$ rpki-client -vvf rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft File: CStU0vnpbT_OHwwNuzGxuCyNLOA.mft (raw, json) Hash identifier: fJv3d8DjCPCdofoPTd5/9o1A0T5tjivCMj4Hn0D1Yk0= Subject key identifier: 88:55:5A:A1:50:33:BB:AE:20:79:CC:4E:34:A8:CB:83:1C:F2:C6:6E Authority key identifier: 09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 Certificate issuer: /CN=A9122EA2/serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Certificate serial: 01C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft Manifest number: 01B7 Signing time: Sat 05 Apr 2025 02:42:32 +0000 Manifest this update: Sat 05 Apr 2025 02:42:32 +0000 Manifest next update: Sat 12 Apr 2025 02:42:32 +0000 Files and hashes: 1: CStU0vnpbT_OHwwNuzGxuCyNLOA.crl (hash: 8cT2V8+AABNYpF7zuAwQphHHtCRs6+SVYinZ42fPeCY=) 2: C20F71E0992A11EEBDE4AF84C4F9AE02.roa (hash: csl85VTomjs4iPv8bKOFHRUkLivByj84d/cWaa81y8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:42:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 451 (0x1c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122EA2 Validity Not Before: Apr 5 02:42:32 2025 GMT Not After : Apr 12 02:42:32 2025 GMT Subject: CN=67f09898-994b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d6:bb:64:cd:66:1c:83:6f:fc:b0:89:ef:fe: 4d:5a:c8:8b:af:d7:24:61:ea:81:29:e0:01:29:6d: 79:70:70:6f:06:bc:c5:12:27:32:f5:39:1e:0f:cf: 58:b5:52:94:64:77:f1:33:18:00:21:69:41:09:03: b8:12:2e:7b:f5:bd:0b:b7:82:c1:46:a8:19:7e:d1: c9:96:7d:b8:77:5e:00:31:76:b2:41:c9:2f:bc:8f: ed:e5:f5:c1:27:31:dc:5e:76:81:0b:78:ab:a8:a1: 37:4c:41:4f:e6:46:77:f9:cb:99:4f:e7:15:8a:47: 18:06:37:f9:2f:b5:92:61:51:0c:2b:ac:7c:3c:d9: 28:14:76:22:16:b6:1c:ed:c2:be:f9:b9:43:ec:c6: 8e:ae:f3:e4:a5:08:c2:2f:54:a7:12:87:d2:82:5a: 55:1d:84:7c:29:26:bf:83:1b:3c:a0:60:cc:08:3e: f7:f8:d5:0a:df:57:d7:4c:d0:71:64:31:39:a7:f7: 2f:c4:d9:df:21:b9:79:3f:c0:ef:9c:78:f7:09:5a: b8:5a:ee:7a:cf:55:e7:76:ab:bb:bd:9d:bd:3a:1f: 1e:f1:0b:85:07:dd:4a:2b:d5:b7:9a:34:58:84:ac: 7e:0f:47:ec:55:29:d7:09:c8:15:52:47:35:06:86: bb:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:55:5A:A1:50:33:BB:AE:20:79:CC:4E:34:A8:CB:83:1C:F2:C6:6E X509v3 Authority Key Identifier: keyid:09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:82:17:e3:cb:21:56:9a:d7:21:93:1b:00:91:40:ca:58:71: 0a:3a:28:5c:cd:17:5d:e3:2b:63:c5:0a:75:b2:4b:19:8c:4f: 1f:be:dc:b8:69:11:47:7a:f8:70:57:fb:76:78:aa:2c:dc:54: 7b:89:e9:96:5c:bf:e8:1a:5c:36:1a:ec:3d:07:f1:1a:07:55: ef:40:1e:f4:16:d1:8a:c6:ff:c5:aa:87:53:a8:b6:15:6d:75: 3e:e0:55:72:4a:73:d3:e4:b5:7e:aa:db:79:74:20:a1:6c:0d: f6:9b:ab:66:36:6a:0d:0c:f3:e2:00:78:90:08:ba:1a:80:ef: 4c:07:63:8d:50:99:93:8a:49:71:20:05:0d:42:65:96:fa:65: e6:e2:16:27:8e:13:80:8b:a2:48:bc:41:52:0d:0a:55:98:ac: 10:44:6e:a8:3a:c6:2e:79:d7:89:b1:e0:f1:49:d4:f0:8c:94: ad:43:6d:c6:14:f5:b5:d2:3a:ab:96:bc:c1:93:b6:df:e8:1c: ea:e9:42:4a:1a:16:5c:5b:e9:47:c3:b8:e7:22:31:db:6d:b2: 39:7e:63:10:4d:8d:4c:f3:3c:d0:bd:c6:8b:70:9c:e3:90:30: 55:cf:d1:7f:4f:8b:7e:79:04:61:d4:2a:af:dd:ab:9c:63:bd: db:17:1e:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJFQTIxMTAvBgNVBAUTKDA5MkI1NEQyRjlFOTZEM0ZDRTFGMEMwREJCMzFCMUI4 MkM4RDJDRTAwHhcNMjUwNDA1MDI0MjMyWhcNMjUwNDEyMDI0MjMyWjAYMRYwFAYD VQQDEw02N2YwOTg5OC05OTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzNa7ZM1mHINv/LCJ7/5NWsiLr9ckYeqBKeABKW15cHBvBrzFEicy9TkeD89Y tVKUZHfxMxgAIWlBCQO4Ei579b0Lt4LBRqgZftHJln24d14AMXayQckvvI/t5fXB JzHcXnaBC3irqKE3TEFP5kZ3+cuZT+cVikcYBjf5L7WSYVEMK6x8PNkoFHYiFrYc 7cK++blD7MaOrvPkpQjCL1SnEofSglpVHYR8KSa/gxs8oGDMCD73+NUK31fXTNBx ZDE5p/cvxNnfIbl5P8DvnHj3CVq4Wu56z1Xndqu7vZ29Oh8e8QuFB91KK9W3mjRY hKx+D0fsVSnXCcgVUkc1Boa7ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhVWqFQ M7uuIHnMTjSoy4Mc8sZuMB8GA1UdIwQYMBaAFAkrVNL56W0/zh8MDbsxsbgsjSzg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkVBMi8xNTI1MzQxNDg1 NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJUX09Id3dOdXpHeHVDeU5M T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NTdFUwdm5wYlRfT0h3d051ekd4dUN5TkxPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MkVBMi8xNTI1MzQxNDg1NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJU X09Id3dOdXpHeHVDeU5MT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqghfjyyFWmtchkxsAkUDKWHEKOihczRdd4ytjxQp1sksZjE8fvty4 aRFHevhwV/t2eKos3FR7iemWXL/oGlw2Guw9B/EaB1XvQB70FtGKxv/FqodTqLYV bXU+4FVySnPT5LV+qtt5dCChbA32m6tmNmoNDPPiAHiQCLoagO9MB2ONUJmTiklx IAUNQmWW+mXm4hYnjhOAi6JIvEFSDQpVmKwQRG6oOsYuedeJseDxSdTwjJStQ23G FPW10jqrlrzBk7bf6Bzq6UJKGhZcW+lHw7jnIjHbbbI5fmMQTY1M8zzQvcaLcJzj kDBVz9F/T4t+eQRh1Cqv3aucY73bFx6o -----END CERTIFICATE-----Generated at Sun Apr 6 01:29:25 2025 by rpki-client