$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft File: kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft (raw, json) Hash identifier: O6epErKtyKIi/mNF3DD+HuPUoqNJZuavRB9x44BaCTQ= Subject key identifier: C4:C1:98:61:D9:AC:DF:6F:C7:A8:85:D0:EF:7A:98:BB:31:9E:54:8F Authority key identifier: 90:D9:9A:A8:D7:91:31:40:AF:AE:9E:E2:BF:EB:CD:A3:7B:A1:CD:28 Certificate issuer: /CN=A91C2875/serialNumber=90D99AA8D7913140AFAE9EE2BFEBCDA37BA1CD28 Certificate serial: 0365 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kNmaqNeRMUCvrp7iv-vNo3uhzSg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft Manifest number: 035B Signing time: Sat 31 May 2025 01:10:10 +0000 Manifest this update: Sat 31 May 2025 01:10:10 +0000 Manifest next update: Sat 07 Jun 2025 01:10:10 +0000 Files and hashes: 1: kNmaqNeRMUCvrp7iv-vNo3uhzSg.crl (hash: hNsDiXVDINPRJToaQWUUn48TmyoOvH0cmaelJwBQQuc=) 2: ABB1EE64B4ED11ECBA3D016FC4F9AE02.roa (hash: xHLevAzZuis8NnrBHZLDJf2yx7IF05dGBA1riYkWutY=) 3: 0E9CF77EBA6811EC8058A213C4F9AE02.roa (hash: /NRpEcDAXrkS/YDBwDOng+rHtIrpT7sCWxlP3Tbbtb4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.crl rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kNmaqNeRMUCvrp7iv-vNo3uhzSg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:10:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 869 (0x365) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2875, serialNumber=90D99AA8D7913140AFAE9EE2BFEBCDA37BA1CD28 Validity Not Before: May 31 01:10:10 2025 GMT Not After : Jun 7 01:10:10 2025 GMT Subject: CN=683a56f2-cf91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6a:79:7e:c2:9f:8a:86:58:ca:af:a7:e1:a1: 5a:ff:a3:1f:b4:c6:b8:b5:53:18:3c:a6:fe:ca:64: 0f:bc:b3:04:8f:24:fe:3d:9f:81:20:68:6d:c3:9a: f4:03:b2:4e:c1:99:49:cd:53:9e:55:af:c4:d1:5b: 28:6f:74:eb:29:71:4b:87:da:1f:94:7b:90:1a:10: 4a:6b:78:fc:29:e7:72:05:54:8c:df:25:a9:cf:4b: 68:86:e1:00:f2:8c:fa:6c:03:41:80:ae:3f:25:14: bb:0f:36:34:7c:a7:d0:5c:4a:71:d5:4f:9d:36:6f: 53:f6:b3:d0:5e:32:5e:ad:2e:98:04:e8:a9:08:47: 17:aa:aa:15:6e:1b:51:16:5c:0c:73:68:00:5c:00: 4d:6f:b5:74:d1:99:88:56:24:b3:d9:eb:8d:97:60: b4:ea:92:25:c1:2f:6a:ed:6d:b0:5a:61:9e:51:5a: 94:31:95:a4:59:04:ef:31:13:50:71:05:9e:12:69: 26:12:eb:4b:93:2b:4e:91:c9:fe:ef:1a:3d:1c:93: ba:12:a4:a0:04:41:35:29:43:e2:4f:35:16:72:df: 4f:ea:57:5a:fa:52:6c:b7:7e:c9:23:8d:10:83:9d: e5:27:72:bb:12:8b:e7:e8:1b:02:ea:bc:40:b9:25: f4:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:C1:98:61:D9:AC:DF:6F:C7:A8:85:D0:EF:7A:98:BB:31:9E:54:8F X509v3 Authority Key Identifier: keyid:90:D9:9A:A8:D7:91:31:40:AF:AE:9E:E2:BF:EB:CD:A3:7B:A1:CD:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kNmaqNeRMUCvrp7iv-vNo3uhzSg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:72:96:4b:60:85:df:d7:2f:75:25:55:60:81:dc:4e:5f:90: 1b:49:f5:05:90:b2:2c:39:76:a8:59:85:e8:f1:3b:fd:28:41: 98:61:af:e7:6c:ef:8e:6b:11:89:54:b1:3a:e9:8a:a0:bb:eb: 11:a2:a9:15:40:f8:99:f7:a4:39:cf:1f:dc:c3:3b:e7:0b:32: d7:c3:3d:28:14:f1:55:96:00:a3:f0:12:ad:35:9f:c5:47:92: 40:93:01:3c:1a:cf:67:b1:5f:4f:6e:d0:07:79:cc:a8:18:ca: ed:b9:fd:ff:28:52:5e:10:9b:1a:18:a2:21:ce:8f:68:c6:40: 6b:3c:4f:26:11:a6:1a:62:be:6a:d3:3f:75:e9:cc:2c:52:64: 61:73:b4:9d:44:6f:9e:dd:a1:5f:af:24:ad:91:e2:52:76:73: a1:b2:61:83:98:01:37:46:a6:ed:71:01:db:da:58:42:29:bb: e6:d1:3a:2b:2a:56:66:3a:50:cf:2e:f6:1b:0f:5e:5c:15:0b: 99:08:5c:ef:ff:fc:17:32:b6:59:d8:1d:aa:7b:be:2d:ae:71: de:bf:14:a9:3a:8a:98:14:65:10:a0:19:25:31:93:54:35:a3: 56:44:6b:74:69:e2:74:c1:c2:27:f2:4b:f0:98:39:0d:03:bf: b0:fc:89:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzI4NzUxMTAvBgNVBAUTKDkwRDk5QUE4RDc5MTMxNDBBRkFFOUVFMkJGRUJDREEz N0JBMUNEMjgwHhcNMjUwNTMxMDExMDEwWhcNMjUwNjA3MDExMDEwWjAYMRYwFAYD VQQDEw02ODNhNTZmMi1jZjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuGp5fsKfioZYyq+n4aFa/6MftMa4tVMYPKb+ymQPvLMEjyT+PZ+BIGhtw5r0 A7JOwZlJzVOeVa/E0Vsob3TrKXFLh9oflHuQGhBKa3j8KedyBVSM3yWpz0tohuEA 8oz6bANBgK4/JRS7DzY0fKfQXEpx1U+dNm9T9rPQXjJerS6YBOipCEcXqqoVbhtR FlwMc2gAXABNb7V00ZmIViSz2euNl2C06pIlwS9q7W2wWmGeUVqUMZWkWQTvMRNQ cQWeEmkmEutLkytOkcn+7xo9HJO6EqSgBEE1KUPiTzUWct9P6lda+lJst37JI40Q g53lJ3K7Eovn6BsC6rxAuSX06wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMTBmGHZ rN9vx6iF0O96mLsxnlSPMB8GA1UdIwQYMBaAFJDZmqjXkTFAr66e4r/rzaN7oc0o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjg3NS9DMjVERTBFNkI0 RTgxMUVDOTgwQzQ0NzFDNEY5QUUwMi9rTm1hcU5lUk1VQ3ZycDdpdi12Tm8zdWh6 U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tObWFxTmVSTVVDdnJwN2l2LXZObzN1aHpTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Mjg3NS9DMjVERTBFNkI0RTgxMUVDOTgwQzQ0NzFDNEY5QUUwMi9rTm1hcU5lUk1V Q3ZycDdpdi12Tm8zdWh6U2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApcpZLYIXf1y91JVVggdxOX5AbSfUFkLIsOXaoWYXo8Tv9KEGYYa/n bO+OaxGJVLE66Yqgu+sRoqkVQPiZ96Q5zx/cwzvnCzLXwz0oFPFVlgCj8BKtNZ/F R5JAkwE8Gs9nsV9PbtAHecyoGMrtuf3/KFJeEJsaGKIhzo9oxkBrPE8mEaYaYr5q 0z916cwsUmRhc7SdRG+e3aFfryStkeJSdnOhsmGDmAE3RqbtcQHb2lhCKbvm0Tor KlZmOlDPLvYbD15cFQuZCFzv//wXMrZZ2B2qe74trnHevxSpOoqYFGUQoBklMZNU NaNWRGt0aeJ0wcIn8kvwmDkNA7+w/IlX -----END CERTIFICATE-----Generated at Sat May 31 17:06:29 2025 by rpki-client