$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft File: KUrNCNoZE4w376-ydKHndXceRT4.mft (raw, json) Hash identifier: TlpBWVeJ0026yMB9B0fXmZCAVn9WEfI8a3dm3WC5c9U= Subject key identifier: 39:80:8B:FC:B7:2A:5B:92:DF:3A:7A:85:E9:F9:22:0B:87:77:B7:90 Authority key identifier: 29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E Certificate issuer: /CN=A919C8F9/serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Certificate serial: 0535 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft Manifest number: 052F Signing time: Sat 14 Jun 2025 23:14:35 +0000 Manifest this update: Sat 14 Jun 2025 23:14:34 +0000 Manifest next update: Sat 21 Jun 2025 23:14:34 +0000 Files and hashes: 1: KUrNCNoZE4w376-ydKHndXceRT4.crl (hash: ytogA7qhL6xfWgAWT5tzmYq46Q9yW5k4nAgz2k0ccW8=) 2: 2D7BD4EA03DD11ECA448405BC4F9AE02.roa (hash: KKWKrtsh/34nl8r+0Ut1+Gkgstz0StRYtgWm9ide930=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 23:14:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1333 (0x535) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8F9, serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Validity Not Before: Jun 14 23:14:34 2025 GMT Not After : Jun 21 23:14:34 2025 GMT Subject: CN=684e025a-3e2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a7:39:29:8b:88:bc:1e:f9:b5:08:fe:de:fc: 6c:ad:ab:30:e0:c6:55:86:08:28:99:4e:4b:b0:39: c3:6c:98:ce:0d:91:de:79:58:aa:0f:39:5f:d3:cf: f3:51:02:91:22:d9:44:46:89:ee:be:9f:5d:30:96: 0e:a5:2a:b9:fb:26:2a:bb:22:55:27:86:7c:a8:57: 44:49:a5:f3:93:a7:ee:ef:e8:a3:f4:90:01:e3:e8: 56:a4:73:e1:b6:16:cd:1e:7c:12:6e:3b:51:36:27: 3b:4b:af:59:f2:ea:55:99:1c:6f:b1:36:2f:7e:6b: 0d:13:e2:bb:fa:04:42:52:bb:36:25:d2:6a:05:f3: 6c:90:5f:2b:7c:ce:4e:b0:67:1e:cf:3a:43:db:b7: 3d:6e:c7:8c:cf:f1:49:0b:af:83:e8:e3:6c:b2:da: 72:d3:41:16:38:ab:d1:c7:88:17:37:b6:6e:a7:64: 81:ab:45:c3:8b:3f:e6:0b:78:d9:8a:33:f9:4f:f9: bd:78:b4:16:72:7b:f3:87:9c:e5:02:48:a3:3f:be: ba:67:57:5b:f4:5d:d6:2f:9c:63:db:25:dd:f9:aa: 68:a4:78:93:a6:5c:06:65:84:11:3d:61:ae:60:93: f6:51:ae:44:b2:ce:a6:1d:10:97:3d:c8:a4:c2:6b: 4a:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:80:8B:FC:B7:2A:5B:92:DF:3A:7A:85:E9:F9:22:0B:87:77:B7:90 X509v3 Authority Key Identifier: keyid:29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:52:6d:88:c5:e2:85:4f:96:3d:a2:62:d4:9e:14:f7:f4:16: c8:f1:20:59:74:ef:95:56:ee:04:74:30:9f:ca:af:ea:c0:95: da:52:07:44:64:12:f7:bf:1d:83:a6:97:3f:f9:c6:6c:91:cf: 1d:eb:88:33:e3:48:1a:96:35:6e:b2:5e:38:2c:7f:a9:bc:26: 0f:95:0e:a0:34:5e:bd:8e:49:03:49:5e:44:df:09:e7:53:3b: 6e:c5:3d:cb:92:9b:48:71:03:ea:c5:d9:7f:2d:a9:bf:92:34: 61:69:f5:e2:51:3b:37:d3:09:56:3a:ab:7d:ff:64:d2:58:d5: 48:44:39:ff:6d:fb:2e:17:82:89:5e:a3:f4:9f:6f:a3:13:8b: 47:e5:87:e1:5d:c3:0a:80:39:01:ae:7d:8d:cb:d9:1f:2d:d0: 91:a3:ad:bf:f0:c2:f3:ce:a7:33:42:19:5e:bf:f0:7f:b4:0d: 6d:3e:09:8b:27:01:34:a2:93:d2:22:92:c3:bb:b4:9f:f7:3e: f0:1e:79:96:b2:3b:6f:ec:45:8f:7b:3e:1a:f0:5d:79:40:f7: e0:a6:d2:c2:0f:ea:8e:40:80:a6:6c:ff:02:79:62:a0:25:e7: fa:d1:58:73:0a:78:cf:b5:39:7b:54:7d:96:9a:ed:0c:50:dc: 2b:39:f8:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4RjkxMTAvBgNVBAUTKDI5NEFDRDA4REExOTEzOEMzN0VGQUZCMjc0QTFFNzc1 NzcxRTQ1M0UwHhcNMjUwNjE0MjMxNDM0WhcNMjUwNjIxMjMxNDM0WjAYMRYwFAYD VQQDEw02ODRlMDI1YS0zZTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqc5KYuIvB75tQj+3vxsrasw4MZVhggomU5LsDnDbJjODZHeeViqDzlf08/z UQKRItlERonuvp9dMJYOpSq5+yYquyJVJ4Z8qFdESaXzk6fu7+ij9JAB4+hWpHPh thbNHnwSbjtRNic7S69Z8upVmRxvsTYvfmsNE+K7+gRCUrs2JdJqBfNskF8rfM5O sGcezzpD27c9bseMz/FJC6+D6ONsstpy00EWOKvRx4gXN7Zup2SBq0XDiz/mC3jZ ijP5T/m9eLQWcnvzh5zlAkijP766Z1db9F3WL5xj2yXd+apopHiTplwGZYQRPWGu YJP2Ua5Ess6mHRCXPcikwmtKlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDmAi/y3 KluS3zp6hen5IguHd7eQMB8GA1UdIwQYMBaAFClKzQjaGROMN++vsnSh53V3HkU+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhGOS9EQzZCMzYxNEZF NkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0dzM3Ni15ZEtIbmRYY2VS VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVck5DTm9aRTR3Mzc2LXlkS0huZFhjZVJUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzhGOS9EQzZCMzYxNEZFNkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0 dzM3Ni15ZEtIbmRYY2VSVDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7Um2IxeKFT5Y9omLUnhT39BbI8SBZdO+VVu4EdDCfyq/qwJXaUgdE ZBL3vx2Dppc/+cZskc8d64gz40galjVusl44LH+pvCYPlQ6gNF69jkkDSV5E3wnn UztuxT3LkptIcQPqxdl/Lam/kjRhafXiUTs30wlWOqt9/2TSWNVIRDn/bfsuF4KJ XqP0n2+jE4tH5YfhXcMKgDkBrn2Ny9kfLdCRo62/8MLzzqczQhlev/B/tA1tPgmL JwE0opPSIpLDu7Sf9z7wHnmWsjtv7EWPez4a8F15QPfgptLCD+qOQICmbP8CeWKg Jef60VhzCnjPtTl7VH2Wmu0MUNwrOfgy -----END CERTIFICATE-----Generated at Sun Jun 15 08:45:36 2025 by rpki-client