$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft File: kfPcWc0PodJBy3h1fR2qksKsn2A.mft (raw, json) Hash identifier: Ns68G7qF/2za8kQvyPU8VFqrvKu8SuV0KCo3jeW0aXU= Subject key identifier: 76:08:25:B5:8E:34:E0:E0:F3:F5:AD:41:E9:4C:35:EC:A7:9B:EE:E1 Authority key identifier: 91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 Certificate issuer: /CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Certificate serial: 037E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft Manifest number: 0378 Signing time: Fri 25 Apr 2025 00:41:14 +0000 Manifest this update: Fri 25 Apr 2025 00:41:13 +0000 Manifest next update: Fri 02 May 2025 00:41:13 +0000 Files and hashes: 1: kfPcWc0PodJBy3h1fR2qksKsn2A.crl (hash: PiRoHo3zxrV/0MwdmLIgBQS2mWnZ8NEZpggGHPzwEsY=) 2: 4114509A597511EFA2B79A84C4F9AE02.roa (hash: 0e5zzWh6ApozGk/jFChRqF4rHk2hQMmiudaU4V4FOFU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:41:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 894 (0x37e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0432, serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Validity Not Before: Apr 25 00:41:13 2025 GMT Not After : May 2 00:41:13 2025 GMT Subject: CN=680ada29-1251 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:64:f1:e2:84:45:95:2d:88:b7:d7:a4:0f:99: 35:a2:e4:e5:35:c3:70:11:9f:6d:f0:54:c5:69:d3: a3:16:36:6b:0f:35:95:7d:de:2e:b8:f6:e8:29:8f: 2c:3f:23:96:07:b1:ff:2c:59:e7:5f:73:66:71:86: b1:3e:60:11:f6:84:74:d6:2f:80:0f:bf:3d:93:3e: 6c:d1:c8:2a:d9:0b:ca:30:a7:9e:5d:3f:b2:8d:06: cb:e3:de:3a:b8:f3:42:dd:86:4d:cd:e7:4a:f3:40: d1:8d:00:13:e0:43:23:5b:67:dc:29:23:df:3f:c8: e2:cf:84:96:ef:9f:47:b3:38:fd:3a:46:7e:0e:fd: 96:e5:03:3c:3d:53:5c:0d:bf:c7:38:9c:6e:eb:59: 30:52:07:bc:fe:c8:0a:7a:a6:d2:9c:3f:ec:e1:7b: 8b:5b:3b:8a:7d:b5:6d:8f:81:cf:61:cb:fb:d4:10: 09:b1:3a:7d:5d:53:2c:91:dc:9f:06:2b:0b:e2:d5: 1d:e3:2b:92:12:63:de:a1:f0:f5:c4:30:fb:af:4d: 3a:6a:37:36:ee:ad:dc:1c:cf:92:79:b5:be:3e:5b: d7:1e:0e:cf:e7:28:d4:e0:3f:7c:7f:06:31:56:71: 96:17:ad:2f:77:52:23:0e:08:77:d2:46:31:84:ef: 9f:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:08:25:B5:8E:34:E0:E0:F3:F5:AD:41:E9:4C:35:EC:A7:9B:EE:E1 X509v3 Authority Key Identifier: keyid:91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:51:05:f8:04:66:41:a8:9f:08:67:d2:72:9e:b4:aa:93:96: 37:21:49:64:13:7d:6d:c9:e7:90:8f:cd:4a:96:38:26:24:ce: fb:2b:cf:1f:8e:40:5e:46:c4:80:3f:4b:d3:ad:a7:7f:c6:5a: 24:cb:f1:b9:93:77:27:ac:ad:7b:5d:25:8b:10:b3:da:c1:07: 47:d5:60:27:e0:2a:72:38:e0:b1:55:5d:77:3f:69:a9:ca:f4: 5f:fd:29:04:7e:a1:dc:27:02:6c:8a:c2:28:e5:10:11:9d:65: 93:f5:03:5b:1b:c0:c9:e3:52:cf:98:56:dc:c5:7b:02:3e:9e: a7:8e:15:e6:9a:20:12:64:fa:19:4a:e4:3b:3c:5c:01:83:de: 1f:a1:72:0b:d5:c3:ef:e5:dd:03:de:c6:2c:33:f1:3c:6f:96: 3b:68:2e:c9:95:aa:d1:8c:40:b9:8a:9b:4d:31:c3:78:a3:93: dc:c6:e4:cb:11:25:d7:bc:1b:74:b1:a5:d4:f8:33:d2:cc:71: a2:63:59:3e:cb:1d:f8:c9:a1:0a:85:0e:2f:7a:e8:fa:78:0d: 41:3b:6c:37:5a:da:7a:ee:fe:93:e9:f0:1d:78:2f:df:67:c9: 3f:26:57:59:13:e4:d1:7f:1b:29:ef:ac:90:5d:cb:04:74:0b: cf:6b:d1:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA0MzIxMTAvBgNVBAUTKDkxRjNEQzU5Q0QwRkExRDI0MUNCNzg3NTdEMURBQTky QzJBQzlGNjAwHhcNMjUwNDI1MDA0MTEzWhcNMjUwNTAyMDA0MTEzWjAYMRYwFAYD VQQDEw02ODBhZGEyOS0xMjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtmTx4oRFlS2It9ekD5k1ouTlNcNwEZ9t8FTFadOjFjZrDzWVfd4uuPboKY8s PyOWB7H/LFnnX3NmcYaxPmAR9oR01i+AD789kz5s0cgq2QvKMKeeXT+yjQbL4946 uPNC3YZNzedK80DRjQAT4EMjW2fcKSPfP8jiz4SW759Hszj9OkZ+Dv2W5QM8PVNc Db/HOJxu61kwUge8/sgKeqbSnD/s4XuLWzuKfbVtj4HPYcv71BAJsTp9XVMskdyf BisL4tUd4yuSEmPeofD1xDD7r006ajc27q3cHM+SebW+PlvXHg7P5yjU4D98fwYx VnGWF60vd1IjDgh30kYxhO+flwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHYIJbWO NODg8/WtQelMNeynm+7hMB8GA1UdIwQYMBaAFJHz3FnND6HSQct4dX0dqpLCrJ9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9GNUJGNjk5Q0E0 Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9kSkJ5M2gxZlIycWtzS3Nu MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tmUGNXYzBQb2RKQnkzaDFmUjJxa3NLc24yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDQzMi9GNUJGNjk5Q0E0Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9k SkJ5M2gxZlIycWtzS3NuMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkUQX4BGZBqJ8IZ9JynrSqk5Y3IUlkE31tyeeQj81KljgmJM77K88f jkBeRsSAP0vTrad/xloky/G5k3cnrK17XSWLELPawQdH1WAn4CpyOOCxVV13P2mp yvRf/SkEfqHcJwJsisIo5RARnWWT9QNbG8DJ41LPmFbcxXsCPp6njhXmmiASZPoZ SuQ7PFwBg94foXIL1cPv5d0D3sYsM/E8b5Y7aC7JlarRjEC5iptNMcN4o5PcxuTL ESXXvBt0saXU+DPSzHGiY1k+yx34yaEKhQ4veuj6eA1BO2w3Wtp67v6T6fAdeC/f Z8k/JldZE+TRfxsp76yQXcsEdAvPa9E/ -----END CERTIFICATE-----Generated at Sat Apr 26 15:06:14 2025 by rpki-client