$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: s1Rpj4MWM1WeySTCPC38CgvVB4wP11+KcLEsbkDuKyM= Subject key identifier: CD:30:EA:53:33:54:5B:1F:40:54:EB:9A:7C:0F:14:8F:05:52:D1:BE Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01B5 Signing time: Sun 15 Jun 2025 02:29:34 +0000 Manifest this update: Sun 15 Jun 2025 02:29:33 +0000 Manifest next update: Sun 22 Jun 2025 02:29:33 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: wQETfRhAEo0JZfhX8xodTjHtbf4YzBIk2nxO0CxqHZk=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:29:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Jun 15 02:29:33 2025 GMT Not After : Jun 22 02:29:33 2025 GMT Subject: CN=684e300e-4a8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:69:27:30:95:0d:fd:99:ab:d3:6b:9b:5d:44: 6f:c6:bb:e6:41:0e:b8:87:1f:25:32:c7:3c:59:a0: 9b:49:22:2e:6c:a7:57:fa:96:74:bd:f8:93:05:36: 44:a5:5b:9e:66:ad:0b:b9:24:0d:05:cd:b0:06:67: c4:a2:c8:40:5d:94:a6:cc:81:60:b8:a0:34:d7:2a: e1:f7:66:87:eb:29:a2:d0:6a:51:09:32:93:f4:1d: c5:00:d7:8e:d1:34:27:c6:43:8d:fb:c8:98:9a:08: 2f:1d:2f:9c:05:c8:0a:26:08:fd:74:62:78:4c:84: 15:bb:b4:cf:ba:bf:4e:df:ad:e6:37:fe:50:79:f2: 17:e3:e4:be:88:0f:70:3e:ac:a5:c7:b1:1d:b3:ec: 85:32:9d:0c:1d:46:44:e9:a4:0e:1c:24:61:33:41: 33:ac:0e:f0:72:1e:70:46:b8:7f:b1:9c:04:f1:16: 22:af:ef:64:5b:18:30:9f:7f:23:d8:77:71:ac:91: f4:83:a9:81:c2:51:8e:e3:5e:69:96:03:9b:f3:b8: 96:1d:fc:c0:45:66:71:68:d1:3d:6b:98:70:20:1c: 07:9f:ad:91:40:5b:88:96:1a:89:1a:06:69:04:ac: bc:b1:a1:b6:36:03:8e:84:7d:6b:4a:e4:7b:78:a7: da:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:30:EA:53:33:54:5B:1F:40:54:EB:9A:7C:0F:14:8F:05:52:D1:BE X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:d0:27:63:5d:8c:c6:21:be:15:f1:e6:4a:00:ce:bb:71:e4: 18:48:4a:74:d8:67:33:fa:2d:b8:24:f4:42:01:e2:10:d8:c1: 7d:67:78:24:10:63:a9:d8:67:e0:14:83:04:45:09:05:8a:47: 78:86:37:b4:a8:e8:93:92:8a:62:0a:8b:b3:e6:18:54:ea:7f: 4e:f3:06:11:b7:a8:08:00:c4:5f:ae:42:5e:d0:0d:26:85:0a: 19:d8:a1:b3:3c:0d:04:ef:ef:90:b2:1f:ef:a2:30:a4:73:23: 18:b2:be:20:7f:79:5b:6e:e5:00:8f:45:0a:28:ec:74:51:27: ee:8e:a0:35:68:b1:68:69:5d:96:0e:78:d4:f0:93:f4:05:0a: e9:1d:d3:3e:42:33:f6:71:b7:1e:cc:a0:40:7f:9d:d5:7f:11: 72:f0:40:10:2c:9a:9d:7b:67:8b:d4:a7:a7:a2:91:5e:83:17: fa:0b:89:08:6a:47:83:de:17:a8:3d:67:91:d6:21:b2:22:57: d5:78:1a:a7:56:e5:6b:27:c3:5d:72:ac:f5:be:31:1b:2c:62: 53:ef:e9:a6:78:41:c1:43:64:aa:89:e7:6e:88:90:50:5e:38: f3:57:f4:9f:a6:d0:29:06:39:2d:5e:7c:4e:fe:a6:96:da:9b: 93:52:4d:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwNjE1MDIyOTMzWhcNMjUwNjIyMDIyOTMzWjAYMRYwFAYD VQQDEw02ODRlMzAwZS00YThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GknMJUN/Zmr02ubXURvxrvmQQ64hx8lMsc8WaCbSSIubKdX+pZ0vfiTBTZE pVueZq0LuSQNBc2wBmfEoshAXZSmzIFguKA01yrh92aH6ymi0GpRCTKT9B3FANeO 0TQnxkON+8iYmggvHS+cBcgKJgj9dGJ4TIQVu7TPur9O363mN/5QefIX4+S+iA9w Pqylx7Eds+yFMp0MHUZE6aQOHCRhM0EzrA7wch5wRrh/sZwE8RYir+9kWxgwn38j 2HdxrJH0g6mBwlGO415plgOb87iWHfzARWZxaNE9a5hwIBwHn62RQFuIlhqJGgZp BKy8saG2NgOOhH1rSuR7eKfaKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0w6lMz VFsfQFTrmnwPFI8FUtG+MB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCy0CdjXYzGIb4V8eZKAM67ceQYSEp02Gcz+i24JPRCAeIQ2MF9Z3gk EGOp2GfgFIMERQkFikd4hje0qOiTkopiCouz5hhU6n9O8wYRt6gIAMRfrkJe0A0m hQoZ2KGzPA0E7++Qsh/vojCkcyMYsr4gf3lbbuUAj0UKKOx0USfujqA1aLFoaV2W DnjU8JP0BQrpHdM+QjP2cbcezKBAf53VfxFy8EAQLJqde2eL1KenopFegxf6C4kI akeD3heoPWeR1iGyIlfVeBqnVuVrJ8Ndcqz1vjEbLGJT7+mmeEHBQ2SqieduiJBQ XjjzV/SfptApBjktXnxO/qaW2puTUk0p -----END CERTIFICATE-----Generated at Sun Jun 15 04:52:41 2025 by rpki-client