$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft File: K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft (raw, json) Hash identifier: mJcpCtp7uZ3f1xJauErmcNEj4oh4sBpxhEcuph6EqHg= Subject key identifier: CA:9E:FD:D1:53:01:CD:BB:25:3B:A9:17:F6:D6:28:96:D0:6F:00:62 Authority key identifier: 2B:CA:12:D4:6D:46:11:ED:6E:F1:88:6F:36:44:68:DF:3D:02:ED:E5 Certificate issuer: /CN=A91AE25A/serialNumber=2BCA12D46D4611ED6EF1886F364468DF3D02EDE5 Certificate serial: 014E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8oS1G1GEe1u8YhvNkRo3z0C7eU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft Manifest number: 014C Signing time: Sat 31 May 2025 03:51:29 +0000 Manifest this update: Sat 31 May 2025 03:51:29 +0000 Manifest next update: Sat 07 Jun 2025 03:51:29 +0000 Files and hashes: 1: K8oS1G1GEe1u8YhvNkRo3z0C7eU.crl (hash: tGMcOU3cYk7TVyzoLIlUkVr8sJ8RL+JKLbT999FED8k=) 2: AB366D1C409611EE92C55F40C4F9AE02.roa (hash: SQk3Brop+Id762Ic4sBigwZBA29XCDN62FCzcjcGNd0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.crl rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8oS1G1GEe1u8YhvNkRo3z0C7eU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:51:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 334 (0x14e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE25A, serialNumber=2BCA12D46D4611ED6EF1886F364468DF3D02EDE5 Validity Not Before: May 31 03:51:29 2025 GMT Not After : Jun 7 03:51:29 2025 GMT Subject: CN=683a7cc1-b290 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:08:08:27:d2:d8:c4:20:6a:3f:50:23:ba:6a: 5d:70:f3:75:a9:19:7f:f9:2d:cf:64:1a:85:fb:f5: ea:e9:cc:ef:cc:7e:06:d1:dc:b4:0f:04:1a:0a:cf: 71:18:20:43:23:f4:3b:64:68:f9:77:c2:53:da:a8: 4e:00:b6:41:9e:d4:b5:38:69:e8:a0:58:21:a1:32: 58:d0:e8:aa:83:af:56:43:15:ba:8b:41:91:eb:8b: 92:7a:67:64:57:ce:e4:52:87:52:cd:48:0f:9a:43: 3b:d9:20:ec:62:72:19:e2:f9:8d:d0:d1:4a:cd:fa: 6f:03:96:cd:91:2a:fb:fb:25:ad:32:60:01:b0:4b: e8:a9:8e:b8:70:08:62:4b:ad:58:5a:aa:9f:09:8f: 8a:c7:e6:1a:6e:21:8c:39:d3:ef:a2:31:0b:32:a6: 1f:0b:0e:7b:1b:7b:8d:41:10:36:63:21:9f:8a:b1: 7f:35:11:27:78:6d:1a:39:74:d3:78:74:55:de:8c: f5:cb:59:f2:90:53:24:0c:fd:dd:4e:d1:3b:3f:e8: 0e:f5:92:88:92:2c:c1:e0:54:e6:47:b1:e1:dd:02: 10:9d:05:ac:6d:58:19:f9:30:4f:d5:be:30:5b:87: 89:6a:42:fe:5a:01:47:82:5d:71:01:b3:b9:29:62: c9:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:9E:FD:D1:53:01:CD:BB:25:3B:A9:17:F6:D6:28:96:D0:6F:00:62 X509v3 Authority Key Identifier: keyid:2B:CA:12:D4:6D:46:11:ED:6E:F1:88:6F:36:44:68:DF:3D:02:ED:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8oS1G1GEe1u8YhvNkRo3z0C7eU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE25A/2C96F508409611EEB46E6F3FC4F9AE02/K8oS1G1GEe1u8YhvNkRo3z0C7eU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:d9:c5:5c:0d:70:e4:f4:af:99:60:6c:3c:3f:cf:b9:51:dc: b3:b0:8d:0a:e4:47:f3:76:38:d1:23:95:53:22:d7:15:b5:df: 87:ab:c2:0c:62:7e:06:8a:11:a0:85:f1:d6:02:12:76:7b:c5: 4e:92:00:b7:d0:ab:8c:d8:ae:9b:b7:ac:bb:25:23:bb:32:7c: e9:60:06:02:25:7b:bf:c5:fb:d2:56:0e:4a:65:82:55:d7:76: 0e:90:a7:d5:40:96:e5:f3:92:72:fd:7b:0a:0a:89:57:11:0c: b3:e4:fd:8f:53:a2:cc:e0:5e:2a:58:61:ce:dc:cd:ae:62:ca: ab:5a:9b:2c:93:d8:6a:20:89:cf:90:45:90:3c:88:13:c0:7d: 42:35:89:f0:16:22:c1:c7:70:46:fc:54:6b:95:16:e8:b2:f8: 0e:e5:ba:8d:42:4d:e8:46:0b:6e:5e:94:95:3e:9a:09:f5:55: 6d:21:d9:9c:b0:62:f4:6d:1c:44:86:d3:5e:4d:ae:a9:9b:f0: e0:8c:9f:f5:b7:95:67:4c:f0:f7:22:ce:e9:fc:45:b2:27:ca: 00:1f:a3:c9:47:97:50:d6:30:3c:9c:79:3d:fa:67:4d:56:11: 16:4d:6f:e0:ef:b9:66:85:18:f6:fa:d4:b6:db:36:01:94:fd: 36:d9:59:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUUyNUExMTAvBgNVBAUTKDJCQ0ExMkQ0NkQ0NjExRUQ2RUYxODg2RjM2NDQ2OERG M0QwMkVERTUwHhcNMjUwNTMxMDM1MTI5WhcNMjUwNjA3MDM1MTI5WjAYMRYwFAYD VQQDEw02ODNhN2NjMS1iMjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxwgIJ9LYxCBqP1AjumpdcPN1qRl/+S3PZBqF+/Xq6czvzH4G0dy0DwQaCs9x GCBDI/Q7ZGj5d8JT2qhOALZBntS1OGnooFghoTJY0Oiqg69WQxW6i0GR64uSemdk V87kUodSzUgPmkM72SDsYnIZ4vmN0NFKzfpvA5bNkSr7+yWtMmABsEvoqY64cAhi S61YWqqfCY+Kx+YabiGMOdPvojELMqYfCw57G3uNQRA2YyGfirF/NREneG0aOXTT eHRV3oz1y1nykFMkDP3dTtE7P+gO9ZKIkizB4FTmR7Hh3QIQnQWsbVgZ+TBP1b4w W4eJakL+WgFHgl1xAbO5KWLJcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMqe/dFT Ac27JTupF/bWKJbQbwBiMB8GA1UdIwQYMBaAFCvKEtRtRhHtbvGIbzZEaN89Au3l MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTI1QS8yQzk2RjUwODQw OTYxMUVFQjQ2RTZGM0ZDNEY5QUUwMi9LOG9TMUcxR0VlMXU4WWh2TmtSbzN6MEM3 ZVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0s4b1MxRzFHRWUxdThZaHZOa1JvM3owQzdlVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTI1QS8yQzk2RjUwODQwOTYxMUVFQjQ2RTZGM0ZDNEY5QUUwMi9LOG9TMUcxR0Vl MXU4WWh2TmtSbzN6MEM3ZVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCe2cVcDXDk9K+ZYGw8P8+5UdyzsI0K5EfzdjjRI5VTItcVtd+Hq8IM Yn4GihGghfHWAhJ2e8VOkgC30KuM2K6bt6y7JSO7MnzpYAYCJXu/xfvSVg5KZYJV 13YOkKfVQJbl85Jy/XsKColXEQyz5P2PU6LM4F4qWGHO3M2uYsqrWpssk9hqIInP kEWQPIgTwH1CNYnwFiLBx3BG/FRrlRbosvgO5bqNQk3oRgtuXpSVPpoJ9VVtIdmc sGL0bRxEhtNeTa6pm/DgjJ/1t5VnTPD3Is7p/EWyJ8oAH6PJR5dQ1jA8nHk9+mdN VhEWTW/g77lmhRj2+tS22zYBlP022Vlf -----END CERTIFICATE-----Generated at Sat May 31 17:46:25 2025 by rpki-client