$ rpki-client -vvf rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft File: Icv-KamU2PngPkxNRObPW2SLeOw.mft (raw, json) Hash identifier: jS3hLuVCKJ2GHk7Ia1HUrEjDZ2XwnTmUWaReET2x/QE= Subject key identifier: CD:68:2A:91:69:C5:5E:68:7F:49:06:84:E9:9E:23:4F:F5:96:DE:05 Authority key identifier: 21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC Certificate issuer: /CN=A91272F9/serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Certificate serial: 12C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft Manifest number: 12B5 Signing time: Wed 04 Jun 2025 17:05:16 +0000 Manifest this update: Wed 04 Jun 2025 17:05:15 +0000 Manifest next update: Wed 11 Jun 2025 17:05:15 +0000 Files and hashes: 1: Icv-KamU2PngPkxNRObPW2SLeOw.crl (hash: UiLqB1MqsoKvJDTXF+WWtMqwxcWXt156Dpx8rAUlQl8=) 2: AA5A77C88DB811EBA0613421C4F9AE02.roa (hash: fNoRTJRcUq+MisSf8jbpZwfIe00iU+V6oUD6yiNy/5Y=) 3: A5393FF2E70911E8B4D19B84C4F9AE02.roa (hash: 9kzHJ+mrOXjrh7/imCy9YTTgW8CKx7edCdpIZZ1nyQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 17:05:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4807 (0x12c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91272F9, serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Validity Not Before: Jun 4 17:05:15 2025 GMT Not After : Jun 11 17:05:15 2025 GMT Subject: CN=68407ccc-01ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:9a:c2:35:6b:dc:a4:d6:ed:d2:0c:66:9b:9a: 55:c2:a4:2e:c9:57:43:6e:f1:c1:4d:bd:f3:1e:7e: 7e:60:5e:f8:a1:fd:e0:65:a4:34:9a:cb:1a:8f:34: 27:82:2c:42:4a:69:f1:e9:b5:de:10:bd:c4:66:50: 78:c5:3e:ab:6e:72:d1:ad:5b:73:2c:12:e3:a9:92: 55:0e:06:f1:1a:5f:dc:29:4b:62:6b:e4:30:f2:0d: 9b:f9:9a:1a:bb:e5:23:a9:04:7c:84:46:7c:28:04: b2:9e:b1:f6:74:2e:d6:b4:21:2d:38:0d:6d:f9:71: 35:cb:14:b2:c9:f8:18:9b:9b:54:49:1d:35:b2:b3: d8:10:c9:e4:e1:09:27:72:ee:4a:b4:e5:7c:14:b5: b7:6d:1f:0b:3b:fb:40:5e:62:eb:a9:f9:44:28:a3: a6:be:66:3a:38:28:04:f3:0b:05:f5:8d:2d:74:ea: 41:bf:96:af:df:03:2a:a8:8f:02:47:d5:d9:82:96: f5:75:0c:e6:ec:6b:05:76:34:98:53:2d:68:39:dc: 89:77:1a:d9:48:2c:b2:45:c2:5b:9d:df:03:b2:81: ab:e9:e1:b2:0c:3a:88:21:82:a7:93:79:73:5e:88: 09:cf:67:bf:fd:a9:e6:19:9b:aa:9b:5d:b9:6c:de: a2:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:68:2A:91:69:C5:5E:68:7F:49:06:84:E9:9E:23:4F:F5:96:DE:05 X509v3 Authority Key Identifier: keyid:21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:c0:8c:c2:9e:b1:05:34:0e:be:f9:ef:53:7c:91:35:70:c3: ad:17:7b:c8:3d:72:64:ac:f5:15:48:96:24:f8:de:44:9f:44: a0:aa:e0:9d:e8:57:85:d8:89:97:fb:fd:19:1b:c1:58:5a:6c: c1:de:f7:39:82:0e:65:25:14:bf:17:7b:de:7e:7a:c1:ad:65: 81:67:37:0c:01:e3:11:e0:26:fc:e4:10:e1:97:5b:9d:78:91: 1a:7e:fa:30:bd:f2:a7:08:a2:6a:26:b7:78:40:ef:79:09:4f: 2c:70:35:40:7a:7b:c4:12:4f:d6:5a:6c:a4:0c:91:5c:e4:de: e6:26:02:37:c1:46:69:7f:61:d9:74:b7:d5:11:d3:a8:c3:ce: b8:2f:7b:3c:a1:a7:0a:06:50:37:12:d1:46:3d:0c:4f:b0:9c: 8c:27:8b:3f:e0:45:98:7c:51:a3:b8:2a:89:e4:73:26:50:4a: 5f:dd:d9:7c:ba:f7:53:01:09:9e:dd:c3:66:11:de:30:7d:5d: a1:f6:a4:b0:e1:01:86:24:13:f0:d1:65:8c:98:d0:0e:ba:34: ea:23:4e:d3:6d:e1:0c:ee:7f:f9:be:13:42:c7:00:e9:65:da: ec:80:52:b3:60:b3:48:e0:5d:4d:82:8a:fd:69:e4:1b:dd:8f: 73:bc:62:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjcyRjkxMTAvBgNVBAUTKDIxQ0JGRTI5QTk5NEQ4RjlFMDNFNEM0RDQ0RTZDRjVC NjQ4Qjc4RUMwHhcNMjUwNjA0MTcwNTE1WhcNMjUwNjExMTcwNTE1WjAYMRYwFAYD VQQDEw02ODQwN2NjYy0wMWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoprCNWvcpNbt0gxmm5pVwqQuyVdDbvHBTb3zHn5+YF74of3gZaQ0mssajzQn gixCSmnx6bXeEL3EZlB4xT6rbnLRrVtzLBLjqZJVDgbxGl/cKUtia+Qw8g2b+Zoa u+UjqQR8hEZ8KASynrH2dC7WtCEtOA1t+XE1yxSyyfgYm5tUSR01srPYEMnk4Qkn cu5KtOV8FLW3bR8LO/tAXmLrqflEKKOmvmY6OCgE8wsF9Y0tdOpBv5av3wMqqI8C R9XZgpb1dQzm7GsFdjSYUy1oOdyJdxrZSCyyRcJbnd8DsoGr6eGyDDqIIYKnk3lz XogJz2e//anmGZuqm125bN6iwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM1oKpFp xV5of0kGhOmeI0/1lt4FMB8GA1UdIwQYMBaAFCHL/implNj54D5MTUTmz1tki3js MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzJGOS9EMkVENDlDMkMy NkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQbmdQa3hOUk9iUFcyU0xl T3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ljdi1LYW1VMlBuZ1BreE5ST2JQVzJTTGVPdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzJGOS9EMkVENDlDMkMyNkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQ bmdQa3hOUk9iUFcyU0xlT3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBcwIzCnrEFNA6++e9TfJE1cMOtF3vIPXJkrPUVSJYk+N5En0SgquCd 6FeF2ImX+/0ZG8FYWmzB3vc5gg5lJRS/F3vefnrBrWWBZzcMAeMR4Cb85BDhl1ud eJEafvowvfKnCKJqJrd4QO95CU8scDVAenvEEk/WWmykDJFc5N7mJgI3wUZpf2HZ dLfVEdOow864L3s8oacKBlA3EtFGPQxPsJyMJ4s/4EWYfFGjuCqJ5HMmUEpf3dl8 uvdTAQme3cNmEd4wfV2h9qSw4QGGJBPw0WWMmNAOujTqI07TbeEM7n/5vhNCxwDp ZdrsgFKzYLNI4F1Ngor9aeQb3Y9zvGJN -----END CERTIFICATE-----Generated at Thu Jun 5 20:06:38 2025 by rpki-client