$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: lB678ljWx1+4kHEqrsOU5E0gC7khAth89Nl0jgIy5gE= Subject key identifier: 8B:CE:CB:23:2E:06:38:96:7E:56:DA:DA:D1:85:6F:2A:F8:0E:7B:95 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 1325 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 131D Signing time: Fri 30 May 2025 17:12:34 +0000 Manifest this update: Fri 30 May 2025 17:12:33 +0000 Manifest next update: Fri 06 Jun 2025 17:12:33 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: xjJLxMcbF77YPWagT84uVAEk+9mmN3zRA9beWM4zSNs=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: Uautv1XlrGIKG3uUq9YoWLtURxeqWmVrl93Jj3fy9ko=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:12:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4901 (0x1325) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC, serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: May 30 17:12:33 2025 GMT Not After : Jun 6 17:12:33 2025 GMT Subject: CN=6839e702-feed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:e8:a2:d5:cf:94:8e:d4:e9:5e:ab:69:3e:62: 80:b6:ce:2f:9a:77:8f:e6:c3:e2:e4:6c:00:a9:05: d9:1a:2a:a9:81:50:bf:c6:48:a1:b1:4b:8a:4a:f4: 33:aa:b0:cf:f1:43:78:25:03:e5:a7:39:32:cf:04: bb:fb:34:f4:6c:bf:9f:f3:9b:58:e4:0a:2c:40:a1: 5f:5d:77:98:98:5a:ed:fd:e5:19:83:b0:20:ff:68: 36:c4:d0:4d:98:1d:c8:76:28:dd:14:6a:6c:b3:6b: 53:9c:4a:af:63:50:35:9d:0f:15:0d:09:06:4c:e2: e9:f1:44:18:7c:61:c0:e5:02:27:e6:c1:7a:1f:fc: e0:81:5f:51:2d:0a:51:b6:4b:2a:4b:f0:e2:ab:6a: f6:43:37:23:5f:ce:e6:8c:1d:e4:e9:f3:b8:6e:42: e1:60:cd:2b:8c:95:3e:f8:30:98:98:01:dc:a7:3a: 10:e4:71:e0:d9:d5:27:ff:a0:04:63:f8:02:8a:e5: 63:db:db:3c:f6:19:d5:3b:f9:11:1b:f7:11:cf:ba: e2:a4:0b:12:e3:4e:f3:75:65:bb:81:d3:c8:7e:a0: 68:8e:53:fa:e4:78:66:86:e5:28:46:b0:26:06:b2: d7:95:3e:58:39:e4:91:d8:99:2c:4b:bc:f3:87:97: e1:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CE:CB:23:2E:06:38:96:7E:56:DA:DA:D1:85:6F:2A:F8:0E:7B:95 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:93:1b:c6:a1:89:06:22:e0:ce:d0:17:75:f6:4a:a6:57:71: 5e:21:01:af:71:eb:f8:f3:92:26:8d:dd:79:76:06:b6:ed:90: 93:f0:6c:d1:d9:27:98:52:16:0f:c1:4d:8a:24:0d:4e:21:b3: 93:04:46:58:7a:8c:98:ea:35:25:c4:3e:b8:e6:cb:22:91:81: 91:e9:2d:42:b3:d3:0f:a3:1a:8a:b5:46:b0:30:88:8d:84:ab: 2e:39:f2:b9:14:6f:c2:95:85:2f:f4:55:a3:fd:fe:da:7a:46: 8e:34:2a:9b:f3:b5:73:08:ac:04:18:c7:5f:0f:67:23:d6:5b: 22:ab:08:89:e8:7a:0e:b7:90:93:6f:c8:b2:7c:d0:2f:da:48: e5:8e:34:4e:81:91:55:ed:f3:6c:4a:85:13:04:e7:88:7e:2d: af:a8:f1:e8:a8:3c:01:2a:cc:41:bd:c1:7b:9a:53:0a:c7:ee: 3d:1f:9e:ab:cb:3a:38:f6:06:f6:42:93:16:41:e0:84:04:a3: e1:bb:bc:03:af:54:22:73:bd:5a:9a:1a:46:3b:70:48:be:61: 33:26:af:56:c8:d3:35:47:ef:ad:43:b1:1d:e7:12:fa:06:94: a6:d1:72:af:4e:a8:64:f8:2c:5e:6f:c5:07:17:a8:39:85:a6: f2:df:87:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEyUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjUwNTMwMTcxMjMzWhcNMjUwNjA2MTcxMjMzWjAYMRYwFAYD VQQDEw02ODM5ZTcwMi1mZWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6+ii1c+UjtTpXqtpPmKAts4vmneP5sPi5GwAqQXZGiqpgVC/xkihsUuKSvQz qrDP8UN4JQPlpzkyzwS7+zT0bL+f85tY5AosQKFfXXeYmFrt/eUZg7Ag/2g2xNBN mB3IdijdFGpss2tTnEqvY1A1nQ8VDQkGTOLp8UQYfGHA5QIn5sF6H/zggV9RLQpR tksqS/Diq2r2QzcjX87mjB3k6fO4bkLhYM0rjJU++DCYmAHcpzoQ5HHg2dUn/6AE Y/gCiuVj29s89hnVO/kRG/cRz7ripAsS407zdWW7gdPIfqBojlP65HhmhuUoRrAm BrLXlT5YOeSR2JksS7zzh5fhQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIvOyyMu BjiWflba2tGFbyr4DnuVMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAskxvGoYkGIuDO0Bd19kqmV3FeIQGvcev485Imjd15dga27ZCT8GzR 2SeYUhYPwU2KJA1OIbOTBEZYeoyY6jUlxD645ssikYGR6S1Cs9MPoxqKtUawMIiN hKsuOfK5FG/ClYUv9FWj/f7aekaONCqb87VzCKwEGMdfD2cj1lsiqwiJ6HoOt5CT b8iyfNAv2kjljjROgZFV7fNsSoUTBOeIfi2vqPHoqDwBKsxBvcF7mlMKx+49H56r yzo49gb2QpMWQeCEBKPhu7wDr1Qic71amhpGO3BIvmEzJq9WyNM1R++tQ7Ed5xL6 BpSm0XKvTqhk+Cxeb8UHF6g5haby34eD -----END CERTIFICATE-----Generated at Sat May 31 17:58:45 2025 by rpki-client