$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: flBk3vBYWKmD65q7EwiWfR84fnMvFxbmdd12QrfsRgs= Subject key identifier: E0:EB:A9:E5:13:23:EB:0D:FB:57:EC:99:08:BC:DA:01:E0:6B:8C:AA Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 019C Signing time: Fri 25 Apr 2025 02:39:23 +0000 Manifest this update: Fri 25 Apr 2025 02:39:22 +0000 Manifest next update: Fri 02 May 2025 02:39:22 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: HdDbaYewq+/JoLsd/2dA0YUYGnMqOC+Cc7piXYSIvQk=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:39:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 422 (0x1a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Apr 25 02:39:22 2025 GMT Not After : May 2 02:39:22 2025 GMT Subject: CN=680af5da-d40b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e1:9d:d0:8f:ff:65:7e:31:87:a0:e1:65:5b: 06:39:3a:fc:22:56:cd:76:ae:e2:94:ef:51:f1:ec: dc:d0:f3:d3:22:43:c8:69:36:07:95:a7:51:d2:4e: 6b:1c:30:7d:59:72:0e:1f:54:dc:15:c3:ac:39:2d: 1c:0b:45:ea:01:24:54:b8:1e:9c:82:e4:4d:0a:5b: 97:d0:44:de:ce:76:57:4e:3f:72:fb:d3:b8:1e:3d: e0:59:07:18:2b:6f:0c:9d:61:6d:64:7c:d9:dd:8b: d3:c8:65:ab:f7:d8:1e:95:b1:cc:56:bd:39:bc:f7: 01:63:8a:0f:12:ce:04:bf:3c:a5:d4:ce:0e:4e:12: 71:14:b4:86:a2:12:2e:68:f9:19:9e:76:d9:6e:4e: ef:77:93:f2:c7:26:8e:dd:47:dd:5f:7a:50:73:f2: 6b:68:ae:a1:5f:58:81:5f:d8:e0:c6:89:ec:7d:34: 3b:d2:ce:8c:75:fd:a3:c5:2a:ab:f3:c3:45:0b:58: b1:a1:aa:47:aa:e2:63:13:ce:ee:e0:ac:52:c2:91: 4e:c9:b0:82:48:da:e0:59:40:6d:42:a1:14:98:d7: 31:90:ff:83:b0:43:95:f5:a5:22:4e:ed:f2:a7:a2: b4:ff:ea:63:51:ce:92:8b:4f:f7:6e:6a:9d:7a:8c: b3:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:EB:A9:E5:13:23:EB:0D:FB:57:EC:99:08:BC:DA:01:E0:6B:8C:AA X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:dc:e4:9e:3c:7d:e5:6b:b8:d1:88:b9:2f:44:8a:0c:a3:0b: 36:55:2e:c0:30:92:b9:29:88:39:60:cf:3e:53:57:82:45:86: dd:80:61:41:0e:ed:1e:90:98:a6:d1:85:65:08:cf:46:26:2a: 87:0f:86:7f:c9:0c:04:88:69:42:67:5b:9d:88:38:56:ca:ac: a7:2e:5e:37:9d:f3:73:c0:df:d5:16:cc:7f:b5:7b:3c:35:f9: 09:ed:f4:d5:d2:54:9b:d0:e8:8d:93:90:0d:32:cc:43:65:ee: fb:8c:8b:f3:03:11:ae:a0:0c:19:9e:93:66:38:9e:d2:63:6f: 94:05:8a:f8:4b:36:42:5e:b1:6d:71:fa:02:e6:59:fd:95:19: 8c:3b:0f:7d:c2:1a:26:e6:8f:36:04:a1:59:78:33:67:64:4f: f1:dc:f6:e7:07:66:c2:ef:86:35:70:68:2e:d3:02:b7:f3:95: 9b:c9:8a:ca:c2:f9:86:da:70:45:ea:fa:6b:0a:8e:48:bd:f8: 99:52:18:b6:c9:b9:1e:8b:75:0e:0f:5e:f5:a7:d3:e5:6d:a4: bd:af:30:04:99:c0:c5:c0:78:ca:8c:ee:c0:b4:60:8b:29:c3: e3:cc:f0:aa:dc:46:42:f3:75:a4:28:fa:9c:c1:83:a7:2b:40: 6c:95:b6:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwNDI1MDIzOTIyWhcNMjUwNTAyMDIzOTIyWjAYMRYwFAYD VQQDEw02ODBhZjVkYS1kNDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqOGd0I//ZX4xh6DhZVsGOTr8IlbNdq7ilO9R8ezc0PPTIkPIaTYHladR0k5r HDB9WXIOH1TcFcOsOS0cC0XqASRUuB6cguRNCluX0ETeznZXTj9y+9O4Hj3gWQcY K28MnWFtZHzZ3YvTyGWr99gelbHMVr05vPcBY4oPEs4Evzyl1M4OThJxFLSGohIu aPkZnnbZbk7vd5PyxyaO3UfdX3pQc/JraK6hX1iBX9jgxonsfTQ70s6Mdf2jxSqr 88NFC1ixoapHquJjE87u4KxSwpFOybCCSNrgWUBtQqEUmNcxkP+DsEOV9aUiTu3y p6K0/+pjUc6Si0/3bmqdeoyzPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFODrqeUT I+sN+1fsmQi82gHga4yqMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAw3OSePH3la7jRiLkvRIoMows2VS7AMJK5KYg5YM8+U1eCRYbdgGFB Du0ekJim0YVlCM9GJiqHD4Z/yQwEiGlCZ1udiDhWyqynLl43nfNzwN/VFsx/tXs8 NfkJ7fTV0lSb0OiNk5ANMsxDZe77jIvzAxGuoAwZnpNmOJ7SY2+UBYr4SzZCXrFt cfoC5ln9lRmMOw99whom5o82BKFZeDNnZE/x3PbnB2bC74Y1cGgu0wK385WbyYrK wvmG2nBF6vprCo5IvfiZUhi2ybkei3UOD171p9PlbaS9rzAEmcDFwHjKjO7AtGCL KcPjzPCq3EZC83WkKPqcwYOnK0BslbaI -----END CERTIFICATE-----Generated at Sat Apr 26 04:18:28 2025 by rpki-client