$ rpki-client -vvf rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft File: _YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft (raw, json) Hash identifier: FticMP6vvZq3XvbfHUEbK2hVJvfRPLjdyl7M2M6nUiY= Subject key identifier: 8C:88:65:5F:94:99:6A:5E:B3:15:30:1E:4A:3B:25:A1:FE:8C:77:32 Authority key identifier: FD:82:7C:02:6B:39:67:E2:A1:40:D4:D2:31:4E:2B:0E:9C:04:74:30 Certificate issuer: /CN=A9171064/serialNumber=FD827C026B3967E2A140D4D2314E2B0E9C047430 Certificate serial: 0C2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft Manifest number: 0C27 Signing time: Thu 10 Apr 2025 18:26:01 +0000 Manifest this update: Thu 10 Apr 2025 18:26:00 +0000 Manifest next update: Thu 17 Apr 2025 18:26:00 +0000 Files and hashes: 1: _YJ8Ams5Z-KhQNTSMU4rDpwEdDA.crl (hash: RNruTFCEKA2TNAz9EIqb5kCvt1XTDL19mgMX4AH0chA=) 2: A2A3D38A05CE11EA80526530C4F9AE02.roa (hash: 5qzdMRlHADmRGjRZ80Eu6WYWmObO/9cRl46Cear7KnU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.crl rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 18:25:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3117 (0xc2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171064, serialNumber=FD827C026B3967E2A140D4D2314E2B0E9C047430 Validity Not Before: Apr 10 18:26:00 2025 GMT Not After : Apr 17 18:26:00 2025 GMT Subject: CN=67f80d38-21f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d6:3e:68:41:0e:7e:e7:35:b8:5a:2c:f7:03: 21:72:90:38:2a:9b:ed:75:a7:42:75:82:7d:79:7c: 57:64:c2:69:fb:ad:ee:a3:e7:b3:b9:59:17:7e:94: 19:24:f8:89:5f:c0:9d:a9:d2:f3:c5:60:81:34:9b: c8:3d:4b:73:e5:bd:08:e6:3c:f0:00:45:cf:eb:ef: 6b:3f:b7:ff:6d:60:39:9d:d1:ad:dc:ef:16:23:2d: d6:4c:b2:b6:76:00:e8:ef:04:be:0c:36:63:6e:a5: 3c:99:0c:86:ab:d4:ea:36:b0:ed:e2:e0:b9:99:43: 95:81:83:32:0f:60:7c:2b:f2:b4:55:5c:33:13:de: 6b:e3:10:bc:75:b6:82:cf:bf:ba:02:27:65:6d:15: af:8c:9e:3f:ed:be:c4:6c:cf:df:ae:c7:24:d5:49: 70:28:38:8f:de:2d:59:76:51:51:0d:89:9d:0e:84: 59:81:2f:82:47:f7:11:cd:8e:0c:54:5d:95:c8:63: c7:90:03:99:c1:24:60:6a:54:e2:b2:a1:03:03:f8: 68:5a:3d:01:38:c7:46:ef:80:02:d0:2a:7e:55:de: 80:2e:23:e9:f6:8f:56:a7:ef:4a:b1:93:3e:2f:b7: 41:5a:2e:34:3e:47:cc:44:e5:e1:e3:cd:01:d9:ee: 59:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:88:65:5F:94:99:6A:5E:B3:15:30:1E:4A:3B:25:A1:FE:8C:77:32 X509v3 Authority Key Identifier: keyid:FD:82:7C:02:6B:39:67:E2:A1:40:D4:D2:31:4E:2B:0E:9C:04:74:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:9b:d7:07:a5:5d:1a:5d:64:f5:11:22:5d:15:57:5d:65:2e: b6:f4:97:1a:88:9c:55:25:14:8c:83:f4:0e:77:68:41:79:9c: 49:ab:d8:ff:88:f2:6f:20:85:e1:fe:ca:1e:76:8b:41:e4:51: 40:66:2a:e1:36:af:11:df:68:60:4f:c8:0d:d6:aa:4c:7c:21: 32:e9:97:35:b3:95:3b:4c:f0:de:88:bb:6c:5a:98:47:9a:b9: d1:6d:63:53:4a:66:f1:c3:34:25:e0:dc:e2:a6:b4:15:7d:83: ba:d3:51:54:5a:86:cb:78:e2:f7:72:50:cc:22:b4:f9:be:9c: f6:48:06:2c:da:cd:06:9b:56:38:48:05:29:9e:04:a2:c0:9d: 4d:1e:4c:29:7a:40:3d:31:a9:04:2e:25:ba:0c:f5:e5:2f:ab: a0:3a:ce:eb:7c:59:69:fd:1e:8a:a0:bd:be:35:12:b6:c2:84: 95:a9:77:74:ad:0d:a8:79:a6:7e:72:c4:ea:f0:c4:84:34:ad: 93:e7:1b:8c:52:52:b7:fe:62:b7:05:52:1e:f7:62:52:e4:1e: a8:de:04:ac:9b:72:84:7a:6e:24:6e:3d:25:28:0a:6f:0d:fc: 5c:cf:3d:d6:d7:19:93:31:aa:47:6b:f8:3e:5c:74:b8:e3:bd: d1:fc:a7:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzEwNjQxMTAvBgNVBAUTKEZEODI3QzAyNkIzOTY3RTJBMTQwRDREMjMxNEUyQjBF OUMwNDc0MzAwHhcNMjUwNDEwMTgyNjAwWhcNMjUwNDE3MTgyNjAwWjAYMRYwFAYD VQQDEw02N2Y4MGQzOC0yMWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvdY+aEEOfuc1uFos9wMhcpA4KpvtdadCdYJ9eXxXZMJp+63uo+ezuVkXfpQZ JPiJX8CdqdLzxWCBNJvIPUtz5b0I5jzwAEXP6+9rP7f/bWA5ndGt3O8WIy3WTLK2 dgDo7wS+DDZjbqU8mQyGq9TqNrDt4uC5mUOVgYMyD2B8K/K0VVwzE95r4xC8dbaC z7+6AidlbRWvjJ4/7b7EbM/frsck1UlwKDiP3i1ZdlFRDYmdDoRZgS+CR/cRzY4M VF2VyGPHkAOZwSRgalTisqEDA/hoWj0BOMdG74AC0Cp+Vd6ALiPp9o9Wp+9KsZM+ L7dBWi40PkfMROXh480B2e5Z0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIyIZV+U mWpesxUwHko7JaH+jHcyMB8GA1UdIwQYMBaAFP2CfAJrOWfioUDU0jFOKw6cBHQw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTA2NC8wNzYzOTYyMDA1 MkYxMUVBOEE5RTM5NDdDNEY5QUUwMi9fWUo4QW1zNVotS2hRTlRTTVU0ckRwd0Vk REEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19ZSjhBbXM1Wi1LaFFOVFNNVTRyRHB3RWREQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTA2NC8wNzYzOTYyMDA1MkYxMUVBOEE5RTM5NDdDNEY5QUUwMi9fWUo4QW1zNVot S2hRTlRTTVU0ckRwd0VkREEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATm9cHpV0aXWT1ESJdFVddZS629JcaiJxVJRSMg/QOd2hBeZxJq9j/ iPJvIIXh/soedotB5FFAZirhNq8R32hgT8gN1qpMfCEy6Zc1s5U7TPDeiLtsWphH mrnRbWNTSmbxwzQl4NziprQVfYO601FUWobLeOL3clDMIrT5vpz2SAYs2s0Gm1Y4 SAUpngSiwJ1NHkwpekA9MakELiW6DPXlL6ugOs7rfFlp/R6KoL2+NRK2woSVqXd0 rQ2oeaZ+csTq8MSENK2T5xuMUlK3/mK3BVIe92JS5B6o3gSsm3KEem4kbj0lKApv Dfxczz3W1xmTMapHa/g+XHS4473R/Kdo -----END CERTIFICATE-----Generated at Sat Apr 12 17:57:58 2025 by rpki-client