$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.mft File: Ktu3GxFSPKM5Ll832dx2shHb4IM.mft (raw, json) Hash identifier: 1HUfiGXTe+C4e0C009ePU4otNVOQjUnGrnZ//sFfqNM= Subject key identifier: 21:A5:6D:7C:0B:AC:2B:14:6E:B8:E5:2F:8C:12:3A:BE:0A:BF:77:76 Authority key identifier: 2A:DB:B7:1B:11:52:3C:A3:39:2E:5F:37:D9:DC:76:B2:11:DB:E0:83 Certificate issuer: /CN=A91C8347/serialNumber=2ADBB71B11523CA3392E5F37D9DC76B211DBE083 Certificate serial: E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ktu3GxFSPKM5Ll832dx2shHb4IM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.mft Manifest number: CE Signing time: Sat 05 Apr 2025 05:17:00 +0000 Manifest this update: Sat 05 Apr 2025 05:16:59 +0000 Manifest next update: Sat 12 Apr 2025 05:16:59 +0000 Files and hashes: 1: Ktu3GxFSPKM5Ll832dx2shHb4IM.crl (hash: pruL4uUeVIryfF6wJ1SJWo62sFbZS5wyUsNXxIkSyFk=) 2: 34C7EB4010F411EFB4CD9614C4F9AE02.roa (hash: fhHN+wika6qw4BQ5YkJmWVk33R5FKnY5aL2UuUzBHhw=) 3: F4777FBEEDDA11EF9731160CC4F9AE02.roa (hash: /1+2xPWqZMP3cO+rD339mV/1/rVWVDweL8VvbjIWd3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.crl rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ktu3GxFSPKM5Ll832dx2shHb4IM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 05:16:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 224 (0xe0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8347 Validity Not Before: Apr 5 05:16:59 2025 GMT Not After : Apr 12 05:16:59 2025 GMT Subject: CN=67f0bccb-7b35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:19:30:bc:f3:5b:04:09:0b:64:e9:78:5a:24: e0:2a:93:96:36:49:65:0f:24:7c:79:c6:d0:b2:ff: f0:bf:bd:ad:eb:3a:fa:a8:e7:c1:a4:22:e8:c8:ba: 05:66:02:76:8c:42:e6:c2:73:c6:73:18:27:c5:2d: 93:b1:d3:02:58:b2:08:f8:a0:f9:ba:0e:8a:b5:2d: dc:ae:2c:1e:f1:d7:37:d7:e9:ec:a2:eb:6e:66:58: 4d:08:87:9d:06:51:25:10:41:a3:8d:a7:e7:3b:f1: b1:f5:fc:f6:87:cb:d4:43:c5:9f:89:30:e0:dd:11: af:cf:b4:01:d6:c7:d3:63:17:55:52:21:b6:8a:d4: f3:c7:24:0c:6a:bc:37:e6:7f:49:a7:71:d6:f6:90: 5a:8a:5a:1f:a9:ad:37:db:36:79:9c:80:90:e2:5d: f1:0a:01:aa:9c:f0:c2:30:68:0e:60:89:09:02:6d: 69:c4:1c:52:5d:ac:db:dd:5c:1b:42:d9:45:c9:19: f9:d1:c1:61:b5:7a:a5:1f:c8:fa:f9:d0:fc:95:90: 64:a4:9e:50:c8:76:6b:0c:65:73:1f:a5:f8:61:ce: 51:f6:be:97:ec:c1:3c:84:38:34:85:10:b5:8c:c7: b3:bd:8b:5f:a9:ef:d0:f3:d5:72:c3:27:36:1d:55: c0:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A5:6D:7C:0B:AC:2B:14:6E:B8:E5:2F:8C:12:3A:BE:0A:BF:77:76 X509v3 Authority Key Identifier: keyid:2A:DB:B7:1B:11:52:3C:A3:39:2E:5F:37:D9:DC:76:B2:11:DB:E0:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ktu3GxFSPKM5Ll832dx2shHb4IM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:6f:1f:aa:12:c5:7c:9a:3e:57:22:3c:5d:7f:09:73:5e:8d: cf:63:67:29:c3:c6:65:5f:27:72:5c:9f:17:80:39:88:33:60: 65:8c:9c:c1:e0:45:93:9f:11:05:c4:c9:b0:b8:2a:8b:4b:36: 88:6d:c1:c1:3b:32:ab:6c:20:54:44:c6:46:91:7c:75:4a:7d: f4:25:e0:79:28:65:68:ad:cf:82:9c:1b:47:79:ac:d9:92:e0: 18:fb:23:cc:e0:47:e3:07:49:6c:80:da:37:46:ce:f8:ac:21: a9:3b:e1:8a:51:02:76:bf:5d:fd:09:0a:45:e1:34:79:c9:50: c7:ba:80:cf:27:d3:d8:75:1a:f0:d9:8f:4f:81:29:0a:56:fb: 3d:38:2c:9c:33:4f:a9:a0:36:a5:7b:2e:e7:95:12:99:73:96: 0f:aa:be:2f:1f:af:97:13:bf:4e:fa:40:b4:ed:65:51:58:80: 5d:c2:f5:6a:b9:46:82:2d:4a:96:0f:ac:98:2a:32:a7:62:09: 9a:66:3e:4a:f7:49:41:3f:9c:fd:19:72:b4:4e:50:58:55:d1: aa:20:6b:c4:c8:8c:79:ea:31:6e:90:cf:ee:de:97:7c:ec:42: e5:f5:d1:ac:ad:9d:f5:d6:c7:64:e7:46:94:24:75:01:2d:c0: 13:1a:bb:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzgzNDcxMTAvBgNVBAUTKDJBREJCNzFCMTE1MjNDQTMzOTJFNUYzN0Q5REM3NkIy MTFEQkUwODMwHhcNMjUwNDA1MDUxNjU5WhcNMjUwNDEyMDUxNjU5WjAYMRYwFAYD VQQDEw02N2YwYmNjYi03YjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAthkwvPNbBAkLZOl4WiTgKpOWNkllDyR8ecbQsv/wv72t6zr6qOfBpCLoyLoF ZgJ2jELmwnPGcxgnxS2TsdMCWLII+KD5ug6KtS3criwe8dc31+nsoutuZlhNCIed BlElEEGjjafnO/Gx9fz2h8vUQ8WfiTDg3RGvz7QB1sfTYxdVUiG2itTzxyQMarw3 5n9Jp3HW9pBailofqa032zZ5nICQ4l3xCgGqnPDCMGgOYIkJAm1pxBxSXazb3Vwb QtlFyRn50cFhtXqlH8j6+dD8lZBkpJ5QyHZrDGVzH6X4Yc5R9r6X7ME8hDg0hRC1 jMezvYtfqe/Q89Vywyc2HVXA2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCGlbXwL rCsUbrjlL4wSOr4Kv3d2MB8GA1UdIwQYMBaAFCrbtxsRUjyjOS5fN9ncdrIR2+CD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODM0Ny9DM0U3MjE5MEY5 QTkxMUVFQTgyQTc5MUFDNEY5QUUwMi9LdHUzR3hGU1BLTTVMbDgzMmR4MnNoSGI0 SU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0t0dTNHeEZTUEtNNUxsODMyZHgyc2hIYjRJTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD ODM0Ny9DM0U3MjE5MEY5QTkxMUVFQTgyQTc5MUFDNEY5QUUwMi9LdHUzR3hGU1BL TTVMbDgzMmR4MnNoSGI0SU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUbx+qEsV8mj5XIjxdfwlzXo3PY2cpw8ZlXydyXJ8XgDmIM2BljJzB 4EWTnxEFxMmwuCqLSzaIbcHBOzKrbCBURMZGkXx1Sn30JeB5KGVorc+CnBtHeazZ kuAY+yPM4EfjB0lsgNo3Rs74rCGpO+GKUQJ2v139CQpF4TR5yVDHuoDPJ9PYdRrw 2Y9PgSkKVvs9OCycM0+poDaley7nlRKZc5YPqr4vH6+XE79O+kC07WVRWIBdwvVq uUaCLUqWD6yYKjKnYgmaZj5K90lBP5z9GXK0TlBYVdGqIGvEyIx56jFukM/u3pd8 7ELl9dGsrZ311sdk50aUJHUBLcATGrtz -----END CERTIFICATE-----Generated at Sun Apr 6 10:55:41 2025 by rpki-client