$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft File: PG7AmwlfpfUTYVEIpUR8rLcasaE.mft (raw, json) Hash identifier: xn5D0BR1AnAMmtXxNGLmiIzuWD53V6d2aemvzGdrYBU= Subject key identifier: 88:CD:2F:3E:84:2C:1C:50:56:C4:18:B0:F6:FC:4F:F7:FC:09:F9:07 Authority key identifier: 3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 Certificate issuer: /CN=A917E4BA/serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Certificate serial: 0A9E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft Manifest number: 0A99 Signing time: Fri 04 Apr 2025 19:41:29 +0000 Manifest this update: Fri 04 Apr 2025 19:41:29 +0000 Manifest next update: Fri 11 Apr 2025 19:41:29 +0000 Files and hashes: 1: PG7AmwlfpfUTYVEIpUR8rLcasaE.crl (hash: KsuyiSiwwdFgQM2MvmlzEi3HhUYLAk+ce0/8Vdx2rTU=) 2: 66F91334ED4911ED9A90391BC4F9AE02.roa (hash: 4M2o1uWpD8HZNRKume3UqAzLmAnLuLXQtM8OeJIWFiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:41:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2718 (0xa9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA Validity Not Before: Apr 4 19:41:29 2025 GMT Not After : Apr 11 19:41:29 2025 GMT Subject: CN=67f035e9-83fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:73:5e:f7:8c:15:10:81:b8:91:88:76:a7:a4: 3e:12:d9:6c:ef:0f:39:09:33:3e:7a:37:c8:f6:c7: 55:4b:64:8c:7d:16:ee:cb:74:2b:d7:3f:c8:76:35: 1c:0a:f4:9f:8a:7d:7f:a2:bd:dc:c7:05:c9:f4:ae: 06:c8:87:d3:1b:bb:27:73:d6:fc:1f:5e:49:f2:5b: 7b:8c:27:7d:85:f1:6f:2b:19:06:65:3d:a9:e7:62: c4:6b:ad:78:01:45:40:2a:8f:63:a7:7a:b9:25:70: 39:ca:25:9c:8c:38:1a:9b:55:08:ca:1d:4e:93:21: a5:ff:a4:8c:fd:55:a9:b4:9c:5f:5a:53:58:49:fa: 66:f6:1a:fb:b1:5a:1c:4b:9a:27:03:0d:a9:03:05: 89:5b:76:7f:6a:8b:67:d3:07:a1:f5:79:11:49:08: fb:89:f6:d0:0d:a3:20:0d:02:09:f4:25:c7:1d:c7: 8f:02:b4:fc:d7:20:bb:f3:4d:a2:f0:a9:6f:23:5a: 9b:7d:ad:d7:a7:a5:77:1d:26:14:bb:80:c1:c1:05: 2f:ec:10:c1:99:3f:fe:82:8d:48:a9:69:ac:6e:1f: 55:4c:82:2a:4a:15:dd:21:a2:c2:27:74:aa:c2:a4: 2d:9c:54:3e:66:3b:ab:ed:af:61:cc:6b:78:6c:25: ff:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:CD:2F:3E:84:2C:1C:50:56:C4:18:B0:F6:FC:4F:F7:FC:09:F9:07 X509v3 Authority Key Identifier: keyid:3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:68:c9:1d:e2:24:66:61:3a:9c:ed:78:e7:53:9f:4c:a3:86: d3:f6:7a:e0:e9:a9:db:58:bc:ad:f2:52:09:7f:52:08:47:57: b1:87:4d:21:6e:60:5e:4f:23:9e:e9:e5:9c:30:3e:a3:42:c1: a0:9b:9e:8e:b1:55:55:c7:17:90:f1:86:46:81:bd:4b:f6:da: cb:26:bc:01:e5:88:31:37:e6:99:f2:9d:78:5a:34:fd:a8:ff: f9:cc:bd:16:43:c4:59:ad:31:f4:95:ee:22:6a:4b:a9:69:9e: 57:9a:bf:18:15:66:f8:6a:37:b0:06:73:69:f1:c2:b6:c9:51: 9d:f5:5f:5a:f7:e0:d4:5a:0b:33:44:e7:50:e8:25:ae:bd:ba: b9:c3:30:e4:4d:44:40:46:7b:42:21:2c:28:e0:81:03:88:4c: a0:4c:d3:52:22:a5:7a:bd:fe:d6:3f:4e:60:9f:1e:04:0d:e5: 54:23:08:d3:bc:09:8f:4b:5b:37:32:52:71:56:78:8f:e6:9d: 2d:08:fd:95:3b:2f:6b:9d:48:8e:34:2d:85:9c:ee:5b:79:0a: 64:ec:2b:f5:65:08:71:00:be:33:30:c2:ce:50:e7:36:cc:ed: 2b:9d:ec:b8:50:19:2c:62:0b:ef:69:a2:94:25:70:80:70:d1: 10:ef:b3:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKDNDNkVDMDlCMDk1RkE1RjUxMzYxNTEwOEE1NDQ3Q0FD QjcxQUIxQTEwHhcNMjUwNDA0MTk0MTI5WhcNMjUwNDExMTk0MTI5WjAYMRYwFAYD VQQDEw02N2YwMzVlOS04M2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAznNe94wVEIG4kYh2p6Q+Etls7w85CTM+ejfI9sdVS2SMfRbuy3Qr1z/IdjUc CvSfin1/or3cxwXJ9K4GyIfTG7snc9b8H15J8lt7jCd9hfFvKxkGZT2p52LEa614 AUVAKo9jp3q5JXA5yiWcjDgam1UIyh1OkyGl/6SM/VWptJxfWlNYSfpm9hr7sVoc S5onAw2pAwWJW3Z/aotn0weh9XkRSQj7ifbQDaMgDQIJ9CXHHcePArT81yC7802i 8KlvI1qbfa3Xp6V3HSYUu4DBwQUv7BDBmT/+go1IqWmsbh9VTIIqShXdIaLCJ3Sq wqQtnFQ+Zjur7a9hzGt4bCX/EQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIjNLz6E LBxQVsQYsPb8T/f8CfkHMB8GA1UdIwQYMBaAFDxuwJsJX6X1E2FRCKVEfKy3GrGh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9DOTUyQUM5RTUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBmVVRZVkVJcFVSOHJMY2Fz YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BHN0Ftd2xmcGZVVFlWRUlwVVI4ckxjYXNhRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTRCQS9DOTUyQUM5RTUyREMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBm VVRZVkVJcFVSOHJMY2FzYUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChaMkd4iRmYTqc7XjnU59Mo4bT9nrg6anbWLyt8lIJf1IIR1exh00h bmBeTyOe6eWcMD6jQsGgm56OsVVVxxeQ8YZGgb1L9trLJrwB5YgxN+aZ8p14WjT9 qP/5zL0WQ8RZrTH0le4iakupaZ5Xmr8YFWb4ajewBnNp8cK2yVGd9V9a9+DUWgsz ROdQ6CWuvbq5wzDkTURARntCISwo4IEDiEygTNNSIqV6vf7WP05gnx4EDeVUIwjT vAmPS1s3MlJxVniP5p0tCP2VOy9rnUiONC2FnO5beQpk7Cv1ZQhxAL4zMMLOUOc2 zO0rney4UBksYgvvaaKUJXCAcNEQ77Mz -----END CERTIFICATE-----Generated at Sun Apr 6 16:34:38 2025 by rpki-client