$ rpki-client -vvf rpki.apnic.net/member_repository/A9167A72/22FD121ADCF011EEBC90311EC4F9AE02/kKR_PGWbNxj9yC0wB6nTQknMyPQ.mft File: kKR_PGWbNxj9yC0wB6nTQknMyPQ.mft (raw, json) Hash identifier: MXmaW+bRdw00flFELQqCJRfUwFANk9AoHyzB7g3rU48= Subject key identifier: F1:C3:18:A7:5B:6B:30:8A:23:DC:53:9A:5C:99:90:4A:C0:DB:51:4C Authority key identifier: 90:A4:7F:3C:65:9B:37:18:FD:C8:2D:30:07:A9:D3:42:49:CC:C8:F4 Certificate issuer: /CN=A9167A72/serialNumber=90A47F3C659B3718FDC82D3007A9D34249CCC8F4 Certificate serial: D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKR_PGWbNxj9yC0wB6nTQknMyPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167A72/22FD121ADCF011EEBC90311EC4F9AE02/kKR_PGWbNxj9yC0wB6nTQknMyPQ.mft Manifest number: D2 Signing time: Thu 17 Apr 2025 04:32:17 +0000 Manifest this update: Thu 17 Apr 2025 04:32:17 +0000 Manifest next update: Thu 24 Apr 2025 04:32:17 +0000 Files and hashes: 1: kKR_PGWbNxj9yC0wB6nTQknMyPQ.crl (hash: xd9UsAWIIXPpPRSEzmGnGqTZlKPYMdbQxu/G6AbPxns=) 2: F81F7E0EE2A111EEA2DD9E18C4F9AE02.roa (hash: C1pdAbl6h5et4uQ/HDMA/uODKhTj4EU2QcxZSh3A4J4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167A72/22FD121ADCF011EEBC90311EC4F9AE02/kKR_PGWbNxj9yC0wB6nTQknMyPQ.crl rsync://rpki.apnic.net/member_repository/A9167A72/22FD121ADCF011EEBC90311EC4F9AE02/kKR_PGWbNxj9yC0wB6nTQknMyPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKR_PGWbNxj9yC0wB6nTQknMyPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 04:32:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167A72, serialNumber=90A47F3C659B3718FDC82D3007A9D34249CCC8F4 Validity Not Before: Apr 17 04:32:17 2025 GMT Not After : Apr 24 04:32:17 2025 GMT Subject: CN=68008451-e748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5d:33:42:49:61:0d:a6:5e:44:ad:e7:b4:c3: 18:56:29:ce:0a:47:de:34:f1:9a:f4:12:b6:3e:5b: 6a:fc:63:70:eb:e0:88:ba:fe:e7:ee:df:25:85:0b: 53:ef:55:8c:f0:81:ed:2b:0e:5c:6d:e1:a4:c0:29: 33:5a:ea:b6:be:32:fd:c1:8e:b0:f1:5e:e2:e5:31: e2:8c:e5:65:d5:a9:9f:b2:bb:19:08:b3:17:46:7e: 5f:8d:30:5e:ec:9b:dd:cd:09:10:8a:00:13:9a:76: 49:8f:84:0d:85:e5:9a:55:44:f9:01:cb:8f:f1:65: 20:12:3a:55:7a:1b:60:c6:bc:c1:3d:ed:05:a2:89: b2:11:0e:fe:da:d0:8c:e4:e5:99:ca:39:cf:79:77: 9a:ec:e9:af:72:5a:82:47:d1:75:f0:c3:e9:2d:9a: 6c:0a:6c:5f:13:35:b7:d3:dc:c7:30:46:e1:26:bd: 47:f6:f2:78:b3:bf:ca:72:df:7c:0f:d7:3f:2f:b7: 0a:84:06:38:b9:4c:fc:19:03:b6:8f:51:ef:77:ac: 1d:c5:29:87:31:5e:17:8e:91:b6:57:e7:a9:15:d7: a0:14:9a:b5:6d:6c:c0:33:63:6a:d9:19:e1:5b:bf: 32:86:e6:68:d4:c3:27:7c:7d:d9:c6:0c:77:6b:c3: 5c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:C3:18:A7:5B:6B:30:8A:23:DC:53:9A:5C:99:90:4A:C0:DB:51:4C X509v3 Authority Key Identifier: keyid:90:A4:7F:3C:65:9B:37:18:FD:C8:2D:30:07:A9:D3:42:49:CC:C8:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167A72/22FD121ADCF011EEBC90311EC4F9AE02/kKR_PGWbNxj9yC0wB6nTQknMyPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKR_PGWbNxj9yC0wB6nTQknMyPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167A72/22FD121ADCF011EEBC90311EC4F9AE02/kKR_PGWbNxj9yC0wB6nTQknMyPQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:12:36:87:1f:be:9e:a5:b7:e1:7c:bc:b1:84:a1:8c:7e:e6: 77:03:dd:7d:e1:99:74:dd:7d:08:8c:63:0d:de:fb:56:b6:ae: f8:33:94:97:ca:65:84:51:48:48:f5:28:be:7a:f7:0a:39:83: c1:03:30:8b:b2:69:93:29:a0:86:cd:77:3e:5b:22:c8:fa:82: 5c:7d:9c:93:1c:ed:24:53:12:5c:74:45:62:9b:79:76:62:bf: 6d:26:d1:b9:83:15:61:eb:e8:32:e0:9f:9a:b9:fa:d8:bb:a6: 29:96:0d:23:3f:52:0a:2f:85:a0:a8:d3:df:1f:e4:c8:43:f9: ae:fb:21:0e:71:d8:97:0a:0b:19:21:1a:aa:95:87:6c:46:7b: 07:73:0b:e5:4b:36:f0:8e:36:93:1c:52:8b:1b:11:49:4f:d8: e5:08:1c:e3:ee:f0:6d:6c:95:c4:83:44:20:0e:dc:f9:8a:39: 2b:a5:10:9f:5b:3e:d9:15:64:e0:53:88:b0:1b:4d:5a:2a:27: 48:a5:9b:e7:99:69:0f:69:56:37:1b:58:53:2d:99:51:a6:b2: 5c:ec:a8:3e:40:c8:22:bc:59:d3:7c:04:ce:86:b3:b6:3f:27: 5b:97:5b:55:71:1e:65:5c:c5:1a:5e:80:da:29:ba:00:33:86: 42:48:f8:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdBNzIxMTAvBgNVBAUTKDkwQTQ3RjNDNjU5QjM3MThGREM4MkQzMDA3QTlEMzQy NDlDQ0M4RjQwHhcNMjUwNDE3MDQzMjE3WhcNMjUwNDI0MDQzMjE3WjAYMRYwFAYD VQQDEw02ODAwODQ1MS1lNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAul0zQklhDaZeRK3ntMMYVinOCkfeNPGa9BK2Pltq/GNw6+CIuv7n7t8lhQtT 71WM8IHtKw5cbeGkwCkzWuq2vjL9wY6w8V7i5THijOVl1amfsrsZCLMXRn5fjTBe 7JvdzQkQigATmnZJj4QNheWaVUT5AcuP8WUgEjpVehtgxrzBPe0FoomyEQ7+2tCM 5OWZyjnPeXea7OmvclqCR9F18MPpLZpsCmxfEzW309zHMEbhJr1H9vJ4s7/Kct98 D9c/L7cKhAY4uUz8GQO2j1Hvd6wdxSmHMV4XjpG2V+epFdegFJq1bWzAM2Nq2Rnh W78yhuZo1MMnfH3Zxgx3a8NcsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPHDGKdb azCKI9xTmlyZkErA21FMMB8GA1UdIwQYMBaAFJCkfzxlmzcY/cgtMAep00JJzMj0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0E3Mi8yMkZEMTIxQURD RjAxMUVFQkM5MDMxMUVDNEY5QUUwMi9rS1JfUEdXYk54ajl5QzB3QjZuVFFrbk15 UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tLUl9QR1diTnhqOXlDMHdCNm5UUWtuTXlQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0E3Mi8yMkZEMTIxQURDRjAxMUVFQkM5MDMxMUVDNEY5QUUwMi9rS1JfUEdXYk54 ajl5QzB3QjZuVFFrbk15UFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaEjaHH76epbfhfLyxhKGMfuZ3A9194Zl03X0IjGMN3vtWtq74M5SX ymWEUUhI9Si+evcKOYPBAzCLsmmTKaCGzXc+WyLI+oJcfZyTHO0kUxJcdEVim3l2 Yr9tJtG5gxVh6+gy4J+aufrYu6Yplg0jP1IKL4WgqNPfH+TIQ/mu+yEOcdiXCgsZ IRqqlYdsRnsHcwvlSzbwjjaTHFKLGxFJT9jlCBzj7vBtbJXEg0QgDtz5ijkrpRCf Wz7ZFWTgU4iwG01aKidIpZvnmWkPaVY3G1hTLZlRprJc7Kg+QMgivFnTfATOhrO2 Pydbl1tVcR5lXMUaXoDaKboAM4ZCSPhj -----END CERTIFICATE-----Generated at Fri Apr 18 17:45:12 2025 by rpki-client