$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft File: KUrNCNoZE4w376-ydKHndXceRT4.mft (raw, json) Hash identifier: ja9XdkX0zIYPp1fUqL0Xzoe8Y6Ht2PJ/gD+rBh7U1Qk= Subject key identifier: 34:36:AF:7D:A7:20:77:2B:D5:DF:E6:55:8A:77:91:5C:18:C1:A1:67 Authority key identifier: 29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E Certificate issuer: /CN=A919C8F9/serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Certificate serial: 052D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft Manifest number: 0527 Signing time: Fri 30 May 2025 23:44:27 +0000 Manifest this update: Fri 30 May 2025 23:44:27 +0000 Manifest next update: Fri 06 Jun 2025 23:44:27 +0000 Files and hashes: 1: KUrNCNoZE4w376-ydKHndXceRT4.crl (hash: /owrHc3CpWI9tUX0AV4UDlA11XyZqmoABGpppTX8+Yo=) 2: 2D7BD4EA03DD11ECA448405BC4F9AE02.roa (hash: KKWKrtsh/34nl8r+0Ut1+Gkgstz0StRYtgWm9ide930=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:44:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1325 (0x52d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8F9, serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Validity Not Before: May 30 23:44:27 2025 GMT Not After : Jun 6 23:44:27 2025 GMT Subject: CN=683a42db-c690 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:8a:56:07:8f:91:f3:26:c0:3d:0b:21:79:50: 5f:87:0f:e8:d2:9e:51:4f:f3:6c:d2:25:3c:be:9a: b5:32:88:13:7f:db:61:0e:97:13:e7:ef:f9:87:72: 64:a5:08:34:f0:71:a2:c8:25:65:72:46:7e:b0:23: b9:3f:ff:43:80:d8:c4:b7:58:34:32:7c:0b:a2:22: 65:c5:28:20:c4:2e:1b:28:27:af:b1:2e:88:ea:a5: 63:6c:13:7e:d5:bb:18:63:a9:49:cb:d3:ae:e9:d2: 0d:8c:39:44:f7:77:86:73:6e:c3:d1:75:2d:a5:4d: 4e:19:bb:e5:c1:34:88:dc:f1:cf:08:8b:4e:f0:e5: 9a:9f:da:e5:72:be:a0:e2:b1:56:2b:cd:30:8f:cc: 80:58:38:3b:1a:e8:bf:cd:20:70:a9:6c:e9:fd:6e: 8b:03:a6:f7:4e:ea:58:c4:cb:d4:b7:0a:fd:81:52: 8b:88:0b:01:42:ca:cb:11:bf:2c:4d:83:41:bf:a5: d8:b6:81:aa:58:61:78:1b:93:ee:fe:cd:f3:02:f7: 6a:d2:73:86:b4:ef:05:d1:c7:c9:9f:bc:13:6d:83: b5:90:2b:2b:d2:53:4f:da:32:ce:6c:ed:5a:95:1c: 43:e0:28:40:53:ed:0a:8a:c2:ff:28:6c:71:d6:09: ea:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:36:AF:7D:A7:20:77:2B:D5:DF:E6:55:8A:77:91:5C:18:C1:A1:67 X509v3 Authority Key Identifier: keyid:29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:1b:dd:60:91:00:1e:b9:e9:a4:44:b7:74:87:64:d9:25:aa: bc:0d:54:64:c0:05:2e:50:30:ba:9d:b9:a6:53:79:db:86:81: 36:f0:e3:29:e7:55:1d:4a:2a:ad:5d:9f:e4:fc:be:e2:ea:9c: dd:cb:5c:1f:94:b6:67:62:66:61:8e:fc:e6:8f:3a:82:7b:8b: 17:48:28:44:05:bd:03:1d:5a:cb:cf:60:66:6c:dd:58:f5:60: fb:46:88:15:50:59:3b:61:39:12:0f:f2:d4:41:29:6f:a9:98: 2b:51:e4:24:12:ea:5a:de:09:19:de:2a:93:52:12:fe:c9:09: 95:c6:4d:26:90:c8:10:52:82:d2:79:96:2d:95:83:07:e9:34: 6e:04:68:bd:12:d5:e8:5e:13:b3:84:03:26:12:e4:ac:1c:6a: 12:7f:73:ad:9c:64:04:a3:67:b8:e8:f8:d0:36:64:26:fa:87: 2a:9a:a5:28:0e:35:82:8e:bb:37:89:0f:bd:31:fe:4d:00:ff: ee:5b:0e:7a:ab:0e:d5:d3:ee:b4:b7:0e:74:e5:72:a4:a7:8d: 17:7e:10:bd:e4:af:72:f4:9f:07:9c:51:54:46:95:5b:d9:76: 62:cb:3b:de:c7:17:49:fb:95:eb:ce:ba:b5:54:6e:ad:cb:12: c2:9e:67:f3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4RjkxMTAvBgNVBAUTKDI5NEFDRDA4REExOTEzOEMzN0VGQUZCMjc0QTFFNzc1 NzcxRTQ1M0UwHhcNMjUwNTMwMjM0NDI3WhcNMjUwNjA2MjM0NDI3WjAYMRYwFAYD VQQDEw02ODNhNDJkYi1jNjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0opWB4+R8ybAPQsheVBfhw/o0p5RT/Ns0iU8vpq1MogTf9thDpcT5+/5h3Jk pQg08HGiyCVlckZ+sCO5P/9DgNjEt1g0MnwLoiJlxSggxC4bKCevsS6I6qVjbBN+ 1bsYY6lJy9Ou6dINjDlE93eGc27D0XUtpU1OGbvlwTSI3PHPCItO8OWan9rlcr6g 4rFWK80wj8yAWDg7Gui/zSBwqWzp/W6LA6b3TupYxMvUtwr9gVKLiAsBQsrLEb8s TYNBv6XYtoGqWGF4G5Pu/s3zAvdq0nOGtO8F0cfJn7wTbYO1kCsr0lNP2jLObO1a lRxD4ChAU+0KisL/KGxx1gnqlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDQ2r32n IHcr1d/mVYp3kVwYwaFnMB8GA1UdIwQYMBaAFClKzQjaGROMN++vsnSh53V3HkU+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhGOS9EQzZCMzYxNEZF NkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0dzM3Ni15ZEtIbmRYY2VS VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVck5DTm9aRTR3Mzc2LXlkS0huZFhjZVJUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzhGOS9EQzZCMzYxNEZFNkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0 dzM3Ni15ZEtIbmRYY2VSVDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXG91gkQAeuemkRLd0h2TZJaq8DVRkwAUuUDC6nbmmU3nbhoE28OMp 51UdSiqtXZ/k/L7i6pzdy1wflLZnYmZhjvzmjzqCe4sXSChEBb0DHVrLz2BmbN1Y 9WD7RogVUFk7YTkSD/LUQSlvqZgrUeQkEupa3gkZ3iqTUhL+yQmVxk0mkMgQUoLS eZYtlYMH6TRuBGi9EtXoXhOzhAMmEuSsHGoSf3OtnGQEo2e46PjQNmQm+ocqmqUo DjWCjrs3iQ+9Mf5NAP/uWw56qw7V0+60tw505XKkp40XfhC95K9y9J8HnFFURpVb 2XZiyzvexxdJ+5Xrzrq1VG6tyxLCnmfz -----END CERTIFICATE-----Generated at Sat May 31 17:07:35 2025 by rpki-client