$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft File: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft (raw, json) Hash identifier: 0SF3ojg6A4hliPMciCB/MV4PPgp4sYHTdE80ND/97G0= Subject key identifier: BC:38:26:53:D1:96:05:EE:51:39:F7:25:9E:F0:72:D5:6F:10:A6:9E Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 Certificate issuer: /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Certificate serial: 073A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft Manifest number: 0723 Signing time: Fri 30 May 2025 22:05:05 +0000 Manifest this update: Fri 30 May 2025 22:05:05 +0000 Manifest next update: Fri 06 Jun 2025 22:05:05 +0000 Files and hashes: 1: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl (hash: K1PgFnBI2omt79El8pTVZT5VKB0cBoPFq2z0PPFgf60=) 2: C42CEC7ECC3611EF9C79665CC4F9AE02.roa (hash: +9I46oBmobqbn5rox7c5LlYsiP1+hncBa8w/SO0pYyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 22:05:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1850 (0x73a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5021, serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Validity Not Before: May 30 22:05:05 2025 GMT Not After : Jun 6 22:05:05 2025 GMT Subject: CN=683a2b91-838b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:80:13:7e:37:88:f5:0a:90:da:3d:15:94:36: 96:49:5d:6f:6c:ae:71:b2:00:d5:c8:07:6c:46:31: 65:cf:6d:82:d4:de:2b:e2:e5:20:03:6a:cc:12:7e: 31:0c:c4:ad:6f:56:f9:86:ee:ee:eb:2f:47:46:20: 62:61:92:be:be:50:fe:c9:c5:69:55:87:81:e8:1a: bc:32:a9:17:70:b8:3d:7e:a9:b7:42:7b:d9:ca:b1: 5d:27:f8:1d:26:3c:df:13:37:08:a7:eb:46:79:5c: 50:c2:d8:ce:ac:56:d1:42:b2:7a:2d:79:d3:27:a3: 77:6e:88:3f:23:ab:29:2f:12:55:01:8f:68:7f:93: 14:c1:39:2d:a5:cc:e3:e1:e5:50:78:4d:56:40:64: 9b:62:fe:87:36:41:6f:67:5e:81:71:b3:c1:d5:7a: 87:7d:98:ef:a7:19:cf:a9:13:c1:c7:bd:83:78:42: dd:1b:e9:96:99:be:c6:87:b4:9d:58:8c:98:5e:32: 93:1d:48:fe:d2:ca:f4:e3:cd:44:16:51:04:04:af: ed:19:ab:96:29:b6:5b:1a:8b:1b:95:d9:e6:fa:a9: 3d:ff:b3:4b:a8:f7:61:3c:28:ab:03:36:84:9f:a9: 53:24:d8:c9:4f:bc:02:30:21:43:ae:79:46:7d:bd: 7b:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:38:26:53:D1:96:05:EE:51:39:F7:25:9E:F0:72:D5:6F:10:A6:9E X509v3 Authority Key Identifier: keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:05:a3:c4:b9:18:a5:ca:61:52:30:5e:b6:a2:92:36:84:a4: c1:5c:98:f9:b0:c7:03:c8:8b:45:3b:81:cc:c0:6c:fc:26:63: 0c:46:39:34:23:c2:c3:ff:16:e5:72:ce:3a:f7:32:b0:66:cd: 9d:c0:f2:40:bd:e3:1f:67:15:08:94:ac:2b:03:e2:6f:d0:03: a1:49:20:e0:fa:37:a8:65:16:54:71:68:43:c9:4b:e2:63:96: 8e:f7:a5:44:d1:ea:a9:eb:d2:62:f4:cc:42:b2:09:c8:a6:26: b4:b9:ae:3f:13:cb:0e:31:cd:ed:b2:33:de:b4:8f:48:0a:88: c6:7c:31:c0:a1:65:80:10:7f:ea:23:c9:9e:f5:e8:0d:cd:9e: 3c:44:0d:bc:e5:67:2a:af:d6:2b:eb:f5:5b:dd:bc:5a:f5:08: 71:9d:5f:3c:67:62:1e:1b:d7:88:e9:84:08:08:09:96:7a:2a: e7:76:1f:16:9a:fc:62:8a:43:44:16:27:96:1a:9f:4b:8c:4d: fb:72:ee:a9:38:14:db:35:12:a3:87:48:b2:af:9a:14:55:bf: ca:4e:87:ea:1d:f0:30:dd:5e:0d:8e:84:22:ab:46:60:71:8e: 85:4e:62:07:7c:a1:24:9d:f7:79:74:f2:6d:5b:62:47:05:5a: d3:85:99:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF QjdEM0U5MDIwHhcNMjUwNTMwMjIwNTA1WhcNMjUwNjA2MjIwNTA1WjAYMRYwFAYD VQQDEw02ODNhMmI5MS04MzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvIATfjeI9QqQ2j0VlDaWSV1vbK5xsgDVyAdsRjFlz22C1N4r4uUgA2rMEn4x DMStb1b5hu7u6y9HRiBiYZK+vlD+ycVpVYeB6Bq8MqkXcLg9fqm3QnvZyrFdJ/gd JjzfEzcIp+tGeVxQwtjOrFbRQrJ6LXnTJ6N3bog/I6spLxJVAY9of5MUwTktpczj 4eVQeE1WQGSbYv6HNkFvZ16BcbPB1XqHfZjvpxnPqRPBx72DeELdG+mWmb7Gh7Sd WIyYXjKTHUj+0sr0481EFlEEBK/tGauWKbZbGosbldnm+qk9/7NLqPdhPCirAzaE n6lTJNjJT7wCMCFDrnlGfb17wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLw4JlPR lgXuUTn3JZ7wctVvEKaeMB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2 UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTAyMS85QUZENDg2QzNCQkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhL TzZhanBLaDlhT25yZlQ2UUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7BaPEuRilymFSMF62opI2hKTBXJj5sMcDyItFO4HMwGz8JmMMRjk0 I8LD/xblcs469zKwZs2dwPJAveMfZxUIlKwrA+Jv0AOhSSDg+jeoZRZUcWhDyUvi Y5aO96VE0eqp69Ji9MxCsgnIpia0ua4/E8sOMc3tsjPetI9ICojGfDHAoWWAEH/q I8me9egNzZ48RA285Wcqr9Yr6/Vb3bxa9QhxnV88Z2IeG9eI6YQICAmWeirndh8W mvxiikNEFieWGp9LjE37cu6pOBTbNRKjh0iyr5oUVb/KTofqHfAw3V4NjoQiq0Zg cY6FTmIHfKEknfd5dPJtW2JHBVrThZmx -----END CERTIFICATE-----Generated at Sat May 31 16:43:52 2025 by rpki-client