$ rpki-client -vvf rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.mft File: DihwYx-g7-rpRTHbDiYEXKO8gZs.mft (raw, json) Hash identifier: VfEFT4+jrJH2xk9KcbPU2hSL2chJyHMlKpfBP16f2eQ= Subject key identifier: 5D:69:7F:73:67:C0:A1:93:74:49:12:27:57:93:3C:48:E1:B1:77:50 Authority key identifier: 0E:28:70:63:1F:A0:EF:EA:E9:45:31:DB:0E:26:04:5C:A3:BC:81:9B Certificate issuer: /CN=A9162DD6/serialNumber=0E2870631FA0EFEAE94531DB0E26045CA3BC819B Certificate serial: 102A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.mft Manifest number: 1017 Signing time: Fri 04 Apr 2025 17:33:36 +0000 Manifest this update: Fri 04 Apr 2025 17:33:36 +0000 Manifest next update: Fri 11 Apr 2025 17:33:36 +0000 Files and hashes: 1: DihwYx-g7-rpRTHbDiYEXKO8gZs.crl (hash: S9WNypeeT6EY2NrXdjYMXYkB5i74dmoJ8A92xX1cOlc=) 2: D97D5F6A3FEB11E9882E830FC4F9AE02.roa (hash: 1xAA2p3bRzKtkuwJYgmnpWotzfIy6qgcGQhWEvGOqKo=) 3: DA3261943FEB11E9882E830FC4F9AE02.roa (hash: KDtUJt1Jtjn2LNZNEN2QFLXYazsl0VQjLQGBBHjjEOQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.crl rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:33:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4138 (0x102a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162DD6 Validity Not Before: Apr 4 17:33:36 2025 GMT Not After : Apr 11 17:33:36 2025 GMT Subject: CN=67f017f0-d4db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ab:03:a5:74:0c:ae:81:f1:c5:c4:6c:50:17: bf:dd:f3:8e:99:e2:1c:83:32:bc:c5:70:c0:af:31: 09:f5:c6:eb:ec:79:17:8d:71:fa:8c:19:3e:fc:13: fc:cc:f9:4d:82:c9:0e:86:2a:6c:63:1d:70:70:26: 25:2b:4b:9f:b2:07:c0:77:62:53:55:d0:83:4e:ed: 48:07:09:f8:c8:5a:8d:3f:a8:00:13:36:9e:2a:c8: dd:f5:8f:6e:be:31:c4:b0:8b:99:19:7b:8a:42:f1: bd:f7:c5:33:2f:fe:ce:85:ed:59:ca:0d:bb:0c:75: 4d:05:94:a9:65:e6:b1:4f:0b:db:e5:27:d7:c0:e7: 9b:6d:52:9e:0e:3a:37:6e:56:c8:7b:22:e2:4e:ea: 15:31:08:b2:28:4d:e6:28:10:99:34:c9:d8:bf:b2: a8:b2:56:da:9b:6c:cf:59:fc:66:c1:c1:a3:75:f6: b7:df:ef:f7:06:2a:12:a5:4b:bb:5c:7d:cb:45:14: 82:04:b9:c7:ff:19:55:46:4d:e0:79:f0:66:ca:b8: 65:5f:6f:a9:25:d3:39:03:0e:ed:e6:14:a4:f0:da: d4:2e:fc:80:46:bd:b5:e6:e5:e9:40:8c:13:63:c1: 25:fd:28:0a:4f:6e:f6:6f:32:58:87:08:cb:54:d6: 8c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:69:7F:73:67:C0:A1:93:74:49:12:27:57:93:3C:48:E1:B1:77:50 X509v3 Authority Key Identifier: keyid:0E:28:70:63:1F:A0:EF:EA:E9:45:31:DB:0E:26:04:5C:A3:BC:81:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:17:71:cc:39:62:6e:58:87:11:4c:cc:f5:c9:4b:65:81:e8: 89:f1:22:91:6d:71:c3:01:a9:fc:a2:20:90:e9:9b:67:c9:18: ae:53:bf:45:0b:d7:62:2f:a9:5b:0f:8a:89:75:9d:74:f3:d2: dd:81:d5:6e:c8:48:c9:ed:ec:3f:8f:8c:fe:ec:30:79:78:79: 45:90:d7:46:41:8e:84:04:8d:15:7a:52:e1:68:ed:ee:0c:2c: 8c:0a:9c:f2:4f:48:63:ea:9c:04:29:b9:b4:d6:a3:97:0e:da: 1d:f6:d9:07:76:e4:3f:0d:b4:01:a5:dc:b7:fd:a9:ac:d1:f7: 7e:e5:9b:60:1f:bc:f0:86:44:e4:a0:8b:af:50:97:6b:6a:42: 85:dc:1e:78:a5:6c:4f:7f:1a:d2:3f:1d:58:4e:95:f3:88:15: db:cb:80:a5:c9:9f:eb:d7:30:67:10:fd:bf:28:10:11:03:47: be:7c:31:f1:51:e6:fd:9f:c3:f6:a7:b5:4d:85:ba:15:2d:a9: 3b:6e:d1:d7:bf:5b:72:f6:bd:99:ef:da:e2:93:33:af:62:c9: 15:8b:25:ab:13:4e:4b:bc:51:04:63:db:78:ce:4c:e4:66:af: c2:ac:11:46:bc:08:75:ad:fd:07:dd:59:bc:36:fd:37:97:15: 83:f6:8d:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICECowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjJERDYxMTAvBgNVBAUTKDBFMjg3MDYzMUZBMEVGRUFFOTQ1MzFEQjBFMjYwNDVD QTNCQzgxOUIwHhcNMjUwNDA0MTczMzM2WhcNMjUwNDExMTczMzM2WjAYMRYwFAYD VQQDEw02N2YwMTdmMC1kNGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmasDpXQMroHxxcRsUBe/3fOOmeIcgzK8xXDArzEJ9cbr7HkXjXH6jBk+/BP8 zPlNgskOhipsYx1wcCYlK0ufsgfAd2JTVdCDTu1IBwn4yFqNP6gAEzaeKsjd9Y9u vjHEsIuZGXuKQvG998UzL/7Ohe1Zyg27DHVNBZSpZeaxTwvb5SfXwOebbVKeDjo3 blbIeyLiTuoVMQiyKE3mKBCZNMnYv7Koslbam2zPWfxmwcGjdfa33+/3BioSpUu7 XH3LRRSCBLnH/xlVRk3gefBmyrhlX2+pJdM5Aw7t5hSk8NrULvyARr215uXpQIwT Y8El/SgKT272bzJYhwjLVNaMpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF1pf3Nn wKGTdEkSJ1eTPEjhsXdQMB8GA1UdIwQYMBaAFA4ocGMfoO/q6UUx2w4mBFyjvIGb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkRENi85Q0Q3Q0IwQTNG RUExMUU5OTE4MzlEMERDNEY5QUUwMi9EaWh3WXgtZzctcnBSVEhiRGlZRVhLTzhn WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RpaHdZeC1nNy1ycFJUSGJEaVlFWEtPOGdacy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MkRENi85Q0Q3Q0IwQTNGRUExMUU5OTE4MzlEMERDNEY5QUUwMi9EaWh3WXgtZzct cnBSVEhiRGlZRVhLTzhnWnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnF3HMOWJuWIcRTMz1yUtlgeiJ8SKRbXHDAan8oiCQ6ZtnyRiuU79F C9diL6lbD4qJdZ1089LdgdVuyEjJ7ew/j4z+7DB5eHlFkNdGQY6EBI0VelLhaO3u DCyMCpzyT0hj6pwEKbm01qOXDtod9tkHduQ/DbQBpdy3/ams0fd+5ZtgH7zwhkTk oIuvUJdrakKF3B54pWxPfxrSPx1YTpXziBXby4ClyZ/r1zBnEP2/KBARA0e+fDHx Ueb9n8P2p7VNhboVLak7btHXv1ty9r2Z79rikzOvYskViyWrE05LvFEEY9t4zkzk Zq/CrBFGvAh1rf0H3Vm8Nv03lxWD9o0B -----END CERTIFICATE-----Generated at Fri Apr 4 22:15:01 2025 by rpki-client