$ rpki-client -vvf rpki.apnic.net/member_repository/A914459D/0B3F665AD60F11EFB0FA533FC4F9AE02/-0iFaOdSC8eCoRmJdikDDtBpXNs.mft File: -0iFaOdSC8eCoRmJdikDDtBpXNs.mft (raw, json) Hash identifier: tHrES/FfEMgDoK1pUxj0HlOCfuYhqe9uyFzLqHS/x8c= Subject key identifier: BA:A7:C8:5B:4A:93:46:5F:8E:BB:FA:C8:64:CB:E7:84:B0:0B:51:BE Authority key identifier: FB:48:85:68:E7:52:0B:C7:82:A1:19:89:76:29:03:0E:D0:69:5C:DB Certificate issuer: /CN=A914459D/serialNumber=FB488568E7520BC782A119897629030ED0695CDB Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0iFaOdSC8eCoRmJdikDDtBpXNs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914459D/0B3F665AD60F11EFB0FA533FC4F9AE02/-0iFaOdSC8eCoRmJdikDDtBpXNs.mft Manifest number: 2A Signing time: Thu 03 Apr 2025 07:03:58 +0000 Manifest this update: Thu 03 Apr 2025 07:03:57 +0000 Manifest next update: Thu 10 Apr 2025 07:03:57 +0000 Files and hashes: 1: -0iFaOdSC8eCoRmJdikDDtBpXNs.crl (hash: QoSt7w+OPQBH50tyl+56iHO+iueAcnpaQ4zRmKU+hvs=) 2: 4720EB9ED60F11EFA2510540C4F9AE02.roa (hash: Q8ipP3E5cVxqpK+wwh4P32pECYgAwVU6B1+eB8QC8yE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914459D/0B3F665AD60F11EFB0FA533FC4F9AE02/-0iFaOdSC8eCoRmJdikDDtBpXNs.crl rsync://rpki.apnic.net/member_repository/A914459D/0B3F665AD60F11EFB0FA533FC4F9AE02/-0iFaOdSC8eCoRmJdikDDtBpXNs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0iFaOdSC8eCoRmJdikDDtBpXNs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914459D Validity Not Before: Apr 3 07:03:57 2025 GMT Not After : Apr 10 07:03:57 2025 GMT Subject: CN=67ee32dd-7c86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c0:bf:c9:a1:da:98:a3:48:de:79:73:c7:77: a7:12:bf:05:98:68:f8:e6:c0:9a:13:0e:ab:d9:bf: bc:61:67:7c:68:1e:1d:22:4a:8d:7c:79:fb:94:72: 13:8a:84:41:e2:f8:27:b7:57:52:d0:4a:a4:2d:48: f1:14:0d:75:cc:2f:29:2c:5c:6d:6a:14:6c:5d:ab: ea:d5:2f:f5:41:f8:ee:70:a2:a7:bd:54:64:18:74: 71:02:53:f8:70:09:04:61:0e:63:0a:5a:9a:04:3b: ba:2e:39:f5:c3:49:70:d9:71:5d:31:30:12:bb:bd: 0d:5d:d1:77:1c:ab:03:94:78:52:a1:95:4d:98:9c: 85:12:cf:b4:2a:30:13:ce:68:2e:1f:06:e7:61:ab: 9e:04:fb:c3:25:5b:b6:d0:43:72:34:95:63:b3:05: 8b:79:3f:59:27:89:d8:f6:30:eb:58:5e:9b:ad:f3: 88:fb:41:59:bf:f7:6c:f8:ec:50:2a:c3:45:ac:33: fd:fb:85:f6:8b:08:07:8a:34:b9:37:f8:88:bb:8a: 6a:fb:65:50:55:da:e0:45:65:5a:8c:8f:17:d7:46: 43:ae:9b:4c:3f:9b:c5:f4:c7:e1:4d:d1:e0:f9:41: d3:ed:c3:fe:24:14:40:a9:a4:43:eb:b5:c8:7d:17: 26:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:A7:C8:5B:4A:93:46:5F:8E:BB:FA:C8:64:CB:E7:84:B0:0B:51:BE X509v3 Authority Key Identifier: keyid:FB:48:85:68:E7:52:0B:C7:82:A1:19:89:76:29:03:0E:D0:69:5C:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914459D/0B3F665AD60F11EFB0FA533FC4F9AE02/-0iFaOdSC8eCoRmJdikDDtBpXNs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0iFaOdSC8eCoRmJdikDDtBpXNs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914459D/0B3F665AD60F11EFB0FA533FC4F9AE02/-0iFaOdSC8eCoRmJdikDDtBpXNs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:1b:19:63:72:69:b5:5e:b5:ed:f0:db:b7:2b:a8:63:e9:cc: b9:3d:d1:9e:76:3c:4b:69:cf:2b:22:8a:3a:5a:47:88:0c:72: 88:2f:74:d4:46:54:7f:56:a9:9f:57:1c:e9:eb:42:af:01:d2: d9:66:b0:08:d4:d3:62:36:17:e2:f7:1e:ce:4a:41:63:7e:61: 38:e2:54:25:02:d8:32:37:0d:48:bc:e0:9b:df:fc:38:1e:6e: 6c:c8:93:a1:bd:d2:24:74:54:f1:2f:23:73:b3:37:e8:1c:65: ed:2e:0a:e9:e9:52:e0:1f:81:59:25:4c:94:b9:11:83:55:e1: 7f:0f:24:c7:b3:34:09:4d:1c:9a:a3:2b:af:70:ef:7e:fd:a9: 97:93:8e:72:2c:f3:97:af:37:5e:3c:aa:84:5d:0c:d3:03:78: ec:63:36:b5:6a:9e:b2:fe:e1:da:d9:cb:a3:42:e1:56:1a:93: 8a:ca:52:b0:3a:ba:4a:21:fe:cb:72:1f:39:33:0d:a7:69:51: 13:85:80:23:55:0b:1c:d5:53:ea:af:ef:7d:32:71:56:6a:7e: e5:47:9e:d7:93:8a:2b:4b:d4:97:ea:f7:2b:79:3c:76:16:d2: 22:3d:a2:b3:0a:ef:d6:c9:f6:37:89:c4:7b:37:82:62:f6:1a: 31:c1:cd:20 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NDU5RDExMC8GA1UEBRMoRkI0ODg1NjhFNzUyMEJDNzgyQTExOTg5NzYyOTAzMEVE MDY5NUNEQjAeFw0yNTA0MDMwNzAzNTdaFw0yNTA0MTAwNzAzNTdaMBgxFjAUBgNV BAMTDTY3ZWUzMmRkLTdjODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7wL/JodqYo0jeeXPHd6cSvwWYaPjmwJoTDqvZv7xhZ3xoHh0iSo18efuUchOK hEHi+Ce3V1LQSqQtSPEUDXXMLyksXG1qFGxdq+rVL/VB+O5woqe9VGQYdHECU/hw CQRhDmMKWpoEO7ouOfXDSXDZcV0xMBK7vQ1d0XccqwOUeFKhlU2YnIUSz7QqMBPO aC4fBudhq54E+8MlW7bQQ3I0lWOzBYt5P1knidj2MOtYXput84j7QVm/92z47FAq w0WsM/37hfaLCAeKNLk3+Ii7imr7ZVBV2uBFZVqMjxfXRkOum0w/m8X0x+FN0eD5 QdPtw/4kFECppEPrtch9FyYtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuqfIW0qT Rl+Ou/rIZMvnhLALUb4wHwYDVR0jBBgwFoAU+0iFaOdSC8eCoRmJdikDDtBpXNsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0NTlELzBCM0Y2NjVBRDYw RjExRUZCMEZBNTMzRkM0RjlBRTAyLy0waUZhT2RTQzhlQ29SbUpkaWtERHRCcFhO cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvLTBpRmFPZFNDOGVDb1JtSmRpa0REdEJwWE5zLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0 NTlELzBCM0Y2NjVBRDYwRjExRUZCMEZBNTMzRkM0RjlBRTAyLy0waUZhT2RTQzhl Q29SbUpkaWtERHRCcFhOcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMcbGWNyabVete3w27crqGPpzLk90Z52PEtpzysiijpaR4gMcogvdNRG VH9WqZ9XHOnrQq8B0tlmsAjU02I2F+L3Hs5KQWN+YTjiVCUC2DI3DUi84Jvf/Dge bmzIk6G90iR0VPEvI3OzN+gcZe0uCunpUuAfgVklTJS5EYNV4X8PJMezNAlNHJqj K69w7379qZeTjnIs85evN148qoRdDNMDeOxjNrVqnrL+4drZy6NC4VYak4rKUrA6 ukoh/styHzkzDadpUROFgCNVCxzVU+qv730ycVZqfuVHnteTiitL1Jfq9yt5PHYW 0iI9orMK79bJ9jeJxHs3gmL2GjHBzSA= -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:00 2025 by rpki-client