$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.mft File: KPXmXXUFlh3FUKlJJNvO-7Z2lL0.mft (raw, json) Hash identifier: 6Et0O2pqEoG371rCrPI7YjQvwSDkkAZhJWfjNYSEUgs= Subject key identifier: 8B:A3:E9:FF:A5:5C:A5:B3:03:23:DF:94:FE:5D:8C:24:B8:90:E4:38 Authority key identifier: 28:F5:E6:5D:75:05:96:1D:C5:50:A9:49:24:DB:CE:FB:B6:76:94:BD Certificate issuer: /CN=A91ACC22/serialNumber=28F5E65D7505961DC550A94924DBCEFBB67694BD Certificate serial: 0FF3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.mft Manifest number: 0FE2 Signing time: Thu 24 Apr 2025 17:28:15 +0000 Manifest this update: Thu 24 Apr 2025 17:28:14 +0000 Manifest next update: Thu 01 May 2025 17:28:14 +0000 Files and hashes: 1: KPXmXXUFlh3FUKlJJNvO-7Z2lL0.crl (hash: wW4xI5LbPmWtjMdRNp8RgFZoS2qESAQQ7nKGK8Lz+Hg=) 2: 2A3D8B5EA97D11EABA31B843C4F9AE02.roa (hash: fPoBgkYnMh4IMhrB/TA39+M1O1OAHZFrtUEJDkMooUg=) 3: EF66DDE4E46A11EB9552D31BC4F9AE02.roa (hash: ucL3j8TnFmy+7V5qbIqZDaLy79WcFoXLeH1a5In6i8E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.crl rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:28:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4083 (0xff3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACC22, serialNumber=28F5E65D7505961DC550A94924DBCEFBB67694BD Validity Not Before: Apr 24 17:28:14 2025 GMT Not After : May 1 17:28:14 2025 GMT Subject: CN=680a74af-ec14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:55:c9:b7:e2:92:4a:0f:3e:b4:6a:24:63:7c: b9:d5:a6:e7:2d:f9:c8:c3:69:27:77:f6:a9:7d:38: 9c:7e:e8:c7:75:88:b7:d9:45:1e:7f:2c:a6:26:df: 0a:13:e6:10:5c:de:11:a9:74:a9:12:d2:57:a1:d8: d8:84:0e:4d:46:61:f9:5c:8e:5b:cb:4f:b3:91:ab: c6:ff:4e:a0:11:ad:6b:3b:21:97:c6:fe:0a:83:ce: 33:1e:14:06:c6:24:67:ed:06:56:67:13:1a:35:96: 30:d9:eb:79:64:cd:72:58:9e:db:4b:14:86:fd:b2: 2e:ed:32:f5:81:af:a6:fe:73:33:dc:37:19:56:d8: c8:91:08:5f:07:d8:d2:18:f7:8a:bb:b2:8f:87:12: c6:91:8f:8d:cc:f1:6c:c8:c2:4c:ad:61:0d:dc:8c: 27:67:c2:ff:ed:91:75:57:48:2a:65:b6:a2:58:2f: 84:c2:99:a9:0d:ca:f5:50:96:7b:83:1b:60:e9:0a: d7:83:da:fd:35:d4:a0:cd:f3:df:25:cc:30:d7:10: 68:6a:84:d8:8d:c6:bd:8c:a2:7d:83:d1:0a:91:13: 8a:ff:fd:d8:21:65:bf:ff:60:2e:68:c9:5c:d3:e9: 6c:77:a4:8b:7b:27:5c:37:39:f8:b4:1e:a3:3f:9c: 51:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:A3:E9:FF:A5:5C:A5:B3:03:23:DF:94:FE:5D:8C:24:B8:90:E4:38 X509v3 Authority Key Identifier: keyid:28:F5:E6:5D:75:05:96:1D:C5:50:A9:49:24:DB:CE:FB:B6:76:94:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:04:84:02:87:39:1a:8d:76:2f:14:23:53:18:d8:ac:2f:6a: 20:c0:d4:fd:3b:77:5a:8c:07:ee:c7:22:6e:e3:55:39:85:26: c8:cc:f2:59:ef:43:9a:7a:2e:10:dc:5d:8f:d7:11:4c:58:c4: 4a:a2:1b:71:93:48:a4:11:a5:e2:18:c5:bf:dc:24:e8:9e:6e: f9:f8:50:e2:0c:58:6d:a2:a0:c8:a3:e6:e8:0b:aa:e3:bf:15: a4:ef:49:85:4c:ee:97:55:ba:53:6a:41:7f:16:61:b0:23:6d: 20:6c:74:66:8d:eb:3e:99:45:8e:74:3d:85:f7:3c:5e:33:cc: 53:5e:85:85:5c:43:aa:eb:f9:90:1d:42:b2:52:09:02:e7:24: 3c:21:0b:2d:35:ef:ac:43:47:9c:59:75:71:ba:f6:ca:dd:d6: 9d:08:a4:32:3b:19:77:70:ce:0c:44:24:07:aa:f3:99:5c:2c: 63:91:f0:92:75:dd:40:e2:55:67:2a:ef:85:98:9a:c3:e1:c7: e0:c0:15:2f:a6:b1:c0:b9:61:f0:64:cb:ee:1b:0c:ef:2e:fe: ac:9c:d4:22:a3:75:12:1b:e6:43:64:2f:c7:9f:df:e2:fc:51: e0:42:f6:e6:69:ec:71:54:8f:e1:5b:f8:2f:72:29:b2:28:70: 09:2a:17:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNDMjIxMTAvBgNVBAUTKDI4RjVFNjVENzUwNTk2MURDNTUwQTk0OTI0REJDRUZC QjY3Njk0QkQwHhcNMjUwNDI0MTcyODE0WhcNMjUwNTAxMTcyODE0WjAYMRYwFAYD VQQDEw02ODBhNzRhZi1lYzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2VXJt+KSSg8+tGokY3y51abnLfnIw2knd/apfTicfujHdYi32UUefyymJt8K E+YQXN4RqXSpEtJXodjYhA5NRmH5XI5by0+zkavG/06gEa1rOyGXxv4Kg84zHhQG xiRn7QZWZxMaNZYw2et5ZM1yWJ7bSxSG/bIu7TL1ga+m/nMz3DcZVtjIkQhfB9jS GPeKu7KPhxLGkY+NzPFsyMJMrWEN3IwnZ8L/7ZF1V0gqZbaiWC+EwpmpDcr1UJZ7 gxtg6QrXg9r9NdSgzfPfJcww1xBoaoTYjca9jKJ9g9EKkROK//3YIWW//2AuaMlc 0+lsd6SLeydcNzn4tB6jP5xR/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIuj6f+l XKWzAyPflP5djCS4kOQ4MB8GA1UdIwQYMBaAFCj15l11BZYdxVCpSSTbzvu2dpS9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0MyMi82OTA2QzZGQTRD NzQxMUU5QjdDNEJCNTVDNEY5QUUwMi9LUFhtWFhVRmxoM0ZVS2xKSk52Ty03WjJs TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQWG1YWFVGbGgzRlVLbEpKTnZPLTdaMmxMMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0MyMi82OTA2QzZGQTRDNzQxMUU5QjdDNEJCNTVDNEY5QUUwMi9LUFhtWFhVRmxo M0ZVS2xKSk52Ty03WjJsTDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnBIQChzkajXYvFCNTGNisL2ogwNT9O3dajAfuxyJu41U5hSbIzPJZ 70Oaei4Q3F2P1xFMWMRKohtxk0ikEaXiGMW/3CTonm75+FDiDFhtoqDIo+boC6rj vxWk70mFTO6XVbpTakF/FmGwI20gbHRmjes+mUWOdD2F9zxeM8xTXoWFXEOq6/mQ HUKyUgkC5yQ8IQstNe+sQ0ecWXVxuvbK3dadCKQyOxl3cM4MRCQHqvOZXCxjkfCS dd1A4lVnKu+FmJrD4cfgwBUvprHAuWHwZMvuGwzvLv6snNQio3USG+ZDZC/Hn9/i /FHgQvbmaexxVI/hW/gvcimyKHAJKhd0 -----END CERTIFICATE-----Generated at Sat Apr 26 15:10:25 2025 by rpki-client