$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft File: KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft (raw, json) Hash identifier: cCUegCxyVTe3EhjAe1SvItHT3k7mWod+8FeIrcNZzW8= Subject key identifier: 3F:7D:48:EB:B8:D8:CF:C1:B9:EA:CE:B7:6B:4D:FD:56:14:75:0D:FF Authority key identifier: 2A:45:A4:1D:60:E2:F1:04:D3:DD:39:C8:6F:14:BC:59:00:88:3F:4B Certificate issuer: /CN=A91A4287/serialNumber=2A45A41D60E2F104D3DD39C86F14BC5900883F4B Certificate serial: 16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft Manifest number: 15 Signing time: Fri 25 Apr 2025 06:59:36 +0000 Manifest this update: Fri 25 Apr 2025 06:59:35 +0000 Manifest next update: Fri 02 May 2025 06:59:35 +0000 Files and hashes: 1: KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl (hash: KCLGLHh3vAKGvypyqE9A3Ipt7E+HpyETlbh02jJpSJg=) 2: 8CC07FC0047211F0A6541526C4F9AE02.roa (hash: PgYYJ9/o38WTea0u5fJFPWCIw+78oj+kOWm1Hogb3eo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:59:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22 (0x16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4287, serialNumber=2A45A41D60E2F104D3DD39C86F14BC5900883F4B Validity Not Before: Apr 25 06:59:35 2025 GMT Not After : May 2 06:59:35 2025 GMT Subject: CN=680b32d8-182b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:2e:72:c2:65:18:51:32:33:58:e7:9d:1f:a1: 70:ba:ad:d7:89:88:5a:53:34:5d:e1:40:dd:f6:3c: 9c:14:4d:cc:f9:69:78:b6:b8:79:41:f8:4a:e4:89: b3:f3:8e:42:4a:d2:53:9d:31:c9:8a:72:17:71:1e: f6:7f:08:5d:28:8d:16:d6:99:90:1c:05:44:59:8e: c9:72:44:9f:e6:80:eb:60:eb:b7:ae:40:d3:24:86: ba:d9:ec:05:5e:92:48:cb:5c:05:1c:3f:5a:a2:59: 35:04:6d:61:95:15:ed:3b:68:ee:59:61:2a:61:5e: de:6b:ae:77:36:ff:c7:93:9d:b1:79:43:e0:b0:a1: 26:3e:80:9b:a4:87:db:9a:12:f0:b7:a6:18:7c:63: ef:2a:e1:34:f8:f7:21:64:3b:5b:7d:a3:e2:0c:b7: c0:3a:e9:8d:8f:3c:6d:8f:8d:9e:55:3e:16:73:00: 50:ef:db:44:5c:bf:c3:06:7a:03:f7:8d:c2:eb:4b: d3:41:8b:d1:d6:34:2a:15:47:ca:0a:b5:4d:10:4a: 41:24:65:cd:40:03:44:47:2f:2a:98:be:ee:71:39: b0:2d:8a:2e:d4:d6:d5:c7:7a:38:f6:a0:c9:76:14: 24:34:f0:e6:96:24:a3:69:bc:63:f3:fd:f9:83:ad: 4b:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:7D:48:EB:B8:D8:CF:C1:B9:EA:CE:B7:6B:4D:FD:56:14:75:0D:FF X509v3 Authority Key Identifier: keyid:2A:45:A4:1D:60:E2:F1:04:D3:DD:39:C8:6F:14:BC:59:00:88:3F:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:36:5a:bf:a3:22:ab:a3:58:1e:7e:57:6a:0a:91:cb:75:b3: 8b:21:d4:9b:46:76:73:f7:23:69:a7:0f:3c:a1:60:40:5e:f2: 51:6f:58:e9:3a:29:0a:15:b5:ea:e5:6c:bc:20:43:cd:32:5f: 83:15:67:23:31:10:91:6a:e9:44:e3:1c:4d:33:38:a5:73:83: 45:6c:1e:63:ea:24:65:81:ab:c7:a7:c2:3a:d6:bc:93:bd:5f: 73:64:49:f0:84:46:71:44:05:83:d1:da:8d:b0:57:e1:79:8c: c9:62:e0:fa:11:45:ec:4f:2f:2a:63:de:e8:77:9e:af:54:fd: 5a:1a:53:1d:69:1a:87:c1:24:8c:f9:c5:1c:dc:7e:53:70:92: cc:51:83:45:67:7f:6b:08:f5:36:b7:c3:6e:d2:98:dd:ce:5e: a3:1e:a4:c5:2a:77:e0:97:24:de:74:a5:bc:4e:c8:e8:b0:c4: b2:e4:18:02:b1:2f:64:59:31:84:8a:ec:fd:f7:97:94:f0:20: 01:20:a4:8a:5b:d4:ba:e3:c1:db:d5:a5:46:b4:ae:ee:a0:94: 18:64:e9:5b:4d:50:92:82:40:25:48:78:b3:92:d6:e3:5c:ee: 5b:f6:36:21:c7:07:9c:25:c3:89:a7:3b:4e:63:a2:62:84:52: f7:0d:c7:32 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDI4NzExMC8GA1UEBRMoMkE0NUE0MUQ2MEUyRjEwNEQzREQzOUM4NkYxNEJDNTkw MDg4M0Y0QjAeFw0yNTA0MjUwNjU5MzVaFw0yNTA1MDIwNjU5MzVaMBgxFjAUBgNV BAMTDTY4MGIzMmQ4LTE4MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkLnLCZRhRMjNY550foXC6rdeJiFpTNF3hQN32PJwUTcz5aXi2uHlB+ErkibPz jkJK0lOdMcmKchdxHvZ/CF0ojRbWmZAcBURZjslyRJ/mgOtg67euQNMkhrrZ7AVe kkjLXAUcP1qiWTUEbWGVFe07aO5ZYSphXt5rrnc2/8eTnbF5Q+CwoSY+gJukh9ua EvC3phh8Y+8q4TT49yFkO1t9o+IMt8A66Y2PPG2PjZ5VPhZzAFDv20Rcv8MGegP3 jcLrS9NBi9HWNCoVR8oKtU0QSkEkZc1AA0RHLyqYvu5xObAtii7U1tXHejj2oMl2 FCQ08OaWJKNpvGPz/fmDrUv7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUP31I67jY z8G56s63a039VhR1Df8wHwYDVR0jBBgwFoAUKkWkHWDi8QTT3TnIbxS8WQCIP0sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0Mjg3LzM3Mjc4QzE2MDQ2 RDExRjBCNzdEMDM2MUM0RjlBRTAyL0trV2tIV0RpOFFUVDNUbklieFM4V1FDSVAw cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2tXa0hXRGk4UVRUM1RuSWJ4UzhXUUNJUDBzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0 Mjg3LzM3Mjc4QzE2MDQ2RDExRjBCNzdEMDM2MUM0RjlBRTAyL0trV2tIV0RpOFFU VDNUbklieFM4V1FDSVAwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFE2Wr+jIqujWB5+V2oKkct1s4sh1JtGdnP3I2mnDzyhYEBe8lFvWOk6 KQoVterlbLwgQ80yX4MVZyMxEJFq6UTjHE0zOKVzg0VsHmPqJGWBq8enwjrWvJO9 X3NkSfCERnFEBYPR2o2wV+F5jMli4PoRRexPLypj3uh3nq9U/VoaUx1pGofBJIz5 xRzcflNwksxRg0Vnf2sI9Ta3w27SmN3OXqMepMUqd+CXJN50pbxOyOiwxLLkGAKx L2RZMYSK7P33l5TwIAEgpIpb1LrjwdvVpUa0ru6glBhk6VtNUJKCQCVIeLOS1uNc 7lv2NiHHB5wlw4mnO05jomKEUvcNxzI= -----END CERTIFICATE-----Generated at Sat Apr 26 13:07:45 2025 by rpki-client