$ rpki-client -vvf rpki.apnic.net/member_repository/A912DFBA/DB9CE678029811EB9823AE82C4F9AE02/rk4wzA0FAaWuZkrbFZBTrOzwrP0.mft File: rk4wzA0FAaWuZkrbFZBTrOzwrP0.mft (raw, json) Hash identifier: XdMaQ9A/tmVpi6v/3X3pxplpLSb5IXHqPREcB/wLRQ4= Subject key identifier: BA:02:92:8B:F8:24:D9:6D:9E:63:BB:F3:3C:13:21:5A:1A:AA:BB:23 Authority key identifier: AE:4E:30:CC:0D:05:01:A5:AE:66:4A:DB:15:90:53:AC:EC:F0:AC:FD Certificate issuer: /CN=A912DFBA/serialNumber=AE4E30CC0D0501A5AE664ADB159053ACECF0ACFD Certificate serial: 0799 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rk4wzA0FAaWuZkrbFZBTrOzwrP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DFBA/DB9CE678029811EB9823AE82C4F9AE02/rk4wzA0FAaWuZkrbFZBTrOzwrP0.mft Manifest number: 0790 Signing time: Sat 12 Apr 2025 21:00:15 +0000 Manifest this update: Sat 12 Apr 2025 21:00:14 +0000 Manifest next update: Sat 19 Apr 2025 21:00:14 +0000 Files and hashes: 1: rk4wzA0FAaWuZkrbFZBTrOzwrP0.crl (hash: 9z0wmEE/mvLU7qnLw4mMl3LfX7Ze+fz8tl8Dw3Hj9LQ=) 2: 38502DA2029A11EB85BD7B84C4F9AE02.roa (hash: MTInpOnl0k5cHzk/mQ2WeCDrev/aJl9yGIcBSOBrAww=) 3: CEA093C66CA311ED9DD6425CC4F9AE02.roa (hash: Iyw+3tj3IM+pBmHPCcr/UX2wQKedAFHetZW/mNvxVH0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DFBA/DB9CE678029811EB9823AE82C4F9AE02/rk4wzA0FAaWuZkrbFZBTrOzwrP0.crl rsync://rpki.apnic.net/member_repository/A912DFBA/DB9CE678029811EB9823AE82C4F9AE02/rk4wzA0FAaWuZkrbFZBTrOzwrP0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rk4wzA0FAaWuZkrbFZBTrOzwrP0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 21:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1945 (0x799) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DFBA, serialNumber=AE4E30CC0D0501A5AE664ADB159053ACECF0ACFD Validity Not Before: Apr 12 21:00:14 2025 GMT Not After : Apr 19 21:00:14 2025 GMT Subject: CN=67fad45e-df12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c7:f6:0f:df:b3:67:b7:c4:a4:0f:ec:94:24: 91:02:7f:c4:1f:95:26:79:09:59:e1:4c:44:07:3e: 6a:3f:26:a2:9b:1d:d7:b3:4b:e9:3c:df:a8:44:c1: 18:1b:4e:50:43:6d:2c:56:30:9b:76:a8:ac:50:1e: 10:09:a9:c7:14:c9:25:d1:02:4c:99:06:80:be:12: 86:23:8f:2a:58:ac:5e:1f:ac:96:22:57:1c:d5:7e: 07:12:34:71:95:ee:46:cc:89:43:c4:f8:d9:4d:23: 71:c4:d6:c3:3d:65:56:a3:c4:db:03:7c:7e:67:aa: fb:a0:70:11:7d:8f:65:12:5d:27:1d:fb:43:8d:d7: ff:71:ef:4d:1e:85:78:be:93:9a:be:6b:7f:5d:8f: 1f:f6:bc:2e:e8:2d:9a:24:5f:c2:52:34:ff:86:9e: dd:c3:a6:26:d5:c3:33:37:92:12:bb:92:cc:a5:4d: 7e:47:67:36:64:b8:b4:f9:92:5a:49:ee:f3:9a:8e: 57:a2:81:62:50:a0:ad:cb:3f:72:07:8b:60:96:06: b1:ac:c0:18:f5:ad:d9:dc:f1:90:ff:88:87:81:e5: af:8d:dd:bd:c4:33:8e:2b:2c:66:7e:f3:46:83:51: 04:ff:89:67:f5:a8:5a:0a:f1:22:a2:3a:90:4a:97: bb:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:02:92:8B:F8:24:D9:6D:9E:63:BB:F3:3C:13:21:5A:1A:AA:BB:23 X509v3 Authority Key Identifier: keyid:AE:4E:30:CC:0D:05:01:A5:AE:66:4A:DB:15:90:53:AC:EC:F0:AC:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DFBA/DB9CE678029811EB9823AE82C4F9AE02/rk4wzA0FAaWuZkrbFZBTrOzwrP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rk4wzA0FAaWuZkrbFZBTrOzwrP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DFBA/DB9CE678029811EB9823AE82C4F9AE02/rk4wzA0FAaWuZkrbFZBTrOzwrP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:4a:52:6a:83:d4:88:b1:65:7c:c2:5d:f4:bc:34:e9:71:c1: 6b:9a:52:c8:29:96:cd:4c:2c:3f:cd:72:e1:3e:34:81:84:d7: 90:96:8b:3b:0c:7c:fd:17:3c:ce:97:32:7f:d4:ef:97:35:bd: a5:2f:3a:03:9f:2f:71:c4:1a:8b:91:f0:32:4a:4f:d6:21:3e: c1:a0:05:5c:58:64:a4:19:61:e8:4d:d7:c7:98:cd:cd:5d:28: f5:2b:40:36:62:ae:32:cf:0c:3b:1e:7b:89:ca:ff:e9:05:5d: 4b:a4:01:4c:c3:0e:78:e9:fc:99:39:3a:77:1f:21:0e:1a:c8: 4d:28:1f:6d:a4:d3:32:5c:01:3e:2e:32:0d:1f:a7:a9:9b:84: af:fe:a7:ab:2b:21:1c:90:0f:37:86:93:af:20:d8:c3:87:b2: 57:40:bc:3e:e2:2c:96:79:77:7b:06:9d:c5:2e:17:6a:3d:ec: b2:e4:d9:81:3d:ff:64:3f:51:6f:fa:61:33:d2:97:b9:54:c3: 69:20:dc:7f:cb:57:f4:e5:04:61:1a:9f:c7:10:61:20:68:0c: 08:9d:45:96:ef:6c:9a:2c:35:31:13:05:b6:65:02:e5:42:50: a4:50:c0:1c:39:d7:5b:7f:21:98:2a:d0:85:cb:8f:ee:1d:87: 2b:1b:22:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB5kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkRGQkExMTAvBgNVBAUTKEFFNEUzMENDMEQwNTAxQTVBRTY2NEFEQjE1OTA1M0FD RUNGMEFDRkQwHhcNMjUwNDEyMjEwMDE0WhcNMjUwNDE5MjEwMDE0WjAYMRYwFAYD VQQDEw02N2ZhZDQ1ZS1kZjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzMf2D9+zZ7fEpA/slCSRAn/EH5UmeQlZ4UxEBz5qPyaimx3Xs0vpPN+oRMEY G05QQ20sVjCbdqisUB4QCanHFMkl0QJMmQaAvhKGI48qWKxeH6yWIlcc1X4HEjRx le5GzIlDxPjZTSNxxNbDPWVWo8TbA3x+Z6r7oHARfY9lEl0nHftDjdf/ce9NHoV4 vpOavmt/XY8f9rwu6C2aJF/CUjT/hp7dw6Ym1cMzN5ISu5LMpU1+R2c2ZLi0+ZJa Se7zmo5XooFiUKCtyz9yB4tglgaxrMAY9a3Z3PGQ/4iHgeWvjd29xDOOKyxmfvNG g1EE/4ln9ahaCvEiojqQSpe7LwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLoCkov4 JNltnmO78zwTIVoaqrsjMB8GA1UdIwQYMBaAFK5OMMwNBQGlrmZK2xWQU6zs8Kz9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREZCQS9EQjlDRTY3ODAy OTgxMUVCOTgyM0FFODJDNEY5QUUwMi9yazR3ekEwRkFhV3Vaa3JiRlpCVHJPendy UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JrNHd6QTBGQWFXdVprcmJGWkJUck96d3JQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy REZCQS9EQjlDRTY3ODAyOTgxMUVCOTgyM0FFODJDNEY5QUUwMi9yazR3ekEwRkFh V3Vaa3JiRlpCVHJPendyUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBySlJqg9SIsWV8wl30vDTpccFrmlLIKZbNTCw/zXLhPjSBhNeQlos7 DHz9FzzOlzJ/1O+XNb2lLzoDny9xxBqLkfAySk/WIT7BoAVcWGSkGWHoTdfHmM3N XSj1K0A2Yq4yzww7HnuJyv/pBV1LpAFMww546fyZOTp3HyEOGshNKB9tpNMyXAE+ LjINH6epm4Sv/qerKyEckA83hpOvINjDh7JXQLw+4iyWeXd7Bp3FLhdqPeyy5NmB Pf9kP1Fv+mEz0pe5VMNpINx/y1f05QRhGp/HEGEgaAwInUWW72yaLDUxEwW2ZQLl QlCkUMAcOddbfyGYKtCFy4/uHYcrGyIJ -----END CERTIFICATE-----Generated at Sun Apr 13 03:56:53 2025 by rpki-client