$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.mft File: AI8syGQkHehjXpOldED5wusli7M.mft (raw, json) Hash identifier: 09NAYVOzcq8ghvXc6inzYlHHEmK+nTrXEzxBzwAMtP8= Subject key identifier: 44:3F:EC:A0:C2:D5:4A:D8:45:FB:53:03:8E:1D:63:78:12:1D:8D:FF Authority key identifier: 00:8F:2C:C8:64:24:1D:E8:63:5E:93:A5:74:40:F9:C2:EB:25:8B:B3 Certificate issuer: /CN=A917AC3B/serialNumber=008F2CC864241DE8635E93A57440F9C2EB258BB3 Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AI8syGQkHehjXpOldED5wusli7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.mft Manifest number: CF Signing time: Sat 29 Mar 2025 05:03:12 +0000 Manifest this update: Sat 29 Mar 2025 05:03:11 +0000 Manifest next update: Sat 05 Apr 2025 05:03:11 +0000 Files and hashes: 1: AI8syGQkHehjXpOldED5wusli7M.crl (hash: w26sz8je7n/QiD4LztZrNp6iAz5OSvexkr9JXnJG1eI=) 2: 2C24CB26CECC11EEAFCD520AC4F9AE02.roa (hash: irE7drsVeTTk7a2RFFZcS/J6SNQBkLx5nAZFgDb1h5M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.crl rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AI8syGQkHehjXpOldED5wusli7M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:03:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC3B Validity Not Before: Mar 29 05:03:11 2025 GMT Not After : Apr 5 05:03:11 2025 GMT Subject: CN=67e77f10-c7fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d0:a3:b5:72:46:e5:12:0f:09:52:ac:c8:36: d2:b2:a0:84:c0:86:39:54:4e:1f:dd:24:8f:e7:2f: 41:90:13:6c:41:bc:16:e7:34:37:29:dd:16:c7:6e: d2:d2:db:77:71:7a:52:15:16:c2:2d:35:6f:f1:c0: 58:d3:2c:c2:c2:20:5b:4b:54:98:aa:79:e4:30:34: 30:fb:c4:8a:9a:8d:a2:16:ce:bc:bd:90:ce:80:5a: 0a:a8:3d:12:aa:f2:a8:1b:09:52:dc:6a:77:ac:37: 26:a8:24:af:0d:07:10:d3:f6:b4:86:bb:01:50:60: 3b:71:be:5a:db:9a:3a:cf:76:de:57:5d:38:64:a5: 49:3a:42:81:8a:19:30:b2:78:85:3f:a8:1f:36:74: 7f:da:29:9d:7c:0b:a0:eb:80:61:47:b2:54:ce:6b: 6a:53:cb:4b:78:34:53:6b:0b:47:70:6e:9e:e2:ad: 1a:c8:02:9b:b2:84:43:7c:28:cd:62:d9:95:78:e1: dd:87:9c:5e:bb:82:ad:5e:58:dd:a8:27:55:e3:41: b6:bf:83:fb:eb:d4:d9:4b:84:00:59:f6:1e:03:0d: f5:52:e8:7a:c5:f4:4f:f9:d5:40:87:c7:b8:ac:54: 47:ca:0d:6d:68:b8:d7:5f:5c:0a:31:bf:61:03:88: 10:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:3F:EC:A0:C2:D5:4A:D8:45:FB:53:03:8E:1D:63:78:12:1D:8D:FF X509v3 Authority Key Identifier: keyid:00:8F:2C:C8:64:24:1D:E8:63:5E:93:A5:74:40:F9:C2:EB:25:8B:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AI8syGQkHehjXpOldED5wusli7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:de:d4:a2:f5:0f:f9:79:b4:b6:53:c5:bb:8e:2d:ce:2f:c6: c5:c1:1f:35:d5:30:ef:5a:cb:4e:f6:84:7e:07:bf:d9:a5:93: c7:e0:5e:93:e4:2a:12:af:de:50:a9:47:96:67:59:7c:34:b9: 7d:9f:b8:31:a6:05:ed:e7:7b:ff:cd:66:4a:56:d6:ae:86:31: 1c:47:04:26:9f:ab:bd:93:ad:ba:24:6a:0f:bf:65:1f:14:60: 70:94:4d:70:10:7b:b3:ca:a6:bb:e1:c7:35:1b:a1:b8:13:ec: 92:89:c4:f9:81:e0:c6:5f:e8:d8:f2:c9:23:d1:7f:ef:ed:35: 38:2d:96:b3:e7:c0:75:31:0a:05:a6:cd:93:94:3e:90:f9:28: f1:d5:6f:6d:fc:8a:c8:25:18:21:a8:b0:6b:10:df:44:a3:47: 7d:d9:eb:bc:43:56:21:13:b8:1d:74:16:30:9c:c6:c4:08:c7: a6:31:61:71:2e:04:18:f6:61:d9:b5:69:be:c1:c8:b6:17:40: 48:a0:8c:89:bf:7b:54:01:87:1a:d4:66:63:1c:9b:3c:c9:4b: 07:18:9a:36:da:f1:be:c8:c3:c3:59:42:74:c3:d1:47:07:38: 4a:2c:a6:0c:f9:aa:ec:61:12:fb:35:5d:78:4f:7d:b7:8a:d3: aa:28:4f:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDM0IxMTAvBgNVBAUTKDAwOEYyQ0M4NjQyNDFERTg2MzVFOTNBNTc0NDBGOUMy RUIyNThCQjMwHhcNMjUwMzI5MDUwMzExWhcNMjUwNDA1MDUwMzExWjAYMRYwFAYD VQQDEw02N2U3N2YxMC1jN2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tCjtXJG5RIPCVKsyDbSsqCEwIY5VE4f3SSP5y9BkBNsQbwW5zQ3Kd0Wx27S 0tt3cXpSFRbCLTVv8cBY0yzCwiBbS1SYqnnkMDQw+8SKmo2iFs68vZDOgFoKqD0S qvKoGwlS3Gp3rDcmqCSvDQcQ0/a0hrsBUGA7cb5a25o6z3beV104ZKVJOkKBihkw sniFP6gfNnR/2imdfAug64BhR7JUzmtqU8tLeDRTawtHcG6e4q0ayAKbsoRDfCjN YtmVeOHdh5xeu4KtXljdqCdV40G2v4P769TZS4QAWfYeAw31Uuh6xfRP+dVAh8e4 rFRHyg1taLjXX1wKMb9hA4gQRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEQ/7KDC 1UrYRftTA44dY3gSHY3/MB8GA1UdIwQYMBaAFACPLMhkJB3oY16TpXRA+cLrJYuz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzQi85NTdCMjQ0MENF Q0IxMUVFQjAzMDU1ODdDNEY5QUUwMi9BSThzeUdRa0hlaGpYcE9sZEVENXd1c2xp N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FJOHN5R1FrSGVoalhwT2xkRUQ1d3VzbGk3TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzQi85NTdCMjQ0MENFQ0IxMUVFQjAzMDU1ODdDNEY5QUUwMi9BSThzeUdRa0hl aGpYcE9sZEVENXd1c2xpN00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJ3tSi9Q/5ebS2U8W7ji3OL8bFwR811TDvWstO9oR+B7/ZpZPH4F6T 5CoSr95QqUeWZ1l8NLl9n7gxpgXt53v/zWZKVtauhjEcRwQmn6u9k626JGoPv2Uf FGBwlE1wEHuzyqa74cc1G6G4E+ySicT5geDGX+jY8skj0X/v7TU4LZaz58B1MQoF ps2TlD6Q+Sjx1W9t/IrIJRghqLBrEN9Eo0d92eu8Q1YhE7gddBYwnMbECMemMWFx LgQY9mHZtWm+wci2F0BIoIyJv3tUAYca1GZjHJs8yUsHGJo22vG+yMPDWUJ0w9FH BzhKLKYM+arsYRL7NV14T323itOqKE9k -----END CERTIFICATE-----Generated at Fri Apr 4 22:13:29 2025 by rpki-client