$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft File: cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft (raw, json) Hash identifier: Vw37OySrxSBGDLRIcjHt6h5SQVkHGln8jAk/2KY53nY= Subject key identifier: 57:1B:D4:13:41:6F:B0:FF:12:D1:C7:0A:9D:3E:EC:10:70:0D:DB:DB Authority key identifier: 71:05:37:24:46:A2:06:45:46:D9:62:9F:42:1C:37:6F:DC:EF:21:D6 Certificate issuer: /CN=A9125C31/serialNumber=7105372446A2064546D9629F421C376FDCEF21D6 Certificate serial: 0BD9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQU3JEaiBkVG2WKfQhw3b9zvIdY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft Manifest number: 0BD2 Signing time: Fri 04 Apr 2025 18:55:49 +0000 Manifest this update: Fri 04 Apr 2025 18:55:49 +0000 Manifest next update: Fri 11 Apr 2025 18:55:49 +0000 Files and hashes: 1: cQU3JEaiBkVG2WKfQhw3b9zvIdY.crl (hash: cxkYnwO1ehcFhCmsf8a1txIhGTX4L+M1Ldhg8xB8VLI=) 2: 4697751815B111EA8277BA34C4F9AE02.roa (hash: dxDp9E0tHPQ++XAIde+nxMm3Ga/WWcWY96m0Hl+beDw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.crl rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQU3JEaiBkVG2WKfQhw3b9zvIdY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:55:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3033 (0xbd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C31 Validity Not Before: Apr 4 18:55:49 2025 GMT Not After : Apr 11 18:55:49 2025 GMT Subject: CN=67f02b35-b9bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f9:9e:e7:32:be:ab:8d:e0:6f:12:e5:f1:2d: 1e:95:b9:50:10:4d:61:b4:3a:a4:d2:95:cc:67:0e: 9e:1f:4d:35:99:0d:32:fc:8f:94:ef:05:bb:26:83: f6:18:dc:b3:49:c1:8a:5d:24:f2:bd:77:32:f1:0d: d4:39:04:1f:c4:55:38:30:2a:51:27:d4:45:14:aa: 50:9b:e9:e9:50:d9:97:7f:42:61:fe:89:b5:29:52: ae:65:8a:33:51:00:12:14:54:77:a0:70:e5:de:0e: 40:85:5f:86:f7:45:73:84:8c:bf:95:7b:f2:7a:96: b7:17:51:c7:80:db:a7:44:0e:56:cc:15:bd:a3:5f: ef:9e:66:de:71:7f:34:c1:2c:c4:67:0a:82:e1:5c: 1a:82:9e:94:1e:dd:9b:4f:78:7e:31:22:f4:57:61: f6:af:a3:16:a0:61:83:50:0e:55:47:a1:7d:2b:d1: 44:a1:14:c6:45:0b:07:22:77:97:a8:02:f9:9f:3f: af:9c:8e:b7:27:b1:a7:67:3a:6d:d7:89:8f:63:9a: 0d:00:52:f5:b9:6b:a5:5f:8d:9e:f9:2d:33:39:5f: d8:76:b2:c1:e6:60:47:bb:63:04:d2:4d:20:26:f4: 10:b3:85:e1:b2:52:82:40:86:79:e5:72:c1:db:eb: 8d:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:1B:D4:13:41:6F:B0:FF:12:D1:C7:0A:9D:3E:EC:10:70:0D:DB:DB X509v3 Authority Key Identifier: keyid:71:05:37:24:46:A2:06:45:46:D9:62:9F:42:1C:37:6F:DC:EF:21:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQU3JEaiBkVG2WKfQhw3b9zvIdY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:a4:d7:f2:07:28:d7:2a:8c:e2:1f:c5:d3:7b:5b:d4:a4:dd: 61:76:a4:67:84:b1:73:5f:6f:1e:54:76:49:bd:16:8d:6e:29: ad:de:fc:db:ae:22:4d:5d:82:24:dc:3a:f7:69:b3:66:e4:69: a5:2c:c1:43:27:3e:86:75:2e:d3:19:b4:d6:21:7d:fd:d6:4c: 56:58:4c:df:7a:7c:96:2f:fb:08:73:75:08:91:73:b4:2c:63: e9:4b:cb:2d:60:f2:e7:4e:f2:c7:2b:4c:42:bd:73:a5:44:7e: 97:1b:3a:e5:fb:5b:22:71:ee:ff:c6:da:67:f7:b3:f2:e2:68: 8d:be:3a:8c:74:df:99:90:cf:4f:68:02:b2:01:94:e3:3b:e6: 8a:b7:ad:3e:16:b1:4d:28:b9:c4:86:ee:9f:92:78:09:d5:81: b2:d3:0d:00:f9:3e:6a:d3:0a:eb:57:bd:04:e7:c5:8a:72:68: 8d:c9:b4:43:cb:16:c7:40:9a:da:7b:cc:36:af:82:91:a4:87: 5b:90:ee:6f:30:8d:80:ea:c9:1a:fb:1f:2b:ca:72:e7:76:a0: 22:ee:c1:4a:40:92:c2:cb:75:bf:c1:ae:ea:b6:ce:a8:76:e2: a2:3f:cc:83:ee:65:19:80:ac:48:ad:f2:94:45:d5:6c:7b:cb: a8:0e:1e:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMzExMTAvBgNVBAUTKDcxMDUzNzI0NDZBMjA2NDU0NkQ5NjI5RjQyMUMzNzZG RENFRjIxRDYwHhcNMjUwNDA0MTg1NTQ5WhcNMjUwNDExMTg1NTQ5WjAYMRYwFAYD VQQDEw02N2YwMmIzNS1iOWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqvme5zK+q43gbxLl8S0elblQEE1htDqk0pXMZw6eH001mQ0y/I+U7wW7JoP2 GNyzScGKXSTyvXcy8Q3UOQQfxFU4MCpRJ9RFFKpQm+npUNmXf0Jh/om1KVKuZYoz UQASFFR3oHDl3g5AhV+G90VzhIy/lXvyepa3F1HHgNunRA5WzBW9o1/vnmbecX80 wSzEZwqC4Vwagp6UHt2bT3h+MSL0V2H2r6MWoGGDUA5VR6F9K9FEoRTGRQsHIneX qAL5nz+vnI63J7GnZzpt14mPY5oNAFL1uWulX42e+S0zOV/YdrLB5mBHu2ME0k0g JvQQs4XhslKCQIZ55XLB2+uNYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFcb1BNB b7D/EtHHCp0+7BBwDdvbMB8GA1UdIwQYMBaAFHEFNyRGogZFRtlin0IcN2/c7yHW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMzMS8zOEJGNDA5QTE1 OTAxMUVBOUM0MTM2NTJDNEY5QUUwMi9jUVUzSkVhaUJrVkcyV0tmUWh3M2I5enZJ ZFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NRVTNKRWFpQmtWRzJXS2ZRaHczYjl6dklkWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMzMS8zOEJGNDA5QTE1OTAxMUVBOUM0MTM2NTJDNEY5QUUwMi9jUVUzSkVhaUJr VkcyV0tmUWh3M2I5enZJZFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYpNfyByjXKoziH8XTe1vUpN1hdqRnhLFzX28eVHZJvRaNbimt3vzb riJNXYIk3Dr3abNm5GmlLMFDJz6GdS7TGbTWIX391kxWWEzfenyWL/sIc3UIkXO0 LGPpS8stYPLnTvLHK0xCvXOlRH6XGzrl+1sice7/xtpn97Py4miNvjqMdN+ZkM9P aAKyAZTjO+aKt60+FrFNKLnEhu6fkngJ1YGy0w0A+T5q0wrrV70E58WKcmiNybRD yxbHQJrae8w2r4KRpIdbkO5vMI2A6ska+x8rynLndqAi7sFKQJLCy3W/wa7qts6o duKiP8yD7mUZgKxIrfKURdVse8uoDh7N -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:56 2025 by rpki-client