$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft File: mke_QL1Ih-IkFTMnnn8dfypfb7s.mft (raw, json) Hash identifier: TAb5Ay3+ld9g/GShkv63S5q6Iy6Cujfz8Fi+aDPBb/I= Subject key identifier: 79:E1:82:D0:FA:B2:2A:19:FF:68:85:9C:3F:50:C5:E0:7E:6D:1C:D5 Authority key identifier: 9A:47:BF:40:BD:48:87:E2:24:15:33:27:9E:7F:1D:7F:2A:5F:6F:BB Certificate issuer: /CN=A91F3989/serialNumber=9A47BF40BD4887E2241533279E7F1D7F2A5F6FBB Certificate serial: CC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mke_QL1Ih-IkFTMnnn8dfypfb7s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft Manifest number: CA Signing time: Fri 25 Apr 2025 04:47:16 +0000 Manifest this update: Fri 25 Apr 2025 04:47:16 +0000 Manifest next update: Fri 02 May 2025 04:47:16 +0000 Files and hashes: 1: mke_QL1Ih-IkFTMnnn8dfypfb7s.crl (hash: tX3dVo8HaL88erg9sSA5VQ7GsSx49xqQYwpzQUJDYx8=) 2: A146F2C2ECD011EE8891034AC4F9AE02.roa (hash: 39u+3z7NTrOVqsJcMoLGpjbEQiERAqJS+HnJZxNpbpg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.crl rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mke_QL1Ih-IkFTMnnn8dfypfb7s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:47:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 204 (0xcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3989, serialNumber=9A47BF40BD4887E2241533279E7F1D7F2A5F6FBB Validity Not Before: Apr 25 04:47:16 2025 GMT Not After : May 2 04:47:16 2025 GMT Subject: CN=680b13d4-8680 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ac:0c:be:81:bb:e3:39:24:69:5c:08:25:f2: 2b:20:07:be:c4:ae:d5:2f:53:80:bc:d9:9e:ca:3a: c8:b6:07:81:2c:51:fd:14:2f:52:60:6c:3e:d7:28: 9f:79:9b:f6:50:63:d3:c0:84:5a:ed:54:ea:f0:c4: dc:b2:1f:d7:3b:15:9c:3a:80:f5:f2:e8:fa:5f:f3: 0e:0a:c1:16:b9:75:32:00:80:d1:13:3d:18:1f:1f: 70:a0:b2:f8:ee:7b:d2:2d:65:17:e8:1d:99:3e:e4: 1c:f6:1a:fc:7d:c2:07:1c:60:f6:2d:aa:5e:01:b2: 67:96:20:06:08:bd:5e:f1:ea:f1:f6:17:21:01:f6: ca:60:78:4f:74:6b:a8:f4:3f:7e:9b:8b:0d:c5:1a: 6a:cd:f7:7b:76:96:39:8f:bc:b9:4a:40:b3:27:b4: 0a:b0:cc:f3:e3:18:63:5e:ab:88:b2:ee:2e:a6:df: de:95:e3:8c:3a:27:20:42:84:64:86:69:22:0d:e7: 15:52:d3:73:4d:03:11:99:d6:6d:b9:35:65:46:06: a1:4f:fa:12:eb:ac:12:7d:62:9f:b5:62:d4:9a:9d: c2:31:6b:39:12:18:74:28:75:a0:43:8c:69:d9:2f: 79:bf:98:92:1f:c3:d5:a9:5f:a5:5a:6d:a6:ee:75: c9:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:E1:82:D0:FA:B2:2A:19:FF:68:85:9C:3F:50:C5:E0:7E:6D:1C:D5 X509v3 Authority Key Identifier: keyid:9A:47:BF:40:BD:48:87:E2:24:15:33:27:9E:7F:1D:7F:2A:5F:6F:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mke_QL1Ih-IkFTMnnn8dfypfb7s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:38:e7:2f:90:e2:be:4b:d0:27:40:cb:17:88:43:5e:27:15: 61:17:d6:ab:11:ea:60:8d:fc:7f:af:82:bb:0b:e8:d0:9e:6d: 6e:9a:71:db:bc:51:14:38:38:d3:77:36:43:cb:0f:c9:0e:30: 18:90:8f:35:86:f4:21:65:de:51:eb:60:55:7d:5a:56:fb:80: aa:29:16:d8:96:fa:91:20:35:c1:d2:69:e7:61:3e:8b:f1:db: 11:a7:3c:9b:2e:23:88:9f:ee:ef:84:2a:3a:5d:53:f8:2e:45: b9:32:ad:f7:8a:60:71:7f:ed:40:7f:39:45:23:b7:c6:b8:c1: 44:a8:5b:c5:c9:06:3e:96:6a:24:2f:ff:41:6e:dc:01:d6:65: 51:d4:4f:78:c7:87:8d:fc:c3:c3:b6:7c:13:b5:b6:4f:b4:cd: 4b:2e:0d:8f:41:cf:25:91:ef:a2:79:28:7f:89:1d:5e:e4:ca: 89:fb:7b:26:79:80:92:0d:54:ca:5e:1e:20:49:97:b6:b9:6f: b3:6f:65:9e:04:36:33:a7:08:c4:df:6a:8a:de:32:ae:66:ac: 6e:25:45:de:dc:0a:69:09:1f:26:56:ae:95:49:84:56:84:a3: a4:c8:41:fc:51:40:73:80:69:9f:d7:4b:63:43:fd:7a:94:9f: 0b:e5:ba:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjM5ODkxMTAvBgNVBAUTKDlBNDdCRjQwQkQ0ODg3RTIyNDE1MzMyNzlFN0YxRDdG MkE1RjZGQkIwHhcNMjUwNDI1MDQ0NzE2WhcNMjUwNTAyMDQ0NzE2WjAYMRYwFAYD VQQDEw02ODBiMTNkNC04NjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0qwMvoG74zkkaVwIJfIrIAe+xK7VL1OAvNmeyjrItgeBLFH9FC9SYGw+1yif eZv2UGPTwIRa7VTq8MTcsh/XOxWcOoD18uj6X/MOCsEWuXUyAIDREz0YHx9woLL4 7nvSLWUX6B2ZPuQc9hr8fcIHHGD2LapeAbJnliAGCL1e8erx9hchAfbKYHhPdGuo 9D9+m4sNxRpqzfd7dpY5j7y5SkCzJ7QKsMzz4xhjXquIsu4upt/eleOMOicgQoRk hmkiDecVUtNzTQMRmdZtuTVlRgahT/oS66wSfWKftWLUmp3CMWs5Ehh0KHWgQ4xp 2S95v5iSH8PVqV+lWm2m7nXJfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHnhgtD6 sioZ/2iFnD9QxeB+bRzVMB8GA1UdIwQYMBaAFJpHv0C9SIfiJBUzJ55/HX8qX2+7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzk4OS8zMTYxQzM3RUVD RDAxMUVFOEEyMjRENDlDNEY5QUUwMi9ta2VfUUwxSWgtSWtGVE1ubm44ZGZ5cGZi N3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL21rZV9RTDFJaC1Ja0ZUTW5ubjhkZnlwZmI3cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Mzk4OS8zMTYxQzM3RUVDRDAxMUVFOEEyMjRENDlDNEY5QUUwMi9ta2VfUUwxSWgt SWtGVE1ubm44ZGZ5cGZiN3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBzOOcvkOK+S9AnQMsXiENeJxVhF9arEepgjfx/r4K7C+jQnm1umnHb vFEUODjTdzZDyw/JDjAYkI81hvQhZd5R62BVfVpW+4CqKRbYlvqRIDXB0mnnYT6L 8dsRpzybLiOIn+7vhCo6XVP4LkW5Mq33imBxf+1AfzlFI7fGuMFEqFvFyQY+lmok L/9BbtwB1mVR1E94x4eN/MPDtnwTtbZPtM1LLg2PQc8lke+ieSh/iR1e5MqJ+3sm eYCSDVTKXh4gSZe2uW+zb2WeBDYzpwjE32qK3jKuZqxuJUXe3AppCR8mVq6VSYRW hKOkyEH8UUBzgGmf10tjQ/16lJ8L5bqf -----END CERTIFICATE-----Generated at Sat Apr 26 16:52:55 2025 by rpki-client