$ rpki-client -vvf rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft File: ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft (raw, json) Hash identifier: Q/2Ff3wExoG/3vzqAcUYclvEjjFliKjsogqrnf979/o= Subject key identifier: 1E:D5:BF:54:F7:42:1F:FB:AA:F3:DD:E1:D3:9E:D9:D1:1C:16:A4:AD Authority key identifier: 72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 Certificate issuer: /CN=A9161477/serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft Manifest number: 17 Signing time: Thu 03 Apr 2025 07:15:09 +0000 Manifest this update: Thu 03 Apr 2025 07:15:09 +0000 Manifest next update: Thu 10 Apr 2025 07:15:09 +0000 Files and hashes: 1: ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl (hash: wLCI/aqrlOYcFQqEJp9bJQm79C0cZlt20OzuzFvtEMs=) 2: CAB73E3AF3FC11EF83B4DD30C4F9AE02.roa (hash: BR0iac6RCibng8iXx5EGv9yUT7uect2xiyJYOcbA9Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:15:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161477 Validity Not Before: Apr 3 07:15:09 2025 GMT Not After : Apr 10 07:15:09 2025 GMT Subject: CN=67ee357d-f253 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:36:88:ee:e2:dc:cf:08:b6:7a:7e:97:08:86: e0:fb:3f:d8:89:40:17:70:d6:d7:a4:81:cf:4c:fd: 09:27:64:f4:f0:82:e4:87:51:e1:68:e4:14:d1:a5: 17:81:c1:ab:1e:b0:e5:5e:15:c8:6d:98:6a:d8:18: 91:16:be:f3:da:20:1f:9b:15:ae:fc:9e:43:6f:92: 3f:5d:98:88:28:c3:70:79:d8:16:2f:ed:4e:f1:a2: 9d:da:1c:9c:e7:aa:17:f9:a5:d4:54:15:f4:b5:83: 88:cc:ca:fb:e8:32:26:d6:b9:5a:bc:6c:4f:bb:cc: 99:54:8d:48:6d:9b:c8:be:2c:f2:2c:0d:d4:91:86: f4:cd:a0:b2:d8:af:4c:bb:01:55:1d:6d:b7:00:50: 10:3e:f2:02:fe:c1:2c:3a:87:ed:07:e4:77:be:14: ae:7c:b4:0c:36:7e:e1:29:72:ab:32:e6:5c:74:0f: 97:63:82:37:e1:b5:94:b4:b1:97:46:12:ca:ae:d5: 50:ec:16:36:f6:a5:58:02:21:4b:98:9f:8c:3f:af: 63:39:55:6f:45:f8:d1:c1:09:4f:75:0c:51:d3:ce: 96:cc:9c:32:aa:25:59:b3:2f:3a:fd:c6:6b:54:38: d2:0a:3d:e3:47:11:16:7d:ee:33:d1:f2:36:30:32: bb:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:D5:BF:54:F7:42:1F:FB:AA:F3:DD:E1:D3:9E:D9:D1:1C:16:A4:AD X509v3 Authority Key Identifier: keyid:72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:d1:51:7a:fb:f0:98:61:53:53:1f:6c:24:7e:c8:84:e7:b2: d8:98:92:fe:18:50:87:b9:d6:b7:af:d9:e2:f3:3b:bb:82:c7: 25:c2:bb:84:04:ba:8f:32:8f:aa:44:a2:78:5a:67:dc:ba:9f: 74:35:14:d0:5a:ec:3f:76:00:51:20:6e:b1:08:04:ed:99:01: 38:0e:ee:33:50:3e:7d:12:de:e8:86:ec:d8:8a:73:61:e3:db: 0d:1e:66:63:64:2b:b4:89:f1:15:3b:58:85:48:21:58:40:3b: 08:b7:19:df:59:f6:a4:0d:8b:4b:f5:f0:d4:a5:c9:4a:7f:c3: 86:e5:0f:9b:a3:6d:08:ea:32:d8:13:6f:39:23:f7:be:91:f9: 4b:d9:e9:c7:99:36:48:48:52:c4:86:e1:24:97:5f:86:b8:17: b8:09:bf:18:41:86:ac:bc:fc:92:e1:6a:3c:cd:1b:cb:d0:3b: 59:54:b0:48:d1:5b:fd:d5:5f:d2:a3:57:38:84:5f:9d:8b:cb: 40:91:0f:10:a0:8c:9c:25:4d:c4:b4:95:ae:33:b5:28:2a:fd: 6b:f2:85:d9:b8:66:0d:d8:c2:52:d4:85:9c:93:5b:94:3d:3f: 83:fb:56:52:5a:b6:2b:d9:7e:dc:a6:58:8f:12:c3:21:0b:e2: 43:27:1c:a3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MTQ3NzExMC8GA1UEBRMoNzI0MUU4RjAzOEI5RjI1MkZCNjFDQTQxQjZBNEZDMTY3 Qjc3NTUyNjAeFw0yNTA0MDMwNzE1MDlaFw0yNTA0MTAwNzE1MDlaMBgxFjAUBgNV BAMTDTY3ZWUzNTdkLWYyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQNoju4tzPCLZ6fpcIhuD7P9iJQBdw1tekgc9M/QknZPTwguSHUeFo5BTRpReB wasesOVeFchtmGrYGJEWvvPaIB+bFa78nkNvkj9dmIgow3B52BYv7U7xop3aHJzn qhf5pdRUFfS1g4jMyvvoMibWuVq8bE+7zJlUjUhtm8i+LPIsDdSRhvTNoLLYr0y7 AVUdbbcAUBA+8gL+wSw6h+0H5He+FK58tAw2fuEpcqsy5lx0D5djgjfhtZS0sZdG Esqu1VDsFjb2pVgCIUuYn4w/r2M5VW9F+NHBCU91DFHTzpbMnDKqJVmzLzr9xmtU ONIKPeNHERZ97jPR8jYwMrtBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHtW/VPdC H/uq893h057Z0RwWpK0wHwYDVR0jBBgwFoAUckHo8Di58lL7YcpBtqT8Fnt3VSYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxNDc3LzZCNzAzNUY4RjNG QzExRUY5OUQ1MzczMEM0RjlBRTAyL2NrSG84RGk1OGxMN1ljcEJ0cVQ4Rm50M1ZT WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY2tIbzhEaTU4bEw3WWNwQnRxVDhGbnQzVlNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx NDc3LzZCNzAzNUY4RjNGQzExRUY5OUQ1MzczMEM0RjlBRTAyL2NrSG84RGk1OGxM N1ljcEJ0cVQ4Rm50M1ZTWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJvRUXr78JhhU1MfbCR+yITnstiYkv4YUIe51rev2eLzO7uCxyXCu4QE uo8yj6pEonhaZ9y6n3Q1FNBa7D92AFEgbrEIBO2ZATgO7jNQPn0S3uiG7NiKc2Hj 2w0eZmNkK7SJ8RU7WIVIIVhAOwi3Gd9Z9qQNi0v18NSlyUp/w4blD5ujbQjqMtgT bzkj976R+UvZ6ceZNkhIUsSG4SSXX4a4F7gJvxhBhqy8/JLhajzNG8vQO1lUsEjR W/3VX9KjVziEX52Ly0CRDxCgjJwlTcS0la4ztSgq/Wvyhdm4Zg3YwlLUhZyTW5Q9 P4P7VlJativZftymWI8SwyEL4kMnHKM= -----END CERTIFICATE-----Generated at Fri Apr 4 22:06:37 2025 by rpki-client