$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft File: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft (raw, json) Hash identifier: xN4bP/N+ZcsNrjZg+Pq85aeH7f5swfUjaCrq9kT+QzQ= Subject key identifier: 5D:1A:AE:F7:DC:D9:4F:4B:88:61:56:3D:70:FD:B6:29:D1:FC:BE:AE Authority key identifier: 91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09 Certificate issuer: /CN=A91FF5B9/serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft Manifest number: 13 Signing time: Sun 27 Apr 2025 06:53:11 +0000 Manifest this update: Sun 27 Apr 2025 06:53:11 +0000 Manifest next update: Sun 04 May 2025 06:53:11 +0000 Files and hashes: 1: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl (hash: HvRlVgmrjQM3giE4rAkSGbtKfmwHVf7931Ue7z5BYz0=) 2: DA700744185511F09304D972C4F9AE02.roa (hash: AVDeCRqbZoyZl3fF1YnTf6HcDZbje6RSX9dEEeI1q44=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 06:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5B9, serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09 Validity Not Before: Apr 27 06:53:11 2025 GMT Not After : May 4 06:53:11 2025 GMT Subject: CN=680dd457-13ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:10:4a:67:4d:6a:fb:3a:3b:c1:c6:62:a0:4f: c9:ff:98:d4:86:cb:69:24:f3:5a:a6:2f:f2:b2:05: 46:a2:40:2e:0d:0d:73:c2:c1:75:45:37:5d:14:5e: 04:46:bb:70:1b:1d:cc:bc:72:6d:26:1e:9f:08:cb: ce:b9:46:fe:36:21:ef:96:41:14:02:57:65:b2:be: 25:18:a2:18:08:28:f8:b6:9c:80:b6:9e:9a:10:4e: 40:a9:12:29:3b:d2:36:f1:17:41:18:d0:a0:fa:08: 7f:3d:24:ad:70:c3:88:3a:f6:cc:2a:4c:2d:ec:47: 5a:e7:bf:5a:2c:00:86:f2:f3:e8:8d:07:5b:31:16: 73:fa:49:00:f9:ac:b2:a7:70:c8:0a:e8:e4:fa:98: 1b:8d:b4:85:6e:7f:18:e6:77:21:d5:ee:d7:1f:78: 2b:6a:bf:27:48:a5:b5:1f:9d:06:93:b2:de:30:65: 18:c1:d2:7d:6c:13:66:2f:79:81:17:9f:4a:23:79: 9c:92:af:49:5e:b9:1b:d7:05:d7:06:c6:60:8e:47: 80:f4:3c:fb:14:32:d7:88:ab:97:d7:3e:dd:9b:85: 40:38:9e:e9:d4:99:c6:0c:39:1d:66:d8:92:d4:2b: 12:0b:bd:08:6d:8a:9b:2a:11:f1:ee:a6:94:de:ea: 08:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:1A:AE:F7:DC:D9:4F:4B:88:61:56:3D:70:FD:B6:29:D1:FC:BE:AE X509v3 Authority Key Identifier: keyid:91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:b2:3c:c8:01:4e:22:07:17:2e:cc:1d:58:df:7c:cd:72:7b: e7:72:2c:14:a9:27:b5:a1:51:6c:ad:d5:74:67:3a:61:c9:7b: 48:79:11:5e:da:30:62:5c:b4:75:45:a0:83:b8:84:ed:63:37: b5:f3:42:9b:fd:a5:db:56:a7:bb:c0:85:5f:bb:e4:74:3a:ad: fc:6b:50:b8:05:c1:22:7e:e4:6a:de:2f:1c:a7:4d:ae:1c:c7: df:76:9f:be:25:8e:11:de:eb:78:21:c3:47:48:5d:a9:23:b1: 78:e7:12:8c:60:b7:ba:b4:14:b7:2b:d0:29:34:50:e4:3e:de: e0:10:3d:ca:67:00:cd:02:a6:1f:ec:32:95:f2:c7:1a:c3:f1: 7b:2e:b2:6a:d6:f1:70:19:cb:ba:aa:a5:c2:21:a1:a2:e2:76: c8:88:b9:5b:52:5e:ec:3d:9b:57:18:33:23:15:3c:11:ba:c4: 4c:4c:81:a0:20:73:84:26:66:1d:33:36:d4:0c:80:f8:be:93: 2d:52:0a:c1:11:1c:ca:4c:07:5c:a5:a6:4d:dc:f5:fe:b5:e3: b0:f9:4c:a1:1b:65:12:2c:01:ae:20:b8:b8:d8:0e:8a:f8:aa: 77:96:07:5f:e4:e5:df:f9:6c:33:23:2f:d6:bd:f5:4e:b7:39: 5b:1b:54:c6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG RjVCOTExMC8GA1UEBRMoOTExNzZEMTY5QzQyRjAzRDk1MjgyQkJCQTIwNEM0RTQ0 RDMxRUQwOTAeFw0yNTA0MjcwNjUzMTFaFw0yNTA1MDQwNjUzMTFaMBgxFjAUBgNV BAMTDTY4MGRkNDU3LTEzY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnEEpnTWr7OjvBxmKgT8n/mNSGy2kk81qmL/KyBUaiQC4NDXPCwXVFN10UXgRG u3AbHcy8cm0mHp8Iy865Rv42Ie+WQRQCV2WyviUYohgIKPi2nIC2npoQTkCpEik7 0jbxF0EY0KD6CH89JK1ww4g69swqTC3sR1rnv1osAIby8+iNB1sxFnP6SQD5rLKn cMgK6OT6mBuNtIVufxjmdyHV7tcfeCtqvydIpbUfnQaTst4wZRjB0n1sE2YveYEX n0ojeZySr0leuRvXBdcGxmCOR4D0PPsUMteIq5fXPt2bhUA4nunUmcYMOR1m2JLU KxILvQhtipsqEfHuppTe6gh1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXRqu99zZ T0uIYVY9cP22KdH8vq4wHwYDVR0jBBgwFoAUkRdtFpxC8D2VKCu7ogTE5E0x7Qkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGNUI5LzUyMDJEMDI4MERG OTExRjA4RTZFNzYyQUM0RjlBRTAyL2tSZHRGcHhDOEQyVktDdTdvZ1RFNUUweDdR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva1JkdEZweEM4RDJWS0N1N29nVEU1RTB4N1FrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZG NUI5LzUyMDJEMDI4MERGOTExRjA4RTZFNzYyQUM0RjlBRTAyL2tSZHRGcHhDOEQy VktDdTdvZ1RFNUUweDdRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKyyPMgBTiIHFy7MHVjffM1ye+dyLBSpJ7WhUWyt1XRnOmHJe0h5EV7a MGJctHVFoIO4hO1jN7XzQpv9pdtWp7vAhV+75HQ6rfxrULgFwSJ+5GreLxynTa4c x992n74ljhHe63ghw0dIXakjsXjnEoxgt7q0FLcr0Ck0UOQ+3uAQPcpnAM0Cph/s MpXyxxrD8XsusmrW8XAZy7qqpcIhoaLidsiIuVtSXuw9m1cYMyMVPBG6xExMgaAg c4QmZh0zNtQMgPi+ky1SCsERHMpMB1ylpk3c9f6147D5TKEbZRIsAa4guLjYDor4 qneWB1/k5d/5bDMjL9a99U63OVsbVMY= -----END CERTIFICATE-----Generated at Tue Apr 29 08:29:47 2025 by rpki-client