$ rpki-client -vvf rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft File: VTcR8u_pSETEP3dtRRAYwGSXLJo.mft (raw, json) Hash identifier: kspnAox2y06VvPEHxAIsvAtXuYbkAZIGi9WTIL37u5M= Subject key identifier: 70:57:8D:8B:52:54:99:62:2B:3A:21:B5:48:D5:DD:67:18:E5:B9:55 Authority key identifier: 55:37:11:F2:EF:E9:48:44:C4:3F:77:6D:45:10:18:C0:64:97:2C:9A Certificate issuer: /CN=A911AAB5/serialNumber=553711F2EFE94844C43F776D451018C064972C9A Certificate serial: 0BFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTcR8u_pSETEP3dtRRAYwGSXLJo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft Manifest number: 0BF5 Signing time: Mon 14 Apr 2025 18:38:58 +0000 Manifest this update: Mon 14 Apr 2025 18:38:57 +0000 Manifest next update: Mon 21 Apr 2025 18:38:57 +0000 Files and hashes: 1: VTcR8u_pSETEP3dtRRAYwGSXLJo.crl (hash: q/OujoWoUTza9Lf7FRlekX2OJjPDQVPl9qhQcotBgMA=) 2: 65EE26547A8711ECBA5D244DC4F9AE02.roa (hash: Rf0IxEkwLDNapXsuJXAuul060sZSSoGxkC1k36Bzzhw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.crl rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTcR8u_pSETEP3dtRRAYwGSXLJo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 18:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3071 (0xbff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AAB5, serialNumber=553711F2EFE94844C43F776D451018C064972C9A Validity Not Before: Apr 14 18:38:57 2025 GMT Not After : Apr 21 18:38:57 2025 GMT Subject: CN=67fd5642-39db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:df:f0:fe:6e:f3:67:b1:ea:4c:35:02:e8:d8: 58:3f:e0:62:9c:eb:6a:23:e1:59:9f:91:3c:13:51: ec:0d:3e:4d:38:39:bd:c3:48:d7:ee:0e:10:8a:4c: 81:3e:b6:12:ad:dc:bc:5e:6d:0c:07:bb:49:08:ed: 76:19:29:83:39:d3:8b:46:2e:77:65:bc:c2:16:5e: c7:d6:6e:c0:1d:65:a2:4a:62:c7:df:46:0e:c7:1c: 7a:da:60:c9:7b:54:6f:d7:ca:e0:4e:a0:af:66:aa: d8:78:7c:21:7c:ef:a5:f2:6d:fa:dc:97:3f:eb:ba: b1:4f:0e:1e:96:7a:a1:cd:1f:4f:e2:73:b5:a0:03: 00:c4:1a:f4:f0:71:22:9c:19:89:55:12:64:79:55: 9c:9c:1e:70:bf:a8:9b:91:93:1c:66:a4:0e:03:7e: 24:35:b5:b4:b3:c8:f2:d4:de:9a:93:2e:4f:68:68: 77:ab:6b:f3:45:1c:a4:37:e9:cb:40:a0:21:bb:9f: 3a:e5:46:1d:b8:ba:6e:b4:9e:bb:ad:d5:d2:3d:eb: 85:98:aa:4b:78:b0:fc:70:fd:ba:d6:fc:d7:86:da: 47:de:37:4a:7d:a0:58:65:bc:18:a2:68:ba:bf:d2: f7:82:fe:8e:3a:7b:25:5b:2b:aa:71:d8:b7:13:87: 15:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:57:8D:8B:52:54:99:62:2B:3A:21:B5:48:D5:DD:67:18:E5:B9:55 X509v3 Authority Key Identifier: keyid:55:37:11:F2:EF:E9:48:44:C4:3F:77:6D:45:10:18:C0:64:97:2C:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTcR8u_pSETEP3dtRRAYwGSXLJo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:d0:2b:20:3f:18:dd:50:fe:58:90:ab:cd:58:08:0d:8e:31: c6:df:94:5b:99:e4:e6:8d:5a:90:71:fe:3d:43:70:e7:93:ac: 2a:06:02:f8:c3:2f:6a:23:b9:5f:e6:cd:82:7f:b8:a6:b7:a6: 4d:bc:f3:c1:57:de:18:ee:0f:8c:36:1b:b9:2b:a8:bb:e9:b9: f7:89:22:31:0b:35:ac:93:fd:78:17:1a:0b:0d:74:53:69:5a: f7:79:40:87:7f:31:df:a8:76:82:5a:1f:02:be:0b:f9:75:c8: 5e:ad:22:ce:a2:97:34:44:ee:34:08:44:46:0f:5f:53:ae:18: 7d:6f:c3:d9:00:91:93:9f:7b:02:f1:62:f5:f1:2c:ce:ea:f1: 3c:63:09:38:36:82:b8:60:35:ec:6d:15:8f:50:c8:13:b3:53: fe:8d:df:48:d9:fe:81:b2:2e:e9:71:5a:e4:bf:a2:0e:be:c5: 62:ad:0c:5b:a1:de:ca:fb:d7:3d:ac:b1:ed:f3:57:ab:26:39: 38:0c:5b:04:3d:c8:53:d2:b1:90:02:0b:f2:df:14:f1:58:ee: cc:c9:ae:e6:5d:ec:d3:5b:de:8d:6a:79:e6:b7:a2:c6:45:0c: af:f3:82:f5:07:10:6d:26:68:11:a5:a0:cf:cb:8e:3f:fa:21: 8b:5f:0b:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFBQjUxMTAvBgNVBAUTKDU1MzcxMUYyRUZFOTQ4NDRDNDNGNzc2RDQ1MTAxOEMw NjQ5NzJDOUEwHhcNMjUwNDE0MTgzODU3WhcNMjUwNDIxMTgzODU3WjAYMRYwFAYD VQQDEw02N2ZkNTY0Mi0zOWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqN/w/m7zZ7HqTDUC6NhYP+BinOtqI+FZn5E8E1HsDT5NODm9w0jX7g4QikyB PrYSrdy8Xm0MB7tJCO12GSmDOdOLRi53ZbzCFl7H1m7AHWWiSmLH30YOxxx62mDJ e1Rv18rgTqCvZqrYeHwhfO+l8m363Jc/67qxTw4elnqhzR9P4nO1oAMAxBr08HEi nBmJVRJkeVWcnB5wv6ibkZMcZqQOA34kNbW0s8jy1N6aky5PaGh3q2vzRRykN+nL QKAhu5865UYduLputJ67rdXSPeuFmKpLeLD8cP261vzXhtpH3jdKfaBYZbwYomi6 v9L3gv6OOnslWyuqcdi3E4cVWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHBXjYtS VJliKzohtUjV3WcY5blVMB8GA1UdIwQYMBaAFFU3EfLv6UhExD93bUUQGMBklyya MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUFCNS9BM0JERTdBMDEw RjYxMUVBOTEwM0I2MUJDNEY5QUUwMi9WVGNSOHVfcFNFVEVQM2R0UlJBWXdHU1hM Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZUY1I4dV9wU0VURVAzZHRSUkFZd0dTWExKby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QUFCNS9BM0JERTdBMDEwRjYxMUVBOTEwM0I2MUJDNEY5QUUwMi9WVGNSOHVfcFNF VEVQM2R0UlJBWXdHU1hMSm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZ0CsgPxjdUP5YkKvNWAgNjjHG35RbmeTmjVqQcf49Q3Dnk6wqBgL4 wy9qI7lf5s2Cf7imt6ZNvPPBV94Y7g+MNhu5K6i76bn3iSIxCzWsk/14FxoLDXRT aVr3eUCHfzHfqHaCWh8Cvgv5dcherSLOopc0RO40CERGD19Trhh9b8PZAJGTn3sC 8WL18SzO6vE8Ywk4NoK4YDXsbRWPUMgTs1P+jd9I2f6Bsi7pcVrkv6IOvsVirQxb od7K+9c9rLHt81erJjk4DFsEPchT0rGQAgvy3xTxWO7Mya7mXezTW96Nannmt6LG RQyv84L1BxBtJmgRpaDPy44/+iGLXwsY -----END CERTIFICATE-----Generated at Wed Apr 16 17:18:07 2025 by rpki-client