$ rpki-client -vvf rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.mft File: -wGX2AKmYYboQL1i6I7kDtlelSk.mft (raw, json) Hash identifier: fRxA6Dkp6wUOHBCtiCTovQ9r/oqPjkJrjThMV4dziSU= Subject key identifier: FE:EC:D0:07:81:D3:2F:CB:C8:12:DC:D3:2F:DA:5C:D4:0B:B2:7F:C9 Authority key identifier: FB:01:97:D8:02:A6:61:86:E8:40:BD:62:E8:8E:E4:0E:D9:5E:95:29 Certificate issuer: /CN=A911CC1D/serialNumber=FB0197D802A66186E840BD62E88EE40ED95E9529 Certificate serial: 0186 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.mft Manifest number: 017C Signing time: Sat 29 Mar 2025 03:17:22 +0000 Manifest this update: Sat 29 Mar 2025 03:17:22 +0000 Manifest next update: Sat 05 Apr 2025 03:17:22 +0000 Files and hashes: 1: -wGX2AKmYYboQL1i6I7kDtlelSk.crl (hash: GtXt2ObZm2i1Epru7+5OUSYwAnzvbDP25YvtfRAIeg4=) 2: 60377A8C695311EEB599BD23C4F9AE02.roa (hash: e9UJAcJ07X5sik6oJ0l9nVp35GOCmRSlbj3wJmjgBrI=) 3: 8FF4E2E2EFAE11EDBD96F26BC4F9AE02.roa (hash: W+oeT9rREoYMeOrigBJ91wQkGtgMzcafqibSzxam1Bk=) 4: 359322B2D1E711EDB90DBF27C4F9AE02.roa (hash: oqC6m15GvkoEhYAheA3+Yegw0Ae9mcHaCs/xuTvq3ak=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.crl rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 03:17:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 390 (0x186) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CC1D Validity Not Before: Mar 29 03:17:22 2025 GMT Not After : Apr 5 03:17:22 2025 GMT Subject: CN=67e76642-c899 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ac:bb:84:c9:39:93:5a:f5:8d:77:0b:97:a6: 95:b1:73:4b:21:79:98:24:cd:8b:44:d0:32:fe:e7: 12:e1:38:a3:d9:91:40:d7:d8:14:59:30:6b:4a:7a: cc:0b:97:62:9d:cb:8d:57:32:9c:eb:89:9a:81:51: ac:e7:e2:b8:61:25:66:47:75:1d:4b:fb:42:95:c0: 47:8e:c5:fe:d4:97:d9:8b:d0:0c:9b:c8:c3:00:81: 90:37:61:2a:4d:bb:1c:71:ac:75:be:91:e2:a2:0b: 55:14:69:4c:3c:46:b9:8e:ef:63:f9:53:18:75:e4: e1:63:0d:71:01:56:25:71:3a:3c:59:a7:a6:05:ea: d0:50:24:54:b0:57:af:70:a5:12:e0:f6:b8:c5:77: 11:de:7b:dc:f6:1c:55:33:51:a0:f6:51:e0:df:48: 98:f7:37:73:6d:b3:0f:cd:5a:0e:43:00:69:c7:dd: 41:f4:61:88:84:03:69:4a:96:df:be:31:14:a8:da: c3:cd:ff:92:8b:f6:30:95:63:fb:47:fc:16:55:01: ca:e2:11:51:03:4f:a4:7e:cf:29:8e:ed:7b:61:ff: 70:70:e2:8a:73:50:52:91:29:75:92:c2:0f:52:e4: bd:b5:44:e2:5a:18:17:e3:c3:ec:9d:af:fa:a4:ac: b3:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:EC:D0:07:81:D3:2F:CB:C8:12:DC:D3:2F:DA:5C:D4:0B:B2:7F:C9 X509v3 Authority Key Identifier: keyid:FB:01:97:D8:02:A6:61:86:E8:40:BD:62:E8:8E:E4:0E:D9:5E:95:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:ff:4c:30:78:62:f6:41:14:1b:7d:9d:94:2f:fa:b3:66:61: 69:b8:63:6d:d7:49:b1:b0:80:52:6e:51:0a:97:23:5e:2f:5c: f8:09:fc:59:4f:62:b7:95:44:15:21:bb:09:29:4a:e9:ce:2c: 8d:94:13:18:73:ff:c4:61:27:a9:46:2c:0c:82:42:cf:66:f9: 53:05:be:c6:0a:99:03:7b:b5:77:44:cc:03:12:3e:e2:af:d9: 09:d8:14:70:e1:ea:e4:d9:0a:4c:35:71:5e:d0:0a:f5:44:5a: 41:b0:b2:ad:98:d4:fe:09:e5:2d:5a:35:03:f6:5d:17:1c:a4: 94:f0:59:e7:6a:de:1a:d7:e7:bb:6d:dc:01:83:57:98:83:0c: 26:55:2e:87:e8:c3:fb:4b:00:84:3e:b6:c4:92:c5:2c:81:0e: 2e:36:7f:77:0c:d4:c6:71:17:db:fd:e9:4d:57:dc:dd:67:f0: e7:fe:42:ab:28:79:52:22:44:7f:9f:ea:6a:ab:ab:2f:ae:8e: b5:33:44:3f:d7:88:41:a9:66:85:84:cb:66:0c:ec:e9:95:c0: af:d4:6a:98:c5:e2:8b:fb:e7:32:5e:32:fb:c2:5d:eb:32:cf: 3b:9e:0b:f7:ba:a4:78:4a:8b:a1:7c:84:57:65:c0:23:d8:c6: a9:e4:d2:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNDMUQxMTAvBgNVBAUTKEZCMDE5N0Q4MDJBNjYxODZFODQwQkQ2MkU4OEVFNDBF RDk1RTk1MjkwHhcNMjUwMzI5MDMxNzIyWhcNMjUwNDA1MDMxNzIyWjAYMRYwFAYD VQQDEw02N2U3NjY0Mi1jODk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4qy7hMk5k1r1jXcLl6aVsXNLIXmYJM2LRNAy/ucS4Tij2ZFA19gUWTBrSnrM C5dincuNVzKc64magVGs5+K4YSVmR3UdS/tClcBHjsX+1JfZi9AMm8jDAIGQN2Eq Tbsccax1vpHiogtVFGlMPEa5ju9j+VMYdeThYw1xAVYlcTo8WaemBerQUCRUsFev cKUS4Pa4xXcR3nvc9hxVM1Gg9lHg30iY9zdzbbMPzVoOQwBpx91B9GGIhANpSpbf vjEUqNrDzf+Si/YwlWP7R/wWVQHK4hFRA0+kfs8pju17Yf9wcOKKc1BSkSl1ksIP UuS9tUTiWhgX48Psna/6pKyz3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7s0AeB 0y/LyBLc0y/aXNQLsn/JMB8GA1UdIwQYMBaAFPsBl9gCpmGG6EC9YuiO5A7ZXpUp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0MxRC84Q0ZFMUQ5QUQx RTIxMUVEOTIzQzYxMUZDNEY5QUUwMi8td0dYMkFLbVlZYm9RTDFpNkk3a0R0bGVs U2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy13R1gyQUttWVlib1FMMWk2STdrRHRsZWxTay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0MxRC84Q0ZFMUQ5QUQxRTIxMUVEOTIzQzYxMUZDNEY5QUUwMi8td0dYMkFLbVlZ Ym9RTDFpNkk3a0R0bGVsU2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCB/0wweGL2QRQbfZ2UL/qzZmFpuGNt10mxsIBSblEKlyNeL1z4CfxZ T2K3lUQVIbsJKUrpziyNlBMYc//EYSepRiwMgkLPZvlTBb7GCpkDe7V3RMwDEj7i r9kJ2BRw4erk2QpMNXFe0Ar1RFpBsLKtmNT+CeUtWjUD9l0XHKSU8Fnnat4a1+e7 bdwBg1eYgwwmVS6H6MP7SwCEPrbEksUsgQ4uNn93DNTGcRfb/elNV9zdZ/Dn/kKr KHlSIkR/n+pqq6svro61M0Q/14hBqWaFhMtmDOzplcCv1GqYxeKL++cyXjL7wl3r Ms87ngv3uqR4SouhfIRXZcAj2Map5NIF -----END CERTIFICATE-----Generated at Fri Apr 4 21:52:06 2025 by rpki-client