$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: RJcvi0CY1B+H/2SIvxeXq/d05LYJOAmdT/q+lUv4MLs= Subject key identifier: 92:B0:68:9A:D9:3D:65:AA:A1:69:4C:AE:1F:1A:96:72:DE:AA:FA:47 Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 0148 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 0145 Signing time: Fri 13 Jun 2025 03:15:44 +0000 Manifest this update: Fri 13 Jun 2025 03:15:43 +0000 Manifest next update: Fri 20 Jun 2025 03:15:43 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: Rdv7+JIoADK7g6Jtj7ZYYyzhJkzE0C5dbix6B391dkQ=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: Pojppps22r3xRUUOYA4Lq5WqJQ1e2Svo0KKFdlUH1VY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 03:15:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 328 (0x148) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Jun 13 03:15:43 2025 GMT Not After : Jun 20 03:15:43 2025 GMT Subject: CN=684b97e0-c6e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:bf:4d:7c:3a:cc:0c:2c:37:58:d6:af:31:46: 5c:e0:45:eb:75:08:f5:d8:66:b9:5b:95:c9:78:b8: 4e:26:b3:09:12:10:3a:6c:03:ff:29:94:a6:46:2a: be:fb:0f:83:54:82:c5:74:1c:46:a6:19:61:65:3d: 3d:cf:85:75:8b:8a:bc:bf:ed:68:1b:a3:d5:8b:f3: 09:67:97:29:cc:fa:a8:ed:09:7d:3b:21:06:c9:7a: 2b:d8:24:5a:42:b4:8f:d8:2b:d8:14:8f:70:72:48: ec:f4:fa:7c:19:22:7e:2e:0b:88:94:d9:b7:5d:95: bb:9b:0b:f0:6e:a4:1b:64:c2:a5:a4:c3:81:b4:67: f3:c7:52:b2:f8:30:b5:5c:c3:8d:dc:7f:08:41:17: 1e:f3:c4:e4:08:e1:c1:c7:b3:e2:9e:d5:1d:ca:78: 84:65:59:91:be:ca:26:31:37:0b:f5:87:6a:62:73: 50:7e:60:f0:c1:6a:d5:91:00:5f:e6:0c:57:1f:0c: 7f:b0:e0:e8:21:01:95:a2:e2:80:bc:29:c8:37:88: 3e:47:89:c8:a7:ef:63:e9:62:c4:43:63:2c:cb:3b: 33:cf:e2:14:a9:f9:96:0b:ac:df:47:c8:16:3f:12: 5d:9f:05:c9:0f:3f:fa:78:49:c5:5d:19:00:bd:d7: 5f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:B0:68:9A:D9:3D:65:AA:A1:69:4C:AE:1F:1A:96:72:DE:AA:FA:47 X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:16:f2:9c:76:36:62:e4:ad:fc:7e:4d:47:06:1b:96:92:bc: dc:9c:e4:7b:88:61:41:f3:45:ca:a4:6d:b6:f3:6c:44:99:d4: 21:cd:28:1b:9e:53:d4:0a:1c:a2:b1:4f:0b:e8:1a:fd:4e:2f: d2:28:2d:56:ea:2c:fd:06:35:4e:85:48:68:a6:a3:6c:01:ec: 91:db:b7:4d:02:66:b3:93:d6:a9:72:d3:3f:c7:85:6e:39:e0: b8:17:09:4e:9e:b0:39:47:ae:78:a9:6f:96:35:2c:0f:9d:12: 66:d0:d8:fd:63:fa:51:97:33:fe:eb:08:f1:b1:55:0d:e6:71: 93:d4:80:98:50:a1:dc:5e:6e:f8:89:2b:85:0e:c9:d5:72:b8: d4:2b:bb:85:49:83:6b:71:fb:8d:86:73:45:c7:d6:58:12:69: da:cd:48:75:98:73:92:d5:2d:17:4f:0d:28:7f:93:46:c4:f2: ea:65:22:25:37:67:99:18:59:a9:2d:78:62:5e:f1:4b:bf:16: cd:57:31:84:81:8c:05:a5:ff:cc:ee:60:6a:36:dc:b8:13:27: 91:3e:2a:02:8f:fa:79:5f:02:5d:f7:fd:14:ac:5a:24:bd:0b: 25:f5:b3:99:3e:e1:db:2c:b4:f3:02:1a:36:14:de:87:90:ce: 68:da:21:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUwNjEzMDMxNTQzWhcNMjUwNjIwMDMxNTQzWjAYMRYwFAYD VQQDEw02ODRiOTdlMC1jNmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr79NfDrMDCw3WNavMUZc4EXrdQj12Ga5W5XJeLhOJrMJEhA6bAP/KZSmRiq+ +w+DVILFdBxGphlhZT09z4V1i4q8v+1oG6PVi/MJZ5cpzPqo7Ql9OyEGyXor2CRa QrSP2CvYFI9wckjs9Pp8GSJ+LguIlNm3XZW7mwvwbqQbZMKlpMOBtGfzx1Ky+DC1 XMON3H8IQRce88TkCOHBx7PintUdyniEZVmRvsomMTcL9YdqYnNQfmDwwWrVkQBf 5gxXHwx/sODoIQGVouKAvCnIN4g+R4nIp+9j6WLEQ2Msyzszz+IUqfmWC6zfR8gW PxJdnwXJDz/6eEnFXRkAvddfPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJKwaJrZ PWWqoWlMrh8alnLeqvpHMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiFvKcdjZi5K38fk1HBhuWkrzcnOR7iGFB80XKpG2282xEmdQhzSgb nlPUChyisU8L6Br9Ti/SKC1W6iz9BjVOhUhopqNsAeyR27dNAmazk9apctM/x4Vu OeC4FwlOnrA5R654qW+WNSwPnRJm0Nj9Y/pRlzP+6wjxsVUN5nGT1ICYUKHcXm74 iSuFDsnVcrjUK7uFSYNrcfuNhnNFx9ZYEmnazUh1mHOS1S0XTw0of5NGxPLqZSIl N2eZGFmpLXhiXvFLvxbNVzGEgYwFpf/M7mBqNty4EyeRPioCj/p5XwJd9/0UrFok vQsl9bOZPuHbLLTzAho2FN6HkM5o2iEV -----END CERTIFICATE-----Generated at Sat Jun 14 19:34:00 2025 by rpki-client