$ rpki-client -vvf rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft File: kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft (raw, json) Hash identifier: qd6DiSkHoBmZprSA3coo/ErfbbmajH0SU64lfpA6csk= Subject key identifier: 0A:F4:A3:DA:5C:18:16:A9:31:2D:A5:BB:01:B8:D3:3B:8A:8E:50:91 Authority key identifier: 90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72 Certificate issuer: /CN=A91248C9/serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672 Certificate serial: 012F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft Manifest number: 012D Signing time: Sat 31 May 2025 04:13:00 +0000 Manifest this update: Sat 31 May 2025 04:13:00 +0000 Manifest next update: Sat 07 Jun 2025 04:13:00 +0000 Files and hashes: 1: kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl (hash: qKjsFg6zBQaNpNJiuNzlvhrgOluSDKuZNL5O2PSWbo8=) 2: 4B3C43EA6EF011EE84DC9B0EC4F9AE02.roa (hash: fKu+QnI9JJSs0/0qC7wtQtv1o9IdD9KvcLGhg+7rRMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:12:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 303 (0x12f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91248C9, serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672 Validity Not Before: May 31 04:13:00 2025 GMT Not After : Jun 7 04:13:00 2025 GMT Subject: CN=683a81cc-663e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8b:ec:09:d9:35:d5:df:43:3c:27:f1:3a:da: df:62:e7:de:f8:6e:97:c6:29:ed:8f:ed:d8:94:e0: fb:cc:af:c0:4b:7f:22:03:eb:5a:dd:af:b3:bb:c2: 31:48:23:68:bc:94:b9:98:73:5c:a5:a7:a7:0b:6f: 68:04:a8:4b:ad:19:53:d9:bb:ae:a4:77:3a:73:50: a6:68:a9:57:6d:7c:68:36:10:b8:5d:61:9a:72:2d: a0:99:4c:cc:5f:62:11:1a:1f:39:8f:8c:b4:9e:1c: 57:32:f5:c4:4d:ce:2f:c8:08:40:6f:05:25:ab:ef: 7a:0b:1b:2b:ee:03:ad:6f:2b:20:c5:ea:2e:8f:72: 21:0b:76:50:7b:93:58:de:38:6d:3c:52:b2:d7:a5: 53:d5:b5:4c:3c:9c:e4:7f:78:16:82:c5:31:a1:49: 24:38:d2:46:df:3c:ac:f1:cd:84:bf:d2:32:39:96: 52:a1:44:55:99:9b:7c:7d:af:ba:80:2d:dd:d3:a7: 5f:f2:5a:56:e5:53:d8:2c:93:d7:01:32:1f:4c:5c: 4e:e4:67:70:e6:4a:cb:68:f5:3e:35:55:41:85:29: e3:3d:c8:cf:b4:76:39:c2:60:c2:0f:20:58:0d:cc: 66:14:3f:b7:4a:70:7b:8d:7e:ce:e2:51:fc:bb:b0: 54:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:F4:A3:DA:5C:18:16:A9:31:2D:A5:BB:01:B8:D3:3B:8A:8E:50:91 X509v3 Authority Key Identifier: keyid:90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:7f:82:07:40:cc:51:b6:f6:0c:96:33:ae:87:59:b0:bb:ff: 8a:06:47:e9:57:5c:42:04:63:f9:63:41:56:65:27:15:fb:12: b2:f8:3b:2b:dc:9a:66:a2:45:cc:bf:25:03:a1:2d:06:c6:1c: ca:5b:67:eb:b1:fd:92:d5:15:d8:62:e1:b4:8b:a6:2a:bd:de: ab:f3:64:49:d1:94:3c:9c:51:59:1f:4a:3f:02:98:71:7e:12: f2:74:6e:45:52:b2:b4:d9:16:a4:40:63:98:23:41:f3:8e:82: df:54:22:75:6d:b7:63:5f:2b:4b:9d:74:cd:f9:99:f9:e0:17: 9d:5c:a6:3c:13:84:ad:0d:e5:a7:a2:9e:5c:33:e5:e8:6f:30: d9:fb:ea:18:eb:d4:c6:2b:95:5d:cb:33:f1:36:74:cc:11:14: d3:e0:c8:75:4d:1e:38:1f:8f:02:e3:13:7a:1d:16:aa:84:81: e3:41:20:9a:a0:34:67:66:d3:3e:24:9b:2f:cd:70:d5:25:b8: 94:cd:f2:d9:1d:f9:0a:9e:c9:af:cd:8f:ef:ca:5c:0b:e0:7c: 0f:20:79:b6:39:81:81:c8:41:87:e5:45:56:ad:03:5f:da:8b: 02:b7:ac:f3:e4:cb:3c:31:1f:0d:66:a6:95:36:20:b9:35:66: 02:65:9a:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQ4QzkxMTAvBgNVBAUTKDkwRjY4MEZDQTdDOTMwRkQxRkRDNTMzNjc1Mzg1QUU5 MEZCNDE2NzIwHhcNMjUwNTMxMDQxMzAwWhcNMjUwNjA3MDQxMzAwWjAYMRYwFAYD VQQDEw02ODNhODFjYy02NjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv4vsCdk11d9DPCfxOtrfYufe+G6Xxintj+3YlOD7zK/AS38iA+ta3a+zu8Ix SCNovJS5mHNcpaenC29oBKhLrRlT2buupHc6c1CmaKlXbXxoNhC4XWGaci2gmUzM X2IRGh85j4y0nhxXMvXETc4vyAhAbwUlq+96Cxsr7gOtbysgxeouj3IhC3ZQe5NY 3jhtPFKy16VT1bVMPJzkf3gWgsUxoUkkONJG3zys8c2Ev9IyOZZSoURVmZt8fa+6 gC3d06df8lpW5VPYLJPXATIfTFxO5Gdw5krLaPU+NVVBhSnjPcjPtHY5wmDCDyBY DcxmFD+3SnB7jX7O4lH8u7BUUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAr0o9pc GBapMS2luwG40zuKjlCRMB8GA1UdIwQYMBaAFJD2gPynyTD9H9xTNnU4WukPtBZy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDhDOS9BMDU1QjVCMjZF RUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tmSk1QMGYzRk0yZFRoYTZRLTBG bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tQYUFfS2ZKTVAwZjNGTTJkVGhhNlEtMEZuSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NDhDOS9BMDU1QjVCMjZFRUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tmSk1Q MGYzRk0yZFRoYTZRLTBGbkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJf4IHQMxRtvYMljOuh1mwu/+KBkfpV1xCBGP5Y0FWZScV+xKy+Dsr 3JpmokXMvyUDoS0GxhzKW2frsf2S1RXYYuG0i6Yqvd6r82RJ0ZQ8nFFZH0o/Aphx fhLydG5FUrK02RakQGOYI0HzjoLfVCJ1bbdjXytLnXTN+Zn54BedXKY8E4StDeWn op5cM+XobzDZ++oY69TGK5VdyzPxNnTMERTT4Mh1TR44H48C4xN6HRaqhIHjQSCa oDRnZtM+JJsvzXDVJbiUzfLZHfkKnsmvzY/vylwL4HwPIHm2OYGByEGH5UVWrQNf 2osCt6zz5Ms8MR8NZqaVNiC5NWYCZZow -----END CERTIFICATE-----Generated at Sat May 31 17:03:24 2025 by rpki-client