$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft File: imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft (raw, json) Hash identifier: IzgMtArP6tzx6+TzHrGHU6NMliKX2T1mkBvYKGkic+w= Subject key identifier: 75:F8:F9:77:D8:FE:A7:74:2D:C3:B8:B8:DC:AF:44:DA:6A:32:D6:88 Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Certificate serial: 2D77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft Manifest number: 2D0D Signing time: Mon 14 Apr 2025 15:32:37 +0000 Manifest this update: Mon 14 Apr 2025 15:32:36 +0000 Manifest next update: Mon 21 Apr 2025 15:32:36 +0000 Files and hashes: 1: imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl (hash: bF9BfuS7oLvSbzP2pY65qgQd+Eu8gQK3RdP+xUuRByw=) 2: 3E0A6ED49E7B11EFBD44280AC4F9AE02.roa (hash: arjppb8o0dAo/PmRzQByMlM088vFXvA0RnVconCK+zU=) 3: 4221CE240EC211EB9F6B1914C4F9AE02.roa (hash: HY2nmG/jdk+xVkoZB1FIUxrLCVauPkm46TZFTVY7BD4=) 4: EAB11C569E7A11EF9C2A9E09C4F9AE02.roa (hash: S4ikhB4wQjYJoUuGIHYvTR4A3rR63MmfA1fRonhKGKU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 15:32:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11639 (0x2d77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127523, serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Validity Not Before: Apr 14 15:32:36 2025 GMT Not After : Apr 21 15:32:36 2025 GMT Subject: CN=67fd2a95-b53d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:5c:c3:67:60:0c:fb:8e:2c:38:0a:6e:b9:21: 26:1b:db:72:e4:d0:4d:09:9a:4f:68:39:bf:cc:74: e2:f9:da:24:5d:68:9c:72:b3:24:d6:af:2d:ac:3a: a3:02:57:ee:01:ea:3c:69:07:ce:0b:29:f1:fd:59: 6e:18:56:2e:1e:e8:3e:d8:e4:54:05:ca:f3:26:a9: 8c:9d:db:25:b7:2c:e9:c5:0b:c0:e8:6c:6e:c9:0d: e1:22:c4:11:c9:f4:11:74:63:12:c2:62:1d:9e:bd: c2:20:7d:7d:c7:96:35:40:c3:98:1c:6b:63:2f:c5: 77:8f:1b:68:1b:d2:1c:84:22:3c:18:0f:bf:84:d9: d0:b6:c1:7e:f1:25:68:69:a3:47:d5:81:3a:fa:06: 0e:ed:3a:6c:21:4a:9b:d9:87:c0:85:ed:3e:9c:f1: 2e:e4:fa:f4:2a:eb:e1:14:e8:16:a7:d3:a5:22:ce: 2f:d6:47:9d:84:da:1c:8b:e3:b9:cf:37:d4:5a:86: 24:ba:3c:1b:a9:c6:e3:41:c7:f3:b6:2c:43:a5:97: 6c:5b:b1:69:4d:52:a0:a4:fa:1e:79:db:47:b5:04: c7:2f:0f:8d:ff:76:6e:99:18:ef:79:c8:cd:8d:76: df:01:ed:c0:04:ac:75:e1:f3:88:f1:79:f4:60:24: 47:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:F8:F9:77:D8:FE:A7:74:2D:C3:B8:B8:DC:AF:44:DA:6A:32:D6:88 X509v3 Authority Key Identifier: keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:98:2c:d5:62:eb:80:3a:db:c4:68:1d:b3:13:78:24:43:db: 26:e3:3d:05:b6:ec:d9:23:8b:23:a4:7a:8d:f0:8e:ad:6c:af: 32:ce:4d:86:e0:39:e2:b4:c5:10:30:2c:90:73:42:a8:5e:54: 9b:ca:9f:9e:2d:63:8f:f6:31:30:ba:35:4b:de:74:00:0d:f5: 1e:4e:2d:5c:84:5c:3a:47:7a:47:05:7c:9a:35:1b:7d:8a:59: d3:4f:18:96:f8:3e:4b:63:7e:0e:cf:da:50:16:ce:13:47:5a: f7:11:32:c8:1d:06:13:44:cc:09:bc:69:31:1e:24:80:6f:fc: df:b0:76:31:86:06:06:de:c8:85:31:a0:2e:a2:c0:4e:c8:c6: 78:31:f2:fe:18:86:81:f9:e0:d4:66:f8:57:e0:0e:56:c7:04: 0d:3f:12:6a:c6:1b:9a:28:52:d3:7e:85:91:a6:1e:f3:9e:12: e1:2f:f3:cb:ab:39:b2:34:ec:84:50:17:56:74:10:36:fd:ba: 7d:a9:71:06:87:86:5d:1e:ac:72:bf:52:5c:4b:eb:c0:52:58: a1:bd:41:58:8e:1b:c6:14:74:33:e3:c2:28:15:b1:09:07:54: 0c:98:02:b7:7a:39:87:9e:cc:4f:ee:bf:27:9e:bf:ec:10:9a: 29:11:87:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND MDFGRDY0QzIwHhcNMjUwNDE0MTUzMjM2WhcNMjUwNDIxMTUzMjM2WjAYMRYwFAYD VQQDEw02N2ZkMmE5NS1iNTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4FzDZ2AM+44sOApuuSEmG9ty5NBNCZpPaDm/zHTi+dokXWiccrMk1q8trDqj AlfuAeo8aQfOCynx/VluGFYuHug+2ORUBcrzJqmMndsltyzpxQvA6GxuyQ3hIsQR yfQRdGMSwmIdnr3CIH19x5Y1QMOYHGtjL8V3jxtoG9IchCI8GA+/hNnQtsF+8SVo aaNH1YE6+gYO7TpsIUqb2YfAhe0+nPEu5Pr0KuvhFOgWp9OlIs4v1kedhNoci+O5 zzfUWoYkujwbqcbjQcfztixDpZdsW7FpTVKgpPoeedtHtQTHLw+N/3ZumRjvecjN jXbfAe3ABKx14fOI8Xn0YCRHlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHX4+XfY /qd0LcO4uNyvRNpqMtaIMB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzUyMy8xMkI5OTdFODlBRTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01k RDBkanBOdmRYVXpBSDlaTUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjmCzVYuuAOtvEaB2zE3gkQ9sm4z0FtuzZI4sjpHqN8I6tbK8yzk2G 4DnitMUQMCyQc0KoXlSbyp+eLWOP9jEwujVL3nQADfUeTi1chFw6R3pHBXyaNRt9 ilnTTxiW+D5LY34Oz9pQFs4TR1r3ETLIHQYTRMwJvGkxHiSAb/zfsHYxhgYG3siF MaAuosBOyMZ4MfL+GIaB+eDUZvhX4A5WxwQNPxJqxhuaKFLTfoWRph7znhLhL/PL qzmyNOyEUBdWdBA2/bp9qXEGh4ZdHqxyv1JcS+vAUlihvUFYjhvGFHQz48IoFbEJ B1QMmAK3ejmHnsxP7r8nnr/sEJopEYca -----END CERTIFICATE-----Generated at Tue Apr 15 14:20:29 2025 by rpki-client