$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft File: KHuwzWb71-W3qIumZ4kSTAsExXg.mft (raw, json) Hash identifier: a2fGbBK7xnwIOLBE42V5zigpDxXpbEWeXIbhnj5TAfo= Subject key identifier: 35:AF:D0:93:A9:3E:39:19:00:66:E7:FB:4F:2D:C0:64:60:D9:CD:2D Authority key identifier: 28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 Certificate issuer: /CN=A91EAE25/serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Certificate serial: 0B5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft Manifest number: 0B51 Signing time: Sat 12 Apr 2025 18:55:38 +0000 Manifest this update: Sat 12 Apr 2025 18:55:38 +0000 Manifest next update: Sat 19 Apr 2025 18:55:38 +0000 Files and hashes: 1: KHuwzWb71-W3qIumZ4kSTAsExXg.crl (hash: Tl7rPPp7yEZHQP+745GTzfqgzpEG3dEJpejN+WLZ58Y=) 2: 2BA212DC306D11EA81D19B38C4F9AE02.roa (hash: rkLsb+deDCPqbk0gObiXfMhdhI5eY1I1eSaPovL0Epo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 18:55:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2906 (0xb5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE25, serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Validity Not Before: Apr 12 18:55:38 2025 GMT Not After : Apr 19 18:55:38 2025 GMT Subject: CN=67fab72a-b1d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:0d:64:e0:99:9b:b3:a9:b0:a9:89:b7:28:fb: 4b:88:9b:14:77:47:ec:cf:58:76:41:18:cd:bf:5d: f4:e9:73:db:23:fc:3b:0d:bb:6a:00:0d:0c:76:e5: 81:63:ef:bb:95:ac:9f:26:a0:4f:3e:7a:18:29:50: e3:1e:db:10:28:4b:fd:4c:08:d7:8f:9f:47:a5:41: da:b1:f2:40:be:cb:8d:50:82:a3:e5:81:e2:60:5f: 5b:1c:fc:81:a8:00:f1:3c:6a:a1:87:94:3b:e9:e8: ff:0f:17:51:b4:1b:2f:b9:4e:7f:55:48:9f:91:de: 15:af:72:83:a4:cf:be:5d:d2:a0:fd:de:bb:54:60: c2:cf:06:8f:a4:f3:6e:6f:c5:bc:e3:69:d4:c5:e1: 6c:d3:10:20:87:92:06:ae:38:8c:d5:1c:60:99:49: 02:a7:f6:97:a9:30:10:92:a3:6c:60:7f:bd:e4:7f: ea:80:7c:4f:f1:ba:94:91:da:4f:c8:78:3b:b6:74: dd:09:31:9a:bf:72:f3:8c:0e:0f:c5:d3:0c:93:be: 0c:05:7f:c6:22:0d:e7:da:08:6d:ef:03:a9:5d:1d: 4a:1f:f3:ad:bd:5a:e2:03:70:71:a7:7d:7e:f9:cd: b2:27:53:2c:c2:8a:58:4f:b1:5b:a3:17:73:53:e4: 32:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:AF:D0:93:A9:3E:39:19:00:66:E7:FB:4F:2D:C0:64:60:D9:CD:2D X509v3 Authority Key Identifier: keyid:28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:23:34:c9:aa:88:c9:27:a6:57:01:a7:5e:61:e0:74:82:73: 6c:68:60:94:09:a3:fc:79:57:e6:cd:12:25:ca:d7:22:d8:c3: cb:79:55:3a:44:4e:c5:99:b5:ae:b3:13:89:5d:51:b2:56:fa: 51:e7:67:e0:56:07:fa:53:00:69:95:19:8e:36:1e:01:15:e5: a5:ef:61:1a:8b:75:da:b1:43:58:8c:9c:18:e9:cd:ed:7d:73: 11:09:73:ff:47:ae:22:11:ff:78:93:81:8c:d8:e6:9d:04:21: 80:24:73:b7:4f:0a:01:32:50:ec:47:a6:bc:ed:e1:0d:38:2a: 0c:be:32:f4:0d:4a:2c:8e:7f:e3:12:4a:fc:96:c3:49:47:fb: b5:e8:69:d7:c7:14:43:f8:06:07:26:16:df:1a:5e:a8:23:19: 60:ad:55:d5:15:d0:2d:7b:1b:e2:f2:aa:12:f3:33:4e:8f:37: 0a:cd:28:ad:73:1e:5c:8f:8a:fe:9a:d2:8c:ba:c5:cc:1d:ce: 2d:5d:fd:e3:17:70:c7:cb:0c:6b:b7:25:cc:b7:eb:b5:a4:5a: c1:b3:9c:31:20:9e:ab:94:98:b5:44:c0:33:d5:d5:25:4d:e6: 45:90:74:0c:57:b2:e1:28:52:e5:71:8a:10:b1:fe:87:1c:a4: 24:f9:6f:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC1owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFMjUxMTAvBgNVBAUTKDI4N0JCMENENjZGQkQ3RTVCN0E4OEJBNjY3ODkxMjRD MEIwNEM1NzgwHhcNMjUwNDEyMTg1NTM4WhcNMjUwNDE5MTg1NTM4WjAYMRYwFAYD VQQDEw02N2ZhYjcyYS1iMWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmA1k4Jmbs6mwqYm3KPtLiJsUd0fsz1h2QRjNv1306XPbI/w7DbtqAA0MduWB Y++7layfJqBPPnoYKVDjHtsQKEv9TAjXj59HpUHasfJAvsuNUIKj5YHiYF9bHPyB qADxPGqhh5Q76ej/DxdRtBsvuU5/VUifkd4Vr3KDpM++XdKg/d67VGDCzwaPpPNu b8W842nUxeFs0xAgh5IGrjiM1RxgmUkCp/aXqTAQkqNsYH+95H/qgHxP8bqUkdpP yHg7tnTdCTGav3LzjA4PxdMMk74MBX/GIg3n2ght7wOpXR1KH/OtvVriA3Bxp31+ +c2yJ1MswopYT7FboxdzU+QynQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDWv0JOp PjkZAGbn+08twGRg2c0tMB8GA1UdIwQYMBaAFCh7sM1m+9flt6iLpmeJEkwLBMV4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUyNS82OEU1N0FFRTMw NjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEtVzNxSXVtWjRrU1RBc0V4 WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIdXd6V2I3MS1XM3FJdW1aNGtTVEFzRXhYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUyNS82OEU1N0FFRTMwNjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEt VzNxSXVtWjRrU1RBc0V4WGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBIIzTJqojJJ6ZXAadeYeB0gnNsaGCUCaP8eVfmzRIlytci2MPLeVU6 RE7FmbWusxOJXVGyVvpR52fgVgf6UwBplRmONh4BFeWl72Eai3XasUNYjJwY6c3t fXMRCXP/R64iEf94k4GM2OadBCGAJHO3TwoBMlDsR6a87eENOCoMvjL0DUosjn/j Ekr8lsNJR/u16GnXxxRD+AYHJhbfGl6oIxlgrVXVFdAtexvi8qoS8zNOjzcKzSit cx5cj4r+mtKMusXMHc4tXf3jF3DHywxrtyXMt+u1pFrBs5wxIJ6rlJi1RMAz1dUl TeZFkHQMV7LhKFLlcYoQsf6HHKQk+W+6 -----END CERTIFICATE-----Generated at Sun Apr 13 05:29:09 2025 by rpki-client