$ rpki-client -vvf rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft File: CKORxrOJyBDpW8YTnOyynV05WMQ.mft (raw, json) Hash identifier: nCHf/g88a5g/w+LeVW8Ia5MYXpAKC4JCGMyj7KVcT3U= Subject key identifier: 00:70:EA:75:CC:9C:D3:13:2B:58:25:E8:6C:79:CF:BD:7D:EF:CA:19 Authority key identifier: 08:A3:91:C6:B3:89:C8:10:E9:5B:C6:13:9C:EC:B2:9D:5D:39:58:C4 Certificate issuer: /CN=A9145E09/serialNumber=08A391C6B389C810E95BC6139CECB29D5D3958C4 Certificate serial: 0B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft Manifest number: 0A Signing time: Wed 09 Apr 2025 06:57:43 +0000 Manifest this update: Wed 09 Apr 2025 06:57:42 +0000 Manifest next update: Wed 16 Apr 2025 06:57:42 +0000 Files and hashes: 1: CKORxrOJyBDpW8YTnOyynV05WMQ.crl (hash: 0PxIrMOEK5u6CCDEwN9fXAM+36vjn5b6iUvYjghtKQI=) 2: EE04266A08C811F09F9B7B57C4F9AE02.roa (hash: D+C1K1lzyhPvB9LwJB8gZilHLGwebOslipSKAX/r/Wo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.crl rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 06:57:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145E09 Validity Not Before: Apr 9 06:57:42 2025 GMT Not After : Apr 16 06:57:42 2025 GMT Subject: CN=67f61a66-7c1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:8b:ac:d1:ad:a0:0f:0f:11:74:5d:28:33:23: 19:a7:aa:ef:98:28:36:09:61:81:e3:29:72:2e:f7: a8:a7:5c:61:38:8e:03:b9:6e:d0:b3:91:cb:62:49: 01:96:2e:0d:b1:6f:ce:39:bf:44:0d:c4:1d:6b:30: 9c:68:dc:0b:92:45:fd:0d:03:7d:f7:27:2e:d7:11: 1c:3c:b7:8b:39:46:0d:b8:8c:20:74:e5:ba:5a:9e: db:d9:65:66:dc:44:93:b4:98:51:30:76:d4:d0:bb: b4:49:b4:64:ea:93:85:59:2e:f0:2b:cb:74:da:a0: 2b:84:ad:20:7b:d4:86:82:58:23:9d:c2:1f:e5:09: 5a:c4:b2:cf:f1:89:90:a7:c8:0e:4a:9f:f9:c4:06: aa:fa:c7:e6:11:04:eb:a7:6c:f6:74:99:4f:11:ea: 99:bd:83:72:70:74:67:0b:45:f0:ad:cf:21:d3:67: c8:a9:a4:02:21:d6:a4:ca:af:71:4c:79:f5:1b:96: a9:b5:8b:62:49:dd:0b:36:0f:92:b8:7a:1d:7d:16: 3e:fe:6e:c0:a7:e9:5e:c5:a2:63:40:1b:d6:c8:f9: 82:86:74:45:63:ae:aa:ec:de:09:fe:52:bf:00:e6: a4:e0:73:0f:10:5e:9c:3c:b7:fd:18:34:40:1a:44: 53:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:70:EA:75:CC:9C:D3:13:2B:58:25:E8:6C:79:CF:BD:7D:EF:CA:19 X509v3 Authority Key Identifier: keyid:08:A3:91:C6:B3:89:C8:10:E9:5B:C6:13:9C:EC:B2:9D:5D:39:58:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:18:2b:b3:94:b0:ad:d2:56:2b:a1:52:5f:cd:e6:ae:99:22: 8a:30:89:84:f1:b8:30:5e:2d:ec:9e:3d:29:d3:ad:e9:cd:43: 7c:f6:c2:02:5c:0b:38:d9:c1:ef:41:2c:df:0f:99:49:b4:e6: 3d:3b:c9:8e:ca:93:c0:7c:70:f8:f4:d4:7b:cb:d0:9d:6f:49: b4:93:44:a0:66:d5:4a:71:b4:79:0a:46:1a:aa:2c:67:76:2a: f1:8d:11:db:38:be:3b:e1:62:9b:c4:7e:21:8f:67:a1:a9:38: 46:83:d4:23:86:fb:78:d8:3a:5e:3b:78:75:98:8f:69:44:7e: 5a:8d:97:d2:57:85:b8:a1:cb:06:1c:66:2e:07:0a:dc:9f:e4: dc:78:89:2a:20:d2:37:7e:0a:60:13:00:04:ca:0a:37:6c:84: d7:21:f4:fe:cd:c1:d5:c3:99:54:fb:5a:0d:8a:96:0c:96:7e: 93:72:f3:e7:2c:be:8f:8c:2d:45:39:75:8f:3e:8b:92:55:fb: c5:07:aa:b8:12:cb:0b:0a:d4:65:64:25:32:d3:33:aa:01:60: d2:4d:6c:6a:0c:bd:d1:2b:5a:c4:0a:3c:4f:ba:d7:3b:e9:78: bc:3c:41:38:2c:fa:90:29:51:79:ba:a9:34:1f:34:13:eb:8f: 24:6f:f2:4c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NUUwOTExMC8GA1UEBRMoMDhBMzkxQzZCMzg5QzgxMEU5NUJDNjEzOUNFQ0IyOUQ1 RDM5NThDNDAeFw0yNTA0MDkwNjU3NDJaFw0yNTA0MTYwNjU3NDJaMBgxFjAUBgNV BAMTDTY3ZjYxYTY2LTdjMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDIi6zRraAPDxF0XSgzIxmnqu+YKDYJYYHjKXIu96inXGE4jgO5btCzkctiSQGW Lg2xb845v0QNxB1rMJxo3AuSRf0NA333Jy7XERw8t4s5Rg24jCB05bpantvZZWbc RJO0mFEwdtTQu7RJtGTqk4VZLvAry3TaoCuErSB71IaCWCOdwh/lCVrEss/xiZCn yA5Kn/nEBqr6x+YRBOunbPZ0mU8R6pm9g3JwdGcLRfCtzyHTZ8ippAIh1qTKr3FM efUblqm1i2JJ3Qs2D5K4eh19Fj7+bsCn6V7FomNAG9bI+YKGdEVjrqrs3gn+Ur8A 5qTgcw8QXpw8t/0YNEAaRFM7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAHDqdcyc 0xMrWCXobHnPvX3vyhkwHwYDVR0jBBgwFoAUCKORxrOJyBDpW8YTnOyynV05WMQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1RTA5Lzg3MDU1QjMyMDhD ODExRjBBMEQzNEU1NkM0RjlBRTAyL0NLT1J4ck9KeUJEcFc4WVRuT3l5blYwNVdN US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0tPUnhyT0p5QkRwVzhZVG5PeXluVjA1V01RLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1 RTA5Lzg3MDU1QjMyMDhDODExRjBBMEQzNEU1NkM0RjlBRTAyL0NLT1J4ck9KeUJE cFc4WVRuT3l5blYwNVdNUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEQYK7OUsK3SViuhUl/N5q6ZIoowiYTxuDBeLeyePSnTrenNQ3z2wgJc CzjZwe9BLN8PmUm05j07yY7Kk8B8cPj01HvL0J1vSbSTRKBm1UpxtHkKRhqqLGd2 KvGNEds4vjvhYpvEfiGPZ6GpOEaD1COG+3jYOl47eHWYj2lEflqNl9JXhbihywYc Zi4HCtyf5Nx4iSog0jd+CmATAATKCjdshNch9P7NwdXDmVT7Wg2KlgyWfpNy8+cs vo+MLUU5dY8+i5JV+8UHqrgSywsK1GVkJTLTM6oBYNJNbGoMvdErWsQKPE+61zvp eLw8QTgs+pApUXm6qTQfNBPrjyRv8kw= -----END CERTIFICATE-----Generated at Thu Apr 10 23:58:25 2025 by rpki-client