$ rpki-client -vvf rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft File: KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft (raw, json) Hash identifier: 0+ItxWtOWGqdhlOta9pfaP7jzYuO5OVN3XawmvvVphg= Subject key identifier: 7E:32:D0:1C:EE:6D:DD:9A:0F:97:7B:83:FF:3A:3B:08:91:26:86:20 Authority key identifier: 2B:13:1A:A1:0D:7E:6B:FE:A3:67:E8:1B:73:D7:FD:B0:AC:01:D6:78 Certificate issuer: /CN=A912F3B6/serialNumber=2B131AA10D7E6BFEA367E81B73D7FDB0AC01D678 Certificate serial: 72 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft Manifest number: 6E Signing time: Sat 15 Feb 2025 08:07:09 +0000 Manifest this update: Sat 15 Feb 2025 08:07:08 +0000 Manifest next update: Sat 22 Feb 2025 08:07:08 +0000 Files and hashes: 1: KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.crl (hash: zY2NlTDSzwjkM07GOkXWmJi8zXr4wZNOn+170wlLxq0=) 2: D91E3ADC498E11EF908FD222C4F9AE02.roa (hash: BCtiz+Xsbj/enu8rGESoHoFCbppwu+/N8w360i6xkrY=) 3: D9C5B55A498E11EF908FD222C4F9AE02.roa (hash: IYR9mQ1VQUiO08kcI4RHdp/FLN6UHawsT13ESG27pvs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.crl rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 114 (0x72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F3B6 Validity Not Before: Feb 15 08:07:08 2025 GMT Not After : Feb 22 08:07:08 2025 GMT Subject: CN=67b04b2d-25f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:47:dc:2d:30:6b:ea:9b:fe:bd:e7:f3:fa:b0: ea:f9:81:85:2f:9a:a1:09:f6:0f:db:df:b8:6b:e6: e6:f8:83:10:54:e7:fa:6e:0f:f4:14:69:08:14:88: fd:6c:a6:4a:ca:9b:b6:d6:76:cc:d7:a8:ae:5a:df: 5e:01:fc:18:98:ea:48:c8:d1:24:e7:d3:42:b1:20: 61:3a:f9:ba:0b:3b:90:72:57:09:1b:65:7c:e3:b3: ad:22:8a:6c:a2:21:a9:05:2e:6c:ea:66:ec:5f:69: 23:14:5b:1e:cf:11:d6:f9:77:33:f3:48:07:2d:92: e4:d9:f1:07:d9:46:88:ba:a8:6c:3c:01:d0:0c:48: a8:f1:51:78:4f:b9:65:fe:e1:92:a8:db:dd:7b:21: 4f:c7:88:9e:35:5a:c7:9f:8f:fa:f9:0f:32:40:a8: 0d:42:26:59:6f:67:b7:32:dd:d7:0e:19:00:b3:47: e5:f2:b9:d8:59:08:3d:a9:49:cc:9a:0b:77:f7:77: d8:42:f1:7d:c9:3d:2c:8c:fd:67:cb:3e:ed:dd:d3: a7:d1:68:a1:8a:a6:9b:36:98:3a:41:ac:ca:bb:da: 87:e4:43:95:ce:84:85:8b:ce:87:8f:aa:df:61:ac: 04:9e:2f:08:4e:7d:2d:e6:4d:73:35:57:dd:18:23: 03:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:32:D0:1C:EE:6D:DD:9A:0F:97:7B:83:FF:3A:3B:08:91:26:86:20 X509v3 Authority Key Identifier: keyid:2B:13:1A:A1:0D:7E:6B:FE:A3:67:E8:1B:73:D7:FD:B0:AC:01:D6:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:5d:28:94:e5:d7:56:0e:db:5d:59:5f:a3:2c:72:c9:d2:19: c1:44:2e:99:cf:db:46:dd:b0:14:00:d0:8e:db:73:f9:cd:8c: ff:1b:3b:8d:7a:49:bc:76:10:0a:16:7e:3e:9a:0e:95:a8:04: 20:45:b5:21:4d:ae:68:39:5a:4a:30:af:fa:a7:9f:1f:16:c8: 6c:4f:cd:d9:53:2c:33:fb:8a:9a:79:76:a4:fc:72:b5:c7:b0: 71:55:ff:50:bd:82:16:11:55:7a:25:c3:66:3f:a3:f4:9d:e5: 4b:10:26:d8:1b:70:cc:b6:40:04:30:cf:22:51:1b:66:ac:ab: e6:b7:57:1d:06:fe:c0:df:89:b9:32:ea:fa:72:2a:fb:b3:20: 20:53:03:7f:18:c2:fc:98:51:ca:b7:89:80:ea:58:d5:f3:73: 08:68:d9:62:23:49:11:d4:0e:3b:69:af:7a:e3:1d:0d:d2:6a: 75:04:66:ce:65:ba:57:51:0a:00:96:86:69:2f:af:34:ec:af: dc:dd:9d:b6:4b:d4:fa:ac:4d:55:35:1d:de:b0:a6:ba:e4:3a: 14:25:62:84:96:65:22:2e:d4:6a:2e:4c:ee:62:86:9b:5b:ee: 03:b2:39:4f:44:d6:70:6d:8a:47:49:75:13:64:96:bf:86:e3: 55:e4:79:38 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RjNCNjExMC8GA1UEBRMoMkIxMzFBQTEwRDdFNkJGRUEzNjdFODFCNzNEN0ZEQjBB QzAxRDY3ODAeFw0yNTAyMTUwODA3MDhaFw0yNTAyMjIwODA3MDhaMBgxFjAUBgNV BAMTDTY3YjA0YjJkLTI1ZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvR9wtMGvqm/695/P6sOr5gYUvmqEJ9g/b37hr5ub4gxBU5/puD/QUaQgUiP1s pkrKm7bWdszXqK5a314B/BiY6kjI0STn00KxIGE6+boLO5ByVwkbZXzjs60iimyi IakFLmzqZuxfaSMUWx7PEdb5dzPzSActkuTZ8QfZRoi6qGw8AdAMSKjxUXhPuWX+ 4ZKo2917IU/HiJ41Wsefj/r5DzJAqA1CJllvZ7cy3dcOGQCzR+XyudhZCD2pScya C3f3d9hC8X3JPSyM/WfLPu3d06fRaKGKpps2mDpBrMq72ofkQ5XOhIWLzoePqt9h rASeLwhOfS3mTXM1V90YIwMfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfjLQHO5t 3ZoPl3uD/zo7CJEmhiAwHwYDVR0jBBgwFoAUKxMaoQ1+a/6jZ+gbc9f9sKwB1ngw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGM0I2LzUwRjAxMUM4NDhC QTExRUZCRDQ1MTYzREM0RjlBRTAyL0t4TWFvUTEtYV82alotZ2JjOWY5c0t3QjFu Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS3hNYW9RMS1hXzZqWi1nYmM5ZjlzS3dCMW5nLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJG M0I2LzUwRjAxMUM4NDhCQTExRUZCRDQ1MTYzREM0RjlBRTAyL0t4TWFvUTEtYV82 alotZ2JjOWY5c0t3QjFuZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGVdKJTl11YO211ZX6MscsnSGcFELpnP20bdsBQA0I7bc/nNjP8bO416 Sbx2EAoWfj6aDpWoBCBFtSFNrmg5Wkowr/qnnx8WyGxPzdlTLDP7ipp5dqT8crXH sHFV/1C9ghYRVXolw2Y/o/Sd5UsQJtgbcMy2QAQwzyJRG2asq+a3Vx0G/sDfibky 6vpyKvuzICBTA38YwvyYUcq3iYDqWNXzcwho2WIjSRHUDjtpr3rjHQ3SanUEZs5l uldRCgCWhmkvrzTsr9zdnbZL1PqsTVU1Hd6wprrkOhQlYoSWZSIu1GouTO5ihptb 7gOyOU9E1nBtikdJdRNklr+G41XkeTg= -----END CERTIFICATE-----Generated at Sun Feb 16 15:16:36 2025 by rpki-client