b2:a6:b2:a9:21:83: 69:86:c0:f7:ef:86:56:93:00:ab:eb:d4:7d:8b:cc:3e:6f:3f: a4:dd:15:86:ac:2e:25:19:eb:b9:31:f8:ec:2d:67:01:ec:5d: 2a:8d:1f:be:4a:17:84:0f:08:f6:a1:90:72:ee:56:7c:c8:e7: 4f:3b:e0:38:5b:30:fa:50:be:d0:3d:83:95:cb:25:52:56:16: b0:a2:cf:92:58:18:70:52:53:ec:cb:fa:a6:1b:9c:73:80:47: 3a:bb:92:14:81:c6:e2:d3:3d:50:ab:b4:82:c9:30:eb:14:bc: 60:82:46:bb:80:06:04:98:22:f5:fd:9d:bc:7a:1a:f7:1c:ed: a7:12:15:e8:1a:0d:ff:1b:d2:10:1a:f5:e0:27:c3:75:5c:fa: c5:ba:d5:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QTIxMTAvBgNVBAUTKDkyODdGNkU4MkY4RjNCQTI0RTA5RDlDNjMxNzhBNUMw QjJEQTAxREUwHhcNMjUwNDI0MTkzMDE2WhcNMjUwNTAxMTkzMDE2WjAYMRYwFAYD VQQDEw02ODBhOTE0OC1mMmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqgLE/fKhkIKInESu1HtwBWTIfVczwx/Tn5m7K6OSzABs3VZrhYaPglbhFn5h 2OVbf4HEF+2AcrcchFx/i8e5mya8fk89jQKtJ1X+ElaTinhDhJtynm+KyJoxNrcG mKNgB7SQMk93360KGANaFOxfAL321SiX1TSuQv7z3dQ4IoHH+3VZb2sRztP1Lfsa rTINlBfvLjS2YM+6waFdo9nx0NmSpoCn48Hrk81dcjFJmSLGW1qrD419WdyBRRvE uOl94tq7kFwDjjz7wajYulVnPl1h00KMqlz5LEzzdo3jx49OxEIy90LOywrEtQ+1 ziiq9IuHznnxj1Tup03ujWBR0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEECrS90 7D+9fFeh0qdo4IBGN27iMB8GA1UdIwQYMBaAFJKH9ugvjzuiTgnZxjF4pcCy2gHe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9CNTc3M0FBQzU5 NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rb2YyNkMtUE82Sk9DZG5HTVhpbHdMTGFB ZDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tvZjI2Qy1QTzZKT0NkbkdNWGlsd0xMYUFkNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDdBMi9CNTc3M0FBQzU5NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rb2YyNkMtUE82 Sk9DZG5HTVhpbHdMTGFBZDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/aWvrLj10QrWLrlblC6R2XS7v0tjvATr6PvQ46nYcMtB2b08sDrtg w/0Ft/DoQgpRsGxDIJ2jchEolyqUG8Oj3QFaF5kkQLDGm8SAgO1wW28Kg5P2pBEK f/jMoj/1RjjIBonR+f2yprKpIYNphsD374ZWkwCr69R9i8w+bz+k3RWGrC4lGeu5 MfjsLWcB7F0qjR++SheEDwj2oZBy7lZ8yOdPO+A4WzD6UL7QPYOVyyVSVhawos+S WBhwUlPsy/qmG5xzgEc6u5IUgcbi0z1Qq7SCyTDrFLxggka7gAYEmCL1/Z28ehr3 HO2nEhXoGg3/G9IQGvXgJ8N1XPrFutVT -----END CERTIFICATE-----Generated at Sat Apr 26 20:21:20 2025 by rpki-client