$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: QWhsrcuckw0W2uzv1paHUSOSZS4RdkxEgE92qPCKbyk= Subject key identifier: BB:1C:B0:2F:E8:53:0E:2F:3B:4B:02:13:32:DE:5F:D3:7C:7C:70:AE Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0BC2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0BBA Signing time: Fri 18 Apr 2025 18:57:48 +0000 Manifest this update: Fri 18 Apr 2025 18:57:48 +0000 Manifest next update: Fri 25 Apr 2025 18:57:48 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: l5pVXwSrOQe25jnhGpwltgCeiZbj3YedlnZ/ZGb0zO8=) 2: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (hash: mW8L1FLDXuwnCDk5B3rFgpB45GljzNSPgwbjM/e2Wu0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 18:24:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3010 (0xbc2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Apr 18 18:57:48 2025 GMT Not After : Apr 25 18:57:48 2025 GMT Subject: CN=6802a0ac-e249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b8:ea:ec:41:3c:95:cc:ce:24:16:6a:e4:d8: e4:64:90:7b:1f:ac:20:cb:05:2f:bf:3c:48:b8:16: b0:1a:65:90:69:c3:bf:e6:f8:ef:43:40:1b:a7:c4: c2:ab:62:ae:d3:47:b0:c7:e6:4e:f4:24:bd:6c:29: 15:b1:76:ce:19:57:17:1c:2c:c0:da:2f:99:47:9f: ac:9b:55:b7:a0:38:f8:4b:73:19:61:75:59:c6:3c: 86:40:38:58:90:68:16:4f:a2:14:06:27:9e:1a:a7: 4e:6d:48:e8:b1:2e:2d:bc:6e:fa:bc:c3:60:be:69: 31:3b:34:1f:17:05:f3:49:5e:a3:4d:80:7b:71:7d: 9a:8d:f0:6a:2d:d5:a9:bf:b9:5f:11:d9:0d:f5:9a: 85:d7:ca:4c:0c:62:7e:74:f4:5e:b1:bf:3d:c3:08: 95:67:fa:d3:e4:e4:95:3f:82:02:26:ee:58:69:7f: 8a:1c:90:54:87:50:90:cb:38:15:00:92:a1:02:fe: 21:4e:12:c1:af:1d:b0:86:71:13:05:71:06:66:5e: 96:71:89:6f:ee:d3:8e:31:b9:7d:30:c4:ce:a3:9a: 8e:c9:bb:97:d6:01:cd:91:02:e7:c0:2f:10:bc:48: 70:cb:61:f6:4f:f6:ca:7c:68:66:57:31:7b:68:e4: f7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:1C:B0:2F:E8:53:0E:2F:3B:4B:02:13:32:DE:5F:D3:7C:7C:70:AE X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:d9:c0:c5:c0:23:e7:ad:72:a9:0b:4a:06:76:b1:df:b1:76: 77:c7:17:7e:64:f3:cd:bc:39:7b:6d:d5:10:15:e5:5c:aa:33: ea:ee:69:c3:9c:73:69:c6:ec:db:aa:ea:33:11:55:b5:6c:70: 7d:9a:8e:8d:9c:af:87:c2:17:5a:87:d4:52:a0:de:3e:79:22: f9:ef:6b:60:35:8b:69:ed:81:b9:3a:8b:68:ae:0c:04:7e:52: a1:67:38:6d:b0:54:d4:1a:90:8b:cd:eb:b9:f0:34:7a:84:f0: 51:b4:08:8d:93:ce:80:90:0e:96:79:f6:6d:f3:89:67:c0:be: f3:fb:b5:f0:ae:f9:fe:99:3b:ad:b5:f7:b0:d7:68:59:27:40: a9:4d:94:86:4a:1d:3a:0b:9b:07:3e:90:86:81:bc:69:0f:86: 4f:59:a3:41:d2:07:9a:0b:53:f8:00:1a:ae:e6:5a:e8:54:0a: 60:f9:59:5c:43:c0:ff:5d:fc:14:45:91:37:a7:10:83:35:ad: fb:d8:48:fe:26:54:fd:1e:25:05:f2:07:b1:93:60:9d:63:ee: d5:11:29:94:6e:0b:cc:66:be:86:59:ea:f8:8b:01:6b:0f:15: bd:67:f7:40:70:da:0d:e6:6d:f6:1c:98:b4:45:3f:4f:af:b7: e2:ee:ac:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwNDE4MTg1NzQ4WhcNMjUwNDI1MTg1NzQ4WjAYMRYwFAYD VQQDEw02ODAyYTBhYy1lMjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubjq7EE8lczOJBZq5NjkZJB7H6wgywUvvzxIuBawGmWQacO/5vjvQ0Abp8TC q2Ku00ewx+ZO9CS9bCkVsXbOGVcXHCzA2i+ZR5+sm1W3oDj4S3MZYXVZxjyGQDhY kGgWT6IUBieeGqdObUjosS4tvG76vMNgvmkxOzQfFwXzSV6jTYB7cX2ajfBqLdWp v7lfEdkN9ZqF18pMDGJ+dPResb89wwiVZ/rT5OSVP4ICJu5YaX+KHJBUh1CQyzgV AJKhAv4hThLBrx2whnETBXEGZl6WcYlv7tOOMbl9MMTOo5qOybuX1gHNkQLnwC8Q vEhwy2H2T/bKfGhmVzF7aOT3PwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLscsC/o Uw4vO0sCEzLeX9N8fHCuMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCC2cDFwCPnrXKpC0oGdrHfsXZ3xxd+ZPPNvDl7bdUQFeVcqjPq7mnD nHNpxuzbquozEVW1bHB9mo6NnK+Hwhdah9RSoN4+eSL572tgNYtp7YG5OotorgwE flKhZzhtsFTUGpCLzeu58DR6hPBRtAiNk86AkA6WefZt84lnwL7z+7Xwrvn+mTut tfew12hZJ0CpTZSGSh06C5sHPpCGgbxpD4ZPWaNB0geaC1P4ABqu5lroVApg+Vlc Q8D/XfwURZE3pxCDNa372Ej+JlT9HiUF8gexk2CdY+7VESmUbgvMZr6GWer4iwFr DxW9Z/dAcNoN5m32HJi0RT9Pr7fi7qxb -----END CERTIFICATE-----Generated at Fri Apr 18 21:00:34 2025 by rpki-client