$ rpki-client -vvf rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft File: DDegHLYzYjRPtzlnYP2U2cm5fHo.mft (raw, json) Hash identifier: 8rplK16OTrz1QWl3IxWOlbnm7USUjbkELMxPIhHLljk= Subject key identifier: C9:07:5F:10:07:6B:FD:E0:5F:32:48:00:7A:7E:F8:3E:1E:71:47:55 Authority key identifier: 0C:37:A0:1C:B6:33:62:34:4F:B7:39:67:60:FD:94:D9:C9:B9:7C:7A Certificate issuer: /CN=A912B64D/serialNumber=0C37A01CB63362344FB7396760FD94D9C9B97C7A Certificate serial: 0137 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft Manifest number: 0135 Signing time: Mon 21 Apr 2025 03:21:56 +0000 Manifest this update: Mon 21 Apr 2025 03:21:55 +0000 Manifest next update: Mon 28 Apr 2025 03:21:55 +0000 Files and hashes: 1: DDegHLYzYjRPtzlnYP2U2cm5fHo.crl (hash: Gfvf1q+1tjlBpzDA8TCi/cu08VWJ0eqxr+vvvq4Fz3Y=) 2: 865B3F7C467C11EEBDE3D43CC4F9AE02.roa (hash: MTq717nmucrc35Yd/8a9v/UNjUpnghaYXRqZ7x8/L7U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.crl rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 03:21:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 311 (0x137) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B64D, serialNumber=0C37A01CB63362344FB7396760FD94D9C9B97C7A Validity Not Before: Apr 21 03:21:55 2025 GMT Not After : Apr 28 03:21:55 2025 GMT Subject: CN=6805b9d3-ccd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6f:cb:71:09:d7:7e:70:e9:31:bb:5d:ed:81: ad:d3:06:de:5c:e4:3b:33:b7:fb:94:90:51:e2:1c: 90:43:31:6f:26:48:7d:86:34:90:c4:5f:15:c7:1b: a0:cc:19:81:96:c0:0d:e0:a4:d3:08:cb:eb:d0:84: c4:ad:1b:e6:96:13:99:c4:96:36:3c:0a:71:cf:b0: 8f:97:f6:cb:ab:b3:3f:be:ac:24:46:41:44:02:2b: 09:55:28:15:30:72:8c:cd:41:bc:82:64:b8:17:ab: ae:8a:a6:c8:05:7d:a1:56:c3:92:36:7e:c4:98:0d: e9:29:78:5f:2b:cb:52:51:4d:66:44:9d:89:35:f7: 3f:5d:4f:9b:4f:b1:35:9b:61:02:96:6a:84:17:e2: ba:8e:41:7a:e1:d4:ae:11:f1:9e:80:87:29:73:77: 22:92:42:07:3d:b8:ec:84:b9:e2:89:5d:b3:b7:c3: 4c:ef:3a:16:aa:6e:19:e0:f8:77:9c:67:07:32:e5: bc:0f:37:ff:b8:ec:02:ac:75:cf:72:9b:fd:d0:01: 37:9c:81:02:95:bd:5a:67:29:12:89:f1:62:78:fb: ff:df:7c:dc:e1:c9:57:84:9c:68:01:cf:e6:99:0e: 0b:de:57:02:24:cc:5c:01:c3:16:ce:9a:ba:58:84: 4f:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:07:5F:10:07:6B:FD:E0:5F:32:48:00:7A:7E:F8:3E:1E:71:47:55 X509v3 Authority Key Identifier: keyid:0C:37:A0:1C:B6:33:62:34:4F:B7:39:67:60:FD:94:D9:C9:B9:7C:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:d0:89:54:31:e5:ad:88:a9:64:7f:ed:32:8f:8b:2e:a7:98: 2c:37:b7:06:81:6b:d8:53:57:6d:b7:a1:5b:93:e2:9b:85:8a: 6e:0c:17:9d:57:43:f1:0a:1d:4a:0f:e7:10:c5:0c:26:49:d6: 0f:7c:85:8d:e1:84:45:23:60:17:98:d9:af:2d:30:9a:d5:15: 7b:05:09:5e:0a:51:35:c2:18:5f:1f:da:55:2c:73:b1:fa:e8: 1e:74:a8:09:5f:5e:20:71:3c:84:05:5f:35:6c:35:0c:70:6a: 19:4a:34:44:55:4a:81:2f:79:5a:ee:00:4d:df:7d:fc:a1:13: 84:3c:e1:8f:ab:9d:c6:cc:b8:a1:62:38:03:dd:ef:38:6e:ec: 3e:e9:ca:61:fd:62:11:c4:e0:e9:82:dd:4c:c2:3a:f6:77:7c: af:4e:e8:bc:2b:e9:a8:3d:7d:d9:8a:4c:b4:07:b2:1b:d3:1c: 9c:c8:40:ce:82:76:30:2f:1b:ec:9b:f9:57:12:1e:37:d5:45: 91:1d:23:0e:36:aa:dc:cd:d6:46:d2:10:6f:ff:24:21:e7:a0: e8:4e:f7:df:05:0b:fe:59:1d:a6:5c:5c:4c:8e:06:59:d3:ff: 0e:68:c9:ea:dc:5f:6f:1c:8e:d1:96:d3:76:cd:61:12:9f:c7: 0a:49:dc:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkI2NEQxMTAvBgNVBAUTKDBDMzdBMDFDQjYzMzYyMzQ0RkI3Mzk2NzYwRkQ5NEQ5 QzlCOTdDN0EwHhcNMjUwNDIxMDMyMTU1WhcNMjUwNDI4MDMyMTU1WjAYMRYwFAYD VQQDEw02ODA1YjlkMy1jY2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv2/LcQnXfnDpMbtd7YGt0wbeXOQ7M7f7lJBR4hyQQzFvJkh9hjSQxF8Vxxug zBmBlsAN4KTTCMvr0ITErRvmlhOZxJY2PApxz7CPl/bLq7M/vqwkRkFEAisJVSgV MHKMzUG8gmS4F6uuiqbIBX2hVsOSNn7EmA3pKXhfK8tSUU1mRJ2JNfc/XU+bT7E1 m2EClmqEF+K6jkF64dSuEfGegIcpc3cikkIHPbjshLniiV2zt8NM7zoWqm4Z4Ph3 nGcHMuW8Dzf/uOwCrHXPcpv90AE3nIEClb1aZykSifFiePv/33zc4clXhJxoAc/m mQ4L3lcCJMxcAcMWzpq6WIRP+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMkHXxAH a/3gXzJIAHp++D4ecUdVMB8GA1UdIwQYMBaAFAw3oBy2M2I0T7c5Z2D9lNnJuXx6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjY0RC8yQkJFNDAxNDQ2 N0MxMUVFOTJENjQ2M0NDNEY5QUUwMi9ERGVnSExZellqUlB0emxuWVAyVTJjbTVm SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0REZWdITFl6WWpSUHR6bG5ZUDJVMmNtNWZIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QjY0RC8yQkJFNDAxNDQ2N0MxMUVFOTJENjQ2M0NDNEY5QUUwMi9ERGVnSExZellq UlB0emxuWVAyVTJjbTVmSG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA70IlUMeWtiKlkf+0yj4sup5gsN7cGgWvYU1dtt6Fbk+KbhYpuDBed V0PxCh1KD+cQxQwmSdYPfIWN4YRFI2AXmNmvLTCa1RV7BQleClE1whhfH9pVLHOx +ugedKgJX14gcTyEBV81bDUMcGoZSjREVUqBL3la7gBN3338oROEPOGPq53GzLih YjgD3e84buw+6cph/WIRxODpgt1Mwjr2d3yvTui8K+moPX3Ziky0B7Ib0xycyEDO gnYwLxvsm/lXEh431UWRHSMONqrczdZG0hBv/yQh56DoTvffBQv+WR2mXFxMjgZZ 0/8OaMnq3F9vHI7RltN2zWESn8cKSdwg -----END CERTIFICATE-----Generated at Tue Apr 22 01:20:46 2025 by rpki-client