$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft File: K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft (raw, json) Hash identifier: qhc29nDFirYHmBS9jslOtwbxbWYDVRgs4ACEKP1CDuE= Subject key identifier: 43:F1:6A:B1:E7:6D:5C:BE:9C:B5:CE:69:F1:64:14:AA:44:23:F9:5E Authority key identifier: 2B:CA:12:D4:6D:46:11:ED:6E:F1:88:6F:36:44:68:DF:3D:02:ED:E5 Certificate issuer: /CN=A91AE25A/serialNumber=2BCA12D46D4611ED6EF1886F364468DF3D02EDE5 Certificate serial: 013D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8oS1G1GEe1u8YhvNkRo3z0C7eU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft Manifest number: 013B Signing time: Fri 25 Apr 2025 03:29:54 +0000 Manifest this update: Fri 25 Apr 2025 03:29:54 +0000 Manifest next update: Fri 02 May 2025 03:29:54 +0000 Files and hashes: 1: K8oS1G1GEe1u8YhvNkRo3z0C7eU.crl (hash: P1cD4zNIAEHeEP3cbak82/2EXT563Klf6Ay7+frm/9A=) 2: AB366D1C409611EE92C55F40C4F9AE02.roa (hash: SQk3Brop+Id762Ic4sBigwZBA29XCDN62FCzcjcGNd0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.crl rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8oS1G1GEe1u8YhvNkRo3z0C7eU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:29:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 317 (0x13d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE25A, serialNumber=2BCA12D46D4611ED6EF1886F364468DF3D02EDE5 Validity Not Before: Apr 25 03:29:54 2025 GMT Not After : May 2 03:29:54 2025 GMT Subject: CN=680b01b2-8249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3f:e6:dc:e7:33:cc:89:5e:f7:23:c9:d3:52: 03:70:05:bd:3e:d9:34:d9:df:df:41:7e:6d:e4:a9: f8:a5:7d:d5:2c:11:0e:59:90:f2:c4:06:33:76:c0: 69:4a:aa:83:18:8c:37:a9:c3:a3:d1:cb:b0:31:f6: 05:ed:b5:77:27:41:61:de:be:89:6c:66:b0:f8:b2: 11:eb:46:9c:d5:78:31:26:d9:e8:19:74:bb:a2:4b: f4:f0:29:10:60:29:86:2c:04:4c:23:d1:79:7e:af: ee:bb:ee:02:1c:3a:46:03:fa:00:d2:f9:88:68:f9: 43:09:d1:21:18:a8:c1:1c:79:a4:f9:41:65:16:fe: 25:07:8f:52:bb:a8:f2:00:78:a1:a1:bb:b6:ee:47: ea:23:e1:ca:9d:fa:fb:83:fa:de:65:cd:0b:a8:73: 05:93:f0:84:5f:ac:00:96:cd:f5:97:69:04:10:35: f8:e2:e6:0c:d5:69:b9:a3:8a:b5:63:82:a6:05:ea: 01:29:83:94:ba:12:f6:14:ed:81:4f:35:f2:2b:a7: cf:89:d8:11:f8:e2:9c:93:fe:92:ab:09:5c:1a:6c: 5b:34:43:bc:12:92:39:de:92:c4:95:f7:13:69:31: 50:5e:d0:09:7b:f3:87:85:ae:52:c1:31:1b:2b:07: 27:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:F1:6A:B1:E7:6D:5C:BE:9C:B5:CE:69:F1:64:14:AA:44:23:F9:5E X509v3 Authority Key Identifier: keyid:2B:CA:12:D4:6D:46:11:ED:6E:F1:88:6F:36:44:68:DF:3D:02:ED:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8oS1G1GEe1u8YhvNkRo3z0C7eU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:35:1a:de:3a:46:2c:f0:a8:59:ee:35:64:d4:82:ca:b9:78: 10:6f:e3:be:44:7e:d0:46:67:31:23:9d:44:4c:5b:e3:66:b1: 8b:23:11:6c:c3:6b:d6:bd:ac:d2:2b:d0:00:32:a9:81:78:8d: c8:2b:b5:63:03:ad:31:76:21:54:f1:e6:d2:9e:d7:c9:fb:ce: fb:71:a8:07:e8:b8:23:ba:84:90:73:5e:1a:47:fc:40:a1:57: bc:25:53:9c:89:94:50:4b:bc:5a:ab:d9:63:c2:bd:68:9e:cd: d8:30:70:c3:18:30:5f:80:e1:47:af:08:4e:80:84:b3:ad:9b: 54:db:a5:db:49:a3:34:03:27:db:87:05:04:2c:a6:a2:5b:ef: 30:42:ba:08:68:14:9f:88:c3:87:8d:a7:1b:ef:0b:07:a4:6a: d9:a9:80:14:ad:53:05:f8:bb:b5:68:1d:e4:18:c0:d6:26:ca: be:ea:02:d9:82:81:c1:e0:12:ec:49:c9:00:91:3e:f1:2d:1f: 7c:ed:3a:e3:1b:56:94:d0:3d:1c:cb:68:45:eb:aa:db:6f:64: 9e:de:92:b4:a3:bf:dc:0b:0b:99:c1:fc:24:2e:5c:69:9b:63: e9:e5:5a:31:af:8c:8e:60:8b:cc:9d:9b:23:36:df:cd:b5:f5: 4b:98:e5:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUUyNUExMTAvBgNVBAUTKDJCQ0ExMkQ0NkQ0NjExRUQ2RUYxODg2RjM2NDQ2OERG M0QwMkVERTUwHhcNMjUwNDI1MDMyOTU0WhcNMjUwNTAyMDMyOTU0WjAYMRYwFAYD VQQDEw02ODBiMDFiMi04MjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqT/m3OczzIle9yPJ01IDcAW9Ptk02d/fQX5t5Kn4pX3VLBEOWZDyxAYzdsBp SqqDGIw3qcOj0cuwMfYF7bV3J0Fh3r6JbGaw+LIR60ac1XgxJtnoGXS7okv08CkQ YCmGLARMI9F5fq/uu+4CHDpGA/oA0vmIaPlDCdEhGKjBHHmk+UFlFv4lB49Su6jy AHihobu27kfqI+HKnfr7g/reZc0LqHMFk/CEX6wAls31l2kEEDX44uYM1Wm5o4q1 Y4KmBeoBKYOUuhL2FO2BTzXyK6fPidgR+OKck/6SqwlcGmxbNEO8EpI53pLElfcT aTFQXtAJe/OHha5SwTEbKwcnFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEPxarHn bVy+nLXOafFkFKpEI/leMB8GA1UdIwQYMBaAFCvKEtRtRhHtbvGIbzZEaN89Au3l MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTI1QS8yQzk2RjUwODQw OTYxMUVFQjQ2RTZGM0ZDNEY5QUUwMi9LOG9TMUcxR0VlMXU4WWh2TmtSbzN6MEM3 ZVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0s4b1MxRzFHRWUxdThZaHZOa1JvM3owQzdlVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTI1QS8yQzk2RjUwODQwOTYxMUVFQjQ2RTZGM0ZDNEY5QUUwMi9LOG9TMUcxR0Vl MXU4WWh2TmtSbzN6MEM3ZVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFNRreOkYs8KhZ7jVk1ILKuXgQb+O+RH7QRmcxI51ETFvjZrGLIxFs w2vWvazSK9AAMqmBeI3IK7VjA60xdiFU8ebSntfJ+877cagH6LgjuoSQc14aR/xA oVe8JVOciZRQS7xaq9ljwr1ons3YMHDDGDBfgOFHrwhOgISzrZtU26XbSaM0Ayfb hwUELKaiW+8wQroIaBSfiMOHjacb7wsHpGrZqYAUrVMF+Lu1aB3kGMDWJsq+6gLZ goHB4BLsSckAkT7xLR987TrjG1aU0D0cy2hF66rbb2Se3pK0o7/cCwuZwfwkLlxp m2Pp5Voxr4yOYIvMnZsjNt/NtfVLmOUa -----END CERTIFICATE-----Generated at Sat Apr 26 15:09:52 2025 by rpki-client