$ rpki-client -vvf rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft File: _-KgNynzLTIiepnJJRWMgspUuVc.mft (raw, json) Hash identifier: PR5LaZON08m5SMG1q3l5SrWHOOz3PLiEwTKVdmep1oo= Subject key identifier: 24:66:6E:2E:96:4F:20:A1:14:C0:72:BC:91:56:FE:54:D2:54:C9:78 Authority key identifier: FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 Certificate issuer: /CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Certificate serial: 3497 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft Manifest number: 3486 Signing time: Sat 12 Apr 2025 14:23:28 +0000 Manifest this update: Sat 12 Apr 2025 14:23:28 +0000 Manifest next update: Sat 19 Apr 2025 14:23:28 +0000 Files and hashes: 1: _-KgNynzLTIiepnJJRWMgspUuVc.crl (hash: czR1ZzeiiYm1V0etek+H3DFnEdNYPaYYFbDoaZP6WpE=) 2: A0121BD4871711EA924C6626C4F9AE02.roa (hash: nOTO05trzCD6uEEv4FInP/xVHgXMSyk7YCzU2yFeaPI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 14:23:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13463 (0x3497) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917225D, serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Validity Not Before: Apr 12 14:23:28 2025 GMT Not After : Apr 19 14:23:28 2025 GMT Subject: CN=67fa7760-ac5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:af:ff:65:41:8d:c9:40:be:2a:58:6b:64:ab: 8d:b4:d0:5c:f9:32:cd:db:7a:91:7b:bf:0c:83:bf: c8:aa:7f:22:25:a6:0c:73:73:c8:0f:89:60:5e:17: 77:c1:5b:81:dd:2b:63:bb:97:7f:ff:87:de:12:2d: 16:b0:70:a2:98:be:7a:eb:3e:dd:c5:e6:c8:6f:67: 10:ac:fc:fa:ab:16:81:79:2e:3a:73:da:5c:46:97: 20:6b:f0:f5:70:ce:72:50:ac:da:3c:b7:69:f2:af: c3:59:30:75:7d:a8:cd:4d:b4:dc:62:9a:46:c2:fc: d7:65:22:1f:11:2e:26:f7:12:60:40:62:68:3c:d6: 13:4d:8b:82:19:13:6b:99:7a:d0:9d:3c:2d:a1:f8: 88:80:2c:07:eb:1c:04:d3:38:e3:c1:ab:70:a0:86: dd:70:3e:0c:27:ba:58:56:4a:65:79:d4:8a:e8:9f: 76:82:82:3f:d8:0c:25:41:f3:55:31:ca:53:2b:f9: 5d:82:49:5f:f9:03:06:59:f1:d9:d7:79:aa:ac:2d: 93:59:70:cd:f8:ca:33:d6:2f:4e:65:26:d7:27:89: 1f:26:96:c3:02:08:1b:59:bc:4f:67:f9:75:a1:58: 08:3b:52:d5:55:3b:ff:0e:f2:71:54:5d:c1:b8:22: e3:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:66:6E:2E:96:4F:20:A1:14:C0:72:BC:91:56:FE:54:D2:54:C9:78 X509v3 Authority Key Identifier: keyid:FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:66:aa:2e:22:be:a6:49:31:fb:ee:ab:5c:3f:8c:f5:50:60: 65:45:36:6c:b0:d6:60:18:64:a2:d2:e9:cf:37:65:8a:67:8e: f6:68:c8:37:11:02:50:a1:dc:d0:96:3c:1f:ad:13:74:25:3f: 54:58:64:e6:42:66:23:70:b9:cb:65:71:49:f8:02:35:34:48: cb:77:ed:81:9d:f6:9f:95:ef:5e:c1:dd:b4:2c:be:5b:6d:e2: 23:90:6e:6c:02:89:c9:f2:14:e0:36:32:d1:db:c9:1e:f2:70: 3c:98:c7:17:87:5e:ef:22:74:1f:a1:9f:53:1c:93:bd:bc:b2: 49:a3:79:31:2a:11:65:7d:d2:6f:aa:e3:20:4f:c4:53:df:be: 66:30:6b:37:31:81:d4:88:9f:67:77:e6:07:8a:ad:e3:9d:e8: c2:a8:b5:7b:11:0e:de:2f:6c:82:36:66:3c:1f:4f:f8:65:ed: 6d:11:6b:fd:60:0a:0f:2d:8b:b5:a3:04:d9:2c:35:cc:03:89: d3:42:bd:24:35:e4:20:dd:ea:0f:a9:51:bc:7f:19:94:fa:99: 0c:f5:d6:91:70:a0:f4:fa:76:f8:28:2f:9b:e9:1f:fa:27:7a: 71:4a:15:1a:b4:7f:b6:6c:3e:69:60:32:6f:d8:a2:aa:61:54: c0:b2:27:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzIyNUQxMTAvBgNVBAUTKEZGRTJBMDM3MjlGMzJEMzIyMjdBOTlDOTI1MTU4Qzgy Q0E1NEI5NTcwHhcNMjUwNDEyMTQyMzI4WhcNMjUwNDE5MTQyMzI4WjAYMRYwFAYD VQQDEw02N2ZhNzc2MC1hYzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtq//ZUGNyUC+KlhrZKuNtNBc+TLN23qRe78Mg7/Iqn8iJaYMc3PID4lgXhd3 wVuB3Stju5d//4feEi0WsHCimL566z7dxebIb2cQrPz6qxaBeS46c9pcRpcga/D1 cM5yUKzaPLdp8q/DWTB1fajNTbTcYppGwvzXZSIfES4m9xJgQGJoPNYTTYuCGRNr mXrQnTwtofiIgCwH6xwE0zjjwatwoIbdcD4MJ7pYVkpledSK6J92goI/2AwlQfNV McpTK/ldgklf+QMGWfHZ13mqrC2TWXDN+Moz1i9OZSbXJ4kfJpbDAggbWbxPZ/l1 oVgIO1LVVTv/DvJxVF3BuCLjlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCRmbi6W TyChFMByvJFW/lTSVMl4MB8GA1UdIwQYMBaAFP/ioDcp8y0yInqZySUVjILKVLlX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjI1RC8xRjU1MDgzMDFE ODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxUSWllcG5KSlJXTWdzcFV1 VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18tS2dOeW56TFRJaWVwbkpKUldNZ3NwVXVWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjI1RC8xRjU1MDgzMDFEODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxU SWllcG5KSlJXTWdzcFV1VmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnZqouIr6mSTH77qtcP4z1UGBlRTZssNZgGGSi0unPN2WKZ472aMg3 EQJQodzQljwfrRN0JT9UWGTmQmYjcLnLZXFJ+AI1NEjLd+2Bnfafle9ewd20LL5b beIjkG5sAonJ8hTgNjLR28ke8nA8mMcXh17vInQfoZ9THJO9vLJJo3kxKhFlfdJv quMgT8RT375mMGs3MYHUiJ9nd+YHiq3jnejCqLV7EQ7eL2yCNmY8H0/4Ze1tEWv9 YAoPLYu1owTZLDXMA4nTQr0kNeQg3eoPqVG8fxmU+pkM9daRcKD0+nb4KC+b6R/6 J3pxShUatH+2bD5pYDJv2KKqYVTAsicm -----END CERTIFICATE-----Generated at Sat Apr 12 19:09:45 2025 by rpki-client