$ rpki-client -vvf rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft File: Km8SBBLYIPn_JM0F1ez0nmYtmco.mft (raw, json) Hash identifier: L3YSyTlM/F5HtuJAd5itaB2F4tsNNBz6awdsctVMUVQ= Subject key identifier: A4:04:69:90:7D:9E:5E:39:FC:49:5B:61:65:A6:1B:F3:95:FE:29:74 Authority key identifier: 2A:6F:12:04:12:D8:20:F9:FF:24:CD:05:D5:EC:F4:9E:66:2D:99:CA Certificate issuer: /CN=A91F240B/serialNumber=2A6F120412D820F9FF24CD05D5ECF49E662D99CA Certificate serial: 1F6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Km8SBBLYIPn_JM0F1ez0nmYtmco.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft Manifest number: 1F5D Signing time: Thu 24 Apr 2025 16:01:05 +0000 Manifest this update: Thu 24 Apr 2025 16:01:04 +0000 Manifest next update: Thu 01 May 2025 16:01:04 +0000 Files and hashes: 1: Km8SBBLYIPn_JM0F1ez0nmYtmco.crl (hash: e31iLRAsuip6MFM40rkcm0sHd8hbZnENMljdJw4VnWA=) 2: E352E0A2896F11E7BBF2923CC4F9AE02.roa (hash: C6sGcNivAhM8b7+hs2R4TWPNfdN5sOXAahaAosnvUZ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.crl rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Km8SBBLYIPn_JM0F1ez0nmYtmco.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8042 (0x1f6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F240B, serialNumber=2A6F120412D820F9FF24CD05D5ECF49E662D99CA Validity Not Before: Apr 24 16:01:04 2025 GMT Not After : May 1 16:01:04 2025 GMT Subject: CN=680a6040-bc06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:2d:f9:6e:56:eb:39:9a:85:7a:79:b8:35:5e: 0d:6e:8d:8f:81:cf:b5:b7:ec:fa:e2:d2:f5:06:c1: 6a:fe:0f:c2:94:b5:bc:fc:e8:01:59:00:11:37:35: 39:fb:ff:bc:c4:c1:60:1a:1d:f2:93:b9:e1:c9:b4: 95:fe:05:1c:f9:d0:c8:df:d3:59:75:f1:51:e6:4b: 64:4e:e7:1a:3d:98:71:a5:c0:af:d1:9f:5d:37:1c: d8:61:f1:ce:8c:0e:c5:a9:e2:6a:e1:b9:a4:27:77: 22:1c:37:53:53:8d:b0:2a:67:03:31:01:68:d3:d4: 43:81:54:bf:29:d4:ca:1f:59:bd:41:6b:e8:7b:08: 51:de:5f:a8:58:8b:aa:50:19:22:80:74:e6:a8:56: d2:48:84:a4:12:d8:91:70:c1:f1:03:bf:a3:80:4f: 02:9e:e2:b1:d9:23:9d:ac:c9:f8:5c:9a:60:55:02: 0a:ca:f7:a8:74:8c:ea:af:86:6c:77:bd:fe:5f:ff: 21:af:38:53:23:91:07:11:ae:b1:ac:03:56:5b:c5: fe:d6:67:98:2a:41:58:4a:83:9c:4f:57:32:ae:40: 6c:19:8a:db:74:9c:e8:8e:17:46:1e:b3:3c:e3:e4: c7:af:7e:4e:3f:34:d0:2a:40:f1:85:c2:95:27:b1: 7a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:04:69:90:7D:9E:5E:39:FC:49:5B:61:65:A6:1B:F3:95:FE:29:74 X509v3 Authority Key Identifier: keyid:2A:6F:12:04:12:D8:20:F9:FF:24:CD:05:D5:EC:F4:9E:66:2D:99:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Km8SBBLYIPn_JM0F1ez0nmYtmco.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:c7:e2:88:63:5d:61:24:9a:25:20:82:41:91:2f:6c:c1:a9: ec:0a:a8:7d:06:d3:57:6b:49:d0:3a:4c:8a:cd:3e:2c:69:b8: d1:fa:ef:61:ad:25:9b:f4:91:36:84:9c:b3:b6:ff:3c:50:8a: b3:1c:1d:45:79:72:1e:b6:65:52:ef:ac:38:62:3e:40:1b:84: c0:ba:f7:22:df:33:1c:ad:52:6a:32:cd:ea:9c:1e:01:7e:3b: 6c:7a:49:20:b6:83:84:66:f8:83:e6:43:b0:af:26:63:02:3e: 2c:50:ef:f5:0f:53:0e:04:e4:86:9d:4c:41:af:a8:fa:e2:1d: 1a:8a:0e:65:00:d2:34:cc:3d:f6:b2:da:6c:4b:64:86:66:d2: 52:09:28:12:8f:9f:b5:3e:10:cd:92:1c:71:2f:2c:31:2c:84: c1:03:9c:09:c4:2a:5b:8e:0e:cd:d4:6f:5d:9c:8a:a8:ad:77: f6:98:ef:b7:0d:40:71:15:1d:b1:15:c3:04:16:a1:11:30:67: 52:f9:4b:a8:d6:b6:30:d8:a6:3a:19:cc:14:41:78:00:24:5a: 4f:4a:e6:ab:23:ab:2e:75:cc:01:9c:a7:cf:df:68:ec:d9:1d: d8:00:b3:ae:4e:e8:06:04:54:15:69:fa:34:43:52:e4:30:33: 80:dd:bc:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICH2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjI0MEIxMTAvBgNVBAUTKDJBNkYxMjA0MTJEODIwRjlGRjI0Q0QwNUQ1RUNGNDlF NjYyRDk5Q0EwHhcNMjUwNDI0MTYwMTA0WhcNMjUwNTAxMTYwMTA0WjAYMRYwFAYD VQQDEw02ODBhNjA0MC1iYzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8i35blbrOZqFenm4NV4Nbo2Pgc+1t+z64tL1BsFq/g/ClLW8/OgBWQARNzU5 +/+8xMFgGh3yk7nhybSV/gUc+dDI39NZdfFR5ktkTucaPZhxpcCv0Z9dNxzYYfHO jA7FqeJq4bmkJ3ciHDdTU42wKmcDMQFo09RDgVS/KdTKH1m9QWvoewhR3l+oWIuq UBkigHTmqFbSSISkEtiRcMHxA7+jgE8CnuKx2SOdrMn4XJpgVQIKyveodIzqr4Zs d73+X/8hrzhTI5EHEa6xrANWW8X+1meYKkFYSoOcT1cyrkBsGYrbdJzojhdGHrM8 4+THr35OPzTQKkDxhcKVJ7F61QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKQEaZB9 nl45/ElbYWWmG/OV/il0MB8GA1UdIwQYMBaAFCpvEgQS2CD5/yTNBdXs9J5mLZnK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjQwQi81QjczNkQ5MjQz MzMxMUU2OTU5QTc4MTVDNEY5QUUwMi9LbThTQkJMWUlQbl9KTTBGMWV6MG5tWXRt Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ttOFNCQkxZSVBuX0pNMEYxZXowbm1ZdG1jby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjQwQi81QjczNkQ5MjQzMzMxMUU2OTU5QTc4MTVDNEY5QUUwMi9LbThTQkJMWUlQ bl9KTTBGMWV6MG5tWXRtY28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLx+KIY11hJJolIIJBkS9swansCqh9BtNXa0nQOkyKzT4sabjR+u9h rSWb9JE2hJyztv88UIqzHB1FeXIetmVS76w4Yj5AG4TAuvci3zMcrVJqMs3qnB4B fjtsekkgtoOEZviD5kOwryZjAj4sUO/1D1MOBOSGnUxBr6j64h0aig5lANI0zD32 stpsS2SGZtJSCSgSj5+1PhDNkhxxLywxLITBA5wJxCpbjg7N1G9dnIqorXf2mO+3 DUBxFR2xFcMEFqERMGdS+Uuo1rYw2KY6GcwUQXgAJFpPSuarI6sudcwBnKfP32js 2R3YALOuTugGBFQVafo0Q1LkMDOA3by8 -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:52 2025 by rpki-client