$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft File: Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft (raw, json) Hash identifier: asq/yqoPrZphYpYHOHAkPQtPJB1qkKYHlbU3BVyxSwI= Subject key identifier: 7C:3A:C9:AB:8A:9F:36:0F:39:2F:4C:92:D6:98:B2:0A:00:22:BB:B3 Authority key identifier: 29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 Certificate issuer: /CN=A91FC985/serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft Manifest number: 13 Signing time: Sat 29 Mar 2025 07:21:50 +0000 Manifest this update: Sat 29 Mar 2025 07:21:49 +0000 Manifest next update: Sat 05 Apr 2025 07:21:49 +0000 Files and hashes: 1: Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl (hash: DEwlRZy47Ic4X18d9o7rSVAQ7fdhq0CDZd9WntE5pXc=) 2: DA3E289CF5B811EFA1046714C4F9AE02.roa (hash: ghtYYnHvBHOXjjafNw/o3b7nWMJznKoJtYacsPdc8uY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC985 Validity Not Before: Mar 29 07:21:49 2025 GMT Not After : Apr 5 07:21:49 2025 GMT Subject: CN=67e79f8e-80dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:84:35:51:c2:a9:e2:4d:28:93:10:81:11:84: d8:e7:6f:8c:3a:cc:bf:d8:cb:f9:8e:8e:eb:e7:57: c9:c4:0b:de:66:d4:05:ed:f4:c2:9b:6a:61:ef:05: 82:b4:43:7d:ff:47:15:70:ef:83:f9:a5:2d:ae:5e: 2d:7b:0a:56:9f:fe:18:b6:02:67:82:ac:51:00:a9: 59:12:1a:7d:20:e3:1f:d8:70:cc:e0:cc:5b:af:a5: 16:c2:c7:f5:ea:de:89:b3:86:0e:41:5d:13:6f:a5: 56:f8:7b:54:4d:09:71:e8:5f:51:3b:3d:32:d0:9e: a5:bc:91:84:da:bd:d2:93:db:a1:22:de:8a:80:8d: b7:ad:80:6c:3d:cb:06:b9:fd:a4:76:51:bb:32:46: 89:8e:87:58:f5:c1:db:c1:92:38:ff:fb:45:07:0d: 64:fc:3f:b4:c7:2e:90:44:d6:a8:8b:20:11:fa:1b: af:f3:74:b7:59:8a:dc:8d:5c:ef:cb:08:f1:39:b5: 8a:9f:47:d1:60:49:c2:6b:80:bb:0d:a8:17:ca:18: 4d:d0:84:71:46:21:fd:3f:08:e3:90:89:ce:01:74: ae:84:ad:d3:7a:67:8d:16:10:96:99:ae:aa:4c:e0: 02:6e:b2:1f:50:0a:5d:a1:ea:7f:31:81:01:9d:b8: 5a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:3A:C9:AB:8A:9F:36:0F:39:2F:4C:92:D6:98:B2:0A:00:22:BB:B3 X509v3 Authority Key Identifier: keyid:29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:c4:6e:d8:86:f9:dd:90:d0:49:9e:e1:98:dc:3f:94:17:d5: b4:68:b2:2a:4a:80:3c:8e:41:fa:b0:4f:9a:50:2f:a5:70:04: bb:52:28:e0:67:df:97:c3:1b:da:a6:62:c6:1f:12:2e:b1:8e: 62:5c:8e:97:c2:1d:f1:ad:fd:f6:29:38:11:29:bd:0c:fc:69: c9:b2:f5:6d:5b:3d:a7:22:26:f1:86:b8:20:da:af:13:2f:02: 6d:b5:e1:d4:dc:0c:b7:10:c5:f7:59:a8:3a:d3:a0:09:dd:db: 42:cc:f0:57:3b:65:79:c7:31:27:48:bb:a9:fc:bd:e6:ea:cc: 07:2d:01:d4:06:89:fa:48:ee:a1:2c:7d:5e:83:1a:7e:d4:97: 84:4a:83:9f:1d:ee:2e:a6:1c:b8:3a:6d:18:b9:9a:61:3a:a0: 72:01:a8:10:e3:23:2a:a7:a2:3c:32:61:81:14:29:11:a1:6b: 67:e0:07:6e:21:33:53:07:3e:f4:f1:4d:71:16:58:9b:d8:9f: 4d:ca:99:78:ec:0f:90:4b:f6:e9:a5:4e:bb:eb:e8:ea:16:ba: 03:88:4c:91:dd:9a:f3:87:97:77:42:c5:50:04:12:cd:b0:2b: 55:b0:fc:1c:58:bb:74:17:ec:57:99:9f:ec:67:34:e8:fb:d2: 28:e3:17:6e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Qzk4NTExMC8GA1UEBRMoMjlBREIzOUI2MjBFQUUzQ0I4QUZDQTJDQTE4NUY1QzQ4 NzZGRDA0MzAeFw0yNTAzMjkwNzIxNDlaFw0yNTA0MDUwNzIxNDlaMBgxFjAUBgNV BAMTDTY3ZTc5ZjhlLTgwZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDchDVRwqniTSiTEIERhNjnb4w6zL/Yy/mOjuvnV8nEC95m1AXt9MKbamHvBYK0 Q33/RxVw74P5pS2uXi17Claf/hi2AmeCrFEAqVkSGn0g4x/YcMzgzFuvpRbCx/Xq 3omzhg5BXRNvpVb4e1RNCXHoX1E7PTLQnqW8kYTavdKT26Ei3oqAjbetgGw9ywa5 /aR2UbsyRomOh1j1wdvBkjj/+0UHDWT8P7THLpBE1qiLIBH6G6/zdLdZityNXO/L CPE5tYqfR9FgScJrgLsNqBfKGE3QhHFGIf0/COOQic4BdK6ErdN6Z40WEJaZrqpM 4AJush9QCl2h6n8xgQGduFpVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfDrJq4qf Ng85L0yS1piyCgAiu7MwHwYDVR0jBBgwFoAUKa2zm2IOrjy4r8osoYX1xIdv0EMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDOTg1LzY3M0FBMkY0RjVC NzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5NHI4b3NvWVgxeElkdjBF TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Eyem0ySU9yank0cjhvc29ZWDF4SWR2MEVNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZD OTg1LzY3M0FBMkY0RjVCNzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5 NHI4b3NvWVgxeElkdjBFTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAPEbtiG+d2Q0Eme4ZjcP5QX1bRosipKgDyOQfqwT5pQL6VwBLtSKOBn 35fDG9qmYsYfEi6xjmJcjpfCHfGt/fYpOBEpvQz8acmy9W1bPaciJvGGuCDarxMv Am214dTcDLcQxfdZqDrToAnd20LM8Fc7ZXnHMSdIu6n8vebqzActAdQGifpI7qEs fV6DGn7Ul4RKg58d7i6mHLg6bRi5mmE6oHIBqBDjIyqnojwyYYEUKRGha2fgB24h M1MHPvTxTXEWWJvYn03KmXjsD5BL9umlTrvr6OoWugOITJHdmvOHl3dCxVAEEs2w K1Ww/BxYu3QX7FeZn+xnNOj70ijjF24= -----END CERTIFICATE-----Generated at Fri Apr 4 22:40:06 2025 by rpki-client