$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDA7/45BCFC30FD2911EEA629AE62C4F9AE02/iigtHI-Qww1lnm2MC5vkIhwlMZw.mft File: iigtHI-Qww1lnm2MC5vkIhwlMZw.mft (raw, json) Hash identifier: IK2okn/M6PjsxMNCShvjjWMYDkWlggepN+RhJ60YGCo= Subject key identifier: 85:9C:A0:87:F9:4C:18:0F:31:03:13:77:90:DB:54:4E:24:77:E7:B8 Authority key identifier: 8A:28:2D:1C:8F:90:C3:0D:65:9E:6D:8C:0B:9B:E4:22:1C:25:31:9C Certificate issuer: /CN=A915FDA7/serialNumber=8A282D1C8F90C30D659E6D8C0B9BE4221C25319C Certificate serial: C3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iigtHI-Qww1lnm2MC5vkIhwlMZw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915FDA7/45BCFC30FD2911EEA629AE62C4F9AE02/iigtHI-Qww1lnm2MC5vkIhwlMZw.mft Manifest number: C0 Signing time: Mon 21 Apr 2025 04:45:15 +0000 Manifest this update: Mon 21 Apr 2025 04:45:14 +0000 Manifest next update: Mon 28 Apr 2025 04:45:14 +0000 Files and hashes: 1: iigtHI-Qww1lnm2MC5vkIhwlMZw.crl (hash: 195f7GvOs3NRbQALn+EnsVDagXibqxX6eQid6f1FNc4=) 2: 0EF12B4805E611EF9685F580C4F9AE02.roa (hash: 0tr4K36tCLfkZ4nhSjqeW9dVetaArPPfGAxuclpW9yc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915FDA7/45BCFC30FD2911EEA629AE62C4F9AE02/iigtHI-Qww1lnm2MC5vkIhwlMZw.crl rsync://rpki.apnic.net/member_repository/A915FDA7/45BCFC30FD2911EEA629AE62C4F9AE02/iigtHI-Qww1lnm2MC5vkIhwlMZw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iigtHI-Qww1lnm2MC5vkIhwlMZw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 04:45:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 195 (0xc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915FDA7, serialNumber=8A282D1C8F90C30D659E6D8C0B9BE4221C25319C Validity Not Before: Apr 21 04:45:14 2025 GMT Not After : Apr 28 04:45:14 2025 GMT Subject: CN=6805cd5a-29b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:37:15:5b:d2:de:5b:cf:e5:04:5b:70:49:07: e0:03:a0:a5:2d:6d:04:0d:ae:43:43:35:fc:d1:d0: 2e:07:7f:4f:d0:0f:42:db:89:a3:b1:35:55:62:12: 4e:2d:b8:ea:16:c8:c5:fb:48:10:b6:49:c6:60:94: af:f3:48:e4:78:d9:bc:11:d2:26:62:65:82:28:66: 83:4f:24:4b:e6:f3:e0:6c:04:96:37:81:07:50:ec: 44:12:2b:11:53:bc:03:aa:b0:cf:75:25:22:45:fd: b0:f3:67:bb:0b:a7:a2:bb:88:43:4d:9e:54:cb:7d: 13:ba:ce:eb:6e:8a:e0:28:07:66:91:f3:05:02:76: c8:c7:a9:c4:65:6e:d7:ff:1f:a1:86:41:30:2c:c5: a5:fd:32:69:42:eb:d4:73:93:ea:5f:d9:bf:63:17: e3:e4:7f:7d:0f:5b:8a:00:1d:ed:24:59:d3:2c:da: d3:43:ce:46:06:70:65:7b:b7:7c:5c:f7:06:d1:4d: c0:32:ca:6c:59:ba:bd:d1:a5:bf:3d:af:a2:25:9c: c6:f4:36:c2:56:01:7c:44:3f:f6:91:bd:0a:c1:38: 2d:8e:ff:86:d5:37:c8:10:d5:43:2d:9a:c8:17:15: 9a:77:12:62:5b:34:50:bf:ff:15:0b:8d:63:85:e3: 33:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:9C:A0:87:F9:4C:18:0F:31:03:13:77:90:DB:54:4E:24:77:E7:B8 X509v3 Authority Key Identifier: keyid:8A:28:2D:1C:8F:90:C3:0D:65:9E:6D:8C:0B:9B:E4:22:1C:25:31:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915FDA7/45BCFC30FD2911EEA629AE62C4F9AE02/iigtHI-Qww1lnm2MC5vkIhwlMZw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iigtHI-Qww1lnm2MC5vkIhwlMZw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDA7/45BCFC30FD2911EEA629AE62C4F9AE02/iigtHI-Qww1lnm2MC5vkIhwlMZw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:9f:42:bf:84:73:3e:19:d4:6b:c0:d0:14:7a:f5:3d:c4:c7: f7:5e:7f:d7:ee:52:6b:75:f8:63:ad:8b:93:e9:18:9d:13:9f: 79:27:40:fd:54:5b:de:88:c1:84:7b:7e:07:ab:09:30:9e:ce: 30:3f:27:3a:b0:a2:61:c1:da:a1:54:e1:f4:21:b4:c2:73:21: 86:63:87:45:c5:a6:f8:d9:e5:40:9a:21:2d:29:15:24:89:ac: 96:12:7b:58:76:33:f0:68:35:65:1e:98:6b:10:e3:d2:33:2a: cf:53:b7:84:60:2d:77:90:42:c1:dc:c1:ce:12:91:1f:03:22: 52:b7:15:e4:10:39:ee:7a:73:6c:d3:04:8d:42:e5:70:cf:0f: d6:5d:4b:86:0e:82:11:37:87:02:49:b2:a4:46:77:f0:b6:2c: 61:ca:fa:85:c1:b4:16:ff:75:0f:24:2f:ab:8d:f9:c7:91:79: a9:e6:5b:57:7f:c5:d8:3a:89:c1:cf:79:d4:cb:ca:f9:3a:02: 08:c3:f9:fb:ad:e7:ed:67:4f:72:24:3c:81:a3:5e:77:53:da: 12:2f:f2:9a:f2:32:d6:a7:c6:66:e5:cb:a9:a8:f5:b4:57:70: d0:03:69:31:7b:98:18:f1:c7:2f:47:8b:ae:fd:4c:3b:67:23: e6:04:43:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUZEQTcxMTAvBgNVBAUTKDhBMjgyRDFDOEY5MEMzMEQ2NTlFNkQ4QzBCOUJFNDIy MUMyNTMxOUMwHhcNMjUwNDIxMDQ0NTE0WhcNMjUwNDI4MDQ0NTE0WjAYMRYwFAYD VQQDEw02ODA1Y2Q1YS0yOWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnjcVW9LeW8/lBFtwSQfgA6ClLW0EDa5DQzX80dAuB39P0A9C24mjsTVVYhJO LbjqFsjF+0gQtknGYJSv80jkeNm8EdImYmWCKGaDTyRL5vPgbASWN4EHUOxEEisR U7wDqrDPdSUiRf2w82e7C6eiu4hDTZ5Uy30Tus7rborgKAdmkfMFAnbIx6nEZW7X /x+hhkEwLMWl/TJpQuvUc5PqX9m/Yxfj5H99D1uKAB3tJFnTLNrTQ85GBnBle7d8 XPcG0U3AMspsWbq90aW/Pa+iJZzG9DbCVgF8RD/2kb0KwTgtjv+G1TfIENVDLZrI FxWadxJiWzRQv/8VC41jheMz+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIWcoIf5 TBgPMQMTd5DbVE4kd+e4MB8GA1UdIwQYMBaAFIooLRyPkMMNZZ5tjAub5CIcJTGc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkRBNy80NUJDRkMzMEZE MjkxMUVFQTYyOUFFNjJDNEY5QUUwMi9paWd0SEktUXd3MWxubTJNQzV2a0lod2xN WncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lpZ3RISS1Rd3cxbG5tMk1DNXZrSWh3bE1ady5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RkRBNy80NUJDRkMzMEZEMjkxMUVFQTYyOUFFNjJDNEY5QUUwMi9paWd0SEktUXd3 MWxubTJNQzV2a0lod2xNWncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPn0K/hHM+GdRrwNAUevU9xMf3Xn/X7lJrdfhjrYuT6RidE595J0D9 VFveiMGEe34Hqwkwns4wPyc6sKJhwdqhVOH0IbTCcyGGY4dFxab42eVAmiEtKRUk iayWEntYdjPwaDVlHphrEOPSMyrPU7eEYC13kELB3MHOEpEfAyJStxXkEDnuenNs 0wSNQuVwzw/WXUuGDoIRN4cCSbKkRnfwtixhyvqFwbQW/3UPJC+rjfnHkXmp5ltX f8XYOonBz3nUy8r5OgIIw/n7reftZ09yJDyBo153U9oSL/Ka8jLWp8Zm5cupqPW0 V3DQA2kxe5gY8ccvR4uu/Uw7ZyPmBEMW -----END CERTIFICATE-----Generated at Tue Apr 22 17:44:39 2025 by rpki-client