$ rpki-client -vvf rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft File: tNIXk5onUZOOB2WaeUiFqciEGRk.mft (raw, json) Hash identifier: hUx9z13UQoBvFRA4YF0vESh10PB0uXDgcB8ivFwngnU= Subject key identifier: EC:22:3F:D4:B4:3B:7B:1F:6D:7D:A3:15:6B:23:F0:F0:99:AF:A9:9A Authority key identifier: B4:D2:17:93:9A:27:51:93:8E:07:65:9A:79:48:85:A9:C8:84:19:19 Certificate issuer: /CN=A9145B13/serialNumber=B4D217939A2751938E07659A794885A9C8841919 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNIXk5onUZOOB2WaeUiFqciEGRk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft Manifest number: 42 Signing time: Sat 05 Apr 2025 06:44:31 +0000 Manifest this update: Sat 05 Apr 2025 06:44:30 +0000 Manifest next update: Sat 12 Apr 2025 06:44:30 +0000 Files and hashes: 1: tNIXk5onUZOOB2WaeUiFqciEGRk.crl (hash: 0An/24Pc/xx9OA0tFSxhiWBmmz/osEjH5vYgd1KwxFc=) 2: 793486E0C11A11EF99C19012C4F9AE02.roa (hash: pawwhpt8xl4Jm5tUlNLFvNNRwT1g8ks5JKIz2Wod4KM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.crl rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNIXk5onUZOOB2WaeUiFqciEGRk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 05:11:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145B13 Validity Not Before: Apr 5 06:44:30 2025 GMT Not After : Apr 12 06:44:30 2025 GMT Subject: CN=67f0d14f-2db4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:28:f1:2e:9f:06:38:34:88:f1:c3:fe:c0:6b: b6:2f:5c:04:bf:83:6c:5b:74:d4:4f:a8:fb:9a:24: 0e:b0:35:0f:51:9a:33:e7:1d:28:8d:62:1f:cd:77: 34:6b:1c:7f:db:e3:34:7b:bc:f6:40:58:d9:4f:65: f1:10:6f:de:7a:a5:82:b3:33:8c:9c:fd:f4:04:30: 0b:ba:2a:be:4c:4e:8e:7a:91:10:54:99:d9:4c:28: 80:03:1c:f2:f3:1a:36:54:b9:18:b0:f4:5b:26:4b: ea:a9:d1:eb:8a:cf:72:81:de:45:e7:51:39:62:d6: 90:23:66:f7:3f:a7:e4:50:60:e4:16:cb:f9:46:f9: d6:3f:6a:65:b4:2c:c4:1e:3b:19:b8:94:bd:5d:e4: 26:05:81:3d:51:b9:1c:ec:5a:50:95:bf:38:c6:08: d3:0e:c2:8c:f0:6c:2c:19:10:21:d3:7f:e3:df:1e: d8:c4:7f:a1:d3:71:20:7b:75:99:74:de:14:c0:6f: f7:68:c4:8b:f1:76:3c:60:a2:08:b5:17:9b:b8:83: c8:a5:50:74:2c:ba:9a:4a:34:f7:c7:d7:78:a6:90: 06:b1:d1:69:26:6f:09:00:9f:52:8f:a4:5b:06:1b: af:c9:92:b5:27:b7:fe:ad:5d:53:26:0d:92:8f:d4: 43:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:22:3F:D4:B4:3B:7B:1F:6D:7D:A3:15:6B:23:F0:F0:99:AF:A9:9A X509v3 Authority Key Identifier: keyid:B4:D2:17:93:9A:27:51:93:8E:07:65:9A:79:48:85:A9:C8:84:19:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNIXk5onUZOOB2WaeUiFqciEGRk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:37:16:2b:6f:8e:04:a0:82:03:ee:4f:ea:96:ef:7f:06:f7: 73:75:30:7d:3f:f4:ad:1f:54:ae:57:57:70:fa:e2:e5:aa:43: d8:de:81:3f:27:f5:b4:8f:6d:11:af:e6:30:98:c2:6f:5a:45: 02:72:fe:af:85:3e:dd:5c:d6:1f:4e:ec:fe:bc:a2:08:82:52: f2:29:a9:69:3b:41:82:fc:16:f0:9e:41:99:31:57:05:1a:e3: 49:86:70:5c:19:df:da:fb:4e:38:32:90:2b:fe:7a:bd:f0:e5: 9b:99:3d:62:f2:02:3f:21:33:cb:bb:4f:34:a4:be:d7:09:74: 32:f5:9c:03:e9:ea:cb:cc:6e:58:c4:aa:19:b0:7b:e6:93:0f: 94:2d:e0:48:af:b3:c1:30:8d:7f:f0:e5:f4:b9:af:63:da:78: d5:06:28:0d:af:c1:7c:83:ca:6b:a2:ca:6e:81:1d:1f:59:59: d7:5b:31:cf:73:64:bb:bf:71:e5:26:f7:80:93:d2:a2:68:04: 6d:52:58:11:dc:5d:31:b0:ef:e1:d2:ad:b1:ff:26:32:3b:ac: ed:43:fc:fd:ec:9f:12:bb:cf:e3:d6:8d:2c:e1:f8:87:54:ad: 6e:fa:dd:8c:34:6c:fa:28:c1:14:6e:b9:f2:51:7b:a6:f1:40: fd:eb:39:08 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NUIxMzExMC8GA1UEBRMoQjREMjE3OTM5QTI3NTE5MzhFMDc2NTlBNzk0ODg1QTlD ODg0MTkxOTAeFw0yNTA0MDUwNjQ0MzBaFw0yNTA0MTIwNjQ0MzBaMBgxFjAUBgNV BAMTDTY3ZjBkMTRmLTJkYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDvKPEunwY4NIjxw/7Aa7YvXAS/g2xbdNRPqPuaJA6wNQ9RmjPnHSiNYh/NdzRr HH/b4zR7vPZAWNlPZfEQb956pYKzM4yc/fQEMAu6Kr5MTo56kRBUmdlMKIADHPLz GjZUuRiw9FsmS+qp0euKz3KB3kXnUTli1pAjZvc/p+RQYOQWy/lG+dY/amW0LMQe Oxm4lL1d5CYFgT1RuRzsWlCVvzjGCNMOwozwbCwZECHTf+PfHtjEf6HTcSB7dZl0 3hTAb/doxIvxdjxgogi1F5u4g8ilUHQsuppKNPfH13imkAax0WkmbwkAn1KPpFsG G6/JkrUnt/6tXVMmDZKP1EOhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7CI/1LQ7 ex9tfaMVayPw8JmvqZowHwYDVR0jBBgwFoAUtNIXk5onUZOOB2WaeUiFqciEGRkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1QjEzLzUwQkQyMzBFQjEy ODExRUZCNzUwQTUyQkM0RjlBRTAyL3ROSVhrNW9uVVpPT0IyV2FlVWlGcWNpRUdS ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdE5JWGs1b25VWk9PQjJXYWVVaUZxY2lFR1JrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1 QjEzLzUwQkQyMzBFQjEyODExRUZCNzUwQTUyQkM0RjlBRTAyL3ROSVhrNW9uVVpP T0IyV2FlVWlGcWNpRUdSay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADA3FitvjgSgggPuT+qW738G93N1MH0/9K0fVK5XV3D64uWqQ9jegT8n 9bSPbRGv5jCYwm9aRQJy/q+FPt1c1h9O7P68ogiCUvIpqWk7QYL8FvCeQZkxVwUa 40mGcFwZ39r7TjgykCv+er3w5ZuZPWLyAj8hM8u7TzSkvtcJdDL1nAPp6svMbljE qhmwe+aTD5Qt4Eivs8EwjX/w5fS5r2PaeNUGKA2vwXyDymuiym6BHR9ZWddbMc9z ZLu/ceUm94CT0qJoBG1SWBHcXTGw7+HSrbH/JjI7rO1D/P3snxK7z+PWjSzh+IdU rW763Yw0bPoowRRuufJRe6bxQP3rOQg= -----END CERTIFICATE-----Generated at Sat Apr 5 09:06:32 2025 by rpki-client