$ rpki-client -vvf rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.mft File: KgHI_pZ5aUR4MewBwCvE6cuaziw.mft (raw, json) Hash identifier: Lv8f3IIa8611w6nxpMvbIJ/DFC1dicQIlY7PR0OoRyM= Subject key identifier: 99:37:A2:11:E8:C0:6C:17:BC:3C:FD:63:2D:90:F6:21:4A:C0:39:0D Authority key identifier: 2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C Certificate issuer: /CN=A9158F8D/serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C Certificate serial: 74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.mft Manifest number: 72 Signing time: Sat 29 Mar 2025 06:11:18 +0000 Manifest this update: Sat 29 Mar 2025 06:11:18 +0000 Manifest next update: Sat 05 Apr 2025 06:11:18 +0000 Files and hashes: 1: KgHI_pZ5aUR4MewBwCvE6cuaziw.crl (hash: ytwz9lcwNrc6cvRRpx5xY+7jUC9WXRSvm++v4QmQq+k=) 2: 6BD5C90A647C11EF9BA53B64C4F9AE02.roa (hash: gZZzxWZWc17nIbYko/2au0DsO+Bhzyn2xAf0VZf3CAI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 116 (0x74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158F8D Validity Not Before: Mar 29 06:11:18 2025 GMT Not After : Apr 5 06:11:18 2025 GMT Subject: CN=67e78f06-04b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:8c:ff:15:a3:27:eb:77:c4:bb:21:c0:a1:67: e2:09:c1:66:3d:27:80:80:38:81:0e:bf:ea:8f:70: d1:de:5d:ad:86:1a:c0:5b:d9:0a:76:38:41:d3:ba: 51:2e:a7:de:40:4d:07:9f:0b:b0:f3:71:6e:6a:bf: 8d:a1:77:71:cf:65:31:4e:7f:41:26:39:b5:dc:e4: 6e:b7:f5:6c:c3:6f:f5:fb:88:f0:c8:84:96:3a:68: ae:d2:8d:32:ca:f1:7b:85:3d:69:9c:d2:18:70:cb: a8:a1:65:ab:b2:16:0f:64:d8:a2:58:2f:08:5e:0e: e9:07:f4:49:19:e1:b8:b1:60:da:67:2c:95:7a:82: 32:3d:be:10:32:90:68:39:6a:84:21:c6:59:ad:4b: da:bc:d1:b8:f5:d1:b3:31:a5:83:2a:f4:6c:83:d3: bd:06:33:34:dc:f0:3a:38:8f:f5:b3:d6:9f:28:84: 0a:b8:ca:93:b5:21:10:e4:8b:ad:a6:4a:f3:14:ee: 44:a5:e3:04:99:50:55:96:1b:fa:51:33:16:02:46: f4:4c:f1:a7:19:83:a4:85:fd:2f:41:91:d3:48:3e: 2e:4c:41:b0:d3:be:43:9a:4c:c3:de:56:3c:92:4e: 48:00:d1:28:22:cd:36:0a:3c:ba:de:2b:e4:c8:12: 4e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:37:A2:11:E8:C0:6C:17:BC:3C:FD:63:2D:90:F6:21:4A:C0:39:0D X509v3 Authority Key Identifier: keyid:2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:b7:22:26:23:d7:c0:e4:bf:c3:c3:50:0a:0c:0d:2f:68:18: 30:0a:8b:2f:ee:5e:44:0d:7b:82:6d:f4:a7:7f:bf:a2:5e:84: 5f:8d:95:3c:40:8d:c3:16:42:90:92:e9:71:2a:9b:de:94:aa: e5:13:03:36:aa:32:17:f0:b8:a5:37:2b:02:9d:d8:41:1e:85: 60:a4:c1:f1:9f:fa:ea:1f:28:c7:ae:63:52:41:c5:d2:3f:cf: a9:58:53:f1:7c:b8:7e:cf:dc:c8:77:16:24:42:fd:dd:84:af: 34:0a:77:e7:de:c5:8a:b8:78:fd:4d:6a:61:a2:e6:3a:b3:ba: 26:e8:90:aa:40:e1:61:90:ac:cd:32:d0:39:d6:f8:b0:1d:34: e1:05:ac:99:9c:38:62:c7:f2:12:a1:b3:ce:e5:0b:9a:96:e1: 68:53:36:ad:a1:19:ea:ce:7b:1b:8c:50:de:88:b9:63:9d:f7: 3b:4b:6e:f7:0a:48:85:b6:ed:01:bc:2d:f8:45:cb:07:3e:69: b7:cf:b3:7f:06:33:36:f3:e0:58:58:f9:d4:52:5c:f2:db:15: a5:4b:82:9d:9c:4f:d5:30:3a:fc:a5:a9:38:cb:ad:9a:b0:31: c0:73:b4:5b:25:1e:5f:6a:0c:19:53:ca:eb:8d:2c:1d:41:18: 41:04:f7:1f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 OEY4RDExMC8GA1UEBRMoMkEwMUM4RkU5Njc5Njk0NDc4MzFFQzAxQzAyQkM0RTlD QjlBQ0UyQzAeFw0yNTAzMjkwNjExMThaFw0yNTA0MDUwNjExMThaMBgxFjAUBgNV BAMTDTY3ZTc4ZjA2LTA0YjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAjP8Voyfrd8S7IcChZ+IJwWY9J4CAOIEOv+qPcNHeXa2GGsBb2Qp2OEHTulEu p95ATQefC7DzcW5qv42hd3HPZTFOf0EmObXc5G639WzDb/X7iPDIhJY6aK7SjTLK 8XuFPWmc0hhwy6ihZauyFg9k2KJYLwheDukH9EkZ4bixYNpnLJV6gjI9vhAykGg5 aoQhxlmtS9q80bj10bMxpYMq9GyD070GMzTc8Do4j/Wz1p8ohAq4ypO1IRDki62m SvMU7kSl4wSZUFWWG/pRMxYCRvRM8acZg6SF/S9BkdNIPi5MQbDTvkOaTMPeVjyS TkgA0SgizTYKPLreK+TIEk6DAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUmTeiEejA bBe8PP1jLZD2IUrAOQ0wHwYDVR0jBBgwFoAUKgHI/pZ5aUR4MewBwCvE6cuaziww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4RjhEL0ExNzlFNTNDNjQ3 NzExRUZBODJERTkzREM0RjlBRTAyL0tnSElfcFo1YVVSNE1ld0J3Q3ZFNmN1YXpp dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2dISV9wWjVhVVI0TWV3QndDdkU2Y3Vheml3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4 RjhEL0ExNzlFNTNDNjQ3NzExRUZBODJERTkzREM0RjlBRTAyL0tnSElfcFo1YVVS NE1ld0J3Q3ZFNmN1YXppdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJW3IiYj18Dkv8PDUAoMDS9oGDAKiy/uXkQNe4Jt9Kd/v6JehF+NlTxA jcMWQpCS6XEqm96UquUTAzaqMhfwuKU3KwKd2EEehWCkwfGf+uofKMeuY1JBxdI/ z6lYU/F8uH7P3Mh3FiRC/d2ErzQKd+fexYq4eP1NamGi5jqzuibokKpA4WGQrM0y 0DnW+LAdNOEFrJmcOGLH8hKhs87lC5qW4WhTNq2hGerOexuMUN6IuWOd9ztLbvcK SIW27QG8LfhFywc+abfPs38GMzbz4FhY+dRSXPLbFaVLgp2cT9UwOvylqTjLrZqw McBztFslHl9qDBlTyuuNLB1BGEEE9x8= -----END CERTIFICATE-----Generated at Fri Apr 4 22:32:02 2025 by rpki-client