$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft File: R2lFsh8liffnEnUf50f6IUOlI1s.mft (raw, json) Hash identifier: uLJnK4qXXX6IgfyrT7cnet9J4JKwaFswi50tD4+qHao= Subject key identifier: C5:F9:61:58:D3:3B:EA:8A:5D:C7:6B:25:A2:3B:5F:CB:A2:58:E4:95 Authority key identifier: 47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B Certificate issuer: /CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Certificate serial: 024E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft Manifest number: 024A Signing time: Thu 17 Apr 2025 01:30:12 +0000 Manifest this update: Thu 17 Apr 2025 01:30:11 +0000 Manifest next update: Thu 24 Apr 2025 01:30:11 +0000 Files and hashes: 1: R2lFsh8liffnEnUf50f6IUOlI1s.crl (hash: lJB2LxJ0MiA5YGEb2awn6UcveHvzDZ9PmcTYOOAms3A=) 2: A917D87217A711ED8D17FC7CC4F9AE02.roa (hash: Zl1OdprsSbZO6kJ93156dFn5LZrbdumG7KQVdLYJ1W0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 01:30:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 590 (0x24e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B1D, serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Validity Not Before: Apr 17 01:30:11 2025 GMT Not After : Apr 24 01:30:11 2025 GMT Subject: CN=680059a4-a7f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:68:b6:32:23:5a:77:18:08:59:3d:12:82:e2: 61:82:0c:88:4e:ad:d5:32:1a:e1:9a:a5:ea:94:4f: 7d:f1:ea:e4:41:c2:48:d0:a1:a0:9b:a2:08:d4:2b: 1d:82:c3:79:ae:e5:ce:57:b5:f7:54:69:31:eb:ac: 3a:7f:eb:6c:9c:40:f8:49:84:c8:38:8e:d9:22:dc: 6c:e1:bf:fb:af:9c:75:66:63:f6:8a:81:5a:82:7f: 24:82:7a:3b:66:be:af:8b:3a:b9:d3:02:11:4d:86: d0:af:52:50:33:0d:8d:90:cb:e3:13:9b:c4:14:89: 8b:58:e1:fb:90:ae:a3:0d:99:49:97:06:dc:18:31: 1f:cf:fb:82:e2:a5:98:05:c7:38:bf:4c:43:b3:6a: 34:21:6b:b8:47:1a:f8:c8:9b:9d:7c:4c:ab:20:a0: 36:fa:fd:9f:f1:b3:bc:ea:46:54:84:5d:a8:b1:c6: 55:f1:3c:a2:06:29:11:31:c1:4e:41:ed:3b:06:4b: 9f:7c:a4:fa:a7:d0:34:40:05:d1:62:91:2b:68:c0: 70:e0:63:4a:13:88:d4:67:48:3f:dd:7e:69:ad:31: 15:71:cb:2e:83:f9:0a:5e:8e:ce:ef:ca:fd:ac:e3: 19:46:b9:72:7c:ef:47:ba:20:8f:c7:12:7c:71:77: 2b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F9:61:58:D3:3B:EA:8A:5D:C7:6B:25:A2:3B:5F:CB:A2:58:E4:95 X509v3 Authority Key Identifier: keyid:47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:0d:25:ee:d0:10:0d:1a:97:f9:85:4f:c8:ae:ed:d1:17:a2: 69:d8:14:25:eb:8c:b4:80:f8:bd:59:83:1b:c0:5f:c3:19:53: e0:e0:e6:09:46:52:ff:28:3a:fe:d7:f4:b8:f5:a4:86:97:4f: 0f:dd:55:e3:06:91:16:3e:ad:e9:74:1d:5e:ed:5c:42:32:77: 51:62:4d:78:76:2f:93:5c:af:19:d5:75:3f:dd:fb:7b:af:6a: 97:ec:a5:c9:5b:78:59:aa:b9:87:58:b9:61:ab:e4:07:9d:3a: d6:59:69:1a:35:f9:6f:90:79:cb:3c:1c:eb:7b:7a:42:3a:3c: 79:73:93:96:8a:59:ad:71:c5:8b:37:52:a7:37:f3:74:7c:78: 99:f5:36:b4:05:5f:54:54:7e:28:b4:9f:36:1b:ce:7f:40:78: 62:a2:f5:7a:e3:49:22:4f:82:fb:5d:6b:20:96:98:67:5e:40: 1e:43:39:12:ca:e8:fd:f8:2f:c6:03:d5:1c:ad:ad:d4:19:08: 7e:47:58:d8:7b:63:19:30:44:21:03:1a:e8:e1:4f:bf:79:d7: 7d:e3:fd:b6:70:81:66:33:c8:6d:b5:3a:21:8e:ed:38:93:ae: 31:09:58:ef:5c:2a:1b:a6:15:03:4a:de:a1:a3:92:33:c9:7f: 81:0e:bb:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCMUQxMTAvBgNVBAUTKDQ3Njk0NUIyMUYyNTg5RjdFNzEyNzUxRkU3NDdGQTIx NDNBNTIzNUIwHhcNMjUwNDE3MDEzMDExWhcNMjUwNDI0MDEzMDExWjAYMRYwFAYD VQQDEw02ODAwNTlhNC1hN2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Wi2MiNadxgIWT0SguJhggyITq3VMhrhmqXqlE998erkQcJI0KGgm6II1Csd gsN5ruXOV7X3VGkx66w6f+tsnED4SYTIOI7ZItxs4b/7r5x1ZmP2ioFagn8kgno7 Zr6vizq50wIRTYbQr1JQMw2NkMvjE5vEFImLWOH7kK6jDZlJlwbcGDEfz/uC4qWY Bcc4v0xDs2o0IWu4Rxr4yJudfEyrIKA2+v2f8bO86kZUhF2oscZV8TyiBikRMcFO Qe07BkuffKT6p9A0QAXRYpEraMBw4GNKE4jUZ0g/3X5prTEVccsug/kKXo7O78r9 rOMZRrlyfO9HuiCPxxJ8cXcrbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMX5YVjT O+qKXcdrJaI7X8uiWOSVMB8GA1UdIwQYMBaAFEdpRbIfJYn35xJ1H+dH+iFDpSNb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRC8zMDIwM0VEMDE3 QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlmZm5FblVmNTBmNklVT2xJ MXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IybEZzaDhsaWZmbkVuVWY1MGY2SVVPbEkxcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkIxRC8zMDIwM0VEMDE3QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlm Zm5FblVmNTBmNklVT2xJMXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3DSXu0BANGpf5hU/Iru3RF6Jp2BQl64y0gPi9WYMbwF/DGVPg4OYJ RlL/KDr+1/S49aSGl08P3VXjBpEWPq3pdB1e7VxCMndRYk14di+TXK8Z1XU/3ft7 r2qX7KXJW3hZqrmHWLlhq+QHnTrWWWkaNflvkHnLPBzre3pCOjx5c5OWilmtccWL N1KnN/N0fHiZ9Ta0BV9UVH4otJ82G85/QHhiovV640kiT4L7XWsglphnXkAeQzkS yuj9+C/GA9Ucra3UGQh+R1jYe2MZMEQhAxro4U+/edd94/22cIFmM8httTohju04 k64xCVjvXCobphUDSt6ho5IzyX+BDrvJ -----END CERTIFICATE-----Generated at Fri Apr 18 07:05:21 2025 by rpki-client