$ rpki-client -vvf rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft File: X48BYbesuyVfE88IG2ZTYZtOLAI.mft (raw, json) Hash identifier: fXBq+Jn5SZ8B9pP2PLDb6mlvv9Qg9VhIph+n9z7ii94= Subject key identifier: FD:21:5E:A3:51:3A:B7:8C:45:9A:91:75:05:4D:CC:CB:14:91:BD:A9 Authority key identifier: 5F:8F:01:61:B7:AC:BB:25:5F:13:CF:08:1B:66:53:61:9B:4E:2C:02 Certificate issuer: /CN=A9149A0D/serialNumber=5F8F0161B7ACBB255F13CF081B6653619B4E2C02 Certificate serial: 07A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft Manifest number: 07A1 Signing time: Mon 14 Apr 2025 20:59:34 +0000 Manifest this update: Mon 14 Apr 2025 20:59:33 +0000 Manifest next update: Mon 21 Apr 2025 20:59:33 +0000 Files and hashes: 1: X48BYbesuyVfE88IG2ZTYZtOLAI.crl (hash: Z1uC55ab0oIr1ADQVUXnty/jqH1UwxxBmctLWT1BQ3M=) 2: 799C6AD8149711EFB0CB9E0AC4F9AE02.roa (hash: Z6c5AlKVKf/klPMN7KddRfh49KHTtioUb3aQg5mvfg0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.crl rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 20:59:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1955 (0x7a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149A0D, serialNumber=5F8F0161B7ACBB255F13CF081B6653619B4E2C02 Validity Not Before: Apr 14 20:59:33 2025 GMT Not After : Apr 21 20:59:33 2025 GMT Subject: CN=67fd7736-abe1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:31:d0:e7:54:48:34:1a:a4:f9:2f:8b:a5:46: 4a:08:55:5d:6f:a0:b1:8a:27:93:c1:c7:e3:fe:7e: 3f:43:58:00:b5:5f:5a:5d:b5:88:10:14:aa:74:38: 01:13:5e:67:2c:0d:08:84:07:00:6b:28:47:3a:93: 8f:e7:01:c9:a1:c6:36:82:4a:70:e1:b9:5e:da:5d: 7a:07:03:6f:c5:7c:cd:4d:e0:10:e8:9a:a8:9b:54: 0a:d6:fe:b4:c9:42:0c:f4:31:ff:20:63:9d:88:d2: ce:33:8d:dc:01:73:f8:ea:be:af:e3:a9:db:6e:be: 0d:32:16:38:7f:5e:b5:8d:34:89:1f:5f:d7:07:2e: 5f:80:6d:49:0f:d8:20:69:63:80:9e:3a:cd:32:7a: ef:71:f0:29:3e:6e:13:e4:19:1c:37:18:90:69:80: 18:f7:b3:78:09:9c:11:a1:a5:d6:f3:07:c3:ef:88: 6b:7d:cb:7b:a2:d7:82:2a:15:94:8f:e0:ca:c5:9e: d9:c0:34:e6:76:e1:89:04:24:37:25:42:4d:5e:75: 69:68:5a:16:b6:8f:45:d1:a6:0c:4f:53:b1:de:94: 0f:bb:d0:4a:24:53:be:69:dd:b8:bb:63:c7:83:b8: 63:83:63:b7:55:43:ce:44:39:e3:54:31:15:93:d4: 21:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:21:5E:A3:51:3A:B7:8C:45:9A:91:75:05:4D:CC:CB:14:91:BD:A9 X509v3 Authority Key Identifier: keyid:5F:8F:01:61:B7:AC:BB:25:5F:13:CF:08:1B:66:53:61:9B:4E:2C:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:98:03:fe:59:79:a8:75:46:51:f5:de:88:38:fb:4b:51:a4: e2:99:b2:81:29:ea:b1:ad:25:56:a7:c5:0e:3e:51:a5:74:48: b9:6a:3d:7a:6b:d2:0d:10:d1:f4:43:1c:e5:02:01:0e:bf:48: be:f2:71:d2:72:69:c4:1f:c8:95:c7:fc:7e:e7:2a:15:fe:04: 07:89:43:c4:b2:56:c0:44:b6:ba:8e:9f:35:ac:f9:3c:72:27: 9d:e5:9e:cc:d5:64:12:fc:69:af:78:c2:18:49:34:42:33:53: 3b:9f:78:7f:53:dd:0a:ea:02:d8:6a:a9:ac:6b:55:76:dc:7a: d6:d0:03:40:6d:1a:47:70:b3:09:a8:49:cf:0e:31:30:19:0c: f2:51:cb:71:00:8b:85:e4:54:94:6c:c2:e8:34:75:67:6c:cc: 51:36:24:d8:41:57:fc:78:20:77:8d:4b:e4:b1:74:53:1d:fd: 6d:15:d9:c4:05:72:b7:1d:17:15:ee:18:4b:eb:ed:dd:88:3c: 4d:a7:0e:89:89:a1:bc:b6:22:fe:c8:98:1f:02:dc:3c:30:a9: 3f:2e:22:0c:fa:7c:c8:ff:90:1a:ae:34:50:ec:a7:e1:1a:73: c6:39:08:0a:d4:95:0d:f7:9c:1a:15:6b:35:79:ed:b2:d4:7b: 6e:cb:b2:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlBMEQxMTAvBgNVBAUTKDVGOEYwMTYxQjdBQ0JCMjU1RjEzQ0YwODFCNjY1MzYx OUI0RTJDMDIwHhcNMjUwNDE0MjA1OTMzWhcNMjUwNDIxMjA1OTMzWjAYMRYwFAYD VQQDEw02N2ZkNzczNi1hYmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2jHQ51RINBqk+S+LpUZKCFVdb6CxiieTwcfj/n4/Q1gAtV9aXbWIEBSqdDgB E15nLA0IhAcAayhHOpOP5wHJocY2gkpw4ble2l16BwNvxXzNTeAQ6Jqom1QK1v60 yUIM9DH/IGOdiNLOM43cAXP46r6v46nbbr4NMhY4f161jTSJH1/XBy5fgG1JD9gg aWOAnjrNMnrvcfApPm4T5BkcNxiQaYAY97N4CZwRoaXW8wfD74hrfct7oteCKhWU j+DKxZ7ZwDTmduGJBCQ3JUJNXnVpaFoWto9F0aYMT1Ox3pQPu9BKJFO+ad24u2PH g7hjg2O3VUPORDnjVDEVk9QhiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP0hXqNR OreMRZqRdQVNzMsUkb2pMB8GA1UdIwQYMBaAFF+PAWG3rLslXxPPCBtmU2GbTiwC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUEwRC8wRkI3OTE2NEZC MTUxMUVBQjAxMUVDNkVDNEY5QUUwMi9YNDhCWWJlc3V5VmZFODhJRzJaVFladE9M QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0OEJZYmVzdXlWZkU4OElHMlpUWVp0T0xBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OUEwRC8wRkI3OTE2NEZCMTUxMUVBQjAxMUVDNkVDNEY5QUUwMi9YNDhCWWJlc3V5 VmZFODhJRzJaVFladE9MQUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACmAP+WXmodUZR9d6IOPtLUaTimbKBKeqxrSVWp8UOPlGldEi5aj16 a9INENH0QxzlAgEOv0i+8nHScmnEH8iVx/x+5yoV/gQHiUPEslbARLa6jp81rPk8 cied5Z7M1WQS/GmveMIYSTRCM1M7n3h/U90K6gLYaqmsa1V23HrW0ANAbRpHcLMJ qEnPDjEwGQzyUctxAIuF5FSUbMLoNHVnbMxRNiTYQVf8eCB3jUvksXRTHf1tFdnE BXK3HRcV7hhL6+3diDxNpw6JiaG8tiL+yJgfAtw8MKk/LiIM+nzI/5AarjRQ7Kfh GnPGOQgK1JUN95waFWs1ee2y1Htuy7Kx -----END CERTIFICATE-----Generated at Wed Apr 16 17:18:09 2025 by rpki-client