$ rpki-client -vvf rpki.apnic.net/member_repository/A912DA1D/B46E42DABB1B11ECB0AC0F14C4F9AE02/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.mft File: 5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.mft (raw, json) Hash identifier: npv8cKEar3PlAKJK/AIEdY9LkWY+Igzfk14pOqROqdA= Subject key identifier: F6:70:AC:A5:BB:BF:D1:8F:5B:53:98:DD:87:93:E8:39:5E:CF:DB:97 Authority key identifier: E4:21:42:E3:E5:84:57:62:D0:E8:D6:8B:02:FB:10:E8:75:BC:6B:F2 Certificate issuer: /CN=A912DA1D/serialNumber=E42142E3E5845762D0E8D68B02FB10E875BC6BF2 Certificate serial: 034A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DA1D/B46E42DABB1B11ECB0AC0F14C4F9AE02/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.mft Manifest number: 033A Signing time: Fri 11 Apr 2025 01:02:50 +0000 Manifest this update: Fri 11 Apr 2025 01:02:49 +0000 Manifest next update: Fri 18 Apr 2025 01:02:49 +0000 Files and hashes: 1: 5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.crl (hash: Xj0uCIHtNmahWRv6DhLQgoe5YNQg4ihbrLHaFSVinjk=) 2: 44B90434DFA011ED8C895F7CC4F9AE02.roa (hash: OB3c0FOnO7U7Cy2O3WKkzCkZvRGF4Swy8zD33qNbalg=) 3: 0589A4B8DF9511EDAAA7E22AC4F9AE02.roa (hash: PCa5nWLR+HuKgmwdVX9BOmG2ZZvLJrtIyJd8CbPbXng=) 4: 36B1CD340A6D11ED89FD3F13C4F9AE02.roa (hash: JCVj+AscF7hWsvaIqNJTPDabzygkqnGZEfVjCkrIsro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DA1D/B46E42DABB1B11ECB0AC0F14C4F9AE02/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.crl rsync://rpki.apnic.net/member_repository/A912DA1D/B46E42DABB1B11ECB0AC0F14C4F9AE02/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 01:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 842 (0x34a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DA1D, serialNumber=E42142E3E5845762D0E8D68B02FB10E875BC6BF2 Validity Not Before: Apr 11 01:02:49 2025 GMT Not After : Apr 18 01:02:49 2025 GMT Subject: CN=67f86a3a-b105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:39:b5:f4:99:05:4a:3b:3c:e7:5a:55:98:b4: 62:66:ca:29:fa:f4:e8:73:20:62:d9:6e:4c:e5:b2: 47:b0:20:df:aa:15:1f:76:b5:46:de:27:b5:87:f8: 8b:1d:b0:be:c7:00:cf:08:85:b9:51:8f:0f:54:f8: a3:e3:7e:f9:f4:bf:36:be:56:b4:60:b8:e0:35:ac: 3c:62:74:ca:1b:7f:11:b2:ae:05:78:11:fc:59:fa: 7a:81:df:43:25:27:73:ff:48:b8:30:81:17:df:92: 16:0d:d6:43:d4:1b:90:e8:79:0f:f4:49:5e:5a:92: f3:8e:57:f1:d5:65:8d:77:8f:9d:0e:01:1e:3f:19: 4a:3e:8b:ff:42:0d:72:8e:6d:9e:08:c7:35:7a:fc: 83:6e:5f:8b:c1:14:2c:c7:8f:de:68:8a:26:b7:4f: 9a:7c:67:a1:fb:fc:00:b4:13:f3:ba:0e:d9:cb:91: cd:1e:cb:9d:2b:29:8e:30:e8:11:f0:71:2b:41:a9: a3:1a:5e:8c:14:27:61:7b:59:14:15:ac:e2:cc:a0: 53:6a:14:98:41:60:33:19:d5:67:48:b9:50:8f:87: 74:08:97:ae:b6:d8:6f:6e:e3:d9:19:bb:83:0f:ba: 46:43:cf:7d:b7:f2:b0:cc:bb:56:be:09:1d:d7:a8: 7b:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:70:AC:A5:BB:BF:D1:8F:5B:53:98:DD:87:93:E8:39:5E:CF:DB:97 X509v3 Authority Key Identifier: keyid:E4:21:42:E3:E5:84:57:62:D0:E8:D6:8B:02:FB:10:E8:75:BC:6B:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DA1D/B46E42DABB1B11ECB0AC0F14C4F9AE02/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DA1D/B46E42DABB1B11ECB0AC0F14C4F9AE02/5CFC4-WEV2LQ6NaLAvsQ6HW8a_I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:87:6e:3f:32:71:b8:82:fb:49:10:40:bb:e0:a2:08:d8:bb: f8:b7:e8:0e:5e:d9:a8:f0:af:43:ba:ad:0c:81:2f:48:a1:60: fb:b9:d9:1a:37:69:16:ff:b1:16:03:cd:57:60:2e:b8:7e:14: 57:10:ad:e9:6a:56:e8:75:a8:b6:4a:4a:a0:25:bb:96:84:9a: 3a:85:3c:ef:29:b4:96:c9:6f:e8:0e:b5:79:37:83:5d:48:a4: 38:8f:30:c9:6f:17:44:d7:e5:68:bb:b3:f0:73:1f:9e:44:75: 3d:a1:e4:ab:64:fb:3a:79:f0:6a:70:02:83:04:84:ff:85:0f: 96:f3:02:a8:84:49:71:d8:27:63:2a:a0:57:fe:75:09:fd:62: ee:87:1d:74:eb:6b:72:cc:b4:c4:09:e0:4c:d8:50:50:66:38: 90:1a:b2:87:38:9f:9b:d8:b2:14:37:3e:7a:b0:bf:94:e5:72: 3d:4e:ed:64:ed:17:70:aa:0d:1d:5a:0c:fc:58:2c:45:4a:cd: 10:12:b1:11:5b:c6:1c:4d:d5:92:ca:68:97:3a:31:1f:07:c6: 76:f0:4c:0a:d0:71:13:02:e3:e7:2a:d1:33:5c:70:2f:38:a8: d2:aa:8a:3d:4b:d6:69:4e:91:2f:15:d6:f2:b4:01:70:13:9d: ba:27:29:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkRBMUQxMTAvBgNVBAUTKEU0MjE0MkUzRTU4NDU3NjJEMEU4RDY4QjAyRkIxMEU4 NzVCQzZCRjIwHhcNMjUwNDExMDEwMjQ5WhcNMjUwNDE4MDEwMjQ5WjAYMRYwFAYD VQQDEw02N2Y4NmEzYS1iMTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwzm19JkFSjs851pVmLRiZsop+vTocyBi2W5M5bJHsCDfqhUfdrVG3ie1h/iL HbC+xwDPCIW5UY8PVPij43759L82vla0YLjgNaw8YnTKG38Rsq4FeBH8Wfp6gd9D JSdz/0i4MIEX35IWDdZD1BuQ6HkP9EleWpLzjlfx1WWNd4+dDgEePxlKPov/Qg1y jm2eCMc1evyDbl+LwRQsx4/eaIomt0+afGeh+/wAtBPzug7Zy5HNHsudKymOMOgR 8HErQamjGl6MFCdhe1kUFazizKBTahSYQWAzGdVnSLlQj4d0CJeutthvbuPZGbuD D7pGQ899t/KwzLtWvgkd16h7tQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPZwrKW7 v9GPW1OY3YeT6Dlez9uXMB8GA1UdIwQYMBaAFOQhQuPlhFdi0OjWiwL7EOh1vGvy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREExRC9CNDZFNDJEQUJC MUIxMUVDQjBBQzBGMTRDNEY5QUUwMi81Q0ZDNC1XRVYyTFE2TmFMQXZzUTZIVzhh X0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVDRkM0LVdFVjJMUTZOYUxBdnNRNkhXOGFfSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy REExRC9CNDZFNDJEQUJCMUIxMUVDQjBBQzBGMTRDNEY5QUUwMi81Q0ZDNC1XRVYy TFE2TmFMQXZzUTZIVzhhX0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBEh24/MnG4gvtJEEC74KII2Lv4t+gOXtmo8K9Duq0MgS9IoWD7udka N2kW/7EWA81XYC64fhRXEK3palbodai2SkqgJbuWhJo6hTzvKbSWyW/oDrV5N4Nd SKQ4jzDJbxdE1+Vou7Pwcx+eRHU9oeSrZPs6efBqcAKDBIT/hQ+W8wKohElx2Cdj KqBX/nUJ/WLuhx1062tyzLTECeBM2FBQZjiQGrKHOJ+b2LIUNz56sL+U5XI9Tu1k 7Rdwqg0dWgz8WCxFSs0QErERW8YcTdWSymiXOjEfB8Z28EwK0HETAuPnKtEzXHAv OKjSqoo9S9ZpTpEvFdbytAFwE526Jyk7 -----END CERTIFICATE-----Generated at Sat Apr 12 17:40:56 2025 by rpki-client