$ rpki-client -vvf rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.mft File: 4W5PZeLjl-n84FeFomXGGXyCIMk.mft (raw, json) Hash identifier: xe4XmKjI20209lxy9zn2vCmi1zjQnLEuUTPPN4Cs5VE= Subject key identifier: 8F:D8:D4:BB:38:E2:2D:6C:7D:23:66:DD:66:83:78:AD:5A:82:3F:59 Authority key identifier: E1:6E:4F:65:E2:E3:97:E9:FC:E0:57:85:A2:65:C6:19:7C:82:20:C9 Certificate issuer: /CN=A916DED9/serialNumber=E16E4F65E2E397E9FCE05785A265C6197C8220C9 Certificate serial: 0105 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.mft Manifest number: 0103 Signing time: Sat 05 Apr 2025 04:23:29 +0000 Manifest this update: Sat 05 Apr 2025 04:23:28 +0000 Manifest next update: Sat 12 Apr 2025 04:23:28 +0000 Files and hashes: 1: 4W5PZeLjl-n84FeFomXGGXyCIMk.crl (hash: HQcwJ47sWvXn9aLvJEq9dCt47Xi7VXZ37pYWA+JG0is=) 2: 880E53BC852A11EE8B988A85C4F9AE02.roa (hash: SuIwbjVFIiO//MYlkWAI7JLL+Gi6my0EIFtFpMkp/oM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.crl rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:23:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 261 (0x105) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916DED9 Validity Not Before: Apr 5 04:23:28 2025 GMT Not After : Apr 12 04:23:28 2025 GMT Subject: CN=67f0b040-e1b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ae:1d:bb:61:73:b1:ab:12:3b:7d:0d:b3:18: 6c:ce:ca:4d:ed:ca:f5:9a:31:2e:70:2c:2a:5f:89: d2:e0:3d:cb:bc:64:22:79:ba:8d:60:12:b8:3e:bc: 9e:34:fd:1a:0a:7d:13:78:f8:e0:a5:43:50:9a:7a: d9:55:4a:67:24:86:ea:17:f6:51:5d:83:fc:a1:c8: 3c:e7:7c:8d:80:4d:17:35:50:31:9d:f5:cf:00:2c: e4:bb:c6:bf:c9:3b:5e:41:43:db:98:33:2f:37:59: 25:1b:f8:29:61:2d:5d:07:88:65:55:ca:fd:3c:0e: 18:16:de:8d:5f:c3:94:c2:fc:cd:55:d7:45:4d:64: fc:e9:7e:fb:50:b1:dd:30:27:bc:b6:58:15:06:ad: 04:76:98:cd:1f:8e:8f:50:e8:96:2d:6f:37:31:1a: de:ac:bd:3b:d0:05:2e:cb:95:67:96:22:e9:1b:c8: 4c:64:bd:64:b6:01:74:28:dc:ba:f2:eb:dc:f2:af: 62:ec:d7:e2:86:b3:fa:47:5d:b1:85:40:d4:fe:fd: e8:d4:2c:cf:85:dc:39:fa:cd:18:8d:c9:30:2d:1a: 33:73:77:61:29:85:a6:1f:79:2a:b3:15:76:ec:4e: 64:12:fd:e6:0a:9c:59:50:64:7c:7b:64:fe:36:1b: fe:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:D8:D4:BB:38:E2:2D:6C:7D:23:66:DD:66:83:78:AD:5A:82:3F:59 X509v3 Authority Key Identifier: keyid:E1:6E:4F:65:E2:E3:97:E9:FC:E0:57:85:A2:65:C6:19:7C:82:20:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:2d:89:09:d4:43:70:1f:6c:f9:b0:af:a8:05:8a:fa:e2:21: 95:7f:dc:1f:6e:b0:10:12:2d:18:fc:ff:e1:9d:51:13:43:8e: 95:69:c8:7c:21:ac:24:35:bb:6e:c9:6d:c5:2b:fd:ae:ce:54: b8:f9:9e:5d:58:9e:f4:d4:77:95:a1:85:5e:d9:6b:4f:0d:c7: fd:ab:4f:a2:12:bc:ff:49:0c:0f:64:5c:ed:b2:3e:de:85:68: 9a:74:67:53:bb:93:e2:9f:16:ac:5f:0c:f0:b2:56:9d:e3:69: 83:71:af:e3:b7:46:ca:3e:1f:66:98:68:46:1a:17:d4:50:54: 7b:52:c2:f6:a1:1a:ef:6b:98:2c:4f:25:eb:9d:16:38:d3:cf: 8c:bb:6e:6f:92:58:47:45:86:6a:c4:7e:cc:e9:ec:09:d9:72: 54:11:e2:dc:d3:33:7b:13:1a:fb:cf:99:38:e8:99:bd:44:01: 87:92:f0:27:51:aa:0b:42:ac:90:33:51:59:4e:9d:20:0c:36: 42:16:40:f3:0b:ab:42:1f:e3:69:b3:b6:41:ec:dd:33:3a:e1: d0:48:42:6e:2a:b7:71:80:50:0b:de:29:03:fd:dd:ef:96:03: 65:1a:54:2d:01:b5:08:a7:e2:39:11:74:9c:50:d0:00:9a:06: 6b:35:4e:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkRFRDkxMTAvBgNVBAUTKEUxNkU0RjY1RTJFMzk3RTlGQ0UwNTc4NUEyNjVDNjE5 N0M4MjIwQzkwHhcNMjUwNDA1MDQyMzI4WhcNMjUwNDEyMDQyMzI4WjAYMRYwFAYD VQQDEw02N2YwYjA0MC1lMWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3a4du2FzsasSO30NsxhszspN7cr1mjEucCwqX4nS4D3LvGQiebqNYBK4Prye NP0aCn0TePjgpUNQmnrZVUpnJIbqF/ZRXYP8ocg853yNgE0XNVAxnfXPACzku8a/ yTteQUPbmDMvN1klG/gpYS1dB4hlVcr9PA4YFt6NX8OUwvzNVddFTWT86X77ULHd MCe8tlgVBq0EdpjNH46PUOiWLW83MRrerL070AUuy5VnliLpG8hMZL1ktgF0KNy6 8uvc8q9i7NfihrP6R12xhUDU/v3o1CzPhdw5+s0YjckwLRozc3dhKYWmH3kqsxV2 7E5kEv3mCpxZUGR8e2T+Nhv+RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI/Y1Ls4 4i1sfSNm3WaDeK1agj9ZMB8GA1UdIwQYMBaAFOFuT2Xi45fp/OBXhaJlxhl8giDJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REVEOS9ERjE1QjNCODg1 MjkxMUVFQUZEMDRDODRDNEY5QUUwMi80VzVQWmVMamwtbjg0RmVGb21YR0dYeUNJ TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRXNVBaZUxqbC1uODRGZUZvbVhHR1h5Q0lNay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 REVEOS9ERjE1QjNCODg1MjkxMUVFQUZEMDRDODRDNEY5QUUwMi80VzVQWmVMamwt bjg0RmVGb21YR0dYeUNJTWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgLYkJ1ENwH2z5sK+oBYr64iGVf9wfbrAQEi0Y/P/hnVETQ46Vach8 IawkNbtuyW3FK/2uzlS4+Z5dWJ701HeVoYVe2WtPDcf9q0+iErz/SQwPZFztsj7e hWiadGdTu5PinxasXwzwslad42mDca/jt0bKPh9mmGhGGhfUUFR7UsL2oRrva5gs TyXrnRY408+Mu25vklhHRYZqxH7M6ewJ2XJUEeLc0zN7Exr7z5k46Jm9RAGHkvAn UaoLQqyQM1FZTp0gDDZCFkDzC6tCH+Nps7ZB7N0zOuHQSEJuKrdxgFAL3ikD/d3v lgNlGlQtAbUIp+I5EXScUNAAmgZrNU6w -----END CERTIFICATE-----Generated at Sat Apr 5 11:42:19 2025 by rpki-client