$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: OYFE6xig5fanFQhJ0sVjcxqZrkd/C/kYTlhYDNz3gP4= Subject key identifier: 14:68:1F:A1:87:7F:1B:E8:45:3E:ED:BC:C8:4B:FE:1D:BD:C9:D6:35 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 0253 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 0247 Signing time: Fri 25 Apr 2025 01:39:52 +0000 Manifest this update: Fri 25 Apr 2025 01:39:52 +0000 Manifest next update: Fri 02 May 2025 01:39:52 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: D2T18GULVCrOUh1oGiGO26Nk+X2G3mHdy+CmaGmKDfM=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: bzrwDCcFjUbW1ddYfzBH2lmiEyj4Sa0r3rrfjXsh0+Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:39:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 595 (0x253) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Apr 25 01:39:52 2025 GMT Not After : May 2 01:39:52 2025 GMT Subject: CN=680ae7e8-df03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6a:58:b8:40:41:0c:6f:b5:02:1e:70:c6:a8: ec:87:cf:db:74:8a:ee:db:4e:78:a4:fe:56:1e:ee: 8e:75:e0:5c:12:4c:7e:65:7b:43:81:f6:6c:55:8c: 3b:ca:76:7f:01:87:bb:18:5d:c6:1f:64:76:2f:82: fb:84:7c:27:40:66:74:55:8b:8f:90:83:0b:2c:78: 5e:d4:f0:63:37:07:48:72:c3:07:33:13:84:4c:13: fd:d3:e7:f2:bf:40:23:f7:52:23:80:ea:11:01:28: a7:00:2d:fe:8f:1b:76:80:fb:4a:eb:c4:98:c2:03: 20:85:77:97:be:22:15:ac:1f:ad:e2:48:2f:d1:6b: fb:64:15:34:52:63:29:c2:00:80:b2:7a:8b:2e:f3: 83:77:ea:6e:a1:2b:dc:ef:fa:68:5d:c1:31:42:e8: fe:1a:e0:70:df:e2:4f:ca:39:44:b5:b1:78:63:4d: d6:37:82:f1:b5:62:12:88:81:96:7c:a5:dd:6d:fb: b8:af:f1:b2:c9:91:58:6c:98:3a:24:d2:2e:ae:22: ab:dc:fb:89:20:00:21:a4:72:5f:c4:37:98:05:b4: ee:80:fe:32:6c:4b:03:c7:e8:4f:fd:af:56:6c:df: d3:43:46:c0:9d:83:d3:4d:c8:e8:d7:49:a3:36:57: 81:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:68:1F:A1:87:7F:1B:E8:45:3E:ED:BC:C8:4B:FE:1D:BD:C9:D6:35 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ce:66:d5:c8:d3:df:93:70:10:82:43:eb:1a:2e:3d:60:e8:97: 64:7f:06:2e:12:18:bb:0f:3d:62:38:af:ef:4c:99:64:07:8a: 3f:a0:ad:82:d4:8f:09:6c:8c:58:37:6f:91:d7:db:37:45:ca: f6:78:a2:19:e1:f5:84:ad:5f:5c:18:c2:c9:13:2a:da:2d:6a: 52:48:e1:e7:07:98:8f:8a:13:9d:a9:3e:34:ff:22:ce:d2:2d: be:0c:ff:d8:71:d4:e2:03:82:eb:7d:e7:73:3a:73:e3:bc:30: 24:6c:d5:56:0c:e4:a5:14:38:7e:44:b6:58:eb:b2:2e:71:1d: b7:61:85:14:44:96:3a:d0:b5:3d:42:e6:23:0e:cf:2c:a4:2f: 2c:dc:20:0e:61:cd:f2:ae:a1:11:64:06:ae:7a:2a:bf:98:93: 2e:2d:da:7c:7a:c6:90:12:2c:26:fc:b1:50:07:5f:13:45:34: 0b:ab:b4:96:c6:37:50:77:8d:c2:09:2a:e0:b1:bb:f2:93:a4: dc:70:91:ca:a7:6d:25:7a:7f:09:47:06:70:06:76:b1:cb:b5: da:ea:b6:92:8a:c6:72:7d:e8:21:0f:5b:b7:6d:1a:00:d0:d5: be:cd:5c:fa:77:df:8a:00:cf:b5:cf:4d:fb:97:a9:db:e6:22: 23:83:d2:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUwNDI1MDEzOTUyWhcNMjUwNTAyMDEzOTUyWjAYMRYwFAYD VQQDEw02ODBhZTdlOC1kZjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA42pYuEBBDG+1Ah5wxqjsh8/bdIru2054pP5WHu6OdeBcEkx+ZXtDgfZsVYw7 ynZ/AYe7GF3GH2R2L4L7hHwnQGZ0VYuPkIMLLHhe1PBjNwdIcsMHMxOETBP90+fy v0Aj91IjgOoRASinAC3+jxt2gPtK68SYwgMghXeXviIVrB+t4kgv0Wv7ZBU0UmMp wgCAsnqLLvODd+puoSvc7/poXcExQuj+GuBw3+JPyjlEtbF4Y03WN4LxtWISiIGW fKXdbfu4r/GyyZFYbJg6JNIuriKr3PuJIAAhpHJfxDeYBbTugP4ybEsDx+hP/a9W bN/TQ0bAnYPTTcjo10mjNleBcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBRoH6GH fxvoRT7tvMhL/h29ydY1MB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDOZtXI09+TcBCCQ+saLj1g6JdkfwYuEhi7Dz1iOK/vTJlkB4o/oK2C 1I8JbIxYN2+R19s3Rcr2eKIZ4fWErV9cGMLJEyraLWpSSOHnB5iPihOdqT40/yLO 0i2+DP/YcdTiA4LrfedzOnPjvDAkbNVWDOSlFDh+RLZY67IucR23YYUURJY60LU9 QuYjDs8spC8s3CAOYc3yrqERZAaueiq/mJMuLdp8esaQEiwm/LFQB18TRTQLq7SW xjdQd43CCSrgsbvyk6TccJHKp20len8JRwZwBnaxy7Xa6raSisZyfeghD1u3bRoA 0NW+zVz6d9+KAM+1z037l6nb5iIjg9Kz -----END CERTIFICATE-----Generated at Sat Apr 26 04:58:14 2025 by rpki-client