$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft File: KHuwzWb71-W3qIumZ4kSTAsExXg.mft (raw, json) Hash identifier: YFcvqLrwnR8uNqInETYsuB7KhMe3roYMXHhPNpoQacE= Subject key identifier: 67:3A:80:3E:FF:ED:46:B0:AA:2B:7F:9E:6A:90:7C:35:C3:B4:80:2C Authority key identifier: 28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 Certificate issuer: /CN=A91EAE25/serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Certificate serial: 0B71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft Manifest number: 0B68 Signing time: Fri 30 May 2025 19:16:17 +0000 Manifest this update: Fri 30 May 2025 19:16:17 +0000 Manifest next update: Fri 06 Jun 2025 19:16:17 +0000 Files and hashes: 1: KHuwzWb71-W3qIumZ4kSTAsExXg.crl (hash: 4ZJyAQKP36EZQK64hTsStuwCXi8iuYEWDd0YeSpcwvw=) 2: 2BA212DC306D11EA81D19B38C4F9AE02.roa (hash: rkLsb+deDCPqbk0gObiXfMhdhI5eY1I1eSaPovL0Epo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:16:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2929 (0xb71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE25, serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Validity Not Before: May 30 19:16:17 2025 GMT Not After : Jun 6 19:16:17 2025 GMT Subject: CN=683a0401-fe80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:13:6d:8b:e9:8b:f2:fa:20:29:68:ab:18:95: 31:0c:1f:ee:a2:10:48:15:c0:6d:71:ad:eb:94:9e: aa:86:8e:d7:f9:5e:4e:c7:e7:1d:f4:ff:09:4d:70: 27:70:d2:c7:c1:76:fa:7c:c7:cd:5b:2f:a7:45:29: 02:8f:b0:2f:74:3d:49:b5:c8:c8:10:31:b2:ef:4f: 5c:99:74:1f:a6:18:14:f8:1a:b7:7f:70:34:7c:89: 05:46:f8:cb:6e:f6:3a:8e:08:19:ad:4f:ae:bd:47: d7:f6:57:47:d7:e3:68:93:47:42:f7:39:ce:ac:a3: 15:d0:9a:22:1a:df:a1:5e:f7:3e:44:8a:73:7c:24: b0:cb:4e:01:f7:95:fa:82:cb:13:65:de:1a:de:cc: b3:83:41:01:0c:46:1a:09:55:c6:a7:67:36:cf:3d: 33:f6:45:68:b0:ba:97:f9:95:8c:07:f7:69:55:29: 7a:11:10:7f:84:cb:7b:c2:1a:fc:f9:be:96:09:cc: 61:62:01:f2:8a:be:b4:0b:93:cd:a5:91:4e:fc:73: 6d:75:77:7b:48:61:74:94:b8:72:cd:d0:56:25:dc: 85:aa:66:61:d4:47:96:ea:18:fe:fe:eb:4b:ab:60: 02:09:e5:e5:71:2d:bf:03:9f:40:de:8c:24:42:de: 91:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:3A:80:3E:FF:ED:46:B0:AA:2B:7F:9E:6A:90:7C:35:C3:B4:80:2C X509v3 Authority Key Identifier: keyid:28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:1d:30:55:ad:f9:9a:de:90:9c:b6:f9:3d:6a:60:0d:cd:e6: 97:5c:eb:bd:a1:47:00:52:05:30:a9:cf:52:b0:2e:97:e7:fc: 7b:01:c1:cc:91:ce:6c:23:b5:a6:0d:94:26:9c:88:b3:ab:d3: 1f:c1:5d:5f:0f:e6:5c:8f:04:ac:24:2b:79:1f:bd:1f:f2:d3: b8:34:fc:16:05:7c:3c:14:61:ec:32:93:78:4e:f8:7d:22:d5: 40:0f:17:8f:cb:89:29:b6:f2:2c:61:77:45:f3:b6:a5:27:c2: 9a:8b:2a:9e:49:72:0c:b1:48:f2:19:32:23:1d:10:db:ee:6e: 9f:c6:fc:64:94:e1:9a:c6:64:2f:4a:88:ec:c0:f5:49:dd:8a: 15:78:38:67:46:a3:ab:f9:34:64:c4:4c:d8:32:99:f5:da:b8: 6b:6a:58:a1:d8:d6:75:26:a2:bd:4a:be:c2:89:26:45:fd:5d: 39:85:a0:a8:f8:32:7e:a6:25:64:23:fa:3f:af:bf:af:d5:fd: bd:79:42:71:0b:1c:8f:db:23:ec:f1:b7:93:80:22:e6:d4:64: 9c:fd:18:ce:eb:5f:e6:45:f7:1f:3c:25:56:9c:87:6e:a3:e3: 08:3e:2b:15:c3:10:5b:d5:ea:de:39:42:b4:86:ed:51:03:2a: ef:a9:40:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC3EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFMjUxMTAvBgNVBAUTKDI4N0JCMENENjZGQkQ3RTVCN0E4OEJBNjY3ODkxMjRD MEIwNEM1NzgwHhcNMjUwNTMwMTkxNjE3WhcNMjUwNjA2MTkxNjE3WjAYMRYwFAYD VQQDEw02ODNhMDQwMS1mZTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqRNti+mL8vogKWirGJUxDB/uohBIFcBtca3rlJ6qho7X+V5Ox+cd9P8JTXAn cNLHwXb6fMfNWy+nRSkCj7AvdD1JtcjIEDGy709cmXQfphgU+Bq3f3A0fIkFRvjL bvY6jggZrU+uvUfX9ldH1+Nok0dC9znOrKMV0JoiGt+hXvc+RIpzfCSwy04B95X6 gssTZd4a3syzg0EBDEYaCVXGp2c2zz0z9kVosLqX+ZWMB/dpVSl6ERB/hMt7whr8 +b6WCcxhYgHyir60C5PNpZFO/HNtdXd7SGF0lLhyzdBWJdyFqmZh1EeW6hj+/utL q2ACCeXlcS2/A59A3owkQt6RPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGc6gD7/ 7Uawqit/nmqQfDXDtIAsMB8GA1UdIwQYMBaAFCh7sM1m+9flt6iLpmeJEkwLBMV4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUyNS82OEU1N0FFRTMw NjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEtVzNxSXVtWjRrU1RBc0V4 WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIdXd6V2I3MS1XM3FJdW1aNGtTVEFzRXhYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUyNS82OEU1N0FFRTMwNjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEt VzNxSXVtWjRrU1RBc0V4WGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYHTBVrfma3pCctvk9amANzeaXXOu9oUcAUgUwqc9SsC6X5/x7AcHM kc5sI7WmDZQmnIizq9MfwV1fD+ZcjwSsJCt5H70f8tO4NPwWBXw8FGHsMpN4Tvh9 ItVADxePy4kptvIsYXdF87alJ8KaiyqeSXIMsUjyGTIjHRDb7m6fxvxklOGaxmQv SojswPVJ3YoVeDhnRqOr+TRkxEzYMpn12rhralih2NZ1JqK9Sr7CiSZF/V05haCo +DJ+piVkI/o/r7+v1f29eUJxCxyP2yPs8beTgCLm1GSc/RjO61/mRfcfPCVWnIdu o+MIPisVwxBb1ereOUK0hu1RAyrvqUB6 -----END CERTIFICATE-----Generated at Sat May 31 16:40:39 2025 by rpki-client