$ rpki-client -vvf rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft File: kzrtfDoGQianFEt0eMdAPazdgAU.mft (raw, json) Hash identifier: Lyw6XD+souhB3sgausBzpdmk+xHF8nAmtckO+v1/ctw= Subject key identifier: F6:77:0B:A6:D9:E6:6E:28:EF:21:EB:84:B4:F8:82:E9:5F:FC:08:57 Authority key identifier: 93:3A:ED:7C:3A:06:42:26:A7:14:4B:74:78:C7:40:3D:AC:DD:80:05 Certificate issuer: /CN=A91A81F7/serialNumber=933AED7C3A064226A7144B7478C7403DACDD8005 Certificate serial: 0374 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft Manifest number: 0370 Signing time: Sat 29 Mar 2025 01:10:57 +0000 Manifest this update: Sat 29 Mar 2025 01:10:57 +0000 Manifest next update: Sat 05 Apr 2025 01:10:57 +0000 Files and hashes: 1: kzrtfDoGQianFEt0eMdAPazdgAU.crl (hash: JetdHFATjcQP0NKXnDywZFj/P1FXt3bzrWVSsh0HEok=) 2: 4D7F18D69F8911EC8270CE39C4F9AE02.roa (hash: DvvVhTWHCUbaFBHxMQ8UUW6nZ5VH6Qlov4BUrN8E2sA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.crl rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 01:10:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 884 (0x374) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A81F7 Validity Not Before: Mar 29 01:10:57 2025 GMT Not After : Apr 5 01:10:57 2025 GMT Subject: CN=67e748a1-564c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:bf:ee:6d:bb:28:66:f2:42:43:79:54:1d:14: 87:9f:8a:82:b5:33:4a:e4:80:c3:8a:83:14:4e:25: df:49:60:f7:1b:32:66:bf:76:06:fb:6f:8c:75:37: 04:ef:65:b0:3c:3a:9b:55:4c:85:85:62:d4:e1:13: bf:6f:d9:45:e1:6b:86:32:1e:a6:23:23:38:cf:f0: f1:76:f1:46:57:4e:04:54:ac:80:68:c5:cb:48:b0: 0b:2a:7f:51:c7:d0:27:fd:f1:d1:f1:70:02:97:81: e8:b5:f1:89:43:86:2b:02:5f:d2:c4:ea:3f:71:9a: d2:4d:57:c0:75:ea:d5:20:45:76:ad:ad:e5:92:45: d8:76:1d:b7:ea:00:87:f5:7a:54:6b:c9:22:b3:4d: ff:11:0d:8b:06:27:24:ac:0b:3c:74:f4:19:e2:66: 15:74:bf:fd:da:2a:9d:bd:dc:b2:7b:06:12:8f:ec: 3d:b9:ab:17:bc:b8:d3:19:c1:6a:9d:44:43:9e:de: 84:60:93:2a:be:f9:02:aa:4c:b2:4d:13:59:e0:9e: 67:ac:aa:fa:78:ee:52:d9:a5:1e:27:61:51:39:7a: d6:e4:44:cb:f8:10:b4:3d:25:0c:c9:7a:e9:07:e0: c5:75:49:35:31:70:53:85:91:2f:b4:4c:bd:f9:bb: b5:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:77:0B:A6:D9:E6:6E:28:EF:21:EB:84:B4:F8:82:E9:5F:FC:08:57 X509v3 Authority Key Identifier: keyid:93:3A:ED:7C:3A:06:42:26:A7:14:4B:74:78:C7:40:3D:AC:DD:80:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:db:ec:b1:71:59:35:23:cd:d3:60:7f:c0:32:d3:8f:0c:ab: a9:9a:f9:83:11:48:bf:43:2f:28:bd:2f:e2:cb:ff:eb:b5:86: c1:11:6a:40:0d:15:94:59:5b:fd:95:74:20:0d:4c:da:71:fd: 9b:76:3e:f3:14:59:93:ac:ba:6c:fb:1b:2c:4e:4d:38:fb:31: e0:59:20:68:62:a9:e5:36:ad:85:b6:2c:0b:d3:b9:50:57:fe: 4e:96:bd:ed:22:0c:9d:cb:c2:81:f1:df:79:c9:b2:a0:5a:30: 4e:79:1c:ed:c5:4a:9f:b2:fd:a8:41:7f:23:d3:a9:b2:fc:4a: a7:82:a9:be:2c:17:9e:2a:7b:fe:66:92:fb:1c:e2:ba:41:53: 62:73:95:27:65:c8:17:5e:f2:5f:28:74:6b:12:29:42:9b:af: 4f:b7:0d:58:30:2b:72:8b:a6:7b:8d:5a:11:5b:e7:75:2f:53: 57:8e:3e:cd:a9:d7:74:74:57:29:bc:1b:85:f8:8e:0e:a0:bb: a6:f4:b4:f3:1b:90:0d:4a:9a:ca:58:d0:59:13:cf:20:2b:e8: 94:36:ca:3b:a0:51:80:f5:41:e3:5c:dc:78:09:5b:e8:ff:77: ca:d5:e8:59:0f:2d:e0:da:e9:de:53:33:02:2a:92:c6:45:6c: 1d:41:80:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTgxRjcxMTAvBgNVBAUTKDkzM0FFRDdDM0EwNjQyMjZBNzE0NEI3NDc4Qzc0MDNE QUNERDgwMDUwHhcNMjUwMzI5MDExMDU3WhcNMjUwNDA1MDExMDU3WjAYMRYwFAYD VQQDEw02N2U3NDhhMS01NjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvr/ubbsoZvJCQ3lUHRSHn4qCtTNK5IDDioMUTiXfSWD3GzJmv3YG+2+MdTcE 72WwPDqbVUyFhWLU4RO/b9lF4WuGMh6mIyM4z/DxdvFGV04EVKyAaMXLSLALKn9R x9An/fHR8XACl4HotfGJQ4YrAl/SxOo/cZrSTVfAderVIEV2ra3lkkXYdh236gCH 9XpUa8kis03/EQ2LBickrAs8dPQZ4mYVdL/92iqdvdyyewYSj+w9uasXvLjTGcFq nURDnt6EYJMqvvkCqkyyTRNZ4J5nrKr6eO5S2aUeJ2FROXrW5ETL+BC0PSUMyXrp B+DFdUk1MXBThZEvtEy9+bu1jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPZ3C6bZ 5m4o7yHrhLT4gulf/AhXMB8GA1UdIwQYMBaAFJM67Xw6BkImpxRLdHjHQD2s3YAF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODFGNy8zMEY0NkVFRTlG ODYxMUVDOEQ5RjNGMzRDNEY5QUUwMi9renJ0ZkRvR1FpYW5GRXQwZU1kQVBhemRn QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6cnRmRG9HUWlhbkZFdDBlTWRBUGF6ZGdBVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB ODFGNy8zMEY0NkVFRTlGODYxMUVDOEQ5RjNGMzRDNEY5QUUwMi9renJ0ZkRvR1Fp YW5GRXQwZU1kQVBhemRnQVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDE2+yxcVk1I83TYH/AMtOPDKupmvmDEUi/Qy8ovS/iy//rtYbBEWpA DRWUWVv9lXQgDUzacf2bdj7zFFmTrLps+xssTk04+zHgWSBoYqnlNq2FtiwL07lQ V/5Olr3tIgydy8KB8d95ybKgWjBOeRztxUqfsv2oQX8j06my/Eqngqm+LBeeKnv+ ZpL7HOK6QVNic5UnZcgXXvJfKHRrEilCm69Ptw1YMCtyi6Z7jVoRW+d1L1NXjj7N qdd0dFcpvBuF+I4OoLum9LTzG5ANSprKWNBZE88gK+iUNso7oFGA9UHjXNx4CVvo /3fK1ehZDy3g2uneUzMCKpLGRWwdQYCh -----END CERTIFICATE-----Generated at Fri Apr 4 21:58:11 2025 by rpki-client