$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: alFRz2V3C654zpz3c2vrvTz67PeQ0PRvuEtUeBKM1SI= Subject key identifier: C5:C4:CA:5F:AB:30:02:DB:BF:F9:B5:53:15:34:6C:AB:23:64:6F:15 Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 05E3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 05D9 Signing time: Sun 06 Apr 2025 15:59:27 +0000 Manifest this update: Sun 06 Apr 2025 15:59:27 +0000 Manifest next update: Sun 13 Apr 2025 15:59:27 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: hT7zBf8rxvRk87IjHDqiD3jStoXQnMsLUSnw+Evyq1A=) 2: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: EST3lTlCsBscnNbAgJCoSC2X1l7CJ5xbYo0Sib0cuM0=) 3: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: pliS+rwU3LbaprEyjV5mUgwfJirBs3RzVR6whO1ItwI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 15:59:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1507 (0x5e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E Validity Not Before: Apr 6 15:59:27 2025 GMT Not After : Apr 13 15:59:27 2025 GMT Subject: CN=67f2a4df-0b6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:44:df:a1:05:b1:79:fa:b6:e2:35:a5:55:92: 0a:11:24:17:12:44:b7:71:09:8a:39:25:04:d7:b2: c5:9a:f5:eb:63:10:d4:96:b4:84:6f:96:a3:f2:c1: 2e:a2:d3:24:c1:8b:f9:79:aa:e8:05:d7:75:3a:41: 5a:83:66:e2:f5:86:4f:8b:a3:0e:b6:35:82:01:20: 34:ab:72:bb:2a:92:ea:2d:c2:73:e4:23:7f:d1:6d: 73:79:1d:d6:89:29:64:12:e2:e1:ec:33:4a:1c:fa: a8:fc:5b:7c:93:c3:6e:e4:90:6f:2f:39:af:93:27: 26:0d:84:ed:7f:c4:50:1d:5c:e6:39:96:23:45:7f: 88:fa:94:bd:ec:e1:a0:5c:1b:06:9f:e3:fc:66:23: 33:2f:22:b2:57:0f:34:84:d6:a5:02:ae:9f:15:44: 6e:86:b3:d8:94:9d:53:3f:df:25:32:43:6f:76:6d: ca:c0:70:39:a6:60:20:cf:cd:72:23:d5:c6:35:a8: 7d:66:67:a0:1c:02:f9:51:91:ab:85:93:10:ee:8c: 33:46:fc:be:f3:32:6f:e0:50:0d:8a:9a:fe:01:70: 23:53:13:55:ec:84:e7:17:85:b8:d4:31:5d:66:24: e7:35:1b:a0:01:11:fa:ee:5d:6e:bc:f8:53:06:2f: 64:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:C4:CA:5F:AB:30:02:DB:BF:F9:B5:53:15:34:6C:AB:23:64:6F:15 X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:56:b0:ba:18:fd:52:d0:da:17:f7:20:7c:fc:22:fc:0c:18: ac:78:5e:0d:74:e4:69:12:a9:09:dc:3a:b4:5e:7e:7b:94:83: a1:59:1d:bf:f9:30:58:2b:ca:c8:a7:2b:ce:30:29:f0:77:e1: 47:49:bd:e8:83:93:f7:10:f6:e6:d3:d1:4e:a1:8d:cb:0d:ae: 2f:76:d5:cb:7f:26:0e:cf:49:7f:91:3f:03:27:90:3b:52:79: ac:98:94:b5:7a:b0:63:4e:3c:98:82:e1:4f:08:84:04:7c:12: f3:71:03:68:85:c6:6c:09:ab:0c:50:01:32:4b:62:f3:61:fe: 1b:06:b9:5a:7a:8d:24:9c:db:96:7f:18:8d:8f:08:06:c7:0e: a1:25:d5:35:6e:05:0d:06:fb:6a:67:b6:c2:a8:80:25:d6:9a: 89:68:4c:23:1b:3d:da:0d:44:2e:32:89:21:a9:a5:a6:1e:2d: 4f:66:dd:76:cd:01:81:e5:d3:94:f9:84:63:c3:ee:46:38:2a: 56:ce:f7:26:c7:1a:d7:79:bb:4c:2b:af:ce:2b:17:4c:c3:f8: 2a:4f:7f:0d:ed:92:9e:fe:e1:14:f6:b9:a2:ac:f3:e7:2a:ff: 58:e2:c8:2e:00:89:74:25:f9:38:a2:68:65:f0:ca:85:d6:0d: 34:0e:88:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjUwNDA2MTU1OTI3WhcNMjUwNDEzMTU1OTI3WjAYMRYwFAYD VQQDEw02N2YyYTRkZi0wYjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA80TfoQWxefq24jWlVZIKESQXEkS3cQmKOSUE17LFmvXrYxDUlrSEb5aj8sEu otMkwYv5earoBdd1OkFag2bi9YZPi6MOtjWCASA0q3K7KpLqLcJz5CN/0W1zeR3W iSlkEuLh7DNKHPqo/Ft8k8Nu5JBvLzmvkycmDYTtf8RQHVzmOZYjRX+I+pS97OGg XBsGn+P8ZiMzLyKyVw80hNalAq6fFURuhrPYlJ1TP98lMkNvdm3KwHA5pmAgz81y I9XGNah9ZmegHAL5UZGrhZMQ7owzRvy+8zJv4FANipr+AXAjUxNV7ITnF4W41DFd ZiTnNRugARH67l1uvPhTBi9kNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMXEyl+r MALbv/m1UxU0bKsjZG8VMB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOVrC6GP1S0NoX9yB8/CL8DBiseF4NdORpEqkJ3Dq0Xn57lIOhWR2/ +TBYK8rIpyvOMCnwd+FHSb3og5P3EPbm09FOoY3LDa4vdtXLfyYOz0l/kT8DJ5A7 UnmsmJS1erBjTjyYguFPCIQEfBLzcQNohcZsCasMUAEyS2LzYf4bBrlaeo0knNuW fxiNjwgGxw6hJdU1bgUNBvtqZ7bCqIAl1pqJaEwjGz3aDUQuMokhqaWmHi1PZt12 zQGB5dOU+YRjw+5GOCpWzvcmxxrXebtMK6/OKxdMw/gqT38N7ZKe/uEU9rmirPPn Kv9Y4sguAIl0Jfk4omhl8MqF1g00Dohx -----END CERTIFICATE-----Generated at Mon Apr 7 10:53:15 2025 by rpki-client