$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft File: khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json) Hash identifier: tLu/GUjYYY8644e+uk8nZmq/DbKDecCxryw4nTfkq8A= Subject key identifier: 59:A1:A9:39:A9:00:69:BD:B3:ED:91:12:5D:E2:74:8F:E8:C7:D2:B7 Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 Certificate issuer: /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Certificate serial: 039A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft Manifest number: 0395 Signing time: Mon 09 Jun 2025 00:25:04 +0000 Manifest this update: Mon 09 Jun 2025 00:25:03 +0000 Manifest next update: Mon 16 Jun 2025 00:25:03 +0000 Files and hashes: 1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: ZugkKoXQylgn9+xln31xjCRqap9k+6svKGeR1yB096U=) 2: 44FBB466A03911EC9AD2F840C4F9AE02.roa (hash: u8Y2qHn4dP492v5Q3muwggQyuBR/yx2lsL2jNNDR8KY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 16 Jun 2025 00:25:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 922 (0x39a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Validity Not Before: Jun 9 00:25:03 2025 GMT Not After : Jun 16 00:25:03 2025 GMT Subject: CN=684629e0-3891 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1e:24:95:28:59:5e:42:43:18:dc:e0:4d:70: 44:8a:d3:a7:51:c3:fe:91:0f:fc:97:f9:d8:b2:e2: 7a:ba:f7:02:9c:34:e5:fd:d6:12:19:ff:54:38:80: 88:24:19:c4:e7:e4:38:01:64:0e:05:04:3a:48:da: a7:f3:81:5b:8b:60:2e:3c:4b:d6:03:e7:90:10:e4: 85:76:17:1f:b5:90:40:9c:d6:e6:bc:50:a4:92:af: c4:59:c5:e9:af:9b:7e:19:d5:ac:0f:18:20:f6:39: d6:53:29:d9:9d:f9:b6:75:5c:43:db:c4:5e:d8:1e: 9e:fd:f8:84:de:e4:ac:44:69:d9:38:15:05:a1:40: 69:1f:18:d1:6c:8a:68:54:46:af:c4:98:7d:58:87: 25:5f:39:b1:17:b2:d3:12:66:f1:42:c1:17:cf:5b: c4:88:be:4a:b3:4c:d9:d3:6f:0e:2e:08:73:f2:b6: 3a:c0:3f:0a:2e:a3:43:0a:f8:21:04:c8:68:6b:96: 66:dd:00:f5:f1:56:75:73:89:61:a7:e5:6f:88:95: 6f:e9:f0:13:d0:b2:69:c6:4b:3a:38:ec:45:f5:2d: e2:b8:4e:e5:d5:99:98:bf:81:3e:2e:2e:d3:a1:3a: 4d:06:ab:34:fc:e9:e8:7c:83:64:f4:6c:5d:0c:09: 38:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:A1:A9:39:A9:00:69:BD:B3:ED:91:12:5D:E2:74:8F:E8:C7:D2:B7 X509v3 Authority Key Identifier: keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:e4:ce:39:1c:e1:a7:db:75:46:0d:3f:4a:6c:6c:28:7b:da: d6:cb:fe:31:bc:47:01:63:2a:c8:31:1a:89:22:6a:58:a4:01: 2a:34:28:1d:09:25:48:99:ce:f2:eb:66:fc:9a:0e:0c:c3:7f: 36:e4:cd:ea:5f:e6:40:90:4d:51:f1:76:4f:af:9c:2f:44:f0: d3:f3:f5:0a:9f:c5:73:a7:58:55:17:c5:90:6f:93:ab:43:6b: ed:97:5c:a1:10:2f:7e:85:40:d9:9c:ea:30:ca:b9:7e:e6:11: 33:40:10:ec:9e:b0:6d:59:97:1f:ad:2f:10:6a:33:5b:e5:22: f1:d2:dc:f0:95:1f:26:6b:99:72:8c:7a:e2:ca:72:55:03:d0: 4c:2f:16:61:64:6f:6d:fc:c6:6a:86:b3:60:2d:f0:69:fc:59: 51:8d:d4:d5:42:38:2f:d5:a3:80:e4:82:47:8c:bf:6d:5b:d9: ef:ef:99:cd:a0:f0:eb:69:6e:01:c5:e0:c3:8b:61:31:1c:50: 24:c5:16:5e:ee:5b:f5:af:35:d4:58:87:24:15:43:34:5a:4e: 79:18:50:e0:5c:52:9d:a3:38:c8:fb:bb:b8:83:81:91:3f:d6: c8:23:1d:3b:e9:cb:80:94:5c:53:6d:29:5f:76:94:0a:63:f3: fe:1e:24:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3 MjBDQjQ4OTAwHhcNMjUwNjA5MDAyNTAzWhcNMjUwNjE2MDAyNTAzWjAYMRYwFAYD VQQDEw02ODQ2MjllMC0zODkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvB4klShZXkJDGNzgTXBEitOnUcP+kQ/8l/nYsuJ6uvcCnDTl/dYSGf9UOICI JBnE5+Q4AWQOBQQ6SNqn84Fbi2AuPEvWA+eQEOSFdhcftZBAnNbmvFCkkq/EWcXp r5t+GdWsDxgg9jnWUynZnfm2dVxD28Re2B6e/fiE3uSsRGnZOBUFoUBpHxjRbIpo VEavxJh9WIclXzmxF7LTEmbxQsEXz1vEiL5Ks0zZ028OLghz8rY6wD8KLqNDCvgh BMhoa5Zm3QD18VZ1c4lhp+VviJVv6fAT0LJpxks6OOxF9S3iuE7l1ZmYv4E+Li7T oTpNBqs0/OnofINk9GxdDAk4gwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFmhqTmp AGm9s+2REl3idI/ox9K3MB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw SXVEV2FqeTZwQVp5RExTSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAY5M45HOGn23VGDT9KbGwoe9rWy/4xvEcBYyrIMRqJImpYpAEqNCgd CSVImc7y62b8mg4Mw3825M3qX+ZAkE1R8XZPr5wvRPDT8/UKn8Vzp1hVF8WQb5Or Q2vtl1yhEC9+hUDZnOowyrl+5hEzQBDsnrBtWZcfrS8QajNb5SLx0tzwlR8ma5ly jHriynJVA9BMLxZhZG9t/MZqhrNgLfBp/FlRjdTVQjgv1aOA5IJHjL9tW9nv75nN oPDraW4BxeDDi2ExHFAkxRZe7lv1rzXUWIckFUM0Wk55GFDgXFKdozjI+7u4g4GR P9bIIx076cuAlFxTbSlfdpQKY/P+HiR0 -----END CERTIFICATE-----Generated at Mon Jun 9 21:36:20 2025 by rpki-client