$ rpki-client -vvf rpki.apnic.net/member_repository/A915D1A2/DFD11F2806A611EA8975E341C4F9AE02/b09GjkMIsA0N9f6shChm1U539dM.mft File: b09GjkMIsA0N9f6shChm1U539dM.mft (raw, json) Hash identifier: xmQ6NSQbigL8V2lPK9vMDRQg6UEZc+8OHCWw2y3qUbc= Subject key identifier: 35:FE:EE:49:C3:7D:BB:9F:D1:34:8D:C5:2E:E9:E3:3E:27:17:B9:AE Authority key identifier: 6F:4F:46:8E:43:08:B0:0D:0D:F5:FE:AC:84:28:66:D5:4E:77:F5:D3 Certificate issuer: /CN=A915D1A2/serialNumber=6F4F468E4308B00D0DF5FEAC842866D54E77F5D3 Certificate serial: 0C54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b09GjkMIsA0N9f6shChm1U539dM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D1A2/DFD11F2806A611EA8975E341C4F9AE02/b09GjkMIsA0N9f6shChm1U539dM.mft Manifest number: 0C3D Signing time: Fri 18 Apr 2025 18:36:58 +0000 Manifest this update: Fri 18 Apr 2025 18:36:57 +0000 Manifest next update: Fri 25 Apr 2025 18:36:57 +0000 Files and hashes: 1: b09GjkMIsA0N9f6shChm1U539dM.crl (hash: 36AA3bIebJIuQ5gyRf8B7w8K3DbCS/4UIbAWPh+yPY8=) 2: 6D8B82D0D6D811EE8BBA8938C4F9AE02.roa (hash: XbQlgJ5ij8Zawt91ZOfJM2GofSHHlhd8JxuJOM9FhXM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D1A2/DFD11F2806A611EA8975E341C4F9AE02/b09GjkMIsA0N9f6shChm1U539dM.crl rsync://rpki.apnic.net/member_repository/A915D1A2/DFD11F2806A611EA8975E341C4F9AE02/b09GjkMIsA0N9f6shChm1U539dM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b09GjkMIsA0N9f6shChm1U539dM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 18:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3156 (0xc54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D1A2, serialNumber=6F4F468E4308B00D0DF5FEAC842866D54E77F5D3 Validity Not Before: Apr 18 18:36:57 2025 GMT Not After : Apr 25 18:36:57 2025 GMT Subject: CN=68029bc9-5d3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f1:db:ea:fe:e7:8b:10:65:7f:bb:51:e3:be: a1:08:95:c4:40:12:d8:b9:4b:ed:11:6d:6c:aa:42: f1:7d:bf:f4:f0:a4:ad:ab:47:f9:8a:3d:ed:4d:4e: 85:d3:39:02:93:cb:e1:cb:c9:01:c4:09:e7:a0:eb: fe:a6:cc:71:e4:05:b0:92:dd:c7:5e:e4:fc:dd:b5: 43:e7:91:f7:f0:0b:c9:c6:a1:87:f1:46:16:fb:9d: c4:68:f4:41:35:63:f3:1b:6d:bd:de:4a:33:8d:47: 48:75:91:1d:bb:c8:83:51:56:08:c3:d7:cf:f5:3d: 4c:b5:29:35:a5:7f:96:bd:dd:cf:fa:a8:76:53:60: c0:3b:5f:1a:21:8a:bc:f1:c6:e0:93:a9:65:d9:df: a3:72:6b:3d:02:e8:ef:33:29:ad:6e:7e:5b:b4:d0: 41:8b:84:db:51:e4:04:83:ce:e6:c3:40:27:e2:63: bb:79:70:7c:b5:75:93:de:5d:a7:ba:20:f4:f7:8d: 39:52:13:b3:7d:bd:9f:a3:69:3f:af:af:99:7a:51: 49:d1:5a:d8:6e:c5:0f:f7:ac:36:dc:49:45:d3:b3: 07:a4:e0:f0:f1:6e:d2:69:00:92:a6:dd:d7:9b:bd: a1:29:9f:23:71:c0:37:b6:0e:35:ba:7f:5f:bb:e7: af:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:FE:EE:49:C3:7D:BB:9F:D1:34:8D:C5:2E:E9:E3:3E:27:17:B9:AE X509v3 Authority Key Identifier: keyid:6F:4F:46:8E:43:08:B0:0D:0D:F5:FE:AC:84:28:66:D5:4E:77:F5:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D1A2/DFD11F2806A611EA8975E341C4F9AE02/b09GjkMIsA0N9f6shChm1U539dM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b09GjkMIsA0N9f6shChm1U539dM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D1A2/DFD11F2806A611EA8975E341C4F9AE02/b09GjkMIsA0N9f6shChm1U539dM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:e1:db:03:8d:6f:c6:ea:35:09:7d:14:46:ed:3d:42:a8:68: 0e:1c:68:28:b8:c9:ae:0c:12:a8:1f:c1:b7:ba:91:b7:67:54: 25:a6:44:6b:7c:6a:e6:65:b6:33:d9:cc:5e:f4:28:64:41:78: a5:aa:e6:89:3e:cf:c4:48:97:a2:3a:36:de:43:b4:79:c9:b7: 27:20:82:ee:f7:29:3d:6c:fb:4d:29:2e:a0:ba:dd:e1:75:26: 08:b5:ef:2e:d3:06:ed:8c:c8:5b:c1:15:d5:78:6f:db:e4:cd: 9a:92:82:56:6b:d8:ba:e9:2b:ae:f0:22:91:d8:49:b6:25:a4: 49:e0:e3:07:10:82:5d:e2:7f:96:1b:a2:28:d9:a3:e1:32:6e: 56:fb:32:58:39:8b:75:20:66:11:a0:bf:ce:cd:53:fb:6a:d0: 26:e7:40:76:b5:b9:26:5b:4b:e3:8d:b5:79:19:42:45:5a:6e: 06:73:74:27:a0:8f:8c:c4:77:b1:bf:73:43:98:17:88:27:4a: b5:d9:31:eb:99:58:15:62:6f:4b:ca:05:5e:d6:c6:a4:91:a5: 76:89:54:7a:57:66:37:7a:fe:68:10:79:c3:22:d0:48:c0:6b: 56:63:85:a5:97:54:1c:50:13:6f:69:34:b7:f6:90:7e:ac:d3: 34:5f:a8:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQxQTIxMTAvBgNVBAUTKDZGNEY0NjhFNDMwOEIwMEQwREY1RkVBQzg0Mjg2NkQ1 NEU3N0Y1RDMwHhcNMjUwNDE4MTgzNjU3WhcNMjUwNDI1MTgzNjU3WjAYMRYwFAYD VQQDEw02ODAyOWJjOS01ZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxvHb6v7nixBlf7tR476hCJXEQBLYuUvtEW1sqkLxfb/08KStq0f5ij3tTU6F 0zkCk8vhy8kBxAnnoOv+psxx5AWwkt3HXuT83bVD55H38AvJxqGH8UYW+53EaPRB NWPzG2293kozjUdIdZEdu8iDUVYIw9fP9T1MtSk1pX+Wvd3P+qh2U2DAO18aIYq8 8cbgk6ll2d+jcms9AujvMymtbn5btNBBi4TbUeQEg87mw0An4mO7eXB8tXWT3l2n uiD09405UhOzfb2fo2k/r6+ZelFJ0VrYbsUP96w23ElF07MHpODw8W7SaQCSpt3X m72hKZ8jccA3tg41un9fu+evVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDX+7knD fbuf0TSNxS7p4z4nF7muMB8GA1UdIwQYMBaAFG9PRo5DCLANDfX+rIQoZtVOd/XT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDFBMi9ERkQxMUYyODA2 QTYxMUVBODk3NUUzNDFDNEY5QUUwMi9iMDlHamtNSXNBME45ZjZzaENobTFVNTM5 ZE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2IwOUdqa01Jc0EwTjlmNnNoQ2htMVU1MzlkTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RDFBMi9ERkQxMUYyODA2QTYxMUVBODk3NUUzNDFDNEY5QUUwMi9iMDlHamtNSXNB ME45ZjZzaENobTFVNTM5ZE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC84dsDjW/G6jUJfRRG7T1CqGgOHGgouMmuDBKoH8G3upG3Z1QlpkRr fGrmZbYz2cxe9ChkQXilquaJPs/ESJeiOjbeQ7R5ybcnIILu9yk9bPtNKS6gut3h dSYIte8u0wbtjMhbwRXVeG/b5M2akoJWa9i66Suu8CKR2Em2JaRJ4OMHEIJd4n+W G6Io2aPhMm5W+zJYOYt1IGYRoL/OzVP7atAm50B2tbkmW0vjjbV5GUJFWm4Gc3Qn oI+MxHexv3NDmBeIJ0q12THrmVgVYm9LygVe1sakkaV2iVR6V2Y3ev5oEHnDItBI wGtWY4Wll1QcUBNvaTS39pB+rNM0X6hY -----END CERTIFICATE-----Generated at Sun Apr 20 14:26:45 2025 by rpki-client