$ rpki-client -vvf rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft File: KrJDLDrVEo7XPpnEYNBhH69NIg4.mft (raw, json) Hash identifier: zOBX30WKfA0t35PmqtyYcvWaUir+ivaYN48Fhkj8YaA= Subject key identifier: B9:1E:63:51:C5:5E:7C:7D:D0:DE:4E:F6:F5:13:CF:7A:52:80:48:DB Authority key identifier: 2A:B2:43:2C:3A:D5:12:8E:D7:3E:99:C4:60:D0:61:1F:AF:4D:22:0E Certificate issuer: /CN=A9153850/serialNumber=2AB2432C3AD5128ED73E99C460D0611FAF4D220E Certificate serial: 18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KrJDLDrVEo7XPpnEYNBhH69NIg4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft Manifest number: 12 Signing time: Thu 03 Apr 2025 07:23:25 +0000 Manifest this update: Thu 03 Apr 2025 07:23:25 +0000 Manifest next update: Thu 10 Apr 2025 07:23:25 +0000 Files and hashes: 1: KrJDLDrVEo7XPpnEYNBhH69NIg4.crl (hash: U7RiGqaea6sDmi8oMoWslrd39OGdjO8havlb6cmMMCQ=) 2: E40AC356018611F0B7E46C83C4F9AE02.roa (hash: j28clk9Sd8Zx1GYNsBeAzLAwS2pagKGYYq9g+P46NC0=) 3: 38617654031511F093C93861C4F9AE02.roa (hash: yUsmCUeK2vAhy046Qus1WJcUM9twEi5WFaZUdTNsLP8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.crl rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KrJDLDrVEo7XPpnEYNBhH69NIg4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:23:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153850 Validity Not Before: Apr 3 07:23:25 2025 GMT Not After : Apr 10 07:23:25 2025 GMT Subject: CN=67ee376d-95ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:34:12:17:42:14:cf:9b:a6:c6:9e:68:b6:2c: 84:1e:41:57:20:fd:5f:5e:19:8b:91:2f:1e:1d:a0: 4a:67:a2:b0:a7:3d:54:85:6b:16:ac:fa:82:41:74: a4:d5:67:d1:2b:d9:78:a1:ab:af:7b:4c:03:90:62: 03:02:7e:29:2a:c8:b2:51:9c:ad:e6:f7:e6:fb:fe: b3:33:ee:b5:bb:7d:89:43:e5:a2:4e:a6:c6:35:ef: 03:02:9e:6c:0b:35:fc:cb:d6:18:ed:c9:41:f6:10: bb:e6:50:43:83:b6:a9:bf:b6:ac:c5:2c:f6:15:f9: 67:29:e7:e5:1f:73:18:26:6e:40:bc:b4:70:ae:2c: bf:cd:09:b5:ec:92:5b:5e:0d:5f:78:a7:01:d5:0b: 4d:a9:57:55:b0:9a:45:3e:59:95:fa:ce:32:36:68: 7b:4e:16:f9:51:49:03:ea:53:b5:10:3c:f5:24:97: e3:da:3a:af:ea:97:58:1d:20:bd:40:e0:c6:03:77: 24:89:82:4b:4c:73:ae:d8:80:21:f2:6e:36:92:06: 74:52:89:b7:c8:87:a8:57:f9:4f:c1:17:f1:f9:8b: 05:ad:c9:b5:3d:d9:46:87:69:02:1e:32:83:99:b7: d7:13:6e:fb:70:c1:66:33:e1:5d:60:f1:60:50:b0: 00:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:1E:63:51:C5:5E:7C:7D:D0:DE:4E:F6:F5:13:CF:7A:52:80:48:DB X509v3 Authority Key Identifier: keyid:2A:B2:43:2C:3A:D5:12:8E:D7:3E:99:C4:60:D0:61:1F:AF:4D:22:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KrJDLDrVEo7XPpnEYNBhH69NIg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153850/7B3B37D4018611F0B05B4C59C4F9AE02/KrJDLDrVEo7XPpnEYNBhH69NIg4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:14:47:4e:09:d2:53:e0:fe:4b:37:af:ec:b3:4c:47:4e:49: a5:1c:99:59:94:d1:e3:2e:a7:0b:b2:69:e0:88:14:1b:e0:d5: cf:1f:f4:b7:90:34:73:17:f0:64:25:fd:ec:f9:0a:6d:a5:7a: e2:37:0f:22:6a:be:27:57:33:5e:3c:41:e4:09:f5:ed:66:02: e8:60:65:d8:ec:47:bc:3d:e6:45:d5:f1:3b:bb:6d:26:88:29: d8:53:e2:c9:50:de:7c:32:18:3e:73:32:ab:14:e4:44:e0:4e: 06:b0:c3:9f:e2:36:97:90:ce:6d:fa:49:5b:64:3f:f4:0b:fc: ce:dd:72:7a:2f:a4:e0:fb:8a:3c:46:6f:fd:61:7a:3e:8e:cc: 3d:f8:9e:60:7c:b8:f3:23:b3:bd:05:1b:49:7f:3c:a6:c0:b3: e7:82:b3:57:11:e9:6c:09:34:ec:18:81:1c:b7:1e:be:09:20: 84:08:d5:53:9c:65:9d:fa:76:a2:24:bd:76:0e:52:a8:fa:01: f3:e9:4b:26:b1:bc:cd:7a:91:41:52:bd:88:63:9f:14:c3:2b: 55:e8:52:d1:37:4e:47:e9:98:6a:50:c2:a9:a9:36:a0:b3:64: 31:9e:70:0a:6e:d4:28:ae:4b:cb:e2:c3:d6:b3:aa:c4:d4:5d: f4:39:d3:ea -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 Mzg1MDExMC8GA1UEBRMoMkFCMjQzMkMzQUQ1MTI4RUQ3M0U5OUM0NjBEMDYxMUZB RjREMjIwRTAeFw0yNTA0MDMwNzIzMjVaFw0yNTA0MTAwNzIzMjVaMBgxFjAUBgNV BAMTDTY3ZWUzNzZkLTk1ZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCuNBIXQhTPm6bGnmi2LIQeQVcg/V9eGYuRLx4doEpnorCnPVSFaxas+oJBdKTV Z9Er2Xihq697TAOQYgMCfikqyLJRnK3m9+b7/rMz7rW7fYlD5aJOpsY17wMCnmwL NfzL1hjtyUH2ELvmUEODtqm/tqzFLPYV+Wcp5+UfcxgmbkC8tHCuLL/NCbXsklte DV94pwHVC02pV1WwmkU+WZX6zjI2aHtOFvlRSQPqU7UQPPUkl+PaOq/ql1gdIL1A 4MYDdySJgktMc67YgCHybjaSBnRSibfIh6hX+U/BF/H5iwWtybU92UaHaQIeMoOZ t9cTbvtwwWYz4V1g8WBQsABlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuR5jUcVe fH3Q3k729RPPelKASNswHwYDVR0jBBgwFoAUKrJDLDrVEo7XPpnEYNBhH69NIg4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzODUwLzdCM0IzN0Q0MDE4 NjExRjBCMDVCNEM1OUM0RjlBRTAyL0tySkRMRHJWRW83WFBwbkVZTkJoSDY5Tkln NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS3JKRExEclZFbzdYUHBuRVlOQmhINjlOSWc0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUz ODUwLzdCM0IzN0Q0MDE4NjExRjBCMDVCNEM1OUM0RjlBRTAyL0tySkRMRHJWRW83 WFBwbkVZTkJoSDY5TklnNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGkUR04J0lPg/ks3r+yzTEdOSaUcmVmU0eMupwuyaeCIFBvg1c8f9LeQ NHMX8GQl/ez5Cm2leuI3DyJqvidXM148QeQJ9e1mAuhgZdjsR7w95kXV8Tu7bSaI KdhT4slQ3nwyGD5zMqsU5ETgTgaww5/iNpeQzm36SVtkP/QL/M7dcnovpOD7ijxG b/1hej6OzD34nmB8uPMjs70FG0l/PKbAs+eCs1cR6WwJNOwYgRy3Hr4JIIQI1VOc ZZ36dqIkvXYOUqj6AfPpSyaxvM16kUFSvYhjnxTDK1XoUtE3TkfpmGpQwqmpNqCz ZDGecApu1CiuS8viw9azqsTUXfQ50+o= -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:47 2025 by rpki-client