$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft File: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft (raw, json) Hash identifier: BgB5gAUfJOw6GnXcNXa+G30zW8DgUry3+MxcoxIKwZY= Subject key identifier: 47:6D:2A:9A:5C:48:70:DE:0F:92:13:83:81:31:32:CF:23:FC:55:C3 Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 Certificate issuer: /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Certificate serial: 0729 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft Manifest number: 0712 Signing time: Thu 24 Apr 2025 21:43:48 +0000 Manifest this update: Thu 24 Apr 2025 21:43:48 +0000 Manifest next update: Thu 01 May 2025 21:43:48 +0000 Files and hashes: 1: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl (hash: 9xsYLaZhGyKFLrDzKiTyLoGif6S/e9YEOo/0/L1DBlY=) 2: C42CEC7ECC3611EF9C79665CC4F9AE02.roa (hash: +9I46oBmobqbn5rox7c5LlYsiP1+hncBa8w/SO0pYyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:43:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1833 (0x729) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5021, serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Validity Not Before: Apr 24 21:43:48 2025 GMT Not After : May 1 21:43:48 2025 GMT Subject: CN=680ab094-15f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:79:82:4a:76:8a:93:9d:bd:ed:cc:a5:9b:e0: 64:4c:de:e9:d9:69:88:e5:fd:ba:3d:fc:9a:fa:a1: 92:dd:97:b2:4d:be:6a:95:36:27:ed:54:f6:27:50: 56:c8:6f:de:88:1d:f6:d4:2a:b4:94:eb:88:8e:e7: 65:8b:2c:0e:dc:32:a7:12:23:4b:23:bc:82:0f:59: 04:40:1e:c5:66:e9:86:44:6d:da:82:b2:a3:54:f4: b3:95:8f:42:80:a2:ef:93:c0:30:cc:39:62:69:9a: 07:5c:11:70:b4:f6:73:b6:e8:db:94:03:0a:6e:9e: 60:01:c4:5e:cb:62:f4:90:13:c4:68:85:4f:f1:31: 7a:e8:67:cf:22:cf:1b:19:7e:d2:0b:a1:c1:01:c1: 18:9a:2d:e6:55:90:e8:ed:88:1f:66:7d:05:7b:4c: 03:dd:aa:b7:fd:d8:3c:0f:06:76:c1:6c:ba:7f:73: 27:18:c8:ea:ce:38:68:65:d3:fc:d2:83:79:72:d6: d6:a0:45:28:ec:cd:90:53:5c:ce:a1:f0:ea:b7:1c: b9:dc:50:cf:19:ac:84:19:e0:95:9d:bd:e4:9c:5f: 9c:f0:6f:03:e9:35:17:04:fe:8b:48:4d:a3:71:e8: 75:1f:b0:e5:5a:a8:be:df:5e:9b:03:11:77:ac:89: 07:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:6D:2A:9A:5C:48:70:DE:0F:92:13:83:81:31:32:CF:23:FC:55:C3 X509v3 Authority Key Identifier: keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:34:a7:bd:b9:16:0e:97:9b:91:ca:41:97:06:dc:a5:50:71: 66:c8:b7:11:50:1b:57:93:f7:fe:e2:8f:36:21:9f:41:bd:93: 8c:65:f9:48:bd:5f:8f:1c:3c:12:49:9a:72:46:a5:ca:70:f4: 84:67:c8:3c:0c:68:d1:d2:b5:7f:de:96:55:4e:4b:43:67:8e: bd:2e:bf:b6:d4:77:2f:43:29:09:95:c2:d4:b7:fe:b5:8c:17: 7b:7f:8d:ad:b4:57:d7:d2:85:35:43:95:0c:ea:99:e6:ba:37: 11:0a:68:a5:a0:65:81:e7:c8:71:13:4f:c4:b9:31:71:e5:0d: 4c:6c:b7:8d:98:fa:08:90:f4:d6:9a:2a:65:c0:fc:e3:ac:b5: f2:54:2b:21:ba:d3:ec:a0:e5:ab:c0:94:eb:7b:be:6d:66:2c: 44:08:a6:5b:0f:2a:95:c7:7f:fc:5f:e7:2a:63:f7:e5:3c:3e: 8a:eb:4e:a5:2f:9b:fb:16:82:07:ab:07:4d:39:22:6b:8b:03: a1:34:62:27:a8:84:11:0f:eb:74:de:91:84:35:e8:94:81:c5: b1:53:c2:11:07:21:bd:bb:b2:d2:09:98:9c:bb:7d:e0:0f:35: 15:76:f8:6b:a4:6f:9e:35:1a:f0:73:8f:6c:2a:80:09:70:ec: b1:3c:52:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF QjdEM0U5MDIwHhcNMjUwNDI0MjE0MzQ4WhcNMjUwNTAxMjE0MzQ4WjAYMRYwFAYD VQQDEw02ODBhYjA5NC0xNWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzXmCSnaKk5297cylm+BkTN7p2WmI5f26Pfya+qGS3ZeyTb5qlTYn7VT2J1BW yG/eiB321Cq0lOuIjudliywO3DKnEiNLI7yCD1kEQB7FZumGRG3agrKjVPSzlY9C gKLvk8AwzDliaZoHXBFwtPZztujblAMKbp5gAcRey2L0kBPEaIVP8TF66GfPIs8b GX7SC6HBAcEYmi3mVZDo7YgfZn0Fe0wD3aq3/dg8DwZ2wWy6f3MnGMjqzjhoZdP8 0oN5ctbWoEUo7M2QU1zOofDqtxy53FDPGayEGeCVnb3knF+c8G8D6TUXBP6LSE2j ceh1H7DlWqi+316bAxF3rIkHuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEdtKppc SHDeD5ITg4ExMs8j/FXDMB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2 UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTAyMS85QUZENDg2QzNCQkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhL TzZhanBLaDlhT25yZlQ2UUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBNKe9uRYOl5uRykGXBtylUHFmyLcRUBtXk/f+4o82IZ9BvZOMZflI vV+PHDwSSZpyRqXKcPSEZ8g8DGjR0rV/3pZVTktDZ469Lr+21HcvQykJlcLUt/61 jBd7f42ttFfX0oU1Q5UM6pnmujcRCmiloGWB58hxE0/EuTFx5Q1MbLeNmPoIkPTW miplwPzjrLXyVCshutPsoOWrwJTre75tZixECKZbDyqVx3/8X+cqY/flPD6K606l L5v7FoIHqwdNOSJriwOhNGInqIQRD+t03pGENeiUgcWxU8IRByG9u7LSCZicu33g DzUVdvhrpG+eNRrwc49sKoAJcOyxPFIJ -----END CERTIFICATE-----Generated at Sat Apr 26 05:04:33 2025 by rpki-client