$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: 42kKTH+H7Or8taL2WVkfBXaTaoCf8dn5gSNoig1b1Cw= Subject key identifier: AC:7B:12:92:85:82:61:16:B7:86:85:F1:A6:02:68:82:21:07:A6:10 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0BF6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0BE8 Signing time: Thu 24 Apr 2025 18:43:23 +0000 Manifest this update: Thu 24 Apr 2025 18:43:22 +0000 Manifest next update: Thu 01 May 2025 18:43:22 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: 339+EWrzKn0yEbV1+HpvHaAaS4Hc06lalWA1pXOI8qk=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: o7cey+AS0R8fVuMf4POftZacKVzAhG2qKeR3u+WEUgU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:43:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3062 (0xbf6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Apr 24 18:43:22 2025 GMT Not After : May 1 18:43:22 2025 GMT Subject: CN=680a864b-406c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:e5:90:68:53:c2:37:4e:3e:3c:52:d1:9e:0a: a2:f0:d7:67:86:0e:a7:97:53:71:a6:be:24:5f:e0: b8:89:27:62:bf:2c:0e:85:d1:d3:84:63:27:ab:17: eb:35:b9:51:b0:02:6e:b2:0c:bd:95:c1:d3:16:1c: ac:a6:8f:49:95:cf:88:16:9d:5c:bf:2f:e2:b2:8a: fe:aa:6a:0f:9c:5d:5d:3b:82:ca:07:3a:d0:0c:f0: c9:8a:f8:16:d1:44:fe:f6:54:b9:f1:22:c3:55:3e: b0:59:c8:15:ad:bc:8d:62:fe:2b:f4:11:85:b2:fb: b7:b7:83:6b:f2:4e:1e:be:f5:ce:86:db:19:41:e7: 49:65:cd:e7:fa:50:cc:f6:c6:97:29:31:87:4f:e0: 14:51:98:b2:c9:ef:b5:fc:bf:14:dd:79:e9:f9:dc: df:32:b0:af:a3:f0:05:f1:80:f4:0f:66:76:02:9f: 20:ff:c0:b8:83:d5:f7:8e:6a:66:af:ba:52:9c:00: b4:8b:c0:08:c3:be:4b:6b:bb:f5:dc:2b:bb:79:e1: 3d:96:d4:c1:87:c8:d6:5c:f7:bc:96:8f:91:20:e3: 39:d0:6d:d9:e6:ff:5e:0c:c3:73:4c:91:af:ce:9d: 08:30:d4:21:3a:c5:63:39:30:a0:eb:7c:14:7c:48: 81:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:7B:12:92:85:82:61:16:B7:86:85:F1:A6:02:68:82:21:07:A6:10 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:3f:61:45:ce:78:ed:01:2b:d8:f9:c8:e3:86:7e:54:58:54: 40:d3:a2:fb:62:9b:26:82:83:60:e7:e6:7b:a2:cf:ab:3f:ae: 7c:2f:86:60:09:b3:17:9f:a4:e5:0c:45:40:04:4d:41:17:4a: e5:14:ab:d1:c3:62:cf:ae:c6:0a:ec:f0:6d:98:19:f3:01:b6: 9a:1f:93:14:45:f3:21:fa:38:a7:8e:ac:da:a8:fb:5e:ca:6e: 5a:ec:aa:39:d4:87:8a:7e:f9:8a:c8:43:f5:b2:4d:f9:25:98: f4:06:bb:ce:f2:74:98:e2:c2:9a:d3:d1:b8:d6:93:2e:f2:05: f1:48:53:53:ca:0d:c9:d3:51:3a:1e:8e:e7:ad:01:f9:cf:29: 91:80:71:63:2e:4f:bd:4d:da:ea:c8:40:43:86:8a:9a:d2:8d: 63:6f:61:ef:da:a9:79:d3:bd:24:98:b7:11:06:3f:df:89:6b: fe:4c:7e:77:3e:70:4a:f0:63:c1:31:c3:19:5e:50:c6:0f:95: e1:91:6a:5d:c7:4a:13:3c:0f:48:63:9a:74:e7:13:e3:60:e4: 67:32:b1:a0:af:56:bb:c2:19:b3:b1:cb:69:0e:17:80:c9:a2: 66:4b:75:f8:f4:0c:3c:bb:25:9c:6b:24:c2:0b:fa:03:1d:b8: b1:fd:c3:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUwNDI0MTg0MzIyWhcNMjUwNTAxMTg0MzIyWjAYMRYwFAYD VQQDEw02ODBhODY0Yi00MDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8+WQaFPCN04+PFLRngqi8Ndnhg6nl1Nxpr4kX+C4iSdivywOhdHThGMnqxfr NblRsAJusgy9lcHTFhyspo9Jlc+IFp1cvy/isor+qmoPnF1dO4LKBzrQDPDJivgW 0UT+9lS58SLDVT6wWcgVrbyNYv4r9BGFsvu3t4Nr8k4evvXOhtsZQedJZc3n+lDM 9saXKTGHT+AUUZiyye+1/L8U3Xnp+dzfMrCvo/AF8YD0D2Z2Ap8g/8C4g9X3jmpm r7pSnAC0i8AIw75La7v13Cu7eeE9ltTBh8jWXPe8lo+RIOM50G3Z5v9eDMNzTJGv zp0IMNQhOsVjOTCg63wUfEiB5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKx7EpKF gmEWt4aF8aYCaIIhB6YQMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMP2FFznjtASvY+cjjhn5UWFRA06L7YpsmgoNg5+Z7os+rP658L4Zg CbMXn6TlDEVABE1BF0rlFKvRw2LPrsYK7PBtmBnzAbaaH5MURfMh+jinjqzaqPte ym5a7Ko51IeKfvmKyEP1sk35JZj0BrvO8nSY4sKa09G41pMu8gXxSFNTyg3J01E6 Ho7nrQH5zymRgHFjLk+9TdrqyEBDhoqa0o1jb2Hv2ql5070kmLcRBj/fiWv+TH53 PnBK8GPBMcMZXlDGD5XhkWpdx0oTPA9IY5p05xPjYORnMrGgr1a7whmzsctpDheA yaJmS3X49Aw8uyWcayTCC/oDHbix/cMd -----END CERTIFICATE-----Generated at Sat Apr 26 14:13:09 2025 by rpki-client