$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: r6sng6yjC8h1f49iYbNBIqNw7haGdD1EJ+rZ+HMTMIA= Subject key identifier: 2D:38:A5:FE:5B:B4:69:D4:30:AD:A3:74:D8:EE:AE:69:52:3A:AE:32 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0E7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0E32 Signing time: Fri 04 Apr 2025 17:57:24 +0000 Manifest this update: Fri 04 Apr 2025 17:57:23 +0000 Manifest next update: Fri 11 Apr 2025 17:57:23 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: GEOfssZTJwHg5QjiyDB25/8i0WFGtK4EJfal1Ol1Uzg=) 2: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: q8VjbfesBfjBXJ1O+TtlGTvZbuy2Q6Gq6lc9iUM1cKc=) 3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: L+aUrfi/IHEm4FCCzrEf6AdJOcO/5KYjXAI+VHu0xCQ=) 4: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: mROz4ndcci/lFowjKQt8EppikBLu2fjIlvGiFhvH3EY=) 5: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: LliQbQ1JrB45v11EWXMUYtz6YL9U5wdtSwrWMJkpnsM=) 6: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: h2BIeTMwzO8mDcsG5Lu/b+2Pt2/VKtjpqvPxs4dvbqg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:57:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3707 (0xe7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C Validity Not Before: Apr 4 17:57:23 2025 GMT Not After : Apr 11 17:57:23 2025 GMT Subject: CN=67f01d84-4549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:9e:ff:18:2d:86:68:c2:07:72:c2:9f:1d:02: 56:39:8b:1e:6f:65:b1:ca:6d:8d:4d:47:2f:15:92: 8e:0b:63:dd:55:e6:f8:fe:f2:72:25:c8:76:08:38: 8e:37:69:0e:2c:b3:aa:0c:52:9e:09:1a:10:9d:83: 0e:c4:36:96:33:da:cc:95:84:df:74:60:e1:56:ca: 15:75:31:03:65:70:1b:dc:c9:88:a0:7c:c2:5f:77: 02:db:5a:50:37:19:70:72:da:de:53:c3:8c:07:36: 39:1a:e1:ff:2f:f7:6a:65:59:df:80:39:67:e4:c2: f2:6d:79:65:ec:2c:06:7e:af:14:92:40:0f:b8:7d: f7:33:7f:a9:1b:b5:09:2f:70:82:d2:8c:f3:59:ed: 9e:78:d9:12:36:92:39:82:37:85:f9:5e:2a:44:e3: 04:c6:6a:cd:78:a0:a7:e9:df:c0:ae:53:79:a4:58: 1b:1a:3b:46:9b:87:77:19:03:36:98:f5:f7:9c:ed: b6:21:46:88:77:c4:ee:41:84:f6:c3:a3:61:f5:0e: 40:46:0b:a1:1e:a8:4f:94:65:25:b2:54:38:da:4d: 0d:90:75:48:df:2d:30:90:55:04:f9:35:2f:b3:02: aa:d1:28:b8:01:0d:54:56:85:d2:f8:1c:b3:6f:08: bb:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:38:A5:FE:5B:B4:69:D4:30:AD:A3:74:D8:EE:AE:69:52:3A:AE:32 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:69:44:f6:ac:49:b8:18:c5:16:83:77:4f:08:49:20:c8:f4: 1b:e0:94:19:ff:11:17:d3:09:8c:2e:90:dc:18:0f:89:08:5e: 2a:72:57:26:5b:8e:33:63:71:75:30:09:a9:c5:22:8e:4a:51: fd:f2:c8:59:b8:cb:e1:5f:be:2b:0b:8a:dd:84:8b:39:24:e2: 9b:c0:5d:0b:b2:e1:86:42:22:db:39:e2:7d:53:14:b2:00:c5: 43:71:00:da:a2:21:c1:9f:bd:42:3c:c3:d1:c8:f6:3b:ae:a5: 6f:61:bb:cb:50:30:31:13:25:07:60:73:e4:49:50:3d:e6:38: c3:b2:57:c6:12:8e:57:d1:15:17:91:13:6d:5d:f4:31:db:4e: ed:fb:f7:e0:8d:d7:64:1e:99:1d:46:9b:91:89:49:7b:b1:0f: a8:35:d4:29:b1:ef:6a:4d:0b:52:25:12:dd:13:10:63:ce:57: 30:cc:5c:da:20:29:a6:b8:1d:08:b9:72:73:a8:e7:46:5b:cd: 47:ad:eb:b4:35:3d:d1:57:81:09:f6:89:94:05:84:12:23:52: 26:da:e3:01:8a:21:a0:23:2d:0c:e5:36:a8:ed:b7:e8:7e:67: 26:2f:01:22:7a:7e:d9:54:35:0e:e9:b1:81:b7:ec:10:79:d2: 86:bd:86:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjUwNDA0MTc1NzIzWhcNMjUwNDExMTc1NzIzWjAYMRYwFAYD VQQDEw02N2YwMWQ4NC00NTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm57/GC2GaMIHcsKfHQJWOYseb2Wxym2NTUcvFZKOC2PdVeb4/vJyJch2CDiO N2kOLLOqDFKeCRoQnYMOxDaWM9rMlYTfdGDhVsoVdTEDZXAb3MmIoHzCX3cC21pQ NxlwctreU8OMBzY5GuH/L/dqZVnfgDln5MLybXll7CwGfq8UkkAPuH33M3+pG7UJ L3CC0ozzWe2eeNkSNpI5gjeF+V4qROMExmrNeKCn6d/ArlN5pFgbGjtGm4d3GQM2 mPX3nO22IUaId8TuQYT2w6Nh9Q5ARguhHqhPlGUlslQ42k0NkHVI3y0wkFUE+TUv swKq0Si4AQ1UVoXS+Byzbwi7lQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC04pf5b tGnUMK2jdNjurmlSOq4yMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuaUT2rEm4GMUWg3dPCEkgyPQb4JQZ/xEX0wmMLpDcGA+JCF4qclcm W44zY3F1MAmpxSKOSlH98shZuMvhX74rC4rdhIs5JOKbwF0LsuGGQiLbOeJ9UxSy AMVDcQDaoiHBn71CPMPRyPY7rqVvYbvLUDAxEyUHYHPkSVA95jjDslfGEo5X0RUX kRNtXfQx207t+/fgjddkHpkdRpuRiUl7sQ+oNdQpse9qTQtSJRLdExBjzlcwzFza ICmmuB0IuXJzqOdGW81Hreu0NT3RV4EJ9omUBYQSI1Im2uMBiiGgIy0M5Tao7bfo fmcmLwEien7ZVDUO6bGBt+wQedKGvYY2 -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:49 2025 by rpki-client