$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft File: _whTCVKXG6BlIktSH1ZWO20hJO0.mft (raw, json) Hash identifier: 9Hh8ewzG20aYI/qB+AlWsZ9uNT9kJIuUQt+w8jAVQBI= Subject key identifier: 2D:63:55:2E:7E:D3:8D:89:26:F1:60:46:B4:5D:85:17:41:FE:60:45 Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0CD9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft Manifest number: 0CD3 Signing time: Fri 18 Apr 2025 18:14:52 +0000 Manifest this update: Fri 18 Apr 2025 18:14:52 +0000 Manifest next update: Fri 25 Apr 2025 18:14:52 +0000 Files and hashes: 1: _whTCVKXG6BlIktSH1ZWO20hJO0.crl (hash: Dk/ap9MLfo1PjzQcGtKqY39lfnTGUiJS4TkSsZ6wsbc=) 2: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (hash: 7Dst7szyPWooV+5WFj8vI4oANvEvXDCaESLYXfhjMk0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 18:14:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3289 (0xcd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475, serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: Apr 18 18:14:52 2025 GMT Not After : Apr 25 18:14:52 2025 GMT Subject: CN=6802969c-3587 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:26:1f:14:a2:8a:70:b6:eb:13:f3:10:c9:e8: f7:f0:7c:1b:c4:39:8c:08:49:de:4d:8a:d0:cc:2c: 89:df:b5:0f:93:37:6a:cb:bf:6c:d9:80:5a:5f:6e: 76:36:bb:65:8b:ba:99:6a:97:a2:e6:e1:11:76:f6: 08:22:fa:20:6d:17:8e:a0:03:19:a9:d9:71:16:d0: 75:37:bb:81:50:53:8c:ed:2c:66:51:0b:04:36:59: 30:e3:42:8d:7c:51:7f:c6:38:e2:50:97:df:ba:58: 60:1e:b2:46:1c:2e:d5:a1:25:9b:6c:53:85:76:1f: 92:59:8b:57:e6:98:84:c5:e7:6c:e2:1a:36:43:9a: 7b:a0:67:39:2b:9f:b2:df:74:f1:5d:bb:4c:83:d9: b5:53:82:2a:1e:8e:5f:23:af:6e:95:bf:9e:f4:c1: e9:94:86:09:5d:07:47:cb:c7:66:23:12:2b:97:c7: 4a:cb:a2:fc:fb:4c:d0:12:94:bd:5e:db:32:5c:b4: 92:2d:2c:74:f2:b3:9d:e6:44:1f:1f:6c:c2:23:9a: a7:45:ee:df:2f:7a:0e:22:38:56:e6:46:e7:2f:5b: 7f:93:20:5d:ee:68:d6:74:44:9a:23:02:b4:70:81: 03:9c:bc:25:ee:60:34:fc:8f:8e:fc:95:6d:a7:f5: 82:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:63:55:2E:7E:D3:8D:89:26:F1:60:46:B4:5D:85:17:41:FE:60:45 X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:41:50:bf:2b:9e:2b:1e:84:63:94:bb:0b:ec:72:a4:37:57: 8c:90:aa:2c:91:98:4d:06:95:1f:2f:56:6c:0f:95:6a:0d:f3: c3:bb:e9:53:9d:f0:64:dd:89:56:3a:64:27:7a:18:23:8a:8d: f7:b4:eb:dd:58:28:a5:e9:ae:fe:13:4a:26:6a:85:f2:ee:af: 0a:e7:56:40:80:ef:1e:6b:6f:04:7a:99:1a:37:92:f5:3f:4a: 64:3f:09:31:da:9f:25:3f:65:db:a0:02:97:27:34:e0:a5:8b: a7:ef:92:54:85:3d:35:56:33:20:24:fb:43:80:a4:51:28:2c: 19:01:3c:c2:1a:8c:59:ac:ee:b4:29:26:63:12:17:ae:76:ac: 48:f0:98:34:75:76:a4:fb:24:82:d8:78:6d:5a:19:b5:77:c7: 2f:65:20:ce:c0:21:95:65:c6:54:c2:a8:3e:0d:4a:e9:27:38: a1:a7:9c:a3:1a:06:76:31:45:20:2b:e6:ba:f2:fa:b5:21:18: 97:16:f9:f9:b5:48:cb:ec:8d:04:ca:ed:b9:09:7f:95:79:36: 98:3a:d0:7f:f9:c9:b1:18:0e:61:be:8f:d8:0f:7a:32:d5:d9: c9:64:f6:0f:c5:35:3e:0d:8c:c5:62:1c:61:64:b3:08:a5:e6: f5:12:64:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjUwNDE4MTgxNDUyWhcNMjUwNDI1MTgxNDUyWjAYMRYwFAYD VQQDEw02ODAyOTY5Yy0zNTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtiYfFKKKcLbrE/MQyej38HwbxDmMCEneTYrQzCyJ37UPkzdqy79s2YBaX252 Nrtli7qZapei5uERdvYIIvogbReOoAMZqdlxFtB1N7uBUFOM7SxmUQsENlkw40KN fFF/xjjiUJffulhgHrJGHC7VoSWbbFOFdh+SWYtX5piExeds4ho2Q5p7oGc5K5+y 33TxXbtMg9m1U4IqHo5fI69ulb+e9MHplIYJXQdHy8dmIxIrl8dKy6L8+0zQEpS9 XtsyXLSSLSx08rOd5kQfH2zCI5qnRe7fL3oOIjhW5kbnL1t/kyBd7mjWdESaIwK0 cIEDnLwl7mA0/I+O/JVtp/WCfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC1jVS5+ 042JJvFgRrRdhRdB/mBFMB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTQ3NS9EQkZCM0VCNEU0MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2 QmxJa3RTSDFaV08yMGhKTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdQVC/K54rHoRjlLsL7HKkN1eMkKoskZhNBpUfL1ZsD5VqDfPDu+lT nfBk3YlWOmQnehgjio33tOvdWCil6a7+E0omaoXy7q8K51ZAgO8ea28EepkaN5L1 P0pkPwkx2p8lP2XboAKXJzTgpYun75JUhT01VjMgJPtDgKRRKCwZATzCGoxZrO60 KSZjEheudqxI8Jg0dXak+ySC2HhtWhm1d8cvZSDOwCGVZcZUwqg+DUrpJzihp5yj GgZ2MUUgK+a68vq1IRiXFvn5tUjL7I0Eyu25CX+VeTaYOtB/+cmxGA5hvo/YD3oy 1dnJZPYPxTU+DYzFYhxhZLMIpeb1EmSa -----END CERTIFICATE-----Generated at Sat Apr 19 00:53:52 2025 by rpki-client