$ rpki-client -vvf rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.mft File: NAQf45nAdllht5_hJGlBcocgc7s.mft (raw, json) Hash identifier: eeH1i2gZzWXh+AADuMaf8kORR/vSq6KlWlflT1ug+1Q= Subject key identifier: 6F:A7:A0:BE:E1:97:EC:F0:FD:48:E7:25:42:39:F6:AE:19:E2:4D:FC Authority key identifier: 34:04:1F:E3:99:C0:76:59:61:B7:9F:E1:24:69:41:72:87:20:73:BB Certificate issuer: /CN=A913FD96/serialNumber=34041FE399C0765961B79FE124694172872073BB Certificate serial: 0AA8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAQf45nAdllht5_hJGlBcocgc7s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.mft Manifest number: 0AA2 Signing time: Fri 18 Apr 2025 19:35:36 +0000 Manifest this update: Fri 18 Apr 2025 19:35:36 +0000 Manifest next update: Fri 25 Apr 2025 19:35:36 +0000 Files and hashes: 1: NAQf45nAdllht5_hJGlBcocgc7s.crl (hash: NS5vxOm084OutnFxC4LjPIL2WUysSBUkIqPGbu+EFzs=) 2: FC3B44CE519A11EAB1229A87C4F9AE02.roa (hash: mXaDebpxI+8jgolliV5kV+yxtxKp5QcapX21gE2juPA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.crl rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAQf45nAdllht5_hJGlBcocgc7s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 18:24:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2728 (0xaa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913FD96, serialNumber=34041FE399C0765961B79FE124694172872073BB Validity Not Before: Apr 18 19:35:36 2025 GMT Not After : Apr 25 19:35:36 2025 GMT Subject: CN=6802a988-350e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a9:91:d8:ac:d8:fe:a1:95:9e:eb:a4:92:34: 9d:bf:52:f7:b4:af:11:bb:5f:c5:ab:d6:80:5a:06: 91:95:b4:02:30:3b:f4:0b:e7:2a:59:19:40:dd:d4: 1a:77:fd:5a:a6:a4:cc:6d:35:fb:21:c7:86:25:8e: 35:d0:a8:68:12:11:78:f8:f3:b2:92:6e:52:36:7b: 94:de:2b:70:47:b3:9e:59:3e:55:d2:4f:bd:ee:1f: 5c:1e:bb:b3:01:a6:0e:10:5b:1a:7f:cf:09:46:e1: d5:20:04:15:e8:55:4d:87:19:cf:fb:06:cb:27:c5: 39:cd:78:1b:b9:bf:93:65:24:30:35:30:d5:8c:f0: 0e:b3:7c:a6:e9:a6:72:fb:2a:d5:ad:0b:b7:37:74: 8b:bd:75:a4:af:aa:32:dc:55:9e:a7:33:bd:38:f6: b4:3f:6e:25:b7:ef:c7:c6:1f:3a:da:fe:4e:29:25: 6a:91:1d:5a:a3:a1:22:2f:5b:83:fa:94:38:1b:44: c0:e2:a0:e5:d6:a8:fd:9b:62:5c:6b:1f:39:7e:a1: 79:f8:7e:ce:fc:d9:05:5f:16:6d:42:25:f5:00:00: ee:d5:f0:55:2c:37:34:10:94:f8:43:2e:84:e2:5f: b7:4a:55:a5:80:02:73:46:60:c9:48:69:26:ab:72: 24:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:A7:A0:BE:E1:97:EC:F0:FD:48:E7:25:42:39:F6:AE:19:E2:4D:FC X509v3 Authority Key Identifier: keyid:34:04:1F:E3:99:C0:76:59:61:B7:9F:E1:24:69:41:72:87:20:73:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAQf45nAdllht5_hJGlBcocgc7s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:31:d1:21:2f:49:2e:0c:3c:8f:31:0c:03:9a:68:41:39:bc: 4a:40:2f:ce:8b:3d:fb:cd:fa:e5:66:c3:cc:13:53:84:8a:da: bb:70:9b:24:fa:12:2e:a6:35:1e:13:83:c5:81:86:79:08:40: 14:c6:65:3c:ac:1a:be:f9:cb:1f:53:3a:e5:4d:ce:55:d1:e8: 36:54:d0:ec:e3:f9:70:14:20:75:ec:13:d2:31:07:01:25:48: a8:f8:2a:dc:24:5a:db:bb:32:e9:83:d0:d0:33:3d:4e:93:8f: bc:29:a0:4e:c7:3d:3e:49:a3:fc:7b:6d:9d:52:c6:90:ee:44: 31:9e:22:4e:56:a5:a5:ae:af:7e:be:d2:b2:f3:2b:41:95:03: 51:66:b1:31:1b:b4:a2:08:b6:fe:1f:6a:95:15:1d:83:11:e5: d2:6d:12:ee:f4:ea:78:b0:99:ab:63:7b:be:fd:55:cd:a4:88: e6:32:8f:26:95:6b:d9:80:76:a2:6e:fc:0c:b5:8a:98:e1:0c: c2:8a:72:54:c4:7f:18:ba:24:59:e1:89:7e:19:c6:0d:3a:9a: 08:cd:20:c4:5b:4c:03:77:d2:e3:05:07:3b:0b:0f:9c:2b:e2: ba:6e:b0:4b:4b:41:55:e8:99:15:70:51:b3:1b:bc:10:5a:38: 0c:37:3b:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0ZEOTYxMTAvBgNVBAUTKDM0MDQxRkUzOTlDMDc2NTk2MUI3OUZFMTI0Njk0MTcy ODcyMDczQkIwHhcNMjUwNDE4MTkzNTM2WhcNMjUwNDI1MTkzNTM2WjAYMRYwFAYD VQQDEw02ODAyYTk4OC0zNTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx6mR2KzY/qGVnuukkjSdv1L3tK8Ru1/Fq9aAWgaRlbQCMDv0C+cqWRlA3dQa d/1apqTMbTX7IceGJY410KhoEhF4+POykm5SNnuU3itwR7OeWT5V0k+97h9cHruz AaYOEFsaf88JRuHVIAQV6FVNhxnP+wbLJ8U5zXgbub+TZSQwNTDVjPAOs3ym6aZy +yrVrQu3N3SLvXWkr6oy3FWepzO9OPa0P24lt+/Hxh862v5OKSVqkR1ao6EiL1uD +pQ4G0TA4qDl1qj9m2Jcax85fqF5+H7O/NkFXxZtQiX1AADu1fBVLDc0EJT4Qy6E 4l+3SlWlgAJzRmDJSGkmq3IkEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG+noL7h l+zw/UjnJUI59q4Z4k38MB8GA1UdIwQYMBaAFDQEH+OZwHZZYbef4SRpQXKHIHO7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRkQ5Ni9BNjI0RkM0NDUx OTgxMUVBOTcyMjU5ODNDNEY5QUUwMi9OQVFmNDVuQWRsbGh0NV9oSkdsQmNvY2dj N3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BUWY0NW5BZGxsaHQ1X2hKR2xCY29jZ2M3cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RkQ5Ni9BNjI0RkM0NDUxOTgxMUVBOTcyMjU5ODNDNEY5QUUwMi9OQVFmNDVuQWRs bGh0NV9oSkdsQmNvY2djN3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbMdEhL0kuDDyPMQwDmmhBObxKQC/Oiz37zfrlZsPME1OEitq7cJsk +hIupjUeE4PFgYZ5CEAUxmU8rBq++csfUzrlTc5V0eg2VNDs4/lwFCB17BPSMQcB JUio+CrcJFrbuzLpg9DQMz1Ok4+8KaBOxz0+SaP8e22dUsaQ7kQxniJOVqWlrq9+ vtKy8ytBlQNRZrExG7SiCLb+H2qVFR2DEeXSbRLu9Op4sJmrY3u+/VXNpIjmMo8m lWvZgHaibvwMtYqY4QzCinJUxH8YuiRZ4Yl+GcYNOpoIzSDEW0wDd9LjBQc7Cw+c K+K6brBLS0FV6JkVcFGzG7wQWjgMNzu3 -----END CERTIFICATE-----Generated at Sat Apr 19 00:59:51 2025 by rpki-client