$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: ciHygC1IJ7PD7zl+lhA521NUPrJgmfPxZ/nq31jiZ+A= Subject key identifier: 34:7A:BA:99:55:B2:10:3F:00:8A:09:48:29:F6:88:4C:D2:93:86:75 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 024B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 023F Signing time: Wed 09 Apr 2025 01:34:44 +0000 Manifest this update: Wed 09 Apr 2025 01:34:44 +0000 Manifest next update: Wed 16 Apr 2025 01:34:44 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: /UiF2Ee9A3T5o1qpu7wXeQC6fa//4pPfi5YAuWuoGKY=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: bzrwDCcFjUbW1ddYfzBH2lmiEyj4Sa0r3rrfjXsh0+Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 01:34:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 587 (0x24b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897 Validity Not Before: Apr 9 01:34:44 2025 GMT Not After : Apr 16 01:34:44 2025 GMT Subject: CN=67f5ceb4-c8c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:34:d1:6d:55:af:05:c5:b3:8e:65:4d:7e:8c: 3c:30:83:22:fe:42:da:ea:a0:85:42:79:78:8e:e4: 51:87:81:51:5e:ee:86:f6:00:a4:90:41:65:7f:a0: e4:87:7c:5c:68:76:9a:c9:6f:de:4d:42:9e:4b:53: a8:a4:6f:f5:46:14:1c:71:ed:08:b9:ec:83:34:57: a5:d9:fc:d4:80:30:6f:30:77:90:04:e1:c4:26:70: 56:e9:16:40:ec:b9:cc:6a:d1:21:f3:bb:b9:9b:03: 78:9a:93:a7:92:8f:f4:55:98:dd:74:6d:95:0c:fa: bd:3e:7a:de:4e:49:43:1e:94:b9:d9:eb:91:56:8b: 6e:c0:08:30:ef:86:2a:ef:4a:e1:da:27:46:c4:3f: 96:53:5d:ce:56:1d:dd:43:c9:07:9c:33:a0:3f:90: 77:8f:e0:62:25:c9:d8:a5:61:b5:ad:b7:ba:10:2f: 65:a8:84:17:65:9d:15:a4:30:96:f5:9f:35:8d:1a: c0:34:0b:1f:79:18:24:71:48:93:6e:53:6b:c8:6b: 9a:10:8e:0c:a4:58:cf:d8:82:9f:e8:57:9d:c7:be: 26:04:56:96:bf:a4:10:58:26:a9:4a:c1:f5:2d:ff: 03:5c:84:b7:f5:54:5c:89:3c:e6:71:fa:94:3c:5f: a9:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:7A:BA:99:55:B2:10:3F:00:8A:09:48:29:F6:88:4C:D2:93:86:75 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:0e:1a:ad:19:94:26:99:84:4f:73:4a:2a:74:90:9c:ab:57: 59:6f:15:f7:f0:f2:7b:d8:84:e0:39:39:00:84:c4:82:2c:64: 89:d2:bd:91:c5:e8:1d:66:ee:97:02:31:d2:5c:34:35:d7:1f: a7:56:8f:68:c1:10:2c:ad:84:bb:ea:a6:d8:17:da:82:b8:69: 3c:0b:1e:19:2c:24:13:7b:f1:d6:b9:34:d3:83:c5:fa:a7:ca: de:24:1c:e4:68:95:ec:06:2b:5c:af:eb:87:65:f2:1c:76:b5: b9:d0:96:a1:6e:a9:75:30:3a:e6:10:18:d7:9b:7d:37:a8:13: c9:e3:7b:82:0b:14:32:15:77:36:f5:29:a7:be:8c:bd:8d:54: 6c:ef:65:06:e9:09:58:23:36:42:31:71:87:a6:21:9c:98:55: f4:de:79:43:0f:d4:a1:4a:69:4f:3a:71:f5:61:16:50:8e:f9: 16:e5:95:88:21:a2:9d:1c:34:16:6b:af:55:45:0a:ed:54:15: 20:0f:82:7c:72:c3:92:34:9c:8f:02:6e:a3:c4:7c:bd:72:34: 0d:a0:81:6a:2a:ad:a8:e4:17:e8:93:4c:21:17:33:76:db:c2: 87:aa:ea:ff:bc:ea:54:80:b9:fe:66:8c:de:c8:48:36:4f:57: 03:0e:d8:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUwNDA5MDEzNDQ0WhcNMjUwNDE2MDEzNDQ0WjAYMRYwFAYD VQQDEw02N2Y1Y2ViNC1jOGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArzTRbVWvBcWzjmVNfow8MIMi/kLa6qCFQnl4juRRh4FRXu6G9gCkkEFlf6Dk h3xcaHaayW/eTUKeS1OopG/1RhQcce0IueyDNFel2fzUgDBvMHeQBOHEJnBW6RZA 7LnMatEh87u5mwN4mpOnko/0VZjddG2VDPq9PnreTklDHpS52euRVotuwAgw74Yq 70rh2idGxD+WU13OVh3dQ8kHnDOgP5B3j+BiJcnYpWG1rbe6EC9lqIQXZZ0VpDCW 9Z81jRrANAsfeRgkcUiTblNryGuaEI4MpFjP2IKf6Fedx74mBFaWv6QQWCapSsH1 Lf8DXIS39VRciTzmcfqUPF+pWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDR6uplV shA/AIoJSCn2iEzSk4Z1MB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxDhqtGZQmmYRPc0oqdJCcq1dZbxX38PJ72ITgOTkAhMSCLGSJ0r2R xegdZu6XAjHSXDQ11x+nVo9owRAsrYS76qbYF9qCuGk8Cx4ZLCQTe/HWuTTTg8X6 p8reJBzkaJXsBitcr+uHZfIcdrW50Jahbql1MDrmEBjXm303qBPJ43uCCxQyFXc2 9Smnvoy9jVRs72UG6QlYIzZCMXGHpiGcmFX03nlDD9ShSmlPOnH1YRZQjvkW5ZWI IaKdHDQWa69VRQrtVBUgD4J8csOSNJyPAm6jxHy9cjQNoIFqKq2o5Bfok0whFzN2 28KHqur/vOpUgLn+ZozeyEg2T1cDDtg8 -----END CERTIFICATE-----Generated at Thu Apr 10 18:35:05 2025 by rpki-client