$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft File: kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft (raw, json) Hash identifier: mgiE9n+srgAy9fPeESNJUHUUhzPlPz7ugriig8CUdjE= Subject key identifier: D0:F6:1B:66:DD:14:F0:8B:42:CC:4F:25:B1:76:0D:8A:DB:91:74:14 Authority key identifier: 92:48:66:B4:0C:30:44:2D:69:6F:24:77:01:54:75:C5:F0:70:2A:C8 Certificate issuer: /CN=A91C6A35/serialNumber=924866B40C30442D696F2477015475C5F0702AC8 Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkhmtAwwRC1pbyR3AVR1xfBwKsg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft Manifest number: 34 Signing time: Fri 25 Apr 2025 06:36:31 +0000 Manifest this update: Fri 25 Apr 2025 06:36:31 +0000 Manifest next update: Fri 02 May 2025 06:36:31 +0000 Files and hashes: 1: kkhmtAwwRC1pbyR3AVR1xfBwKsg.crl (hash: f/upmf/Zfwm8l9NEJH97SNA8kN0L4Dpyp17CS/gost4=) 2: 06522672D49411EFA8DF5E69C4F9AE02.roa (hash: xnlYEk4KW2VhWwSazH9YyKPxeFaHVTp0cHWmf0iyBnI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.crl rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkhmtAwwRC1pbyR3AVR1xfBwKsg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:36:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6A35, serialNumber=924866B40C30442D696F2477015475C5F0702AC8 Validity Not Before: Apr 25 06:36:31 2025 GMT Not After : May 2 06:36:31 2025 GMT Subject: CN=680b2d6f-6df3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d9:c4:0f:8d:09:3a:24:e5:66:ea:f2:b0:08: cd:7a:e2:70:02:21:fd:57:91:b5:e9:7c:8e:68:7b: 53:fc:88:f9:77:5b:cb:b1:e5:cc:b3:4d:0a:55:f0: a2:99:7c:d2:66:69:13:47:6b:17:1e:c6:ac:61:3f: 74:03:91:9c:59:5b:db:48:bb:69:eb:4a:4f:1e:e2: c5:fe:06:42:8e:b0:c3:08:65:1c:fc:62:6f:b8:db: fe:f0:35:b0:a8:d7:66:e0:63:30:90:fd:33:89:e7: 02:00:b4:1e:6c:95:71:dc:33:7f:4f:08:0c:7d:63: 0c:7c:48:34:27:40:6a:44:d6:f2:a3:ff:8a:f0:73: 67:f3:99:19:13:94:bc:5a:4b:d4:7c:6d:72:6d:87: f4:94:7f:f8:96:79:a3:f5:fe:89:66:1f:49:5f:38: 62:f1:00:b2:c3:c6:82:fa:26:45:6c:26:70:ff:ce: ce:6e:8a:ed:c6:81:11:3c:7c:5f:4a:5c:c7:da:8c: 54:b2:5d:44:b4:79:5f:4e:9b:6e:86:c8:5e:36:f8: 53:9e:e3:3c:d5:bd:61:d3:85:2d:a2:44:48:96:42: fd:da:35:76:f6:7a:84:8d:cd:4b:98:a7:5c:b5:b4: 99:16:a4:e8:60:ca:2a:f2:76:3f:b6:d3:46:22:c7: a2:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:F6:1B:66:DD:14:F0:8B:42:CC:4F:25:B1:76:0D:8A:DB:91:74:14 X509v3 Authority Key Identifier: keyid:92:48:66:B4:0C:30:44:2D:69:6F:24:77:01:54:75:C5:F0:70:2A:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkhmtAwwRC1pbyR3AVR1xfBwKsg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:9c:23:7e:b7:72:48:be:1d:a7:db:6e:10:fe:03:0e:29:60: 96:fd:20:38:36:3c:84:ad:55:0b:79:2b:ce:95:09:91:9f:87: fb:e5:e4:b9:57:f5:26:dd:3f:2c:6d:83:3d:09:62:08:89:4e: 04:fa:b6:78:d0:03:12:0c:16:b0:df:86:a5:e2:95:60:00:28: 49:90:f6:99:fa:17:c1:b2:da:21:a9:d3:da:2d:a4:25:76:f7: 38:1f:4c:fe:ea:5b:12:f8:48:73:c9:0a:0f:f3:20:58:49:c6: 02:60:e3:ff:42:6a:06:03:43:02:fe:78:c4:0f:cc:09:3c:ae: 6b:c3:44:0c:b4:2c:74:0e:60:cc:6a:26:55:43:57:ca:b2:05: 91:e0:2e:3a:c0:5f:e2:ea:89:e9:0f:e9:b6:47:5e:b7:2c:70: 1d:e6:e3:4b:a9:37:d5:71:52:42:79:37:0e:d0:4c:ff:90:38: a3:40:7a:47:37:8b:50:79:e5:ea:11:06:92:cc:cb:35:5c:a4: a1:d9:38:ac:67:92:08:09:98:fe:d6:09:94:83:85:49:78:ca: b7:f8:d2:74:d9:56:c7:35:89:5d:c5:a1:fb:82:b4:63:e8:cd: d1:b9:e0:48:8d:05:4b:a6:60:b3:95:97:e8:10:40:9d:79:5c: f4:4f:af:0f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NkEzNTExMC8GA1UEBRMoOTI0ODY2QjQwQzMwNDQyRDY5NkYyNDc3MDE1NDc1QzVG MDcwMkFDODAeFw0yNTA0MjUwNjM2MzFaFw0yNTA1MDIwNjM2MzFaMBgxFjAUBgNV BAMTDTY4MGIyZDZmLTZkZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+2cQPjQk6JOVm6vKwCM164nACIf1XkbXpfI5oe1P8iPl3W8ux5cyzTQpV8KKZ fNJmaRNHaxcexqxhP3QDkZxZW9tIu2nrSk8e4sX+BkKOsMMIZRz8Ym+42/7wNbCo 12bgYzCQ/TOJ5wIAtB5slXHcM39PCAx9Ywx8SDQnQGpE1vKj/4rwc2fzmRkTlLxa S9R8bXJth/SUf/iWeaP1/olmH0lfOGLxALLDxoL6JkVsJnD/zs5uiu3GgRE8fF9K XMfajFSyXUS0eV9Om26GyF42+FOe4zzVvWHThS2iREiWQv3aNXb2eoSNzUuYp1y1 tJkWpOhgyirydj+200Yix6KHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0PYbZt0U 8ItCzE8lsXYNituRdBQwHwYDVR0jBBgwFoAUkkhmtAwwRC1pbyR3AVR1xfBwKsgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2QTM1Lzk5Mjc3ODQ2RDQ5 MjExRUZCNTY0REU2MkM0RjlBRTAyL2traG10QXd3UkMxcGJ5UjNBVlIxeGZCd0tz Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIva2tobXRBd3dSQzFwYnlSM0FWUjF4ZkJ3S3NnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2 QTM1Lzk5Mjc3ODQ2RDQ5MjExRUZCNTY0REU2MkM0RjlBRTAyL2traG10QXd3UkMx cGJ5UjNBVlIxeGZCd0tzZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD2cI363cki+HafbbhD+Aw4pYJb9IDg2PIStVQt5K86VCZGfh/vl5LlX 9SbdPyxtgz0JYgiJTgT6tnjQAxIMFrDfhqXilWAAKEmQ9pn6F8Gy2iGp09otpCV2 9zgfTP7qWxL4SHPJCg/zIFhJxgJg4/9CagYDQwL+eMQPzAk8rmvDRAy0LHQOYMxq JlVDV8qyBZHgLjrAX+LqiekP6bZHXrcscB3m40upN9VxUkJ5Nw7QTP+QOKNAekc3 i1B55eoRBpLMyzVcpKHZOKxnkggJmP7WCZSDhUl4yrf40nTZVsc1iV3FofuCtGPo zdG54EiNBUumYLOVl+gQQJ15XPRPrw8= -----END CERTIFICATE-----Generated at Sat Apr 26 16:57:26 2025 by rpki-client