$ rpki-client -vvf rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft File: kDfAsp43CSqDhSzkuIW3dqfB47Y.mft (raw, json) Hash identifier: VKnIEt+fdsoLFU2syA3gLdprS+OUFLaKZ77bYGhE5Cg= Subject key identifier: 66:D3:04:E7:2C:DD:DD:2F:F1:A7:0F:D7:FC:AD:37:FF:43:17:53:B1 Authority key identifier: 90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 Certificate issuer: /CN=A91957D1/serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Certificate serial: FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft Manifest number: FB Signing time: Thu 03 Apr 2025 04:25:35 +0000 Manifest this update: Thu 03 Apr 2025 04:25:35 +0000 Manifest next update: Thu 10 Apr 2025 04:25:35 +0000 Files and hashes: 1: kDfAsp43CSqDhSzkuIW3dqfB47Y.crl (hash: IabVyVvVGm+WfMIA/OMTxJCmjgKX9Pb5TIkmdJjOtzE=) 2: 72CE4D80958411EEB3748B58C4F9AE02.roa (hash: iKey44OboTB8NilxUb2DzRzq18OyDEY6fi5JIxPzxK0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 04:25:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 254 (0xfe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91957D1 Validity Not Before: Apr 3 04:25:35 2025 GMT Not After : Apr 10 04:25:35 2025 GMT Subject: CN=67ee0dbf-1971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:71:30:ac:16:3f:30:46:06:31:49:19:47:c6: 7b:8d:c0:96:5f:3f:ad:ac:05:6c:6f:43:95:e9:9c: 33:8d:59:3d:33:09:1c:09:dc:05:90:01:b6:7a:8f: ae:b7:c2:2b:71:54:e1:bd:31:da:11:e4:70:05:30: 7b:f2:40:de:b4:10:ee:d3:dc:0a:f7:d2:a0:f5:de: 75:70:c1:7c:dc:ce:cf:74:e1:f5:f9:e9:ea:9e:7c: 88:c8:bf:71:66:e2:80:8e:a5:a9:8b:64:a0:21:35: 87:7a:92:db:22:b7:82:cd:a4:38:bf:49:b0:7e:bd: 19:c8:73:a8:ea:fb:16:29:cd:49:e0:ff:f0:2d:03: 8f:88:7b:21:a2:90:32:b2:97:43:0a:b8:de:9b:e2: cf:83:03:7b:0c:cd:2d:9a:f1:94:15:b9:d8:c0:ba: 97:b5:c6:cb:75:83:b5:d0:94:c8:40:09:4d:b0:06: 8c:b5:e5:8c:ea:e0:9b:63:ff:43:0b:25:21:5f:ca: 7c:fd:05:6c:8e:82:a8:b2:6b:b3:37:54:16:27:41: 37:c7:bc:76:6b:ee:b1:34:aa:09:b5:53:b4:ce:13: 82:dc:76:37:88:f9:47:2d:b2:49:66:f8:92:c6:c7: 4b:85:cd:d6:3e:cd:77:03:57:ed:46:0b:02:f3:14: 03:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:D3:04:E7:2C:DD:DD:2F:F1:A7:0F:D7:FC:AD:37:FF:43:17:53:B1 X509v3 Authority Key Identifier: keyid:90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:09:ca:8d:39:ca:a1:e6:e8:f9:51:e1:30:56:60:47:57:cd: b7:23:59:63:65:c6:4c:1c:c8:ae:ee:7e:69:c8:7f:44:d9:ff: 60:f3:1f:f1:ea:05:73:d1:ff:66:44:33:c2:e6:9d:b9:91:e6: e1:ed:22:92:03:38:15:5b:07:11:5d:07:15:24:18:54:47:4d: 18:a4:f0:dd:6a:ad:a5:41:fb:d4:c1:44:18:6e:ee:f4:5e:2e: 07:38:fb:14:7c:19:fe:68:89:3a:21:f1:d7:ce:98:f4:b6:b0: c1:b4:5c:cc:bb:f9:34:ce:4e:3d:65:2e:93:ef:eb:a0:08:fb: 19:43:8c:92:51:fe:2a:40:1a:ba:df:d1:df:e9:dc:25:ae:51: 9b:2b:0a:4d:d4:e8:b8:80:50:9d:16:db:3b:fc:a0:57:23:87: a0:17:91:4b:24:2b:1d:03:87:dc:cd:ae:d7:94:cb:69:ea:5a: b4:19:58:8f:c3:92:e8:36:71:85:c4:84:41:33:30:dd:62:d9: 6c:2c:f0:09:bc:f1:ee:4b:0d:db:ba:92:1c:8a:b1:ed:4a:3c: 55:40:fc:14:cc:73:2a:05:9e:94:28:0e:4b:1c:35:b5:48:c6: 0f:4e:9d:5e:13:82:f8:6b:b7:6c:8e:cf:65:83:85:46:39:58: 6e:1a:b9:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTU3RDExMTAvBgNVBAUTKDkwMzdDMEIyOUUzNzA5MkE4Mzg1MkNFNEI4ODVCNzc2 QTdDMUUzQjYwHhcNMjUwNDAzMDQyNTM1WhcNMjUwNDEwMDQyNTM1WjAYMRYwFAYD VQQDEw02N2VlMGRiZi0xOTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA53EwrBY/MEYGMUkZR8Z7jcCWXz+trAVsb0OV6ZwzjVk9MwkcCdwFkAG2eo+u t8IrcVThvTHaEeRwBTB78kDetBDu09wK99Kg9d51cMF83M7PdOH1+enqnnyIyL9x ZuKAjqWpi2SgITWHepLbIreCzaQ4v0mwfr0ZyHOo6vsWKc1J4P/wLQOPiHshopAy spdDCrjem+LPgwN7DM0tmvGUFbnYwLqXtcbLdYO10JTIQAlNsAaMteWM6uCbY/9D CyUhX8p8/QVsjoKosmuzN1QWJ0E3x7x2a+6xNKoJtVO0zhOC3HY3iPlHLbJJZviS xsdLhc3WPs13A1ftRgsC8xQDEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGbTBOcs 3d0v8acP1/ytN/9DF1OxMB8GA1UdIwQYMBaAFJA3wLKeNwkqg4Us5LiFt3anweO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTdEMS9GMDUzNzc5NDkz QkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NTcURoU3prdUlXM2RxZkI0 N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tEZkFzcDQzQ1NxRGhTemt1SVczZHFmQjQ3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NTdEMS9GMDUzNzc5NDkzQkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NT cURoU3prdUlXM2RxZkI0N1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1CcqNOcqh5uj5UeEwVmBHV823I1ljZcZMHMiu7n5pyH9E2f9g8x/x 6gVz0f9mRDPC5p25kebh7SKSAzgVWwcRXQcVJBhUR00YpPDdaq2lQfvUwUQYbu70 Xi4HOPsUfBn+aIk6IfHXzpj0trDBtFzMu/k0zk49ZS6T7+ugCPsZQ4ySUf4qQBq6 39Hf6dwlrlGbKwpN1Oi4gFCdFts7/KBXI4egF5FLJCsdA4fcza7XlMtp6lq0GViP w5LoNnGFxIRBMzDdYtlsLPAJvPHuSw3bupIcirHtSjxVQPwUzHMqBZ6UKA5LHDW1 SMYPTp1eE4L4a7dsjs9lg4VGOVhuGrnv -----END CERTIFICATE-----Generated at Fri Apr 4 18:29:25 2025 by rpki-client