$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.mft File: KYEeHbBovbur-3q2lfhYmL1hjGk.mft (raw, json) Hash identifier: 8kJBUQ5yCTCKPJ4WJRQXgZHQVTcS2wDuAbx/RbWB23w= Subject key identifier: FD:0A:A7:32:80:AE:12:B0:CA:0F:D3:EE:83:D1:8F:70:71:FF:A4:96 Authority key identifier: 29:81:1E:1D:B0:68:BD:BB:AB:FB:7A:B6:95:F8:58:98:BD:61:8C:69 Certificate issuer: /CN=A91B0CAE/serialNumber=29811E1DB068BDBBABFB7AB695F85898BD618C69 Certificate serial: 012B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KYEeHbBovbur-3q2lfhYmL1hjGk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.mft Manifest number: 0128 Signing time: Wed 07 May 2025 03:49:45 +0000 Manifest this update: Wed 07 May 2025 03:49:44 +0000 Manifest next update: Wed 14 May 2025 03:49:44 +0000 Files and hashes: 1: KYEeHbBovbur-3q2lfhYmL1hjGk.crl (hash: JaJX+TE+uZh71s8ekt2IU1Jlf5bZrmEzr0HX1dNkOOE=) 2: 0B2052EA6D0D11EEA65D7522C4F9AE02.roa (hash: romYbuiWzdOqklzJCkUsUwW/w4kh63Rd2xMFubLjgPo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.crl rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KYEeHbBovbur-3q2lfhYmL1hjGk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 03:49:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 299 (0x12b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0CAE, serialNumber=29811E1DB068BDBBABFB7AB695F85898BD618C69 Validity Not Before: May 7 03:49:44 2025 GMT Not After : May 14 03:49:44 2025 GMT Subject: CN=681ad859-9206 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:55:89:1d:33:16:b1:28:53:b8:09:43:0f:00: 8c:e3:9d:42:60:37:fe:0e:a3:30:96:48:5b:0c:d0: aa:f4:60:4c:a1:2b:e3:1d:bf:8e:61:2c:d7:d1:ea: 45:70:41:30:95:0a:17:ff:af:a9:75:15:b0:2a:e3: 5e:c1:ba:27:72:ab:49:57:6a:76:7b:c7:75:46:ea: 25:91:93:03:ab:b4:fb:5d:d4:e9:c5:cc:61:ad:6e: 6f:c7:e9:0a:06:29:ae:4c:56:16:8c:93:7c:fe:b1: 63:1c:3e:7d:3b:58:65:74:13:9e:c7:6a:e2:8e:ad: 58:dd:21:1c:12:f1:83:f6:ef:2f:e2:ff:58:f6:b1: 30:f5:60:0e:48:d9:af:01:27:61:22:8b:8f:b7:ea: 18:15:97:46:8b:a8:b4:4b:00:a1:f7:af:15:30:ac: e4:10:e0:34:f1:41:86:ae:36:a0:2e:01:34:e6:07: 07:a0:6b:07:ae:3e:67:f8:4b:c0:01:81:c4:b8:0d: f0:51:5d:b1:e7:f1:99:7b:cb:35:84:cf:03:09:a5: 6c:1d:4c:fe:0d:90:48:23:e8:d8:0e:06:c3:d5:02: 1d:f5:97:20:1e:3d:47:7f:7f:9c:56:a8:e0:39:c1: 4f:3a:62:41:a2:f7:da:ba:12:bf:da:ce:9a:4b:11: c0:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:0A:A7:32:80:AE:12:B0:CA:0F:D3:EE:83:D1:8F:70:71:FF:A4:96 X509v3 Authority Key Identifier: keyid:29:81:1E:1D:B0:68:BD:BB:AB:FB:7A:B6:95:F8:58:98:BD:61:8C:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KYEeHbBovbur-3q2lfhYmL1hjGk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:1c:82:f1:70:52:42:a0:2d:5c:75:0e:ee:39:69:ab:c5:15: c9:df:3b:7e:c9:08:d0:c5:09:10:65:a8:ec:91:28:f2:8e:7d: d4:22:53:15:01:9f:cb:31:9c:5d:f9:2f:71:28:35:d6:19:70: eb:6c:d8:12:95:d6:0d:0b:50:d1:66:8f:60:7a:b2:8f:f7:61: 81:3f:fa:f5:f7:45:52:2b:e1:13:9a:9f:34:09:88:87:1e:55: a5:e0:4e:1e:de:88:b9:30:52:75:cd:5a:7d:76:ef:b0:52:27: 9f:76:1e:ff:da:ab:07:90:d3:26:82:82:9b:bf:5b:72:06:67: d7:64:73:3b:75:4c:1b:8b:ed:86:0b:7d:e6:e7:d4:dc:79:23: 8d:92:8c:f7:5d:fc:e6:cb:32:ba:d9:2c:95:52:52:9a:e1:21: 82:94:b3:dd:08:67:ab:22:e7:48:54:1f:46:38:d6:06:76:9d: 0a:9a:ac:03:c1:2c:10:ea:84:5b:04:15:36:08:bd:e4:5c:1f: 55:92:e2:e7:37:b9:81:31:5a:97:f1:0b:f1:05:c1:75:16:55: a0:45:48:bf:58:02:9a:cb:b8:43:87:c5:73:45:fc:15:f5:9c: a2:78:4d:d2:64:80:d9:fd:29:91:e2:0a:8e:cd:3d:51:05:80: a1:07:fb:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjBDQUUxMTAvBgNVBAUTKDI5ODExRTFEQjA2OEJEQkJBQkZCN0FCNjk1Rjg1ODk4 QkQ2MThDNjkwHhcNMjUwNTA3MDM0OTQ0WhcNMjUwNTE0MDM0OTQ0WjAYMRYwFAYD VQQDEw02ODFhZDg1OS05MjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAylWJHTMWsShTuAlDDwCM451CYDf+DqMwlkhbDNCq9GBMoSvjHb+OYSzX0epF cEEwlQoX/6+pdRWwKuNewboncqtJV2p2e8d1RuolkZMDq7T7XdTpxcxhrW5vx+kK BimuTFYWjJN8/rFjHD59O1hldBOex2rijq1Y3SEcEvGD9u8v4v9Y9rEw9WAOSNmv ASdhIouPt+oYFZdGi6i0SwCh968VMKzkEOA08UGGrjagLgE05gcHoGsHrj5n+EvA AYHEuA3wUV2x5/GZe8s1hM8DCaVsHUz+DZBII+jYDgbD1QId9ZcgHj1Hf3+cVqjg OcFPOmJBovfauhK/2s6aSxHAhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP0KpzKA rhKwyg/T7oPRj3Bx/6SWMB8GA1UdIwQYMBaAFCmBHh2waL27q/t6tpX4WJi9YYxp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMENBRS83QzY0NEVFNjZB NzExMUVFQTVCNENCMjZDNEY5QUUwMi9LWUVlSGJCb3ZidXItM3EybGZoWW1MMWhq R2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tZRWVIYkJvdmJ1ci0zcTJsZmhZbUwxaGpHay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MENBRS83QzY0NEVFNjZBNzExMUVFQTVCNENCMjZDNEY5QUUwMi9LWUVlSGJCb3Zi dXItM3EybGZoWW1MMWhqR2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuHILxcFJCoC1cdQ7uOWmrxRXJ3zt+yQjQxQkQZajskSjyjn3UIlMV AZ/LMZxd+S9xKDXWGXDrbNgSldYNC1DRZo9gerKP92GBP/r190VSK+ETmp80CYiH HlWl4E4e3oi5MFJ1zVp9du+wUiefdh7/2qsHkNMmgoKbv1tyBmfXZHM7dUwbi+2G C33m59TceSONkoz3XfzmyzK62SyVUlKa4SGClLPdCGerIudIVB9GONYGdp0KmqwD wSwQ6oRbBBU2CL3kXB9VkuLnN7mBMVqX8QvxBcF1FlWgRUi/WAKay7hDh8VzRfwV 9ZyieE3SZIDZ/SmR4gqOzT1RBYChB/vP -----END CERTIFICATE-----Generated at Thu May 8 12:12:59 2025 by rpki-client