$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft File: VngmFidUtGDLWGbawxSIDHA1Rh0.mft (raw, json) Hash identifier: SZY2H51GUmjkghESo/S+8HuiRnkBSWB8WO+g74yzp2Y= Subject key identifier: 3C:21:68:6B:61:18:B5:54:D7:DD:25:DE:F0:C6:4B:38:71:6D:7F:32 Authority key identifier: 56:78:26:16:27:54:B4:60:CB:58:66:DA:C3:14:88:0C:70:35:46:1D Certificate issuer: /CN=A917D9B8/serialNumber=567826162754B460CB5866DAC314880C7035461D Certificate serial: AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft Manifest number: AD Signing time: Thu 03 Apr 2025 05:21:09 +0000 Manifest this update: Thu 03 Apr 2025 05:21:09 +0000 Manifest next update: Thu 10 Apr 2025 05:21:09 +0000 Files and hashes: 1: VngmFidUtGDLWGbawxSIDHA1Rh0.crl (hash: GTM+fINoa78q3eKsthtQvJpVyzhviuWdu2KA25Xgx1I=) 2: DFDEC4D007A411EFAB20A473C4F9AE02.roa (hash: PGS5VhTr1DCXehAFd1ANgs/kmJnDFu9yzCbFFpOqU30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.crl rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 05:21:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 174 (0xae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9B8 Validity Not Before: Apr 3 05:21:09 2025 GMT Not After : Apr 10 05:21:09 2025 GMT Subject: CN=67ee1ac5-2a79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d6:6b:a7:71:e0:8f:75:6c:41:8e:7f:a4:18: 56:9f:b1:7b:1e:fc:2a:f2:a3:fe:64:44:78:ec:17: ae:2c:46:33:f7:0a:37:10:66:7f:b3:3b:c0:c6:4b: fc:ed:63:45:9a:b9:0d:32:5d:ad:44:21:f3:e1:a2: 33:b4:58:69:63:76:4e:7f:4e:3a:4e:d4:7e:db:f3: 9a:29:54:94:fc:a3:36:8b:94:53:3d:df:f5:91:e2: ea:ed:77:81:f5:35:25:8e:d5:60:e3:cc:4b:56:ea: c8:b1:53:30:b8:f7:91:20:4b:6a:18:de:da:cb:a2: ab:53:fd:0e:4d:ac:65:64:d1:41:65:cf:cb:f4:05: d5:d3:d7:c1:b3:63:7f:39:5b:90:2e:69:07:af:84: b5:62:65:48:db:53:7c:11:5a:97:7f:81:26:51:b6: fd:cb:4d:68:4c:29:26:83:f9:36:ce:ec:73:16:3a: 4c:02:a3:06:be:e9:70:48:bb:1b:e8:9f:7d:cf:03: c7:59:f9:7f:3d:2b:84:b1:a4:8b:1b:41:7d:42:a6: d8:40:da:a5:bb:0d:bc:69:73:65:2b:7b:78:b5:c4: a8:4a:eb:d4:d4:a0:d4:fe:17:41:4a:a0:7a:c2:85: b0:73:b2:01:4c:76:b2:8f:27:fe:fe:3e:e7:b8:c7: 06:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:21:68:6B:61:18:B5:54:D7:DD:25:DE:F0:C6:4B:38:71:6D:7F:32 X509v3 Authority Key Identifier: keyid:56:78:26:16:27:54:B4:60:CB:58:66:DA:C3:14:88:0C:70:35:46:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:3a:05:8a:ea:93:b5:53:0f:6e:f8:a9:0c:0f:d2:8c:5c:58: 42:f3:ed:e0:24:8b:b9:14:9b:fe:fa:16:de:b8:71:e6:f0:c6: ab:89:45:b7:ab:8b:3e:e5:e5:ab:d4:72:fb:20:e7:37:53:03: 3e:51:62:2d:85:19:ff:37:76:e8:c1:9d:1b:e7:c6:90:66:c4: 8f:5c:a9:67:7b:f0:35:fa:b9:c0:39:1b:a5:fd:43:57:28:17: 73:9e:7b:c9:ef:03:e2:41:49:8e:cc:86:57:d5:51:5d:c4:4e: fd:4a:12:b6:ed:c6:fd:e5:94:48:6d:75:b2:e5:c4:ca:c2:ff: 44:f1:28:da:dd:e7:f0:68:3f:10:6a:bb:43:08:00:9c:e6:e1: 29:f8:7d:d2:e4:60:af:a6:58:a2:1f:ae:c6:79:02:ab:b9:66: 75:4c:bf:27:4e:d6:ac:e8:61:6c:8d:fa:89:b7:20:e1:4e:20: b8:3d:1f:e1:2c:40:db:9b:36:7f:95:67:5e:57:84:c8:6a:82: 0f:10:17:06:d5:fd:0f:6c:17:03:24:e6:8b:2e:0d:b3:e1:41: 18:76:ba:5f:ad:cb:f5:8c:8e:b8:46:6e:b3:54:17:73:c3:5e: 91:30:4b:79:47:a2:12:49:a8:e9:4e:49:51:16:e2:a4:42:30: 06:e2:d7:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5QjgxMTAvBgNVBAUTKDU2NzgyNjE2Mjc1NEI0NjBDQjU4NjZEQUMzMTQ4ODBD NzAzNTQ2MUQwHhcNMjUwNDAzMDUyMTA5WhcNMjUwNDEwMDUyMTA5WjAYMRYwFAYD VQQDEw02N2VlMWFjNS0yYTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAudZrp3Hgj3VsQY5/pBhWn7F7Hvwq8qP+ZER47BeuLEYz9wo3EGZ/szvAxkv8 7WNFmrkNMl2tRCHz4aIztFhpY3ZOf046TtR+2/OaKVSU/KM2i5RTPd/1keLq7XeB 9TUljtVg48xLVurIsVMwuPeRIEtqGN7ay6KrU/0OTaxlZNFBZc/L9AXV09fBs2N/ OVuQLmkHr4S1YmVI21N8EVqXf4EmUbb9y01oTCkmg/k2zuxzFjpMAqMGvulwSLsb 6J99zwPHWfl/PSuEsaSLG0F9QqbYQNqluw28aXNlK3t4tcSoSuvU1KDU/hdBSqB6 woWwc7IBTHayjyf+/j7nuMcGwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDwhaGth GLVU190l3vDGSzhxbX8yMB8GA1UdIwQYMBaAFFZ4JhYnVLRgy1hm2sMUiAxwNUYd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlCOC9DOEIxRDQ0RTA3 QTExMUVGODRGM0QyNkFDNEY5QUUwMi9WbmdtRmlkVXRHRExXR2Jhd3hTSURIQTFS aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZuZ21GaWRVdEdETFdHYmF3eFNJREhBMVJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlCOC9DOEIxRDQ0RTA3QTExMUVGODRGM0QyNkFDNEY5QUUwMi9WbmdtRmlkVXRH RExXR2Jhd3hTSURIQTFSaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHOgWK6pO1Uw9u+KkMD9KMXFhC8+3gJIu5FJv++hbeuHHm8MariUW3 q4s+5eWr1HL7IOc3UwM+UWIthRn/N3bowZ0b58aQZsSPXKlne/A1+rnAORul/UNX KBdznnvJ7wPiQUmOzIZX1VFdxE79ShK27cb95ZRIbXWy5cTKwv9E8Sja3efwaD8Q artDCACc5uEp+H3S5GCvpliiH67GeQKruWZ1TL8nTtas6GFsjfqJtyDhTiC4PR/h LEDbmzZ/lWdeV4TIaoIPEBcG1f0PbBcDJOaLLg2z4UEYdrpfrcv1jI64Rm6zVBdz w16RMEt5R6ISSajpTklRFuKkQjAG4tfN -----END CERTIFICATE-----Generated at Fri Apr 4 22:32:04 2025 by rpki-client