$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: GSTjjP2elnTBYKFCzcvmKXJ4C7M+Hyr6sK8IdlHOEiU= Subject key identifier: 50:E3:F7:89:64:23:62:28:D8:1A:38:E0:9C:4B:8B:04:2E:24:1A:D0 Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 01BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 01BC Signing time: Tue 15 Apr 2025 02:04:53 +0000 Manifest this update: Tue 15 Apr 2025 02:04:52 +0000 Manifest next update: Tue 22 Apr 2025 02:04:52 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: qHR34HtFBV+SB0c4E4N8ds9Eh6agUlhbwL0Dr1h2dyw=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: C5+qR+xwM5riTT+23t/1tPZQq66L4etzO1hAZvNu09M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 02:04:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB, serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: Apr 15 02:04:52 2025 GMT Not After : Apr 22 02:04:52 2025 GMT Subject: CN=67fdbec5-1d05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c5:02:b0:2d:a5:95:9f:2b:c2:d5:c8:96:0d: 03:ec:25:e4:b3:e7:e1:c3:69:10:64:8d:2d:45:83: 18:85:9f:08:ae:2d:a2:7c:05:c2:d7:a4:55:86:77: f5:ab:ed:00:e8:0f:34:a2:7d:a6:75:06:50:5b:9e: c8:96:33:30:18:60:ed:cd:a4:35:60:8e:ef:f7:83: 0f:78:da:37:26:21:fd:84:fc:49:f8:8e:94:9f:3f: 39:4c:44:d0:c8:19:4a:d1:6d:28:e7:44:16:38:d2: ac:bd:b9:ad:f6:5c:95:b7:a6:cd:37:7d:a6:0b:22: ec:1e:5f:ae:6b:8e:9c:3b:4b:bf:b7:d0:74:76:ed: 54:31:f6:de:c9:3f:2b:c1:4f:79:d7:80:d5:c0:0c: 24:7a:12:14:09:23:c9:16:59:a2:1e:85:48:99:da: e4:88:b6:01:95:5b:73:da:5c:73:ec:21:91:3b:46: 4c:24:de:21:ef:84:cf:47:b1:08:e9:27:b0:92:a6: 7f:53:cb:36:a0:bf:27:9c:5a:4c:9e:6b:b0:78:dc: 32:d8:1b:6b:cd:e1:08:f7:a0:f1:bf:d2:7d:6b:9f: 02:6a:fd:8e:f0:8c:12:dd:76:29:90:26:71:7a:40: 68:09:22:b8:ed:56:9d:a8:94:fb:5f:3e:e1:5f:f7: 7e:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:E3:F7:89:64:23:62:28:D8:1A:38:E0:9C:4B:8B:04:2E:24:1A:D0 X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:48:9c:24:d2:fd:06:69:05:e3:56:c6:5a:92:8e:90:28:7c: 0f:67:21:89:48:9d:f3:a9:08:88:05:fa:8d:e4:d2:bc:fc:e9: 6e:54:73:f3:09:98:06:61:53:34:00:fb:ce:81:fb:4b:5a:71: fd:6a:22:26:d5:c9:db:f5:a4:8f:76:df:08:12:5a:d7:b4:17: 77:e0:a0:cb:08:c3:32:83:02:22:dc:32:8f:1c:de:f1:ea:9e: d4:57:e5:20:8e:b6:9d:1d:1d:92:ce:5c:29:f9:0f:7c:6c:c8: 66:8c:f0:2f:22:e1:22:61:a7:94:bf:6e:f8:76:4e:85:15:a1: 0d:ca:7a:f9:bf:e0:c7:48:28:59:4a:33:95:ec:c4:24:b4:b6: 79:d0:da:f5:eb:c9:5e:21:10:91:15:8b:dd:63:db:94:2d:d2: 8a:89:3c:e3:95:2b:e7:f6:5b:8a:06:b3:8b:5b:a3:66:3a:f8: 3f:a4:4c:02:fe:95:92:00:3e:01:8c:dc:d6:f2:86:54:d3:99: d0:a8:a5:cd:2f:ff:16:ef:92:64:7d:76:a4:f4:ef:39:24:dd: ed:55:35:58:24:3f:bd:a8:60:b3:53:62:64:4c:0f:2f:84:d8: af:60:5b:93:dc:b1:b0:5e:f7:9f:45:5c:74:dd:57:79:ff:e8: 51:d4:57:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjUwNDE1MDIwNDUyWhcNMjUwNDIyMDIwNDUyWjAYMRYwFAYD VQQDEw02N2ZkYmVjNS0xZDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvcUCsC2llZ8rwtXIlg0D7CXks+fhw2kQZI0tRYMYhZ8Iri2ifAXC16RVhnf1 q+0A6A80on2mdQZQW57IljMwGGDtzaQ1YI7v94MPeNo3JiH9hPxJ+I6Unz85TETQ yBlK0W0o50QWONKsvbmt9lyVt6bNN32mCyLsHl+ua46cO0u/t9B0du1UMfbeyT8r wU9514DVwAwkehIUCSPJFlmiHoVImdrkiLYBlVtz2lxz7CGRO0ZMJN4h74TPR7EI 6SewkqZ/U8s2oL8nnFpMnmuweNwy2BtrzeEI96Dxv9J9a58Cav2O8IwS3XYpkCZx ekBoCSK47VadqJT7Xz7hX/d+lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFDj94lk I2Io2Bo44JxLiwQuJBrQMB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdSJwk0v0GaQXjVsZako6QKHwPZyGJSJ3zqQiIBfqN5NK8/OluVHPz CZgGYVM0APvOgftLWnH9aiIm1cnb9aSPdt8IElrXtBd34KDLCMMygwIi3DKPHN7x 6p7UV+UgjradHR2Szlwp+Q98bMhmjPAvIuEiYaeUv274dk6FFaENynr5v+DHSChZ SjOV7MQktLZ50Nr168leIRCRFYvdY9uULdKKiTzjlSvn9luKBrOLW6NmOvg/pEwC /pWSAD4BjNzW8oZU05nQqKXNL/8W75JkfXak9O85JN3tVTVYJD+9qGCzU2JkTA8v hNivYFuT3LGwXvefRVx03Vd5/+hR1Fd/ -----END CERTIFICATE-----Generated at Wed Apr 16 17:18:03 2025 by rpki-client