$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft File: KUrNCNoZE4w376-ydKHndXceRT4.mft (raw, json) Hash identifier: otR8tSUX43Qh2+AE1sbGHtqkBJkwDOT0R5iWNZJgT2U= Subject key identifier: 66:ED:CD:8A:92:B9:C3:ED:B4:69:20:FD:D1:8A:7A:A1:14:8C:10:11 Authority key identifier: 29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E Certificate issuer: /CN=A919C8F9/serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Certificate serial: 051C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft Manifest number: 0516 Signing time: Thu 24 Apr 2025 23:22:08 +0000 Manifest this update: Thu 24 Apr 2025 23:22:08 +0000 Manifest next update: Thu 01 May 2025 23:22:08 +0000 Files and hashes: 1: KUrNCNoZE4w376-ydKHndXceRT4.crl (hash: j52noyV8mkRGjQfsV7uGwnvmEV+IC8+3wX04awpjbco=) 2: 2D7BD4EA03DD11ECA448405BC4F9AE02.roa (hash: KKWKrtsh/34nl8r+0Ut1+Gkgstz0StRYtgWm9ide930=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:22:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1308 (0x51c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8F9, serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Validity Not Before: Apr 24 23:22:08 2025 GMT Not After : May 1 23:22:08 2025 GMT Subject: CN=680ac7a0-c5a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:08:9f:1c:31:d3:9e:43:ee:c9:f1:31:5a:a8: f1:a2:c4:dc:5f:83:5c:6b:a3:c5:56:74:ff:e5:4c: 61:7a:b8:7f:c0:76:01:14:ec:c4:06:58:5e:e0:00: c7:66:25:1f:3b:d6:be:0b:0a:c4:09:01:47:2c:20: 78:c5:5c:00:5b:e8:8b:be:32:ee:3a:81:9d:17:da: a1:07:f9:27:72:86:11:0a:50:77:02:29:d7:31:3d: eb:e8:ad:04:32:46:7e:57:86:88:e8:a9:6b:97:a5: 7a:f8:ea:79:ba:68:d0:aa:08:2e:0c:a0:d1:98:c6: ed:7c:d8:e2:76:13:d1:b5:5a:b0:b9:73:37:0e:ca: 63:32:67:dd:29:9d:36:36:20:e4:d1:e3:ff:1f:11: 89:a6:b9:51:35:6d:ab:d3:f5:8c:9e:0f:fc:47:7f: c6:bb:62:46:f2:ea:eb:dd:be:98:5f:60:b4:9b:0a: c8:09:c3:a3:60:db:43:8b:f0:fa:eb:ad:c3:b5:75: 4d:e6:e8:f7:8e:ab:3a:23:08:7c:ca:ec:1b:e6:8a: 02:8b:d7:29:04:49:3e:6a:b6:55:aa:dc:50:5a:61: 1b:49:e1:86:c2:14:e0:7e:71:c3:7d:4c:31:42:d0: ca:a8:5e:da:01:40:b7:eb:64:71:dc:0c:47:e1:36: b6:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:ED:CD:8A:92:B9:C3:ED:B4:69:20:FD:D1:8A:7A:A1:14:8C:10:11 X509v3 Authority Key Identifier: keyid:29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:bd:37:39:36:49:98:dc:16:f6:9f:bf:28:3c:bf:6b:36:a3: 06:24:fd:4a:0c:4f:8d:48:39:10:ca:0b:c0:dd:b5:93:68:82: dd:f0:44:34:36:21:fd:4f:05:a2:8d:92:b7:01:e1:2b:56:bd: 2c:f8:88:12:23:84:db:5e:92:e5:09:45:72:7a:93:ff:d9:84: 66:96:79:d0:fe:48:e2:97:70:51:93:78:e1:b3:de:1f:b1:fb: c4:73:e0:6f:20:ef:65:a3:fb:e2:07:64:3f:a3:fb:1d:5a:40: 19:fc:14:25:39:b7:6f:02:11:fd:2f:22:ac:2c:31:e2:98:67: 26:20:5d:5f:e4:98:b0:bf:61:78:bb:4a:97:41:fb:21:20:c9: 02:cf:e4:51:2d:62:e6:cc:a5:8b:0a:66:fd:20:fa:c9:e9:12: a0:27:36:fa:25:dd:fc:44:29:b9:e4:d7:db:0d:57:d8:9b:b8: 0b:f0:aa:8f:82:38:df:65:05:f1:fd:20:a2:9e:f5:ee:26:29: 0c:cf:c5:94:8b:ae:7d:a6:42:b9:f4:20:ec:b1:17:fb:60:d0: 7e:b8:d7:fd:86:c4:59:f6:24:68:57:82:cf:f9:f4:ad:71:10: 8b:26:9a:7e:85:8a:bc:f5:57:bf:b4:64:7c:5a:e8:ed:00:f6: 90:42:06:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4RjkxMTAvBgNVBAUTKDI5NEFDRDA4REExOTEzOEMzN0VGQUZCMjc0QTFFNzc1 NzcxRTQ1M0UwHhcNMjUwNDI0MjMyMjA4WhcNMjUwNTAxMjMyMjA4WjAYMRYwFAYD VQQDEw02ODBhYzdhMC1jNWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvAifHDHTnkPuyfExWqjxosTcX4Nca6PFVnT/5Uxherh/wHYBFOzEBlhe4ADH ZiUfO9a+CwrECQFHLCB4xVwAW+iLvjLuOoGdF9qhB/kncoYRClB3AinXMT3r6K0E MkZ+V4aI6Klrl6V6+Op5umjQqgguDKDRmMbtfNjidhPRtVqwuXM3DspjMmfdKZ02 NiDk0eP/HxGJprlRNW2r0/WMng/8R3/Gu2JG8urr3b6YX2C0mwrICcOjYNtDi/D6 663DtXVN5uj3jqs6Iwh8yuwb5ooCi9cpBEk+arZVqtxQWmEbSeGGwhTgfnHDfUwx QtDKqF7aAUC362Rx3AxH4Ta2SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGbtzYqS ucPttGkg/dGKeqEUjBARMB8GA1UdIwQYMBaAFClKzQjaGROMN++vsnSh53V3HkU+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhGOS9EQzZCMzYxNEZF NkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0dzM3Ni15ZEtIbmRYY2VS VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVck5DTm9aRTR3Mzc2LXlkS0huZFhjZVJUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzhGOS9EQzZCMzYxNEZFNkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0 dzM3Ni15ZEtIbmRYY2VSVDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAlvTc5NkmY3Bb2n78oPL9rNqMGJP1KDE+NSDkQygvA3bWTaILd8EQ0 NiH9TwWijZK3AeErVr0s+IgSI4TbXpLlCUVyepP/2YRmlnnQ/kjil3BRk3jhs94f sfvEc+BvIO9lo/viB2Q/o/sdWkAZ/BQlObdvAhH9LyKsLDHimGcmIF1f5Jiwv2F4 u0qXQfshIMkCz+RRLWLmzKWLCmb9IPrJ6RKgJzb6Jd38RCm55NfbDVfYm7gL8KqP gjjfZQXx/SCinvXuJikMz8WUi659pkK59CDssRf7YNB+uNf9hsRZ9iRoV4LP+fSt cRCLJpp+hYq89Ve/tGR8WujtAPaQQgZz -----END CERTIFICATE-----Generated at Sat Apr 26 14:02:09 2025 by rpki-client