$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: ec4awInRjaDwqlj7wOAx9ORGGdpPAfLFIvSJHLl8dD0= Subject key identifier: 49:37:9F:88:0F:9B:F7:BC:28:B5:BC:36:3F:B5:F8:0A:EA:DC:4A:03 Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01AD Signing time: Sat 31 May 2025 03:01:28 +0000 Manifest this update: Sat 31 May 2025 03:01:28 +0000 Manifest next update: Sat 07 Jun 2025 03:01:28 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: Bg8iizG3s+V5Wiias/LBSAvHrtq2KZej8AwoZp5ilew=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 439 (0x1b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: May 31 03:01:28 2025 GMT Not After : Jun 7 03:01:28 2025 GMT Subject: CN=683a7108-a335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:e8:2c:56:93:e8:ce:32:d3:1e:68:41:b0:27: b7:d4:b5:f9:0e:d8:7e:d1:52:78:e6:99:30:62:36: ab:ce:42:10:e5:65:64:5e:5f:98:07:93:9f:40:18: 64:d0:54:c1:73:ae:55:9b:75:6c:f3:09:e9:70:70: 20:c5:e7:c7:a0:60:f5:36:0f:6f:67:ae:b1:7a:9c: fd:9d:c4:8f:f9:61:58:0d:91:13:4b:9d:62:cd:5e: 6c:e9:b5:55:83:7b:05:b0:71:9f:5d:52:c7:e2:70: 1e:7b:12:fc:ef:69:ec:5b:88:22:d7:d5:e1:a1:73: 62:31:5b:45:71:6e:8e:26:4b:b3:d1:7f:56:6a:67: 26:6a:9b:dd:e8:fb:dc:43:d5:b8:cd:b2:67:90:d0: 9e:01:7c:03:e0:e5:29:fb:67:71:48:ee:a9:11:d4: 0e:f2:25:be:34:ed:c3:20:67:b5:b9:c8:41:55:62: 18:38:63:83:4f:09:41:bb:62:23:94:e3:fb:a9:ec: fd:7e:b5:02:c6:9b:eb:24:8e:d0:89:07:e0:18:5d: bd:64:df:aa:b3:d8:7e:bb:bd:24:c7:af:a7:bb:3f: c0:89:b6:d2:eb:0f:eb:43:c8:0e:24:b4:f9:53:5e: a5:df:fb:92:db:6d:b5:25:c3:c2:53:7f:f3:1a:a1: 6d:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:37:9F:88:0F:9B:F7:BC:28:B5:BC:36:3F:B5:F8:0A:EA:DC:4A:03 X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:dc:fe:a7:e7:a0:f6:2e:1b:49:52:e9:88:26:be:8c:26:f0: fd:06:65:cd:e9:70:55:ae:ad:3a:42:15:06:d2:f2:d0:b5:c8: a4:5a:11:38:66:e5:26:7a:3c:ff:ec:e6:a9:54:88:00:38:cb: e3:08:23:55:7e:17:a7:f5:c5:73:cb:09:d8:ab:11:d6:db:85: 23:76:d6:0b:6e:43:cf:f1:10:df:94:f6:8a:52:e4:aa:a9:87: 17:26:b0:d1:e4:7e:58:d8:89:5d:44:76:cf:8e:25:37:28:4c: dc:dc:35:04:97:37:49:50:bc:82:78:ad:6a:ac:0d:15:0e:d1: 58:91:e8:62:62:6f:3e:93:66:02:ff:fb:36:37:cc:a1:61:e7: 38:5d:22:3f:03:e7:33:23:b0:4e:39:3f:9c:d7:49:ab:a7:1d: 20:83:b3:e8:4c:fa:c2:f7:d4:6f:c4:c8:c9:b2:b5:00:72:13: a4:c2:30:99:6f:75:4c:d9:53:78:16:42:70:76:48:19:2d:37: 66:03:01:ee:3c:9e:98:b3:66:d9:47:b5:2b:bb:49:da:45:46: f4:c1:98:cd:83:2c:30:8b:ce:8c:dd:81:f4:e7:14:5c:6d:65: 5f:99:9e:4d:3a:86:76:ed:cf:5e:72:be:70:4f:a3:17:4c:4d: dd:79:48:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwNTMxMDMwMTI4WhcNMjUwNjA3MDMwMTI4WjAYMRYwFAYD VQQDEw02ODNhNzEwOC1hMzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyegsVpPozjLTHmhBsCe31LX5Dth+0VJ45pkwYjarzkIQ5WVkXl+YB5OfQBhk 0FTBc65Vm3Vs8wnpcHAgxefHoGD1Ng9vZ66xepz9ncSP+WFYDZETS51izV5s6bVV g3sFsHGfXVLH4nAeexL872nsW4gi19XhoXNiMVtFcW6OJkuz0X9Wamcmapvd6Pvc Q9W4zbJnkNCeAXwD4OUp+2dxSO6pEdQO8iW+NO3DIGe1uchBVWIYOGODTwlBu2Ij lOP7qez9frUCxpvrJI7QiQfgGF29ZN+qs9h+u70kx6+nuz/AibbS6w/rQ8gOJLT5 U16l3/uS2221JcPCU3/zGqFt1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEk3n4gP m/e8KLW8Nj+1+Arq3EoDMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAo3P6n56D2LhtJUumIJr6MJvD9BmXN6XBVrq06QhUG0vLQtcikWhE4 ZuUmejz/7OapVIgAOMvjCCNVfhen9cVzywnYqxHW24UjdtYLbkPP8RDflPaKUuSq qYcXJrDR5H5Y2IldRHbPjiU3KEzc3DUElzdJULyCeK1qrA0VDtFYkehiYm8+k2YC //s2N8yhYec4XSI/A+czI7BOOT+c10mrpx0gg7PoTPrC99RvxMjJsrUAchOkwjCZ b3VM2VN4FkJwdkgZLTdmAwHuPJ6Ys2bZR7Uru0naRUb0wZjNgywwi86M3YH05xRc bWVfmZ5NOoZ27c9ecr5wT6MXTE3deUhG -----END CERTIFICATE-----Generated at Sat May 31 16:26:54 2025 by rpki-client