$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: y0r1AwAJr8+UovKI6ansLgIeqYkuv21OvooqguaANtw= Subject key identifier: F2:ED:BB:F2:BA:88:BA:76:E3:75:95:4E:AE:0A:FD:B2:4B:26:C8:FC Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 0125 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 0122 Signing time: Thu 03 Apr 2025 03:56:38 +0000 Manifest this update: Thu 03 Apr 2025 03:56:38 +0000 Manifest next update: Thu 10 Apr 2025 03:56:38 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: rML5KdL5IS9y3odbCv7DdVJg+9tZRTDX5NLSX9DCOLg=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: Pojppps22r3xRUUOYA4Lq5WqJQ1e2Svo0KKFdlUH1VY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 03:56:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 293 (0x125) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677 Validity Not Before: Apr 3 03:56:38 2025 GMT Not After : Apr 10 03:56:38 2025 GMT Subject: CN=67ee06f6-491a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:6f:e0:97:c5:2d:45:b9:39:24:44:99:4b:c9: de:aa:89:4e:e6:b6:ca:33:10:46:d6:b6:e2:c8:4a: e6:22:5d:c1:4a:f1:1d:95:de:fa:2d:60:01:cd:3e: d5:5f:35:25:ff:59:55:76:c6:e1:7e:be:ad:57:80: b7:e6:74:16:03:b3:7f:d7:56:d3:4f:73:39:30:a7: 92:ff:de:68:b4:86:06:6f:6f:b6:21:e9:5b:fc:4a: c8:cf:51:78:7b:9e:1f:b2:4e:21:c3:8e:55:0c:fe: d8:cd:49:aa:e8:19:f1:fe:eb:0e:ec:0e:cd:17:61: 51:77:d9:71:43:33:06:3b:3b:4d:54:7b:9e:2f:d0: 5c:26:0d:3e:85:3d:7e:08:3f:9e:14:b1:1c:75:2b: 6b:3c:57:da:73:31:2d:f4:df:0c:95:32:fa:2f:10: 71:9a:54:83:52:0d:d6:f9:d0:29:1d:01:61:98:56: db:51:c0:b9:0b:57:c9:c1:c6:a3:63:c9:20:d3:b4: 89:72:d3:66:13:0a:33:fd:3b:c2:24:77:ea:07:ce: 06:0c:ba:fd:13:33:29:df:a1:f2:04:aa:99:e2:31: fd:20:6e:4a:4c:b6:84:db:d9:7a:91:53:d0:81:c6: 53:f9:76:46:58:55:e5:28:ac:35:b8:88:52:0d:55: 9b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:ED:BB:F2:BA:88:BA:76:E3:75:95:4E:AE:0A:FD:B2:4B:26:C8:FC X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:c4:93:22:10:5f:cf:d3:b5:a3:bd:f1:17:7f:4b:c1:c8:a4: 86:92:4d:b6:47:84:31:86:2f:fb:7e:db:62:38:c5:72:dc:4f: e2:1a:2c:53:b4:11:f6:3c:47:71:3f:ff:f9:91:fa:77:c9:e0: 49:0e:0e:91:a2:20:f2:2f:83:c9:4c:15:cf:f2:3e:e3:f7:7d: 3f:69:b1:b1:83:58:5e:e4:86:b7:60:ec:b2:6d:bb:9f:f4:56: db:65:31:5b:fc:ea:e8:e8:25:ef:80:f9:f0:98:7d:70:02:43: 31:72:c8:24:84:c1:30:ee:72:a8:3a:6d:b4:5e:98:45:45:52: 16:86:60:76:7b:3f:2a:e9:a7:18:72:e9:3d:b6:1b:70:aa:32: 23:ad:d3:73:2f:63:16:ac:5e:ac:91:20:0e:d4:dd:1e:57:97: fc:95:3b:2b:39:bd:eb:9c:52:68:da:3d:07:79:ba:82:c3:89: e3:d5:73:ec:dc:9a:1d:38:f3:84:40:66:e1:49:bd:44:a6:f0: d0:7c:19:f2:b9:19:8e:73:ef:cb:b4:97:70:9e:91:a4:d7:c9: 60:d9:58:c8:fe:dd:99:75:91:d1:32:5a:1d:32:e3:70:39:ca: ea:ae:2d:22:f5:51:9c:67:c0:0f:c6:31:bf:df:f1:fb:7f:58: 74:63:cd:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUwNDAzMDM1NjM4WhcNMjUwNDEwMDM1NjM4WjAYMRYwFAYD VQQDEw02N2VlMDZmNi00OTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtm/gl8UtRbk5JESZS8neqolO5rbKMxBG1rbiyErmIl3BSvEdld76LWABzT7V XzUl/1lVdsbhfr6tV4C35nQWA7N/11bTT3M5MKeS/95otIYGb2+2Ielb/ErIz1F4 e54fsk4hw45VDP7YzUmq6Bnx/usO7A7NF2FRd9lxQzMGOztNVHueL9BcJg0+hT1+ CD+eFLEcdStrPFfaczEt9N8MlTL6LxBxmlSDUg3W+dApHQFhmFbbUcC5C1fJwcaj Y8kg07SJctNmEwoz/TvCJHfqB84GDLr9EzMp36HyBKqZ4jH9IG5KTLaE29l6kVPQ gcZT+XZGWFXlKKw1uIhSDVWbvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPLtu/K6 iLp243WVTq4K/bJLJsj8MB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBsxJMiEF/P07WjvfEXf0vByKSGkk22R4Qxhi/7fttiOMVy3E/iGixT tBH2PEdxP//5kfp3yeBJDg6RoiDyL4PJTBXP8j7j930/abGxg1he5Ia3YOyybbuf 9FbbZTFb/Oro6CXvgPnwmH1wAkMxcsgkhMEw7nKoOm20XphFRVIWhmB2ez8q6acY cuk9thtwqjIjrdNzL2MWrF6skSAO1N0eV5f8lTsrOb3rnFJo2j0HebqCw4nj1XPs 3JodOPOEQGbhSb1EpvDQfBnyuRmOc+/LtJdwnpGk18lg2VjI/t2ZdZHRMlodMuNw Ocrqri0i9VGcZ8APxjG/3/H7f1h0Y80k -----END CERTIFICATE-----Generated at Fri Apr 4 18:31:31 2025 by rpki-client