$ rpki-client -vvf rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft File: A4zy4oB33yytpFdW-12ZpuJA_Qk.mft (raw, json) Hash identifier: bYn4nPCl1tcK0bNHusCuY7YutK42ZalqhX02CiO67Ns= Subject key identifier: D2:5B:EC:9D:C4:CC:2B:A8:60:A5:03:B9:AD:D9:3C:7E:70:AB:5D:AE Authority key identifier: 03:8C:F2:E2:80:77:DF:2C:AD:A4:57:56:FB:5D:99:A6:E2:40:FD:09 Certificate issuer: /CN=A9112CEC/serialNumber=038CF2E28077DF2CADA45756FB5D99A6E240FD09 Certificate serial: 347E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft Manifest number: 3474 Signing time: Sun 20 Apr 2025 15:08:50 +0000 Manifest this update: Sun 20 Apr 2025 15:08:50 +0000 Manifest next update: Sun 27 Apr 2025 15:08:50 +0000 Files and hashes: 1: A4zy4oB33yytpFdW-12ZpuJA_Qk.crl (hash: X1bjJnCr/aJSRf+JX67E9A2OtMnM52CjjO3TM2wb26o=) 2: 55A4C5C004AA11E8935B7021C4F9AE02.roa (hash: Hux71er2Qs5CKXElMxsIIOBK+KutGucMBDid93LFsCU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.crl rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 15:08:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13438 (0x347e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9112CEC, serialNumber=038CF2E28077DF2CADA45756FB5D99A6E240FD09 Validity Not Before: Apr 20 15:08:50 2025 GMT Not After : Apr 27 15:08:50 2025 GMT Subject: CN=68050e02-a63c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0a:84:5a:43:77:2f:b5:c9:54:a1:d5:e0:22: 1f:51:11:c5:0b:e2:a4:37:fa:a8:d4:34:10:4e:a8: f7:59:78:a4:d8:07:6e:26:67:1a:f5:e3:75:73:22: eb:02:b7:e4:a9:21:55:6e:99:92:07:51:2c:35:71: a3:e5:b5:58:ed:b2:b2:1f:9c:6c:e8:bf:da:d5:10: 4a:ae:7b:78:71:02:49:49:b6:bb:ab:ea:14:5b:3b: 95:5e:81:a7:35:a5:b3:7d:84:ec:e1:5b:a6:13:13: ed:7f:f4:ae:fb:63:1b:36:b5:20:8d:32:a3:ee:b8: 81:f6:2d:88:e1:7a:24:a6:c1:6e:c5:c6:9d:12:83: 43:fa:b3:0a:17:94:86:57:77:dd:87:ef:c6:b9:16: d6:b0:44:10:9d:da:72:d5:d9:06:61:44:7e:c4:b4: 86:a8:43:0c:24:4a:68:74:ff:0d:e3:78:86:e9:38: e7:4b:21:9a:5b:47:54:ed:a4:51:a7:68:9f:71:92: d7:0f:ba:1f:a7:6e:48:d0:70:b8:36:f0:43:d5:1c: 93:1b:a1:67:68:9e:c8:c0:7e:8d:6a:d6:7f:c7:07: 36:8d:99:47:4c:bf:55:20:0b:08:18:45:2c:0c:db: a8:32:62:58:e8:1a:b7:27:85:f0:86:02:d0:58:88: 8b:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:5B:EC:9D:C4:CC:2B:A8:60:A5:03:B9:AD:D9:3C:7E:70:AB:5D:AE X509v3 Authority Key Identifier: keyid:03:8C:F2:E2:80:77:DF:2C:AD:A4:57:56:FB:5D:99:A6:E2:40:FD:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:a0:4e:c2:38:47:60:e0:47:37:da:e2:30:65:17:05:09:b5: 9a:32:e1:41:44:42:c0:dc:05:2e:20:74:d8:0c:a3:77:29:3d: 17:16:09:3c:cb:82:95:d3:14:47:5e:b0:17:5a:0b:01:bd:ad: ed:50:c6:ff:4a:f6:19:fd:00:29:34:93:a2:e8:48:43:b5:75: 49:38:f3:d6:77:f0:2a:8d:e2:30:24:8a:55:36:e4:df:35:95: 89:86:f7:7c:2f:65:27:5f:a5:bb:84:00:9f:fa:9b:3b:e4:b4: 1d:04:44:77:28:1e:d5:95:67:88:e3:15:87:49:7a:7f:77:ab: 31:0a:95:00:65:dc:41:8a:4a:c7:56:b0:39:99:2b:6b:67:f0: b2:f9:c7:e5:41:c7:40:f7:f4:1e:3b:46:65:1d:b3:26:17:46: e5:a1:70:7a:87:cd:95:6e:e3:96:b7:19:f0:bb:3f:0b:3b:6e: c4:ce:bb:07:17:e7:78:95:09:d9:df:3d:cd:de:8f:09:10:81: 64:d2:28:48:dc:cc:46:5b:88:a3:6c:f0:34:ad:2a:6d:7d:38: fb:e9:8a:4e:f6:91:99:6e:62:5a:4b:9e:9c:f4:80:52:6e:a0: 9e:16:01:ec:78:de:70:73:29:43:89:33:a4:02:c5:7d:13:81: bc:97:6f:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTJDRUMxMTAvBgNVBAUTKDAzOENGMkUyODA3N0RGMkNBREE0NTc1NkZCNUQ5OUE2 RTI0MEZEMDkwHhcNMjUwNDIwMTUwODUwWhcNMjUwNDI3MTUwODUwWjAYMRYwFAYD VQQDEw02ODA1MGUwMi1hNjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArgqEWkN3L7XJVKHV4CIfURHFC+KkN/qo1DQQTqj3WXik2AduJmca9eN1cyLr ArfkqSFVbpmSB1EsNXGj5bVY7bKyH5xs6L/a1RBKrnt4cQJJSba7q+oUWzuVXoGn NaWzfYTs4VumExPtf/Su+2MbNrUgjTKj7riB9i2I4XokpsFuxcadEoND+rMKF5SG V3fdh+/GuRbWsEQQndpy1dkGYUR+xLSGqEMMJEpodP8N43iG6TjnSyGaW0dU7aRR p2ifcZLXD7ofp25I0HC4NvBD1RyTG6FnaJ7IwH6NatZ/xwc2jZlHTL9VIAsIGEUs DNuoMmJY6Bq3J4XwhgLQWIiLAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNJb7J3E zCuoYKUDua3ZPH5wq12uMB8GA1UdIwQYMBaAFAOM8uKAd98sraRXVvtdmabiQP0J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkNFQy9COEIwQzc4ODFE QTQxMUUyOEM5M0U3OUEwOEIwMkNEMi9BNHp5NG9CMzN5eXRwRmRXLTEyWnB1SkFf UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E0enk0b0IzM3l5dHBGZFctMTJacHVKQV9Ray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MkNFQy9COEIwQzc4ODFEQTQxMUUyOEM5M0U3OUEwOEIwMkNEMi9BNHp5NG9CMzN5 eXRwRmRXLTEyWnB1SkFfUWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApoE7COEdg4Ec32uIwZRcFCbWaMuFBRELA3AUuIHTYDKN3KT0XFgk8 y4KV0xRHXrAXWgsBva3tUMb/SvYZ/QApNJOi6EhDtXVJOPPWd/AqjeIwJIpVNuTf NZWJhvd8L2UnX6W7hACf+ps75LQdBER3KB7VlWeI4xWHSXp/d6sxCpUAZdxBikrH VrA5mStrZ/Cy+cflQcdA9/QeO0ZlHbMmF0bloXB6h82VbuOWtxnwuz8LO27EzrsH F+d4lQnZ3z3N3o8JEIFk0ihI3MxGW4ijbPA0rSptfTj76YpO9pGZbmJaS56c9IBS bqCeFgHseN5wcylDiTOkAsV9E4G8l2/8 -----END CERTIFICATE-----Generated at Mon Apr 21 16:56:51 2025 by rpki-client