$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft File: kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft (raw, json) Hash identifier: NtsQbqgsoJYIPlrUtBw4lqS/iUyscu7mblzz0i/TEK0= Subject key identifier: 88:62:87:E4:10:C9:DC:82:34:84:B2:19:F4:7D:19:C7:EE:44:1D:BE Authority key identifier: 91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 Certificate issuer: /CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Certificate serial: 01B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft Manifest number: 01A3 Signing time: Fri 25 Apr 2025 02:40:22 +0000 Manifest this update: Fri 25 Apr 2025 02:40:21 +0000 Manifest next update: Fri 02 May 2025 02:40:21 +0000 Files and hashes: 1: kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl (hash: 3IE/PD5RnBjR6peJsDr2U/jO2ziaNidi16seqWEOaYc=) 2: F96174ECC27D11EDB8226F2DC4F9AE02.roa (hash: kXeNIsHETQcXUic6LYufG6XvgVMVgH9sGtHQdmkZT90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:40:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 440 (0x1b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB6E3, serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Validity Not Before: Apr 25 02:40:21 2025 GMT Not After : May 2 02:40:21 2025 GMT Subject: CN=680af616-b49a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:55:0e:18:ff:97:1f:cd:e9:1f:29:95:08:93: 4c:c7:e1:dd:4f:43:00:eb:b1:e0:ab:6a:d5:af:a0: f8:20:51:22:66:93:69:a0:f5:5c:95:b4:33:38:eb: 68:10:dd:15:a8:08:a3:93:8b:18:64:a0:32:bb:4d: b2:b4:0d:42:f3:24:a8:a9:a6:be:c2:52:2e:79:bf: de:01:33:64:fc:b0:8f:37:5c:60:72:48:56:fc:e4: a5:77:8c:ff:81:e3:81:f4:95:18:7b:76:71:0a:66: 3c:27:e6:c5:b8:44:35:db:77:04:cc:ce:23:f0:58: 46:45:69:5c:3d:9b:aa:2b:56:6c:1d:d1:b2:85:73: 87:a8:28:b7:88:a0:c8:ef:5a:b4:2a:d5:a4:01:f9: 0f:9e:6c:41:f0:06:de:5c:2c:10:49:5e:b1:8f:0b: cc:d7:15:93:61:64:04:73:50:16:c6:9d:be:90:b9: c6:23:cc:34:af:35:2e:cb:46:cc:f8:11:08:66:12: a6:a0:c6:05:1a:69:d9:a3:b7:d0:52:8f:5d:2b:fe: f6:11:61:e6:ac:20:21:ce:ce:0b:02:e0:ad:69:86: 9b:66:53:f4:70:cf:2d:cc:72:04:4c:5e:a7:83:7b: 87:74:56:3e:11:0b:24:02:5a:5f:71:a6:26:ec:aa: c3:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:62:87:E4:10:C9:DC:82:34:84:B2:19:F4:7D:19:C7:EE:44:1D:BE X509v3 Authority Key Identifier: keyid:91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:16:28:4d:58:7e:2d:5b:96:6d:93:9e:66:52:c4:06:a9:cf: 57:c1:0c:d9:c2:3f:e0:60:a2:34:fe:e8:bd:75:64:4c:9e:bf: 18:5b:2d:e4:35:f8:fc:29:90:b1:11:48:bd:8c:15:ee:20:8a: 3d:4e:0e:f9:d7:ac:70:1d:d0:90:ee:c0:ee:16:6c:f7:7c:e0: 8b:e0:6f:5c:c7:60:db:cf:69:23:d2:78:d5:1c:72:ed:47:1f: 22:d2:51:1d:b2:9f:77:2c:24:91:0d:5f:aa:bd:d5:ce:a3:a5: 6c:42:1a:34:26:d5:66:cb:90:29:9f:aa:4f:55:f5:19:79:cb: 84:27:7a:4b:4f:a3:5a:dc:37:7c:f6:90:af:bb:a6:45:4c:3e: b7:6d:d0:2f:84:37:da:4b:e8:c5:7c:53:80:6d:56:c3:28:e3: fb:99:d2:42:3d:42:27:6e:12:07:86:4f:06:4a:0f:e1:3f:0e: 57:b5:79:73:e6:46:82:3d:b4:be:b8:1b:62:fd:21:64:9a:9c: 40:42:e9:c6:1b:16:6d:e9:77:e8:79:ce:37:74:a0:21:b4:52: 28:0e:38:ba:e4:75:05:dd:98:52:fe:36:6f:ea:1b:9e:c1:33: 7c:5d:99:16:6e:7b:ef:2a:16:b4:5f:8d:73:d0:c4:6d:03:cb: 23:ac:c2:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI2RTMxMTAvBgNVBAUTKDkxOUZBODE5QjJGRkYxNDU1MjFBRjY2NDAzNTI3OEU3 RTc5MTRBNDkwHhcNMjUwNDI1MDI0MDIxWhcNMjUwNTAyMDI0MDIxWjAYMRYwFAYD VQQDEw02ODBhZjYxNi1iNDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyFUOGP+XH83pHymVCJNMx+HdT0MA67Hgq2rVr6D4IFEiZpNpoPVclbQzOOto EN0VqAijk4sYZKAyu02ytA1C8ySoqaa+wlIueb/eATNk/LCPN1xgckhW/OSld4z/ geOB9JUYe3ZxCmY8J+bFuEQ123cEzM4j8FhGRWlcPZuqK1ZsHdGyhXOHqCi3iKDI 71q0KtWkAfkPnmxB8AbeXCwQSV6xjwvM1xWTYWQEc1AWxp2+kLnGI8w0rzUuy0bM +BEIZhKmoMYFGmnZo7fQUo9dK/72EWHmrCAhzs4LAuCtaYabZlP0cM8tzHIETF6n g3uHdFY+EQskAlpfcaYm7KrDrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhih+QQ ydyCNISyGfR9GcfuRB2+MB8GA1UdIwQYMBaAFJGfqBmy//FFUhr2ZANSeOfnkUpJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZFMy9BMjJDODE0Q0My NzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhVVlNHdlprQTFKNDUtZVJT a2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2taLW9HYkxfOFVWU0d2WmtBMUo0NS1lUlNray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjZFMy9BMjJDODE0Q0MyNzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhV VlNHdlprQTFKNDUtZVJTa2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASFihNWH4tW5Ztk55mUsQGqc9XwQzZwj/gYKI0/ui9dWRMnr8YWy3k Nfj8KZCxEUi9jBXuIIo9Tg7516xwHdCQ7sDuFmz3fOCL4G9cx2Dbz2kj0njVHHLt Rx8i0lEdsp93LCSRDV+qvdXOo6VsQho0JtVmy5Apn6pPVfUZecuEJ3pLT6Na3Dd8 9pCvu6ZFTD63bdAvhDfaS+jFfFOAbVbDKOP7mdJCPUInbhIHhk8GSg/hPw5XtXlz 5kaCPbS+uBti/SFkmpxAQunGGxZt6Xfoec43dKAhtFIoDji65HUF3ZhS/jZv6hue wTN8XZkWbnvvKha0X41z0MRtA8sjrMKE -----END CERTIFICATE-----Generated at Sat Apr 26 05:51:48 2025 by rpki-client