$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft File: Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft (raw, json) Hash identifier: rG8M1NShHxX6IGiBXm4M/dz0AHRptWqxnp9qjbueT1c= Subject key identifier: AD:36:6D:3B:AE:0F:75:CD:12:4F:D8:E9:BF:06:9C:22:4B:89:64:88 Authority key identifier: 29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 Certificate issuer: /CN=A91FC985/serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft Manifest number: 21 Signing time: Fri 25 Apr 2025 06:51:32 +0000 Manifest this update: Fri 25 Apr 2025 06:51:32 +0000 Manifest next update: Fri 02 May 2025 06:51:32 +0000 Files and hashes: 1: Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl (hash: hqvkZhCiZUTvOQ29NtRnzuKnt/+yIIlzn3Z3SaCnjcQ=) 2: DA3E289CF5B811EFA1046714C4F9AE02.roa (hash: ghtYYnHvBHOXjjafNw/o3b7nWMJznKoJtYacsPdc8uY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:51:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC985, serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Validity Not Before: Apr 25 06:51:32 2025 GMT Not After : May 2 06:51:32 2025 GMT Subject: CN=680b30f4-a6ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:92:97:66:fe:e5:fe:82:a9:eb:4a:8b:4a:6d: f1:8e:4e:e3:5d:3a:a2:28:07:b5:df:3b:b7:c0:7c: a1:e1:44:67:7b:27:a3:74:3b:76:42:ae:42:b2:1a: 88:c2:4f:48:67:0f:d4:3e:36:4d:52:ab:b5:9d:d9: b5:ed:77:89:b1:3a:5f:89:8c:ce:af:64:25:fc:0a: 64:99:57:6a:ac:4f:c0:ba:20:33:cd:03:af:7f:44: 5c:7d:a5:c8:44:6d:cd:50:46:96:85:5c:aa:1c:f5: 74:7c:9b:7b:48:0d:c6:21:fd:d4:5e:2a:63:19:6e: 5a:7f:26:f4:e4:63:87:5e:ef:fb:57:9a:3b:2f:37: cc:04:ef:7f:7f:50:f2:a3:aa:4b:5b:2c:fc:04:67: d2:05:e0:66:78:f0:88:42:61:ee:0b:58:c6:48:30: 5f:b5:8d:74:5c:90:34:a1:2d:ed:f0:fc:a4:55:eb: 75:dd:72:ef:e4:5a:64:af:f9:f6:f8:16:5c:f9:bb: f4:25:65:02:67:8f:d2:9d:ea:4b:1d:05:b4:e8:e7: 0d:37:a4:d9:a1:ee:65:f5:91:44:46:2a:2d:44:c6: 5c:15:fa:5a:0f:ae:f1:ad:58:00:6d:f6:5a:25:5e: 3c:bc:c0:71:8a:f0:21:49:16:72:a5:48:17:17:17: 7b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:36:6D:3B:AE:0F:75:CD:12:4F:D8:E9:BF:06:9C:22:4B:89:64:88 X509v3 Authority Key Identifier: keyid:29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:dc:79:fb:80:45:f2:8e:bd:b7:1b:7d:31:aa:45:02:f2:79: 0f:e3:a6:f0:cf:5d:f9:82:16:f3:96:bc:e4:6b:62:2e:e8:83: ab:9f:fa:83:a8:7a:cd:f3:82:21:1c:95:b0:08:a6:3f:70:19: 74:7b:42:b5:d6:c8:86:dd:c1:ab:eb:ff:5c:03:0c:c6:95:c7: 49:40:7a:33:3f:be:e2:4a:de:53:74:75:1e:23:a0:7e:75:53: 7b:40:38:e3:82:92:e9:6a:12:40:e5:6b:d3:e9:ec:dc:09:b5: a2:8a:04:ac:e1:fd:49:68:c2:1c:50:92:75:b3:10:20:87:81: bc:d1:f2:1e:da:9e:5a:1a:d7:07:da:f4:64:91:29:11:99:dd: 54:93:07:7f:46:3e:d4:80:d2:9d:a2:8a:4b:8b:98:57:d9:10: 6c:68:3a:a3:7d:38:41:8a:f3:67:98:84:5d:c1:b9:3f:92:cd: 07:a9:f2:17:b0:6f:6b:78:02:9a:00:7d:03:7d:45:4b:b0:3a: 44:da:a4:d8:d6:6d:e0:f6:24:15:40:5e:63:f1:82:67:18:2c: 89:bc:b1:f8:e3:28:6d:4e:b1:cc:af:d4:2e:83:d1:bf:ba:54: 0f:56:c3:55:ad:cd:35:0d:28:31:b9:7c:e8:48:0a:be:04:01: 8a:8a:6a:28 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Qzk4NTExMC8GA1UEBRMoMjlBREIzOUI2MjBFQUUzQ0I4QUZDQTJDQTE4NUY1QzQ4 NzZGRDA0MzAeFw0yNTA0MjUwNjUxMzJaFw0yNTA1MDIwNjUxMzJaMBgxFjAUBgNV BAMTDTY4MGIzMGY0LWE2ZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC1kpdm/uX+gqnrSotKbfGOTuNdOqIoB7XfO7fAfKHhRGd7J6N0O3ZCrkKyGojC T0hnD9Q+Nk1Sq7Wd2bXtd4mxOl+JjM6vZCX8CmSZV2qsT8C6IDPNA69/RFx9pchE bc1QRpaFXKoc9XR8m3tIDcYh/dReKmMZblp/JvTkY4de7/tXmjsvN8wE739/UPKj qktbLPwEZ9IF4GZ48IhCYe4LWMZIMF+1jXRckDShLe3w/KRV63Xdcu/kWmSv+fb4 Flz5u/QlZQJnj9Kd6ksdBbTo5w03pNmh7mX1kURGKi1ExlwV+loPrvGtWABt9lol Xjy8wHGK8CFJFnKlSBcXF3tfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrTZtO64P dc0ST9jpvwacIkuJZIgwHwYDVR0jBBgwFoAUKa2zm2IOrjy4r8osoYX1xIdv0EMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDOTg1LzY3M0FBMkY0RjVC NzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5NHI4b3NvWVgxeElkdjBF TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Eyem0ySU9yank0cjhvc29ZWDF4SWR2MEVNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZD OTg1LzY3M0FBMkY0RjVCNzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5 NHI4b3NvWVgxeElkdjBFTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACfcefuARfKOvbcbfTGqRQLyeQ/jpvDPXfmCFvOWvORrYi7og6uf+oOo es3zgiEclbAIpj9wGXR7QrXWyIbdwavr/1wDDMaVx0lAejM/vuJK3lN0dR4joH51 U3tAOOOCkulqEkDla9Pp7NwJtaKKBKzh/UlowhxQknWzECCHgbzR8h7anloa1wfa 9GSRKRGZ3VSTB39GPtSA0p2iikuLmFfZEGxoOqN9OEGK82eYhF3BuT+SzQep8hew b2t4ApoAfQN9RUuwOkTapNjWbeD2JBVAXmPxgmcYLIm8sfjjKG1Oscyv1C6D0b+6 VA9Ww1WtzTUNKDG5fOhICr4EAYqKaig= -----END CERTIFICATE-----Generated at Sat Apr 26 15:12:00 2025 by rpki-client