$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft File: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft (raw, json) Hash identifier: WnSped8tLMcPTslPIS20YpKQjDGyw4WOxaxQGmy6bls= Subject key identifier: 9F:C0:FC:1B:77:3E:E2:DA:68:F0:59:A0:95:8B:16:A1:06:89:55:9D Authority key identifier: 91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09 Certificate issuer: /CN=A91FF5B9/serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09 Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft Manifest number: 0F Signing time: Sat 19 Apr 2025 07:09:32 +0000 Manifest this update: Sat 19 Apr 2025 07:09:32 +0000 Manifest next update: Sat 26 Apr 2025 07:09:32 +0000 Files and hashes: 1: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl (hash: yv1f3DqC7Le8B2/pl+g8AvqUAdvJa0UMzp/2pQqvy9Q=) 2: DA700744185511F09304D972C4F9AE02.roa (hash: AVDeCRqbZoyZl3fF1YnTf6HcDZbje6RSX9dEEeI1q44=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 07:09:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5B9, serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09 Validity Not Before: Apr 19 07:09:32 2025 GMT Not After : Apr 26 07:09:32 2025 GMT Subject: CN=68034c2c-29df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9c:0d:e5:a4:61:d2:f8:1c:3c:40:c4:66:eb: c6:0a:56:23:0c:37:64:88:97:46:02:af:d2:68:9f: 46:8f:5b:59:83:18:45:ef:05:7a:46:be:4f:0d:c4: b6:f7:8e:aa:50:56:30:cb:9e:9c:0e:84:99:93:aa: 1b:89:60:56:38:62:9d:5f:f2:5b:4b:ad:2f:e7:e5: 55:c4:3a:b9:3f:8f:59:e1:c6:2a:b4:15:85:ef:1c: b7:d0:af:7d:f9:9d:98:bc:9a:a8:37:62:eb:db:40: 4a:6b:01:66:bd:ed:1f:2e:b9:70:3c:49:27:8b:6b: 0b:88:95:89:37:ff:66:21:fd:37:0d:44:0d:3a:2b: eb:7a:1e:2b:56:0b:8e:75:71:59:04:39:d8:a3:5a: 58:ef:d7:b9:e6:cb:1e:97:90:4c:a6:4b:82:0e:09: 05:ea:fc:f5:b5:b5:2c:1b:cf:8d:b6:1c:4b:29:13: 5a:72:1d:b5:0e:e1:51:92:a9:62:9b:56:7b:f0:f6: 05:53:e7:93:93:1d:7a:b3:60:0e:f2:68:f3:45:77: 96:c6:85:ca:00:56:a5:56:0c:e8:67:8f:40:06:27: 2c:4a:71:e0:04:d8:6a:ca:6e:c0:b7:c4:11:c3:24: ad:5e:ff:de:f7:37:ca:19:9d:13:2b:ab:86:6f:19: 18:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:C0:FC:1B:77:3E:E2:DA:68:F0:59:A0:95:8B:16:A1:06:89:55:9D X509v3 Authority Key Identifier: keyid:91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:4a:3e:04:4d:64:3a:b4:77:3f:22:24:e9:85:4e:45:11:b4: 05:d3:8c:c6:02:2c:fd:0a:6e:a7:d3:72:85:a6:94:d6:ac:1e: a8:87:80:e3:62:f7:43:b6:47:19:4a:01:bf:26:22:59:99:96: d2:c8:6e:30:30:3e:95:8b:14:d6:89:1e:64:69:48:bb:1e:13: 53:a5:ec:98:2b:13:a0:4a:83:1f:a7:ba:24:de:b6:5b:9f:97: c4:c1:d2:9f:f1:e6:20:97:1a:8e:dd:3a:61:43:e8:cd:3f:10: bc:98:ac:dd:9c:fc:52:c3:90:2b:cd:51:95:78:02:98:6e:39: 6a:33:63:be:8a:29:7a:2f:2f:b6:40:35:a7:6e:a5:61:d9:3f: ed:74:7c:f5:f8:25:f8:21:c0:93:cb:bb:d3:5e:79:09:b3:da: 03:f5:2f:8f:da:cd:51:5d:40:2b:28:56:dd:a2:59:5c:90:d7: a7:8d:f7:3a:c8:31:2e:78:5c:0d:56:a3:f6:16:ac:27:e4:a2: fd:4a:af:77:e9:fa:fd:4c:8c:0f:85:db:a1:55:5e:4e:c3:8a: 44:6e:9f:ad:3f:2d:65:6b:65:3f:72:9a:1c:9d:6f:5d:95:73: 00:33:91:99:6a:06:41:d1:c9:ad:0c:ab:da:ff:1b:fd:04:82: 3b:e6:a7:84 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG RjVCOTExMC8GA1UEBRMoOTExNzZEMTY5QzQyRjAzRDk1MjgyQkJCQTIwNEM0RTQ0 RDMxRUQwOTAeFw0yNTA0MTkwNzA5MzJaFw0yNTA0MjYwNzA5MzJaMBgxFjAUBgNV BAMTDTY4MDM0YzJjLTI5ZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0nA3lpGHS+Bw8QMRm68YKViMMN2SIl0YCr9Jon0aPW1mDGEXvBXpGvk8NxLb3 jqpQVjDLnpwOhJmTqhuJYFY4Yp1f8ltLrS/n5VXEOrk/j1nhxiq0FYXvHLfQr335 nZi8mqg3YuvbQEprAWa97R8uuXA8SSeLawuIlYk3/2Yh/TcNRA06K+t6HitWC451 cVkEOdijWljv17nmyx6XkEymS4IOCQXq/PW1tSwbz422HEspE1pyHbUO4VGSqWKb Vnvw9gVT55OTHXqzYA7yaPNFd5bGhcoAVqVWDOhnj0AGJyxKceAE2GrKbsC3xBHD JK1e/973N8oZnRMrq4ZvGRgTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUn8D8G3c+ 4tpo8FmglYsWoQaJVZ0wHwYDVR0jBBgwFoAUkRdtFpxC8D2VKCu7ogTE5E0x7Qkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGNUI5LzUyMDJEMDI4MERG OTExRjA4RTZFNzYyQUM0RjlBRTAyL2tSZHRGcHhDOEQyVktDdTdvZ1RFNUUweDdR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva1JkdEZweEM4RDJWS0N1N29nVEU1RTB4N1FrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZG NUI5LzUyMDJEMDI4MERGOTExRjA4RTZFNzYyQUM0RjlBRTAyL2tSZHRGcHhDOEQy VktDdTdvZ1RFNUUweDdRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF5KPgRNZDq0dz8iJOmFTkURtAXTjMYCLP0KbqfTcoWmlNasHqiHgONi 90O2RxlKAb8mIlmZltLIbjAwPpWLFNaJHmRpSLseE1Ol7JgrE6BKgx+nuiTetluf l8TB0p/x5iCXGo7dOmFD6M0/ELyYrN2c/FLDkCvNUZV4AphuOWozY76KKXovL7ZA NadupWHZP+10fPX4JfghwJPLu9NeeQmz2gP1L4/azVFdQCsoVt2iWVyQ16eN9zrI MS54XA1Wo/YWrCfkov1Kr3fp+v1MjA+F26FVXk7DikRun60/LWVrZT9ymhydb12V cwAzkZlqBkHRya0Mq9r/G/0Egjvmp4Q= -----END CERTIFICATE-----Generated at Sun Apr 20 20:19:04 2025 by rpki-client