$ rpki-client -vvf rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft File: DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft (raw, json) Hash identifier: XRNGQLtJPXGpkFCKJNHN2T6l8P6fC7slYWP5o29AoRw= Subject key identifier: 94:84:79:13:1F:96:68:45:38:80:67:1F:1E:72:BD:BF:D6:14:63:24 Authority key identifier: 0D:E1:67:9D:21:D3:9B:61:F0:26:50:A4:14:EC:9D:04:62:C5:E4:18 Certificate issuer: /CN=A917D3A1/serialNumber=0DE1679D21D39B61F02650A414EC9D0462C5E418 Certificate serial: 34CC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft Manifest number: 34A6 Signing time: Thu 10 Apr 2025 14:29:01 +0000 Manifest this update: Thu 10 Apr 2025 14:29:01 +0000 Manifest next update: Thu 17 Apr 2025 14:29:01 +0000 Files and hashes: 1: DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl (hash: RjAMpycLoN4muOE9/o+r9j9Qgcsd1dwQV3y8JkDjr6E=) 2: B3B5B50E117711EEA0E5E040C4F9AE02.roa (hash: /HE0+/UKz944jtczmVdL8xtwz3w/VhqI3+iHS/siDT4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 14:26:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13516 (0x34cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D3A1 Validity Not Before: Apr 10 14:29:01 2025 GMT Not After : Apr 17 14:29:01 2025 GMT Subject: CN=67f7d5ad-543c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:41:89:2e:43:64:36:83:50:eb:fb:b6:a3:e1: 07:d9:e9:b5:cb:cb:ab:e5:f3:de:4f:b2:39:d5:4f: 7e:ba:58:72:19:f3:bb:f0:ed:15:f7:00:d6:65:ce: b1:f3:97:15:fc:f4:e5:29:05:5d:bd:03:53:25:a3: b6:ad:4c:9b:48:ff:61:a1:0e:ac:cd:a7:c2:bc:71: 58:53:35:48:89:ed:8d:cd:24:3d:42:82:c3:f3:21: 85:08:75:8c:0c:b6:78:f4:d6:04:ce:8f:07:80:0a: 31:50:ac:be:14:0c:2e:ac:d5:c3:33:02:a7:ae:f1: e7:87:65:19:90:fd:14:1a:34:8d:07:53:50:8b:dc: 49:21:c6:ac:89:09:a2:3d:92:1c:4e:e7:23:7c:dd: e4:6d:03:80:47:8d:d7:fb:73:0d:36:4f:07:4c:b2: b6:bf:ea:d6:3c:65:6d:fd:b7:55:d7:f3:50:d4:6d: bd:d3:00:a1:6c:0e:b4:a1:40:ce:df:19:2e:ba:c0: f5:34:35:29:1d:cb:b2:d5:aa:eb:f5:d5:ee:61:ee: b3:96:82:93:e1:b6:05:6f:14:9c:56:61:35:59:bc: 6c:3f:bd:e0:fc:66:0b:fb:8a:34:cf:6b:10:c4:af: 9f:f2:1e:08:22:d8:d4:f8:cd:d1:9d:ec:49:02:c5: be:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:84:79:13:1F:96:68:45:38:80:67:1F:1E:72:BD:BF:D6:14:63:24 X509v3 Authority Key Identifier: keyid:0D:E1:67:9D:21:D3:9B:61:F0:26:50:A4:14:EC:9D:04:62:C5:E4:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:8c:b9:8c:6e:4d:05:12:cf:bb:6a:f5:f3:d9:cb:c4:3a:00: c1:01:d6:61:28:cf:9d:99:2a:3c:4b:a3:6c:46:e1:a1:34:6d: 20:f2:1d:f2:71:d4:29:80:0d:da:0a:cf:17:40:2d:bd:2e:4c: a7:ed:52:2c:b4:45:4e:7c:b7:1b:87:fa:f5:f7:5f:42:b2:ba: 03:3a:83:e1:dc:09:04:16:68:49:84:f1:33:ff:72:a5:5f:76: 3e:6f:c7:88:3b:ec:bf:c1:4a:b2:03:e9:4a:1a:bd:81:1a:1c: 97:f5:3d:f6:be:62:ea:c3:9f:c0:0a:98:98:19:96:d5:51:d4: 84:d8:1a:65:94:3c:93:31:5e:9a:98:44:fd:ab:57:15:9b:20: e7:6d:b6:16:8a:01:c5:e0:88:a6:1f:58:52:38:74:02:5e:7c: 4e:25:1e:db:fa:30:70:a0:39:81:36:3a:bb:8c:6a:48:03:72: 67:a0:1f:f5:48:63:53:67:78:f5:44:a9:f0:b8:1e:60:10:a0: ef:b0:61:72:2e:cf:70:66:20:06:16:9e:8a:24:95:72:92:94: 85:45:73:e0:c0:ae:78:4b:20:b9:b4:cf:52:e0:42:26:73:2e: 34:f4:5a:89:e3:5f:fe:9d:45:02:42:6d:ef:b4:80:67:d1:1e: 5a:9d:9d:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0QzQTExMTAvBgNVBAUTKDBERTE2NzlEMjFEMzlCNjFGMDI2NTBBNDE0RUM5RDA0 NjJDNUU0MTgwHhcNMjUwNDEwMTQyOTAxWhcNMjUwNDE3MTQyOTAxWjAYMRYwFAYD VQQDEw02N2Y3ZDVhZC01NDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwUGJLkNkNoNQ6/u2o+EH2em1y8ur5fPeT7I51U9+ulhyGfO78O0V9wDWZc6x 85cV/PTlKQVdvQNTJaO2rUybSP9hoQ6szafCvHFYUzVIie2NzSQ9QoLD8yGFCHWM DLZ49NYEzo8HgAoxUKy+FAwurNXDMwKnrvHnh2UZkP0UGjSNB1NQi9xJIcasiQmi PZIcTucjfN3kbQOAR43X+3MNNk8HTLK2v+rWPGVt/bdV1/NQ1G290wChbA60oUDO 3xkuusD1NDUpHcuy1arr9dXuYe6zloKT4bYFbxScVmE1WbxsP73g/GYL+4o0z2sQ xK+f8h4IItjU+M3RnexJAsW+cQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJSEeRMf lmhFOIBnHx5yvb/WFGMkMB8GA1UdIwQYMBaAFA3hZ50h05th8CZQpBTsnQRixeQY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDNBMS82MDdBRTk1NDFE ODYxMUUyOTlCQTk0REQwOEIwMkNEMi9EZUZublNIVG0ySHdKbENrRk95ZEJHTEY1 QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RlRm5uU0hUbTJId0psQ2tGT3lkQkdMRjVCZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDNBMS82MDdBRTk1NDFEODYxMUUyOTlCQTk0REQwOEIwMkNEMi9EZUZublNIVG0y SHdKbENrRk95ZEJHTEY1QmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCljLmMbk0FEs+7avXz2cvEOgDBAdZhKM+dmSo8S6NsRuGhNG0g8h3y cdQpgA3aCs8XQC29Lkyn7VIstEVOfLcbh/r1919CsroDOoPh3AkEFmhJhPEz/3Kl X3Y+b8eIO+y/wUqyA+lKGr2BGhyX9T32vmLqw5/ACpiYGZbVUdSE2BpllDyTMV6a mET9q1cVmyDnbbYWigHF4IimH1hSOHQCXnxOJR7b+jBwoDmBNjq7jGpIA3JnoB/1 SGNTZ3j1RKnwuB5gEKDvsGFyLs9wZiAGFp6KJJVykpSFRXPgwK54SyC5tM9S4EIm cy409FqJ41/+nUUCQm3vtIBn0R5anZ0+ -----END CERTIFICATE-----Generated at Thu Apr 10 18:40:20 2025 by rpki-client