$ rpki-client -vvf rpki.apnic.net/member_repository/A912185F/20FB6D26754E11EF9C79AF6EC4F9AE02/0fHal9jt-Zxl369uyp87Umxgq0E.mft File: 0fHal9jt-Zxl369uyp87Umxgq0E.mft (raw, json) Hash identifier: IVKNUjeWM5EQxOwvYl5+S8ie4UA6ZDONHXYpoxDAA54= Subject key identifier: 8C:9F:4B:85:F8:7C:62:7B:AB:BA:52:E9:16:8D:48:68:6D:5E:D5:51 Authority key identifier: D1:F1:DA:97:D8:ED:F9:9C:65:DF:AF:6E:CA:9F:3B:52:6C:60:AB:41 Certificate issuer: /CN=A912185F/serialNumber=D1F1DA97D8EDF99C65DFAF6ECA9F3B526C60AB41 Certificate serial: 76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0fHal9jt-Zxl369uyp87Umxgq0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912185F/20FB6D26754E11EF9C79AF6EC4F9AE02/0fHal9jt-Zxl369uyp87Umxgq0E.mft Manifest number: 70 Signing time: Thu 03 Apr 2025 06:12:39 +0000 Manifest this update: Thu 03 Apr 2025 06:12:39 +0000 Manifest next update: Thu 10 Apr 2025 06:12:39 +0000 Files and hashes: 1: 0fHal9jt-Zxl369uyp87Umxgq0E.crl (hash: 6ZqhaLMvQb4OoDnsv/OFFCZDXmPpIwaAPzB1l5O6uAI=) 2: F33FD8F8EA5611EF8C0DD984C4F9AE02.roa (hash: CyE/igdPfW2RYSF3wOEJ7cJivf90Ng4geSYtO0ZaU/4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912185F/20FB6D26754E11EF9C79AF6EC4F9AE02/0fHal9jt-Zxl369uyp87Umxgq0E.crl rsync://rpki.apnic.net/member_repository/A912185F/20FB6D26754E11EF9C79AF6EC4F9AE02/0fHal9jt-Zxl369uyp87Umxgq0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0fHal9jt-Zxl369uyp87Umxgq0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 06:12:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 118 (0x76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912185F Validity Not Before: Apr 3 06:12:39 2025 GMT Not After : Apr 10 06:12:39 2025 GMT Subject: CN=67ee26d7-bbd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:de:9b:1b:76:92:f5:22:eb:b4:e3:b7:12:f8: 9c:83:c0:9d:ce:75:e8:31:fe:c0:ce:25:6a:f9:4f: df:f9:58:a4:48:71:4d:cf:cc:dc:e5:93:72:d6:8d: 80:9e:26:ab:e0:66:19:89:8b:de:24:79:73:4d:89: c8:79:b1:53:18:88:79:db:7f:b2:5a:a3:97:4b:13: 9e:95:81:97:3d:9e:73:6f:96:94:d7:98:68:fd:2c: 10:cd:25:9f:51:5c:2c:fb:cc:3b:54:1c:c9:7a:60: d0:09:ee:f8:dd:c5:c8:2a:3d:3a:52:d5:08:3b:1c: b6:4c:5f:33:e6:07:f4:a2:91:83:13:3b:df:e0:da: c1:f1:e4:46:17:1c:37:5c:38:69:d9:dc:6b:ed:48: 79:7a:ce:71:1d:28:58:78:01:66:68:25:86:4f:d6: a8:cd:5a:7d:1e:6a:5f:7d:68:42:a1:82:70:a3:4e: e2:9b:82:ad:03:18:40:f6:c2:9b:69:58:73:7f:52: 14:e0:d7:14:73:d4:92:d4:f0:5a:da:16:9c:7e:a0: 14:fe:cb:a2:12:25:22:49:bb:10:66:12:40:a6:a9: c6:7f:15:bf:56:d2:80:d1:45:59:28:fb:a7:d5:58: a0:a9:23:d7:cd:f1:a6:3b:9f:12:c9:7d:b3:dc:9a: 27:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:9F:4B:85:F8:7C:62:7B:AB:BA:52:E9:16:8D:48:68:6D:5E:D5:51 X509v3 Authority Key Identifier: keyid:D1:F1:DA:97:D8:ED:F9:9C:65:DF:AF:6E:CA:9F:3B:52:6C:60:AB:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912185F/20FB6D26754E11EF9C79AF6EC4F9AE02/0fHal9jt-Zxl369uyp87Umxgq0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0fHal9jt-Zxl369uyp87Umxgq0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912185F/20FB6D26754E11EF9C79AF6EC4F9AE02/0fHal9jt-Zxl369uyp87Umxgq0E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:d6:41:2a:ee:e7:86:19:d7:aa:15:2a:7d:8e:98:c9:9c:e8: 32:e0:7a:8d:6a:a5:b6:a1:e4:13:5d:53:16:ce:d9:c2:5c:6e: 3d:3d:91:2f:1b:0e:56:a3:d8:db:80:f6:d5:a8:42:1c:4d:a3: a2:04:db:90:6d:33:02:93:a8:0d:5b:b5:8c:81:60:e5:08:63: 7c:00:ae:ba:9b:9e:8f:6e:89:0c:ec:16:f4:a3:3a:70:95:e9: 54:71:c0:47:e3:dd:df:16:1a:a6:3e:5a:2e:a6:bb:43:44:b0: 9e:53:9d:e9:dd:21:12:48:6e:2e:57:ef:5a:66:e4:5e:63:c4: 50:54:0a:d1:ac:4c:b4:bb:39:b1:7d:16:16:d9:7c:82:4b:4d: 10:62:3f:84:42:ac:63:80:41:ab:72:68:83:05:d1:02:a8:b7: 6f:04:8e:de:02:bc:94:54:ec:cc:50:fe:8d:31:61:91:75:4d: ea:5e:a5:7a:ce:5b:7e:77:42:7b:3a:81:e7:aa:f0:b1:eb:d5: b8:a8:ce:c9:e0:dc:77:f9:14:6d:55:ae:bf:28:5c:0d:e7:50: 66:d7:8f:aa:9c:91:f5:c5:2e:6e:72:7c:a8:6a:d1:b7:22:08: 5c:69:19:9e:72:22:ed:33:2a:f5:18:93:2c:de:9f:da:51:d4: 1c:8c:54:ff -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy MTg1RjExMC8GA1UEBRMoRDFGMURBOTdEOEVERjk5QzY1REZBRjZFQ0E5RjNCNTI2 QzYwQUI0MTAeFw0yNTA0MDMwNjEyMzlaFw0yNTA0MTAwNjEyMzlaMBgxFjAUBgNV BAMTDTY3ZWUyNmQ3LWJiZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDa3psbdpL1Iuu047cS+JyDwJ3Odegx/sDOJWr5T9/5WKRIcU3PzNzlk3LWjYCe JqvgZhmJi94keXNNich5sVMYiHnbf7Jao5dLE56VgZc9nnNvlpTXmGj9LBDNJZ9R XCz7zDtUHMl6YNAJ7vjdxcgqPTpS1Qg7HLZMXzPmB/SikYMTO9/g2sHx5EYXHDdc OGnZ3GvtSHl6znEdKFh4AWZoJYZP1qjNWn0eal99aEKhgnCjTuKbgq0DGED2wptp WHN/UhTg1xRz1JLU8FraFpx+oBT+y6ISJSJJuxBmEkCmqcZ/Fb9W0oDRRVko+6fV WKCpI9fN8aY7nxLJfbPcmicpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUjJ9Lhfh8 YnurulLpFo1IaG1e1VEwHwYDVR0jBBgwFoAU0fHal9jt+Zxl369uyp87Umxgq0Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIxODVGLzIwRkI2RDI2NzU0 RTExRUY5Qzc5QUY2RUM0RjlBRTAyLzBmSGFsOWp0LVp4bDM2OXV5cDg3VW14Z3Ew RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMGZIYWw5anQtWnhsMzY5dXlwODdVbXhncTBFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIx ODVGLzIwRkI2RDI2NzU0RTExRUY5Qzc5QUY2RUM0RjlBRTAyLzBmSGFsOWp0LVp4 bDM2OXV5cDg3VW14Z3EwRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABbWQSru54YZ16oVKn2OmMmc6DLgeo1qpbah5BNdUxbO2cJcbj09kS8b Dlaj2NuA9tWoQhxNo6IE25BtMwKTqA1btYyBYOUIY3wArrqbno9uiQzsFvSjOnCV 6VRxwEfj3d8WGqY+Wi6mu0NEsJ5TnendIRJIbi5X71pm5F5jxFBUCtGsTLS7ObF9 FhbZfIJLTRBiP4RCrGOAQatyaIMF0QKot28Ejt4CvJRU7MxQ/o0xYZF1TepepXrO W353Qns6geeq8LHr1biozsng3Hf5FG1Vrr8oXA3nUGbXj6qckfXFLm5yfKhq0bci CFxpGZ5yIu0zKvUYkyzen9pR1ByMVP8= -----END CERTIFICATE-----Generated at Fri Apr 4 22:14:54 2025 by rpki-client