$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft File: KbaocCpK1kSocQZLZAet5JPmOo0.mft (raw, json) Hash identifier: EOPWodfROqd/LnyXKlFjJW4i8D3cyXqImaByiV9i1qs= Subject key identifier: 0C:B4:94:B0:A8:3F:2E:35:88:46:1A:83:A3:D9:67:A0:F0:47:05:5C Authority key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D Certificate issuer: /CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Certificate serial: 1963 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft Manifest number: 1956 Signing time: Wed 12 Mar 2025 16:23:13 +0000 Manifest this update: Wed 12 Mar 2025 16:23:12 +0000 Manifest next update: Wed 19 Mar 2025 16:23:12 +0000 Files and hashes: 1: KbaocCpK1kSocQZLZAet5JPmOo0.crl (hash: BW7YWAgiq5RO+x/CkUFvM0vtn/HxrmeK7SeYufH0oDc=) 2: E7729178378211EF822BAA6EC4F9AE02.roa (hash: RpWQrrzOF7m9VblMswDEPjg4dQz5qJ23/hrPkxdWkfU=) 3: 92AEE092378211EFAEB6B36DC4F9AE02.roa (hash: Ca2UAKyheAxMu3mmz18qTaLEBY0cF4nQ72JfwkXPvJM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 16:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6499 (0x1963) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EAF3 Validity Not Before: Mar 12 16:23:12 2025 GMT Not After : Mar 19 16:23:12 2025 GMT Subject: CN=67d1b4f0-1670 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:72:4a:3d:8a:f4:9e:0c:01:4b:e4:59:f8:81: 07:07:13:76:54:06:5e:08:a5:25:65:59:a1:a0:6d: 14:ff:82:d2:a3:ce:59:44:a0:da:c0:6a:3f:0c:9c: c9:00:48:bf:57:8e:5a:15:8e:43:5e:8c:56:1c:3f: 63:c6:85:15:94:57:de:a2:1c:46:03:10:b6:29:17: e1:99:0c:b1:02:d9:01:00:6a:e1:c2:93:82:7a:d6: ff:52:99:c2:2b:87:cc:fb:80:71:19:a6:f9:40:13: 88:ee:b0:f8:28:7f:18:ee:0d:0a:19:16:b8:fc:bf: 24:5e:2d:40:f8:46:06:bc:df:90:cd:51:34:46:5a: 0e:07:91:71:0f:4d:0b:4b:a9:b8:35:51:c9:7d:9f: a9:25:a2:a2:d1:b4:ed:c0:1a:2b:c4:b4:53:5f:cd: 74:90:f2:9d:25:79:7b:e9:a8:d3:1d:c1:c4:81:19: f9:6f:d8:41:9f:2a:8c:14:55:f2:4a:52:89:a0:eb: ef:f3:f5:5d:be:f1:a6:2f:44:ff:91:97:c1:21:e7: e2:1f:42:96:13:bc:16:bb:3d:51:55:cc:60:76:7d: b7:e0:df:c3:39:ae:17:a2:6f:d3:b5:35:55:be:51: db:13:9d:82:07:cd:a7:f3:04:93:8a:fa:a0:a9:fd: 73:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:B4:94:B0:A8:3F:2E:35:88:46:1A:83:A3:D9:67:A0:F0:47:05:5C X509v3 Authority Key Identifier: keyid:29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:ba:52:44:6e:ed:b9:f5:b0:1b:50:f7:d6:bb:02:e9:20:af: 0a:40:32:bd:ed:dd:5c:4f:93:b6:67:87:cc:cb:6b:d0:30:6f: de:82:77:85:f8:2f:fa:98:2a:73:a2:3c:e3:86:10:02:44:3a: d5:a3:c0:92:57:f0:cd:a4:51:ec:6c:03:8d:fd:cc:ca:14:dc: 8e:a2:a4:af:f7:5d:fa:90:36:81:1f:ee:4b:c2:f7:45:9e:13: fc:30:57:33:9a:cf:68:9a:97:02:22:7c:19:dc:a0:86:0b:e8: 74:b8:f8:3c:71:c2:3d:25:f2:71:3e:1b:14:58:33:a7:9c:d6: 6f:c5:d6:87:90:c4:e0:81:fc:73:5d:c7:20:97:67:23:a0:55: 03:40:e6:6a:df:83:b5:8c:fd:e9:f7:4d:89:ec:de:d6:43:82: 0a:2f:c0:cf:99:50:aa:d9:51:00:73:da:7e:52:37:6b:73:d1: d1:8d:68:ab:49:ed:4b:72:6e:c9:51:c5:49:7a:da:67:dc:96: 8b:89:77:8e:6e:3a:e3:96:fe:23:c9:3c:5e:2e:36:44:45:c9: bc:34:d1:2d:9b:08:2d:7e:d7:b5:07:dd:47:d1:ba:6d:33:45: 9e:44:2b:f7:69:9f:fb:79:f0:9a:2e:f1:16:70:70:ce:de:8a: 92:38:22:1f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVBRjMxMTAvBgNVBAUTKDI5QjZBODcwMkE0QUQ2NDRBODcxMDY0QjY0MDdBREU0 OTNFNjNBOEQwHhcNMjUwMzEyMTYyMzEyWhcNMjUwMzE5MTYyMzEyWjAYMRYwFAYD VQQDEw02N2QxYjRmMC0xNjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3HJKPYr0ngwBS+RZ+IEHBxN2VAZeCKUlZVmhoG0U/4LSo85ZRKDawGo/DJzJ AEi/V45aFY5DXoxWHD9jxoUVlFfeohxGAxC2KRfhmQyxAtkBAGrhwpOCetb/UpnC K4fM+4BxGab5QBOI7rD4KH8Y7g0KGRa4/L8kXi1A+EYGvN+QzVE0RloOB5FxD00L S6m4NVHJfZ+pJaKi0bTtwBorxLRTX810kPKdJXl76ajTHcHEgRn5b9hBnyqMFFXy SlKJoOvv8/VdvvGmL0T/kZfBIefiH0KWE7wWuz1RVcxgdn234N/DOa4Xom/TtTVV vlHbE52CB82n8wSTivqgqf1znwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAy0lLCo Py41iEYag6PZZ6DwRwVcMB8GA1UdIwQYMBaAFCm2qHAqStZEqHEGS2QHreST5jqN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85M0JCNTAyRTZE MTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFrU29jUVpMWkFldDVKUG1P bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tiYW9jQ3BLMWtTb2NRWkxaQWV0NUpQbU9vMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RUFGMy85M0JCNTAyRTZEMTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFr U29jUVpMWkFldDVKUG1PbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKulJEbu259bAbUPfWuwLpIK8KQDK97d1cT5O2Z4fMy2vQMG/egneF +C/6mCpzojzjhhACRDrVo8CSV/DNpFHsbAON/czKFNyOoqSv9136kDaBH+5LwvdF nhP8MFczms9ompcCInwZ3KCGC+h0uPg8ccI9JfJxPhsUWDOnnNZvxdaHkMTggfxz Xccgl2cjoFUDQOZq34O1jP3p902J7N7WQ4IKL8DPmVCq2VEAc9p+Ujdrc9HRjWir Se1Lcm7JUcVJetpn3JaLiXeObjrjlv4jyTxeLjZERcm8NNEtmwgtfte1B91H0bpt M0WeRCv3aZ/7efCaLvEWcHDO3oqSOCIf -----END CERTIFICATE-----Generated at Thu Mar 13 21:30:54 2025 by rpki-client