$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: jEm/d0RFuctUKrGaCrlLL2EwPFzUjjStntA9Vdh62OM= Subject key identifier: 77:54:D3:9F:B6:B0:9A:95:D8:2B:4A:0C:C8:0E:F0:44:60:9C:75:D8 Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 0130 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 012D Signing time: Fri 25 Apr 2025 03:40:21 +0000 Manifest this update: Fri 25 Apr 2025 03:40:21 +0000 Manifest next update: Fri 02 May 2025 03:40:21 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: T4W6ji6J+o4YluARq8sNhiaaYp78tnWOJRgKXpQv8RI=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: Pojppps22r3xRUUOYA4Lq5WqJQ1e2Svo0KKFdlUH1VY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:40:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 304 (0x130) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Apr 25 03:40:21 2025 GMT Not After : May 2 03:40:21 2025 GMT Subject: CN=680b0425-6900 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:94:b1:fc:68:7f:f2:2b:43:d2:a5:33:26:ee: 38:85:89:68:47:99:2d:e9:7b:8c:5e:16:26:fc:a1: 47:bc:b7:f7:a0:8d:f9:ae:8a:2d:7a:4b:c8:4e:1b: 1d:2c:18:8d:f8:8f:a1:72:13:cb:44:d9:eb:c6:f6: 3a:e7:5b:dc:2b:2a:32:6b:de:1e:7a:12:a7:83:1b: 89:1c:2e:91:42:25:92:66:17:3f:b2:a4:13:16:ba: 1a:90:cc:57:43:a7:d5:45:31:fa:bc:e1:44:2c:38: a0:ed:e8:5a:96:b0:59:0c:7a:96:48:00:92:ff:55: 99:4d:22:17:12:47:0c:d8:23:2b:88:36:15:1e:b2: 4f:25:42:3f:8c:8b:b8:9c:bb:aa:da:84:ff:92:73: e6:6f:71:af:eb:54:47:75:ec:d5:4f:73:26:f4:e5: 3a:74:9c:e4:ec:f4:ab:8a:1b:6c:bb:60:64:86:62: 95:94:92:57:78:3e:ff:3f:cb:af:c9:13:7d:f2:27: af:d4:fb:bb:30:d4:99:41:80:c5:cb:85:be:5a:7e: c9:13:e5:4d:7e:c7:ab:f9:b3:f6:30:b1:e8:d6:ee: 53:05:ef:14:6d:d3:35:05:4c:35:c6:df:f0:fe:ac: b0:a5:87:a3:cf:05:33:85:9e:47:4f:e4:06:02:09: 8c:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:54:D3:9F:B6:B0:9A:95:D8:2B:4A:0C:C8:0E:F0:44:60:9C:75:D8 X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:38:1b:c6:72:a8:0c:59:76:2f:1b:b0:79:f2:f9:a4:43:eb: 4e:85:59:e9:01:75:8e:a6:59:28:8a:ca:2b:e4:be:64:18:5f: 42:83:4a:81:17:56:de:3a:c8:e5:2a:27:3e:2a:63:bb:71:a4: ee:e6:8d:52:0b:16:42:e0:bc:0b:8a:9e:64:b1:7d:03:75:52: b6:e5:09:73:af:ee:ad:e4:c3:5a:46:4d:c5:6c:c4:a5:1d:50: 1f:30:41:e4:21:11:c6:8b:ae:ab:26:1e:4a:d7:e2:01:4e:db: 34:65:fe:ab:71:e9:86:41:63:34:ac:b6:84:86:32:b0:48:f3: 33:4b:15:9a:3d:52:60:a4:3d:6f:b2:06:60:f2:ba:94:c3:5e: d2:a6:5d:76:e9:9d:4e:a6:dd:fa:ea:e9:8d:3a:31:cc:69:d9: 16:41:31:29:b1:94:d3:ae:03:1f:88:a4:c2:c3:44:be:73:b5: cf:86:e8:a6:17:63:23:7a:ad:40:4d:58:62:7c:a0:15:19:70: f2:de:eb:cc:c4:8b:65:96:f4:63:33:4f:e3:a2:a8:66:28:23: d0:15:e2:95:ea:d0:17:64:15:43:77:eb:bb:6e:a0:c3:3a:c5: cd:71:78:1d:88:a9:96:b9:69:42:ae:b7:eb:7f:38:f7:d2:1d: cf:c1:c8:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUwNDI1MDM0MDIxWhcNMjUwNTAyMDM0MDIxWjAYMRYwFAYD VQQDEw02ODBiMDQyNS02OTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlJSx/Gh/8itD0qUzJu44hYloR5kt6XuMXhYm/KFHvLf3oI35rootekvIThsd LBiN+I+hchPLRNnrxvY651vcKyoya94eehKngxuJHC6RQiWSZhc/sqQTFroakMxX Q6fVRTH6vOFELDig7ehalrBZDHqWSACS/1WZTSIXEkcM2CMriDYVHrJPJUI/jIu4 nLuq2oT/knPmb3Gv61RHdezVT3Mm9OU6dJzk7PSrihtsu2BkhmKVlJJXeD7/P8uv yRN98iev1Pu7MNSZQYDFy4W+Wn7JE+VNfser+bP2MLHo1u5TBe8UbdM1BUw1xt/w /qywpYejzwUzhZ5HT+QGAgmMYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHdU05+2 sJqV2CtKDMgO8ERgnHXYMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6OBvGcqgMWXYvG7B58vmkQ+tOhVnpAXWOplkoisor5L5kGF9Cg0qB F1beOsjlKic+KmO7caTu5o1SCxZC4LwLip5ksX0DdVK25Qlzr+6t5MNaRk3FbMSl HVAfMEHkIRHGi66rJh5K1+IBTts0Zf6rcemGQWM0rLaEhjKwSPMzSxWaPVJgpD1v sgZg8rqUw17Spl126Z1Opt366umNOjHMadkWQTEpsZTTrgMfiKTCw0S+c7XPhuim F2Mjeq1ATVhifKAVGXDy3uvMxItllvRjM0/joqhmKCPQFeKV6tAXZBVDd+u7bqDD OsXNcXgdiKmWuWlCrrfrfzj30h3PwcjZ -----END CERTIFICATE-----Generated at Sat Apr 26 05:29:27 2025 by rpki-client