$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADD64/4EB2B428134B11EF94424D3DC4F9AE02/_Kk1XBq-QE8_PPUZL9NLEloAvxs.mft File: _Kk1XBq-QE8_PPUZL9NLEloAvxs.mft (raw, json) Hash identifier: sDe9OF9okZNiEqJa9A9UeTpxTIG8/vaih7XNeacbaGA= Subject key identifier: C7:B3:BF:2B:87:71:C0:7D:9C:FB:C9:EF:ED:7F:60:75:39:E5:81:F2 Authority key identifier: FC:A9:35:5C:1A:BE:40:4F:3F:3C:F5:19:2F:D3:4B:12:5A:00:BF:1B Certificate issuer: /CN=A91ADD64/serialNumber=FCA9355C1ABE404F3F3CF5192FD34B125A00BF1B Certificate serial: B5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_Kk1XBq-QE8_PPUZL9NLEloAvxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADD64/4EB2B428134B11EF94424D3DC4F9AE02/_Kk1XBq-QE8_PPUZL9NLEloAvxs.mft Manifest number: B3 Signing time: Fri 25 Apr 2025 05:02:07 +0000 Manifest this update: Fri 25 Apr 2025 05:02:06 +0000 Manifest next update: Fri 02 May 2025 05:02:06 +0000 Files and hashes: 1: _Kk1XBq-QE8_PPUZL9NLEloAvxs.crl (hash: /uc1OTlQcS8PbmST0zq/BtGs71udDulZ5et+KfVN2E4=) 2: A6517530169211EFAB613573C4F9AE02.roa (hash: Zxzeh4q4VkESn3Z7raXtN0Zp81DqVYf4hpDfFCFFI9k=) 3: 3A888D52169211EFA5AAE55DC4F9AE02.roa (hash: y5vzdVwz2vO4UUjqXhgJrAbkJMOOhUCaiYsAl7OwvQo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADD64/4EB2B428134B11EF94424D3DC4F9AE02/_Kk1XBq-QE8_PPUZL9NLEloAvxs.crl rsync://rpki.apnic.net/member_repository/A91ADD64/4EB2B428134B11EF94424D3DC4F9AE02/_Kk1XBq-QE8_PPUZL9NLEloAvxs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_Kk1XBq-QE8_PPUZL9NLEloAvxs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:02:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 181 (0xb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADD64, serialNumber=FCA9355C1ABE404F3F3CF5192FD34B125A00BF1B Validity Not Before: Apr 25 05:02:06 2025 GMT Not After : May 2 05:02:06 2025 GMT Subject: CN=680b174e-2425 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:15:e1:fd:15:ce:2a:26:40:36:ce:6d:71:41: 73:dd:aa:80:6e:4c:7a:36:e6:c4:d5:b1:b3:47:b5: 54:48:d9:e2:8f:cf:98:af:6d:10:52:8c:95:1f:56: f8:30:db:ef:10:28:c8:fa:b2:66:6c:88:93:06:e0: 96:ba:c0:ac:21:4e:d4:dc:5f:dd:e7:6f:ea:d7:cf: 80:35:c5:80:fb:ff:e1:22:c4:30:42:f7:59:ad:21: 57:20:5f:87:4b:f5:9d:39:64:07:02:4d:b6:51:ba: 3a:78:3c:44:f6:c8:e3:6f:76:97:ab:32:75:e9:0a: 12:f3:80:9f:1a:b5:e5:80:a8:48:6d:c5:7d:e9:3a: a3:27:ae:f4:29:b2:08:f5:57:1c:c7:63:91:74:47: fd:81:b1:75:7c:a5:5b:b7:a4:9c:01:16:51:95:a7: fd:ed:fa:a8:87:db:40:c3:59:3e:f9:24:c9:82:8f: 7c:ed:d0:37:5a:ea:80:c6:c4:d0:c0:dd:cf:a3:34: ae:b5:e8:47:6d:ec:39:92:fb:f5:1e:b3:36:49:ef: 62:2b:8e:79:3b:ae:c0:77:ae:7b:99:80:2a:7c:68: e2:68:9a:b1:57:47:e5:75:b7:f3:6d:db:14:a0:27: 85:45:41:df:02:fa:c3:b3:0d:92:57:3a:a2:0c:b6: 25:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B3:BF:2B:87:71:C0:7D:9C:FB:C9:EF:ED:7F:60:75:39:E5:81:F2 X509v3 Authority Key Identifier: keyid:FC:A9:35:5C:1A:BE:40:4F:3F:3C:F5:19:2F:D3:4B:12:5A:00:BF:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADD64/4EB2B428134B11EF94424D3DC4F9AE02/_Kk1XBq-QE8_PPUZL9NLEloAvxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_Kk1XBq-QE8_PPUZL9NLEloAvxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADD64/4EB2B428134B11EF94424D3DC4F9AE02/_Kk1XBq-QE8_PPUZL9NLEloAvxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:34:4d:5b:de:23:24:7f:90:d7:1d:ff:35:e2:0d:b5:19:8e: 3d:da:e1:75:1c:1e:b0:f5:35:7a:cf:d7:c0:dc:2c:15:7e:10: 0c:c3:c8:b7:bd:bd:4a:7a:71:65:f4:e5:f6:b2:80:60:6e:11: 64:fb:a8:95:9a:98:ce:22:6a:4a:2e:40:a3:64:68:95:d7:9d: 92:08:ff:44:74:cb:3c:ea:f8:87:a5:27:85:15:74:f2:c0:a6: 4e:fb:82:a5:19:d7:18:18:3c:ab:c8:44:21:67:79:54:aa:ca: df:12:9f:f7:a9:18:76:7b:f2:79:fb:55:db:32:04:ab:b9:3c: 35:da:8f:5c:3c:f6:d6:a6:5b:85:33:6d:ca:e9:37:3e:66:48: 85:3a:33:69:34:8c:6d:08:56:ed:e6:4b:39:00:c2:ad:3a:5a: e9:93:02:14:a7:c3:20:5d:14:52:08:8c:35:35:ed:83:82:f8: 8d:f3:39:20:8c:0f:28:7d:e1:56:95:22:38:cb:a3:b1:63:b7: dd:b1:0b:27:b8:ab:e3:09:b8:35:fb:c4:81:47:1e:a7:9d:86: 21:0f:94:3a:d6:c5:46:b4:b3:41:0d:17:4f:85:79:fe:3e:06: df:b2:2e:60:e4:84:01:d1:5d:70:70:65:ed:40:b0:71:ee:03: 4b:e4:52:2c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURENjQxMTAvBgNVBAUTKEZDQTkzNTVDMUFCRTQwNEYzRjNDRjUxOTJGRDM0QjEy NUEwMEJGMUIwHhcNMjUwNDI1MDUwMjA2WhcNMjUwNTAyMDUwMjA2WjAYMRYwFAYD VQQDEw02ODBiMTc0ZS0yNDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArBXh/RXOKiZANs5tcUFz3aqAbkx6NubE1bGzR7VUSNnij8+Yr20QUoyVH1b4 MNvvECjI+rJmbIiTBuCWusCsIU7U3F/d52/q18+ANcWA+//hIsQwQvdZrSFXIF+H S/WdOWQHAk22Ubo6eDxE9sjjb3aXqzJ16QoS84CfGrXlgKhIbcV96TqjJ670KbII 9Vccx2ORdEf9gbF1fKVbt6ScARZRlaf97fqoh9tAw1k++STJgo987dA3WuqAxsTQ wN3PozSutehHbew5kvv1HrM2Se9iK455O67Ad657mYAqfGjiaJqxV0fldbfzbdsU oCeFRUHfAvrDsw2SVzqiDLYlMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMezvyuH ccB9nPvJ7+1/YHU55YHyMB8GA1UdIwQYMBaAFPypNVwavkBPPzz1GS/TSxJaAL8b MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREQ2NC80RUIyQjQyODEz NEIxMUVGOTQ0MjREM0RDNEY5QUUwMi9fS2sxWEJxLVFFOF9QUFVaTDlOTEVsb0F2 eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL19LazFYQnEtUUU4X1BQVVpMOU5MRWxvQXZ4cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB REQ2NC80RUIyQjQyODEzNEIxMUVGOTQ0MjREM0RDNEY5QUUwMi9fS2sxWEJxLVFF OF9QUFVaTDlOTEVsb0F2eHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeNE1b3iMkf5DXHf814g21GY492uF1HB6w9TV6z9fA3CwVfhAMw8i3 vb1KenFl9OX2soBgbhFk+6iVmpjOImpKLkCjZGiV152SCP9EdMs86viHpSeFFXTy wKZO+4KlGdcYGDyryEQhZ3lUqsrfEp/3qRh2e/J5+1XbMgSruTw12o9cPPbWpluF M23K6Tc+ZkiFOjNpNIxtCFbt5ks5AMKtOlrpkwIUp8MgXRRSCIw1Ne2DgviN8zkg jA8ofeFWlSI4y6OxY7fdsQsnuKvjCbg1+8SBRx6nnYYhD5Q61sVGtLNBDRdPhXn+ Pgbfsi5g5IQB0V1wcGXtQLBx7gNL5FIs -----END CERTIFICATE-----Generated at Sat Apr 26 17:11:07 2025 by rpki-client