$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: tEmHw/zjaHwTHExMW71YY0pER7aycCHAJN+RekUX1WY= Subject key identifier: D9:55:92:C9:A8:B2:39:AC:C6:43:53:DC:E5:97:7C:EF:F1:C0:0B:C7 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DB7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0D9B Signing time: Fri 30 May 2025 18:07:09 +0000 Manifest this update: Fri 30 May 2025 18:07:08 +0000 Manifest next update: Fri 06 Jun 2025 18:07:08 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: IWzrb1O/tBaOHZNgcRUqpx8XqiDsBPaiyprVwzz5YyU=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: F8kcefS3I97Fp9Z0ACrQ84pOuyd0pejyLJ6D0xqjqYQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:07:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3511 (0xdb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: May 30 18:07:08 2025 GMT Not After : Jun 6 18:07:08 2025 GMT Subject: CN=6839f3cc-9f8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:83:9c:c3:5c:5d:2f:de:02:79:15:5e:ca:9f: b5:73:d3:a8:a5:71:97:54:55:ee:67:4d:19:23:55: b9:60:c8:5b:da:04:dc:43:8b:ad:24:43:12:7d:b8: 68:3d:95:f6:a6:d8:33:22:7a:04:e8:a6:f4:b4:f8: 0a:1d:d6:08:25:a8:82:ac:7e:fa:34:42:4e:81:9d: 74:14:ac:a4:34:14:61:e2:66:32:be:5a:9a:6e:34: e1:5c:f5:17:1a:e1:6c:ff:c0:be:5a:02:f4:a7:fe: c1:46:65:fd:9e:a5:12:2a:8c:1f:22:cf:d2:cd:d1: d9:83:9d:10:22:75:fe:2f:1b:11:1d:c9:5c:b9:a4: 84:11:40:ff:b4:2d:48:b6:d6:aa:d5:2e:75:b7:00: cd:6d:54:f3:44:fe:d5:14:38:d7:d9:2b:9e:1f:a7: 5d:0c:59:74:af:0f:ee:dd:e4:fa:c8:30:ab:01:6c: fd:38:78:07:fa:f1:38:a5:6e:a3:49:98:c2:a2:39: 7d:3a:89:cb:94:b9:d0:a0:ff:1b:e2:67:4d:47:c4: 4e:62:92:b9:43:ec:b0:20:fb:80:0b:0e:3f:48:f0: 92:4f:58:87:16:fa:45:39:ae:f8:79:a6:3c:3f:7b: aa:0b:fb:5e:6f:ea:fb:8f:48:be:62:c8:90:1e:fb: 29:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:55:92:C9:A8:B2:39:AC:C6:43:53:DC:E5:97:7C:EF:F1:C0:0B:C7 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:4c:22:4e:90:73:55:74:f6:03:48:ab:67:e7:b8:81:8f:11: 2f:f0:89:38:ff:3c:64:2f:d4:bf:ca:bb:68:5c:22:f1:4e:a9: df:51:45:d1:58:a2:30:fe:8d:8c:3f:6c:a4:5d:21:91:a0:b8: f2:9b:fe:2b:1d:ca:bd:83:b9:83:02:11:69:b3:fe:3f:e8:92: 81:18:fc:2f:12:8f:0b:fb:8a:7e:8e:8c:bb:ec:ff:a8:e8:d3: 5f:5f:b7:a6:02:03:62:b9:5c:31:a7:8a:88:95:59:c6:35:d2: dd:31:e6:80:9d:c6:a0:c2:8a:74:a2:2f:33:9f:4f:59:10:04: ce:58:35:02:35:72:58:6c:e5:89:cc:9c:77:54:9e:ac:08:25: 58:b5:d9:dc:28:4c:e6:1e:df:f3:f1:69:b4:c8:c4:0c:ba:e5: 4f:e0:df:a1:9e:52:77:d7:a0:d7:e2:66:76:ce:5a:57:12:c8: c0:92:2b:15:f6:ad:e0:1f:57:b4:53:68:f2:68:c0:b6:d3:72: 69:29:f1:59:bf:ac:e6:23:51:cb:f2:8f:53:2b:3f:26:02:c6: e1:43:a1:ce:08:ac:7f:72:a7:f6:8b:48:99:a7:e3:7a:1c:20: 52:d2:20:31:4f:22:48:5d:c9:c5:90:01:af:92:02:6c:18:df: f5:ab:c0:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwNTMwMTgwNzA4WhcNMjUwNjA2MTgwNzA4WjAYMRYwFAYD VQQDEw02ODM5ZjNjYy05ZjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8IOcw1xdL94CeRVeyp+1c9OopXGXVFXuZ00ZI1W5YMhb2gTcQ4utJEMSfbho PZX2ptgzInoE6Kb0tPgKHdYIJaiCrH76NEJOgZ10FKykNBRh4mYyvlqabjThXPUX GuFs/8C+WgL0p/7BRmX9nqUSKowfIs/SzdHZg50QInX+LxsRHclcuaSEEUD/tC1I ttaq1S51twDNbVTzRP7VFDjX2SueH6ddDFl0rw/u3eT6yDCrAWz9OHgH+vE4pW6j SZjCojl9OonLlLnQoP8b4mdNR8ROYpK5Q+ywIPuACw4/SPCST1iHFvpFOa74eaY8 P3uqC/teb+r7j0i+YsiQHvspjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNlVksmo sjmsxkNT3OWXfO/xwAvHMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACTCJOkHNVdPYDSKtn57iBjxEv8Ik4/zxkL9S/yrtoXCLxTqnfUUXR WKIw/o2MP2ykXSGRoLjym/4rHcq9g7mDAhFps/4/6JKBGPwvEo8L+4p+joy77P+o 6NNfX7emAgNiuVwxp4qIlVnGNdLdMeaAncagwop0oi8zn09ZEATOWDUCNXJYbOWJ zJx3VJ6sCCVYtdncKEzmHt/z8Wm0yMQMuuVP4N+hnlJ316DX4mZ2zlpXEsjAkisV 9q3gH1e0U2jyaMC203JpKfFZv6zmI1HL8o9TKz8mAsbhQ6HOCKx/cqf2i0iZp+N6 HCBS0iAxTyJIXcnFkAGvkgJsGN/1q8Dj -----END CERTIFICATE-----Generated at Sat May 31 17:56:23 2025 by rpki-client