$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft File: KHuwzWb71-W3qIumZ4kSTAsExXg.mft (raw, json) Hash identifier: khsPtcmtKt/Lm5u8KatCB/J3oP2loe6XKZHNsDFzI0A= Subject key identifier: 9F:D6:85:E8:DD:89:1D:B1:CC:A5:AD:D3:67:39:85:47:4E:91:84:AB Authority key identifier: 28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 Certificate issuer: /CN=A91EAE25/serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Certificate serial: 0B62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft Manifest number: 0B59 Signing time: Mon 28 Apr 2025 19:27:16 +0000 Manifest this update: Mon 28 Apr 2025 19:27:16 +0000 Manifest next update: Mon 05 May 2025 19:27:16 +0000 Files and hashes: 1: KHuwzWb71-W3qIumZ4kSTAsExXg.crl (hash: usTv+ddEIrDrolvCNKcwKb0NvCTfOT9XqpSDOCGh6xg=) 2: 2BA212DC306D11EA81D19B38C4F9AE02.roa (hash: rkLsb+deDCPqbk0gObiXfMhdhI5eY1I1eSaPovL0Epo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 19:27:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2914 (0xb62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE25, serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Validity Not Before: Apr 28 19:27:16 2025 GMT Not After : May 5 19:27:16 2025 GMT Subject: CN=680fd694-29a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:83:8d:13:91:1f:53:46:01:93:88:7a:76:66: e3:3e:05:1d:ab:86:de:b8:e8:28:ae:ac:3a:ad:d8: 21:71:fd:7f:ce:b9:76:b9:7c:6c:9d:21:f3:69:95: a1:65:33:dc:f2:5e:03:bb:d9:d1:f0:da:d4:7a:22: 20:8b:81:c0:fb:38:64:f9:bf:ee:fa:77:a2:77:38: e8:dd:fe:ca:89:b6:70:c1:80:1c:77:83:cb:a2:7c: dc:3b:0f:a3:b5:de:d9:e7:fe:c2:dd:36:94:ce:4b: 87:0e:42:ff:f4:ac:e3:f4:8a:4a:51:8f:f1:df:39: 48:c0:34:6f:73:fd:56:11:8e:1b:a3:52:81:c1:b2: c1:75:15:f1:5a:f3:06:d8:4e:30:d3:a7:64:01:99: ae:62:c3:b8:3f:4a:c3:da:9e:cb:d1:4b:ed:58:07: fe:12:2c:09:fc:51:f7:5d:26:e5:cd:a7:e6:34:05: 43:c1:73:4d:7b:b7:c7:6e:2b:c9:46:0d:dc:b4:e8: a8:72:bb:e7:da:0f:1b:6a:d1:9b:32:f5:fb:be:c0: 08:5c:2f:25:4a:e9:a8:7e:4a:da:bb:41:47:3a:f9: 35:2b:fd:42:7e:43:10:91:c0:98:54:be:65:f3:7c: 14:50:88:1c:6b:87:be:f0:03:c6:8c:bd:db:60:f3: cd:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:D6:85:E8:DD:89:1D:B1:CC:A5:AD:D3:67:39:85:47:4E:91:84:AB X509v3 Authority Key Identifier: keyid:28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:6c:e1:b7:98:7f:e1:c8:75:15:bb:8a:d6:7d:ff:8a:eb:85: 09:23:5a:91:e9:39:fe:aa:cf:b0:4b:09:35:c9:84:8c:5b:2f: c6:57:0b:91:13:69:49:bf:b7:c7:65:f6:7f:be:ec:14:9b:2d: a7:bb:0b:fc:a4:28:cc:5d:ab:6d:53:59:1b:07:ab:d1:c6:39: df:fb:94:93:6c:eb:b3:9c:ad:37:27:d7:98:b3:ce:47:0b:25: 9c:62:9d:30:d6:06:00:e6:e3:de:0c:c8:3d:ce:77:30:4e:b0: d7:91:d4:ee:42:f8:38:28:17:a0:3a:27:f8:0d:2f:2e:50:42: 3d:3f:37:cf:7b:6e:b2:ab:d5:75:fd:cc:eb:8c:d2:1a:60:ee: ff:2b:88:b0:a5:05:b0:c6:41:46:57:19:8a:29:c4:b7:d3:77: 56:2e:e5:77:cc:54:ff:66:22:86:c9:44:b0:fb:07:c9:41:82: 68:7b:90:60:4a:21:97:4d:e3:72:e1:5d:17:1c:f2:4c:8c:f2: 62:10:f8:da:81:55:e2:53:2a:99:ab:62:fb:eb:8c:ef:6d:4b: 66:c6:0e:82:c5:9b:c6:31:12:ec:ba:94:58:34:63:99:8e:59: a2:8a:e3:fe:f7:7a:57:b2:59:2a:55:9d:83:c5:bb:58:42:8e: 14:6d:b0:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFMjUxMTAvBgNVBAUTKDI4N0JCMENENjZGQkQ3RTVCN0E4OEJBNjY3ODkxMjRD MEIwNEM1NzgwHhcNMjUwNDI4MTkyNzE2WhcNMjUwNTA1MTkyNzE2WjAYMRYwFAYD VQQDEw02ODBmZDY5NC0yOWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA54ONE5EfU0YBk4h6dmbjPgUdq4beuOgorqw6rdghcf1/zrl2uXxsnSHzaZWh ZTPc8l4Du9nR8NrUeiIgi4HA+zhk+b/u+neidzjo3f7KibZwwYAcd4PLonzcOw+j td7Z5/7C3TaUzkuHDkL/9Kzj9IpKUY/x3zlIwDRvc/1WEY4bo1KBwbLBdRXxWvMG 2E4w06dkAZmuYsO4P0rD2p7L0UvtWAf+EiwJ/FH3XSblzafmNAVDwXNNe7fHbivJ Rg3ctOiocrvn2g8batGbMvX7vsAIXC8lSumofkrau0FHOvk1K/1CfkMQkcCYVL5l 83wUUIgca4e+8APGjL3bYPPNjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ/Whejd iR2xzKWt02c5hUdOkYSrMB8GA1UdIwQYMBaAFCh7sM1m+9flt6iLpmeJEkwLBMV4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUyNS82OEU1N0FFRTMw NjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEtVzNxSXVtWjRrU1RBc0V4 WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIdXd6V2I3MS1XM3FJdW1aNGtTVEFzRXhYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUyNS82OEU1N0FFRTMwNjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEt VzNxSXVtWjRrU1RBc0V4WGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCbOG3mH/hyHUVu4rWff+K64UJI1qR6Tn+qs+wSwk1yYSMWy/GVwuR E2lJv7fHZfZ/vuwUmy2nuwv8pCjMXattU1kbB6vRxjnf+5STbOuznK03J9eYs85H CyWcYp0w1gYA5uPeDMg9zncwTrDXkdTuQvg4KBegOif4DS8uUEI9PzfPe26yq9V1 /czrjNIaYO7/K4iwpQWwxkFGVxmKKcS303dWLuV3zFT/ZiKGyUSw+wfJQYJoe5Bg SiGXTeNy4V0XHPJMjPJiEPjagVXiUyqZq2L764zvbUtmxg6CxZvGMRLsupRYNGOZ jlmiiuP+93pXslkqVZ2DxbtYQo4UbbAN -----END CERTIFICATE-----Generated at Tue Apr 29 16:10:15 2025 by rpki-client