$ rpki-client -vvf rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft File: kI2z-bdG9SC7uahMhT9pJsFeub0.mft (raw, json) Hash identifier: N7WNutT1RFIlPIzn5Yb4Azo8epRyZ/zMNqDh1iFV7K0= Subject key identifier: 34:B3:FA:2E:B0:BA:B9:5D:03:78:F0:8E:B5:14:DF:A5:5E:CB:7C:54 Authority key identifier: 90:8D:B3:F9:B7:46:F5:20:BB:B9:A8:4C:85:3F:69:26:C1:5E:B9:BD Certificate issuer: /CN=A919A909/serialNumber=908DB3F9B746F520BBB9A84C853F6926C15EB9BD Certificate serial: A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft Manifest number: A5 Signing time: Fri 25 Apr 2025 05:11:47 +0000 Manifest this update: Fri 25 Apr 2025 05:11:46 +0000 Manifest next update: Fri 02 May 2025 05:11:46 +0000 Files and hashes: 1: kI2z-bdG9SC7uahMhT9pJsFeub0.crl (hash: LvnLjqfZDt8X53nG3RcM5Mk0OCzSEB1TDKf+wcMYqX4=) 2: 879152E62E4811EF929FE162C4F9AE02.roa (hash: 1IspOhl6gwbhdZvL5rloqYpEEE+IPoe5ali+fyL8EWw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.crl rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:11:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 167 (0xa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A909, serialNumber=908DB3F9B746F520BBB9A84C853F6926C15EB9BD Validity Not Before: Apr 25 05:11:46 2025 GMT Not After : May 2 05:11:46 2025 GMT Subject: CN=680b1993-e666 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:55:8f:75:db:55:8f:26:f1:49:61:d8:fd:49: 97:00:b4:6f:a1:a4:3f:74:7d:53:4c:d2:a2:bc:f1: 96:64:c9:6d:34:36:4e:f6:50:d4:f9:31:36:b8:6d: 14:96:7a:a4:01:49:0b:ba:66:95:7d:99:d9:e5:02: c7:b1:2a:02:70:e1:92:e5:b1:1e:71:fe:86:df:51: cc:d7:7a:ca:c1:fb:fe:34:3a:7f:b2:fd:59:2a:17: b5:a5:7e:d7:03:ff:c9:9e:04:ea:dd:7e:e2:c2:c4: 86:e3:be:d7:ec:aa:b9:a3:c7:65:f2:fb:50:a2:33: fc:b0:44:ef:9f:1b:e8:1c:16:af:c0:09:34:e7:f5: ba:1a:99:c0:e8:1b:49:03:d2:20:5f:ab:df:b8:f7: 91:77:f6:ed:6f:54:a0:26:cf:98:bf:af:1a:76:bf: b6:94:26:0c:52:02:59:cb:1d:fc:40:d7:62:52:1d: ae:4d:70:b5:a7:3b:b0:df:f1:fe:2e:69:dd:86:02: 4a:0a:81:bb:4a:25:17:69:c1:3e:d2:11:eb:50:4c: d2:8d:e1:9b:d6:15:b9:b2:6e:cb:28:00:8b:40:7b: 40:2c:e4:a0:f3:6e:b7:59:b5:67:e2:14:7c:d7:5f: b7:ea:4c:14:95:f0:45:fb:e1:41:41:89:e1:68:43: 80:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:B3:FA:2E:B0:BA:B9:5D:03:78:F0:8E:B5:14:DF:A5:5E:CB:7C:54 X509v3 Authority Key Identifier: keyid:90:8D:B3:F9:B7:46:F5:20:BB:B9:A8:4C:85:3F:69:26:C1:5E:B9:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:3a:90:48:4a:36:04:27:f9:81:cc:86:a5:59:e5:43:98:d0: 90:08:d3:f2:bb:f8:d8:a8:5c:7c:f4:9d:73:c2:eb:2e:c0:c8: 48:9f:47:b2:38:63:e0:fd:11:b8:78:8d:bb:ec:e9:1d:a5:af: 41:c4:69:17:d7:58:89:49:bb:25:45:e1:e2:7c:83:a9:ac:6f: fe:49:6e:cc:c6:bd:7d:02:2c:8a:32:95:4b:93:9c:23:e9:c4: e0:a2:ee:4d:46:f3:4d:ec:da:77:69:a6:a3:92:5e:04:89:d7: ae:12:94:3a:3c:d0:0e:a1:05:84:d3:2d:6d:07:dc:9d:83:5b: d3:6f:82:4f:54:f3:a3:f1:d9:37:c8:b2:c0:98:29:cf:c9:79: 1e:f4:06:dc:1a:dc:85:b9:58:d1:92:37:32:e3:01:46:c0:e5: 60:1f:cf:cd:39:71:a6:07:dc:0d:90:dc:17:6c:d6:9e:9a:aa: 66:a2:8a:12:7e:6b:84:9c:65:0c:f8:54:16:63:c8:d9:87:57: 39:1e:c2:ae:0c:de:41:b8:48:91:56:b7:46:5e:70:0a:1f:23: ee:64:3a:a3:8e:e8:57:6d:1d:56:83:25:94:f7:37:18:b0:cb: 70:16:5d:53:60:e9:8a:7c:f4:ca:84:b0:38:71:4e:92:4f:fc: 9b:ce:a3:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE5MDkxMTAvBgNVBAUTKDkwOERCM0Y5Qjc0NkY1MjBCQkI5QTg0Qzg1M0Y2OTI2 QzE1RUI5QkQwHhcNMjUwNDI1MDUxMTQ2WhcNMjUwNTAyMDUxMTQ2WjAYMRYwFAYD VQQDEw02ODBiMTk5My1lNjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVWPddtVjybxSWHY/UmXALRvoaQ/dH1TTNKivPGWZMltNDZO9lDU+TE2uG0U lnqkAUkLumaVfZnZ5QLHsSoCcOGS5bEecf6G31HM13rKwfv+NDp/sv1ZKhe1pX7X A//JngTq3X7iwsSG477X7Kq5o8dl8vtQojP8sETvnxvoHBavwAk05/W6GpnA6BtJ A9IgX6vfuPeRd/btb1SgJs+Yv68adr+2lCYMUgJZyx38QNdiUh2uTXC1pzuw3/H+ LmndhgJKCoG7SiUXacE+0hHrUEzSjeGb1hW5sm7LKACLQHtALOSg8263WbVn4hR8 11+36kwUlfBF++FBQYnhaEOAIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDSz+i6w urldA3jwjrUU36Vey3xUMB8GA1UdIwQYMBaAFJCNs/m3RvUgu7moTIU/aSbBXrm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTkwOS8yMDlFRERDRTJB MzMxMUVGQkU5QUE4NTlDNEY5QUUwMi9rSTJ6LWJkRzlTQzd1YWhNaFQ5cEpzRmV1 YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tJMnotYmRHOVNDN3VhaE1oVDlwSnNGZXViMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTkwOS8yMDlFRERDRTJBMzMxMUVGQkU5QUE4NTlDNEY5QUUwMi9rSTJ6LWJkRzlT Qzd1YWhNaFQ5cEpzRmV1YjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPOpBISjYEJ/mBzIalWeVDmNCQCNPyu/jYqFx89J1zwusuwMhIn0ey OGPg/RG4eI277Okdpa9BxGkX11iJSbslReHifIOprG/+SW7Mxr19AiyKMpVLk5wj 6cTgou5NRvNN7Np3aaajkl4EideuEpQ6PNAOoQWE0y1tB9ydg1vTb4JPVPOj8dk3 yLLAmCnPyXke9AbcGtyFuVjRkjcy4wFGwOVgH8/NOXGmB9wNkNwXbNaemqpmoooS fmuEnGUM+FQWY8jZh1c5HsKuDN5BuEiRVrdGXnAKHyPuZDqjjuhXbR1WgyWU9zcY sMtwFl1TYOmKfPTKhLA4cU6ST/ybzqM9 -----END CERTIFICATE-----Generated at Sat Apr 26 13:00:14 2025 by rpki-client