$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft File: KUrNCNoZE4w376-ydKHndXceRT4.mft (raw, json) Hash identifier: I/LYm2s3/Kz5iCvA4RnQ9kdokpkHZ2I1875diDOnUa0= Subject key identifier: BD:A2:8E:DE:16:FA:12:0E:FE:4E:34:1C:BE:82:19:64:98:CA:07:3F Authority key identifier: 29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E Certificate issuer: /CN=A919C8F9/serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Certificate serial: 050E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft Manifest number: 0508 Signing time: Fri 28 Mar 2025 23:53:33 +0000 Manifest this update: Fri 28 Mar 2025 23:53:33 +0000 Manifest next update: Fri 04 Apr 2025 23:53:33 +0000 Files and hashes: 1: KUrNCNoZE4w376-ydKHndXceRT4.crl (hash: nPjFIrbJwWhrJPJR+2d9DCfiemGI/bAbm9bMyx3Cmz8=) 2: 2D7BD4EA03DD11ECA448405BC4F9AE02.roa (hash: KKWKrtsh/34nl8r+0Ut1+Gkgstz0StRYtgWm9ide930=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 23:53:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1294 (0x50e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8F9 Validity Not Before: Mar 28 23:53:33 2025 GMT Not After : Apr 4 23:53:33 2025 GMT Subject: CN=67e7367d-c321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:09:ec:f2:d1:c2:5e:c9:a4:63:3f:5a:7c:6c: 0f:38:bb:8a:b2:f9:77:b5:25:c6:03:ee:db:80:09: b4:0a:4a:d6:07:e2:5a:38:4d:60:0a:bc:b7:81:14: ad:36:d8:bc:4f:10:fb:21:30:da:0d:f2:4c:ab:d0: a8:a0:0b:0f:05:5c:d8:f0:7a:7b:3a:1f:b4:9b:36: 56:e1:ea:43:81:cb:88:5e:69:6a:73:0c:a8:e2:8a: bd:2b:3e:d3:73:46:55:0d:b9:49:de:67:2f:be:d2: ab:bf:57:5c:6d:bb:35:fc:48:ac:2a:8b:67:38:35: 19:10:6f:ec:04:d4:c7:11:76:00:e8:aa:0e:1f:b8: ef:d7:b0:cf:ea:32:66:bd:1c:e7:8a:2a:a9:09:71: a0:4f:24:81:b9:8d:09:71:46:05:a9:90:9a:56:77: 91:d1:cf:11:69:05:d1:3e:95:85:27:38:de:9a:d1: 48:ad:9b:d1:58:fa:be:82:8e:0b:2b:68:24:96:f5: 04:16:c4:ec:94:e0:c7:d2:73:dd:39:1a:d3:4f:8e: 83:64:b3:08:97:4a:65:db:7f:07:7e:0d:14:74:41: 78:10:a4:e4:b9:64:78:93:3f:5f:b0:cf:fc:c6:b4: c7:ed:09:3d:29:79:18:79:a5:3d:b8:2a:88:df:8f: be:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:A2:8E:DE:16:FA:12:0E:FE:4E:34:1C:BE:82:19:64:98:CA:07:3F X509v3 Authority Key Identifier: keyid:29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:ec:63:6e:cb:aa:05:7e:ee:9e:21:ce:85:1b:71:e4:80:9e: a3:76:bb:11:dd:f1:61:6a:cc:58:f6:e0:9e:89:5e:0b:c7:46: c7:1e:12:f9:a9:3d:dd:7b:9d:fd:3e:08:16:f6:2e:77:ed:1b: 5c:d9:0d:84:d4:df:e9:ea:1a:95:d0:07:2c:55:28:65:32:af: 3a:c2:7e:8b:9f:4c:34:da:7c:f1:14:fb:11:bc:31:f1:b6:1b: 54:1c:1e:f8:78:d2:76:db:f1:01:19:36:84:9d:8c:37:ce:ee: 20:54:0f:91:4a:fc:ac:48:2a:f3:4e:96:fb:94:7c:0f:f5:2e: 99:ad:4e:84:72:5a:31:23:51:7a:74:65:1b:17:45:1f:f0:ae: f1:55:0d:ba:f7:27:23:ff:7a:56:fd:08:72:7e:ab:53:bb:84: 73:18:56:7b:61:75:f5:51:76:a1:8b:a1:39:43:b9:3a:45:f7: 1b:91:c3:3d:ea:e7:2c:d2:40:5f:5d:f1:ff:5a:3f:a6:2c:ed: 5a:8a:5d:07:ef:94:03:f4:55:6f:c2:2f:18:79:c7:3d:15:6f: d8:be:b4:ed:32:b6:19:e6:92:d7:d1:e7:98:91:8e:8f:e2:72: 77:4b:74:6d:c3:73:ba:94:30:88:ad:b2:5f:83:db:fc:f2:42: ee:45:2e:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4RjkxMTAvBgNVBAUTKDI5NEFDRDA4REExOTEzOEMzN0VGQUZCMjc0QTFFNzc1 NzcxRTQ1M0UwHhcNMjUwMzI4MjM1MzMzWhcNMjUwNDA0MjM1MzMzWjAYMRYwFAYD VQQDEw02N2U3MzY3ZC1jMzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuAns8tHCXsmkYz9afGwPOLuKsvl3tSXGA+7bgAm0CkrWB+JaOE1gCry3gRSt Nti8TxD7ITDaDfJMq9CooAsPBVzY8Hp7Oh+0mzZW4epDgcuIXmlqcwyo4oq9Kz7T c0ZVDblJ3mcvvtKrv1dcbbs1/EisKotnODUZEG/sBNTHEXYA6KoOH7jv17DP6jJm vRzniiqpCXGgTySBuY0JcUYFqZCaVneR0c8RaQXRPpWFJzjemtFIrZvRWPq+go4L K2gklvUEFsTslODH0nPdORrTT46DZLMIl0pl238Hfg0UdEF4EKTkuWR4kz9fsM/8 xrTH7Qk9KXkYeaU9uCqI34++1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2ijt4W +hIO/k40HL6CGWSYygc/MB8GA1UdIwQYMBaAFClKzQjaGROMN++vsnSh53V3HkU+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhGOS9EQzZCMzYxNEZF NkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0dzM3Ni15ZEtIbmRYY2VS VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVck5DTm9aRTR3Mzc2LXlkS0huZFhjZVJUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzhGOS9EQzZCMzYxNEZFNkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0 dzM3Ni15ZEtIbmRYY2VSVDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBA7GNuy6oFfu6eIc6FG3HkgJ6jdrsR3fFhasxY9uCeiV4Lx0bHHhL5 qT3de539PggW9i537Rtc2Q2E1N/p6hqV0AcsVShlMq86wn6Ln0w02nzxFPsRvDHx thtUHB74eNJ22/EBGTaEnYw3zu4gVA+RSvysSCrzTpb7lHwP9S6ZrU6EcloxI1F6 dGUbF0Uf8K7xVQ269ycj/3pW/QhyfqtTu4RzGFZ7YXX1UXahi6E5Q7k6RfcbkcM9 6ucs0kBfXfH/Wj+mLO1ail0H75QD9FVvwi8Yecc9FW/YvrTtMrYZ5pLX0eeYkY6P 4nJ3S3Rtw3O6lDCIrbJfg9v88kLuRS7b -----END CERTIFICATE-----Generated at Fri Apr 4 22:06:53 2025 by rpki-client