$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft File: D9Qkj9SLoa4LYNjPakPbM7b09ro.mft (raw, json) Hash identifier: ufcqGdws5heKdfhkG0STXoMsiG1SLT8pWsZv1VLtXZk= Subject key identifier: CC:FD:89:E6:05:56:76:08:58:CE:27:7E:C5:6B:F0:0B:67:BB:39:EF Authority key identifier: 0F:D4:24:8F:D4:8B:A1:AE:0B:60:D8:CF:6A:43:DB:33:B6:F4:F6:BA Certificate issuer: /CN=A911B5AC/serialNumber=0FD4248FD48BA1AE0B60D8CF6A43DB33B6F4F6BA Certificate serial: 01B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9Qkj9SLoa4LYNjPakPbM7b09ro.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft Manifest number: 01B2 Signing time: Sat 05 Apr 2025 02:37:54 +0000 Manifest this update: Sat 05 Apr 2025 02:37:54 +0000 Manifest next update: Sat 12 Apr 2025 02:37:54 +0000 Files and hashes: 1: D9Qkj9SLoa4LYNjPakPbM7b09ro.crl (hash: DalWGjJM/6ilmg+PotgzslI+Ng3npe9HMk3H8FxP1bo=) 2: CA181F42791211ED9D926781C4F9AE02.roa (hash: zvSljqq8u0aCswP8WadYkts+Ql8DETe3wBjOyVuGUoM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.crl rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9Qkj9SLoa4LYNjPakPbM7b09ro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:37:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5AC Validity Not Before: Apr 5 02:37:54 2025 GMT Not After : Apr 12 02:37:54 2025 GMT Subject: CN=67f09782-c423 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d6:fe:f5:ec:d7:81:5c:97:a3:c3:de:9a:35: f1:7b:9a:ad:5a:df:b6:a1:97:3b:88:d2:66:72:34: 14:e7:fc:21:67:f8:f0:72:f3:53:cd:92:68:1b:97: 1e:77:8b:cc:c1:68:32:22:05:1d:50:b2:a8:92:1f: d2:00:bb:2b:55:2a:cf:30:0a:26:1a:e0:dd:e5:34: f8:aa:ff:f1:33:a4:33:31:da:23:6b:a7:9c:1b:ce: 89:b6:d1:07:b7:71:83:5e:3c:ce:2a:c8:f4:f7:d3: c0:f6:bf:02:9d:8b:5a:a9:1d:e4:f3:f7:99:20:9e: 1c:33:50:09:0d:a2:48:bc:56:33:f4:73:de:f4:ac: 3e:ba:58:6f:fa:33:e2:cc:36:9e:ef:b3:1b:f7:47: d8:d5:bb:b2:ad:b2:cb:fd:a2:50:7a:0b:4d:71:5f: 39:89:ef:6b:87:ee:0e:31:53:6b:78:f9:37:19:10: bb:63:4f:33:f3:93:46:c3:76:89:49:61:6d:f5:9a: 26:91:7e:b6:17:41:4f:fc:6d:d5:ca:85:fc:e6:ed: 60:cd:f8:c6:9a:0b:a6:f0:a0:fe:a1:7f:e2:eb:81: 60:cc:f7:a0:9a:e6:8b:64:cd:04:c3:9a:d8:be:ba: a9:0b:f9:47:aa:d4:15:ed:85:2c:a1:64:1e:b8:4e: df:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:FD:89:E6:05:56:76:08:58:CE:27:7E:C5:6B:F0:0B:67:BB:39:EF X509v3 Authority Key Identifier: keyid:0F:D4:24:8F:D4:8B:A1:AE:0B:60:D8:CF:6A:43:DB:33:B6:F4:F6:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9Qkj9SLoa4LYNjPakPbM7b09ro.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:2e:4e:42:ef:c3:2f:30:92:2a:3b:fd:d3:f7:06:7c:0a:62: 90:8b:9e:ae:dd:f6:3d:d2:61:f5:dc:3f:9a:12:67:6e:ef:51: 1f:fb:e0:45:e1:a2:96:ce:60:f1:f6:e2:5a:79:23:e1:80:f2: 41:eb:d9:0f:01:84:73:9f:fc:f5:76:7c:ac:33:2a:78:e0:17: 60:d3:f0:41:73:8b:c4:bb:43:31:0e:bf:f6:fe:88:f4:f4:52: 97:12:8c:e6:98:5a:00:ae:c4:ba:84:77:35:5a:f5:fe:6e:79: f3:9a:6c:a8:4e:32:8f:65:da:a6:63:a3:b7:60:07:1f:94:42: 73:5b:9e:c8:63:3e:00:0e:75:5b:21:aa:b7:a7:80:d4:24:eb: 4d:f8:fd:89:01:12:1b:10:fe:5e:0b:b7:28:f1:55:59:bf:d2: ec:26:3b:82:02:fa:44:b6:fe:0c:0a:a0:b0:62:37:26:88:3d: da:9e:ad:6f:1d:f5:1e:85:58:a4:59:db:60:48:7c:82:d8:ba: 3a:21:d1:cc:71:aa:e0:b1:cd:67:de:b8:30:da:4e:2a:62:43: b9:b1:e5:fb:3b:bb:d2:67:e6:45:95:71:ec:41:d1:ff:b5:d0: 36:f8:7e:80:1b:ed:f3:c4:5c:f8:b5:71:63:f3:79:3c:8c:a4: d1:61:56:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QUMxMTAvBgNVBAUTKDBGRDQyNDhGRDQ4QkExQUUwQjYwRDhDRjZBNDNEQjMz QjZGNEY2QkEwHhcNMjUwNDA1MDIzNzU0WhcNMjUwNDEyMDIzNzU0WjAYMRYwFAYD VQQDEw02N2YwOTc4Mi1jNDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAydb+9ezXgVyXo8PemjXxe5qtWt+2oZc7iNJmcjQU5/whZ/jwcvNTzZJoG5ce d4vMwWgyIgUdULKokh/SALsrVSrPMAomGuDd5TT4qv/xM6QzMdoja6ecG86JttEH t3GDXjzOKsj099PA9r8CnYtaqR3k8/eZIJ4cM1AJDaJIvFYz9HPe9Kw+ulhv+jPi zDae77Mb90fY1buyrbLL/aJQegtNcV85ie9rh+4OMVNrePk3GRC7Y08z85NGw3aJ SWFt9ZomkX62F0FP/G3VyoX85u1gzfjGmgum8KD+oX/i64FgzPegmuaLZM0Ew5rY vrqpC/lHqtQV7YUsoWQeuE7f7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMz9ieYF VnYIWM4nfsVr8AtnuznvMB8GA1UdIwQYMBaAFA/UJI/Ui6GuC2DYz2pD2zO29Pa6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVBQy81RkFGNTY0Mjc5 MEUxMUVEOEU3QzFCNzlDNEY5QUUwMi9EOVFrajlTTG9hNExZTmpQYWtQYk03YjA5 cm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Q5UWtqOVNMb2E0TFlOalBha1BiTTdiMDlyby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjVBQy81RkFGNTY0Mjc5MEUxMUVEOEU3QzFCNzlDNEY5QUUwMi9EOVFrajlTTG9h NExZTmpQYWtQYk03YjA5cm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAULk5C78MvMJIqO/3T9wZ8CmKQi56u3fY90mH13D+aEmdu71Ef++BF 4aKWzmDx9uJaeSPhgPJB69kPAYRzn/z1dnysMyp44Bdg0/BBc4vEu0MxDr/2/oj0 9FKXEozmmFoArsS6hHc1WvX+bnnzmmyoTjKPZdqmY6O3YAcflEJzW57IYz4ADnVb Iaq3p4DUJOtN+P2JARIbEP5eC7co8VVZv9LsJjuCAvpEtv4MCqCwYjcmiD3anq1v HfUehVikWdtgSHyC2Lo6IdHMcargsc1n3rgw2k4qYkO5seX7O7vSZ+ZFlXHsQdH/ tdA2+H6AG+3zxFz4tXFj83k8jKTRYVav -----END CERTIFICATE-----Generated at Sat Apr 5 22:51:00 2025 by rpki-client