$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json) Hash identifier: KUDh9Fb5PMSKxQFD7wQ8nk+crzCaLXPv+YNZJvRpou0= Subject key identifier: F6:8E:BE:18:2B:CB:1B:7D:B0:C1:0B:25:AC:B7:65:B1:77:EB:0C:5D Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 03EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft Manifest number: 03E4 Signing time: Thu 17 Apr 2025 00:11:01 +0000 Manifest this update: Thu 17 Apr 2025 00:11:01 +0000 Manifest next update: Thu 24 Apr 2025 00:11:01 +0000 Files and hashes: 1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: yll63V1qG4WCvDruB84vVuQN8CQpNS4a+R/VC1+kXL0=) 2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: yvgJMR+/eFQNfa9YPke7BcqszX7za/b5BsbuAWKuz/Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 00:11:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1006 (0x3ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Apr 17 00:11:01 2025 GMT Not After : Apr 24 00:11:01 2025 GMT Subject: CN=68004715-2d2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:45:53:7d:10:e7:52:89:0d:75:41:37:5d:85: ae:c3:cc:d1:25:b6:67:4f:84:8d:bc:a9:91:96:3a: 5b:f1:b5:2e:56:da:4c:44:61:ab:55:88:12:ff:0c: eb:42:b4:bf:f1:b6:be:9c:6f:50:d3:d5:e1:d3:b0: 79:5a:9c:af:66:5f:c4:7f:50:3f:13:48:52:61:13: e4:c6:6d:30:4c:11:10:1c:d2:f7:2e:c8:4b:c2:e6: 02:c1:d8:39:c4:a7:db:35:10:8d:73:35:a6:ad:80: 04:c0:46:a4:f6:4e:c0:61:1f:2d:0e:04:0e:a3:85: d3:ac:3f:93:e0:69:c1:62:d6:7a:0f:f0:b9:01:31: bd:99:9a:25:01:4a:ef:4d:d6:fb:b1:24:76:5f:f0: 85:dd:27:37:36:8b:bf:5a:7b:eb:da:77:1d:be:5d: 1b:64:24:1e:e0:77:cc:63:72:4b:d2:c3:a7:96:06: 8a:f1:7c:43:cd:33:6a:6c:1d:2a:c7:48:37:d7:09: 04:0f:07:1d:3d:b1:fc:af:38:2a:ab:d9:59:5f:ae: 2a:34:aa:6d:d5:d0:62:14:09:fd:e7:fa:12:af:0d: f8:94:b9:a4:6e:1f:98:36:c4:dc:4e:9d:6d:8d:48: 7d:b1:ad:7c:7f:ec:dc:be:78:bd:c8:5b:58:ec:ad: fa:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:8E:BE:18:2B:CB:1B:7D:B0:C1:0B:25:AC:B7:65:B1:77:EB:0C:5D X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:53:e5:ec:8c:9b:6a:04:57:65:b7:a2:c8:cf:70:c6:b7:b6: a6:5d:95:ab:ff:d4:ba:a7:03:76:fd:18:59:72:fd:b1:f6:60: 10:66:87:ff:87:1d:76:98:db:69:94:97:e2:eb:10:f0:78:96: 6b:2d:ef:3a:3a:40:5c:f9:5a:2a:a0:e4:00:e2:a0:1c:57:76: b5:7f:66:d7:35:9c:2d:05:38:af:c3:9e:eb:5b:42:05:3f:2e: 53:f4:d6:6f:56:99:81:4d:27:62:0b:e0:ad:96:38:b5:3c:c7: ad:8c:bb:c0:f6:6e:c6:fe:7b:c1:78:34:2d:0b:18:48:98:76: 65:12:68:01:0f:e0:c2:3f:cb:e3:b6:7c:28:fb:d3:f6:ca:85: cb:85:0b:7e:f0:6b:17:31:53:5f:7f:de:69:e7:7f:2d:2c:8a: f1:75:ea:de:cf:10:ca:cb:6c:fc:20:8c:92:a8:2c:ae:fa:ca: 21:c1:8c:23:dd:16:bc:df:36:a5:c0:7e:82:5a:8d:ac:da:a5: c5:d3:c9:73:7c:80:d5:cf:3d:6a:b6:cc:b9:57:e6:f5:10:28: a7:ba:d3:09:98:01:aa:df:0a:3d:f1:de:e3:21:24:c0:74:a8: 58:a7:9f:40:d6:49:2d:80:3e:fe:f4:8b:69:ff:4b:4b:ea:49: 6e:2f:a7:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjUwNDE3MDAxMTAxWhcNMjUwNDI0MDAxMTAxWjAYMRYwFAYD VQQDEw02ODAwNDcxNS0yZDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEVTfRDnUokNdUE3XYWuw8zRJbZnT4SNvKmRljpb8bUuVtpMRGGrVYgS/wzr QrS/8ba+nG9Q09Xh07B5WpyvZl/Ef1A/E0hSYRPkxm0wTBEQHNL3LshLwuYCwdg5 xKfbNRCNczWmrYAEwEak9k7AYR8tDgQOo4XTrD+T4GnBYtZ6D/C5ATG9mZolAUrv Tdb7sSR2X/CF3Sc3Nou/Wnvr2ncdvl0bZCQe4HfMY3JL0sOnlgaK8XxDzTNqbB0q x0g31wkEDwcdPbH8rzgqq9lZX64qNKpt1dBiFAn95/oSrw34lLmkbh+YNsTcTp1t jUh9sa18f+zcvni9yFtY7K36owIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPaOvhgr yxt9sMELJay3ZbF36wxdMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMU+XsjJtqBFdlt6LIz3DGt7amXZWr/9S6pwN2/RhZcv2x9mAQZof/ hx12mNtplJfi6xDweJZrLe86OkBc+VoqoOQA4qAcV3a1f2bXNZwtBTivw57rW0IF Py5T9NZvVpmBTSdiC+Ctlji1PMetjLvA9m7G/nvBeDQtCxhImHZlEmgBD+DCP8vj tnwo+9P2yoXLhQt+8GsXMVNff95p538tLIrxderezxDKy2z8IIySqCyu+sohwYwj 3Ra83zalwH6CWo2s2qXF08lzfIDVzz1qtsy5V+b1ECinutMJmAGq3wo98d7jISTA dKhYp59A1kktgD7+9Itp/0tL6kluL6ed -----END CERTIFICATE-----Generated at Thu Apr 17 18:09:27 2025 by rpki-client