$ rpki-client -vvf rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft File: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft (raw, json) Hash identifier: /ZIvhpAsyixLZZJw17S3G8lyQfL2tTlCXz4fPCR5Ad4= Subject key identifier: DF:8A:72:38:0C:45:39:77:BC:60:5F:3B:69:B2:91:42:9E:05:C2:A8 Authority key identifier: E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30 Certificate issuer: /CN=A917F0AF/serialNumber=E114378DA934861469F495D97598E0F00289C330 Certificate serial: 2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft Manifest number: 2C Signing time: Sat 29 Mar 2025 07:01:47 +0000 Manifest this update: Sat 29 Mar 2025 07:01:46 +0000 Manifest next update: Sat 05 Apr 2025 07:01:46 +0000 Files and hashes: 1: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl (hash: XvJcIQa4fGuCO5C50VvK6Tlku7fznPE/5w0sx0pwXVQ=) 2: 27E5184CCC6211EFA20BEE1BC4F9AE02.roa (hash: Nfq9gOVsvHp+sAvDqwlNp+Rm9HqcCv4rXARNazxofGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45 (0x2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F0AF Validity Not Before: Mar 29 07:01:46 2025 GMT Not After : Apr 5 07:01:46 2025 GMT Subject: CN=67e79adb-367f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b1:9c:ea:3a:a1:37:e3:f9:df:04:7b:1c:2d: 9e:2c:93:83:b4:b0:ac:0c:c5:ee:8b:92:9b:b0:01: 13:c3:c6:69:ca:d9:93:72:db:4c:5a:9a:fa:89:26: 56:96:5d:fc:c3:e1:29:b1:f4:07:a2:88:78:13:96: f8:77:60:75:c0:ec:4f:1e:a4:be:4d:42:fb:2f:0b: 29:73:45:56:ee:99:b0:5d:56:8f:99:ec:4c:98:7e: 24:79:19:82:d2:87:fe:a2:c1:ea:78:d5:ce:5e:2d: 91:ed:b8:4b:92:79:6d:ee:66:9d:b9:5f:6c:ac:16: 91:27:fc:01:43:e4:cb:4b:d2:95:e5:46:fa:f1:6a: 8b:27:4d:34:39:9b:e3:32:93:be:60:f8:ac:43:75: 70:e7:31:dd:cd:57:fd:7b:b8:55:63:ee:48:c8:38: f0:b6:76:fb:d0:4d:c4:c6:51:f0:e9:b9:ca:76:db: 8b:72:78:16:1b:4c:26:0f:ff:0e:94:cb:d9:3f:f8: 58:75:4a:7c:84:c6:d4:cc:e8:f0:af:b2:56:f3:af: 5d:47:f1:02:e7:4b:90:4f:4d:cf:c7:dd:c0:a4:dc: c4:2e:7e:0d:bc:6a:d1:9a:f0:c1:b1:7a:9c:ad:ab: 72:b3:39:46:ef:f8:5a:b0:1b:ee:be:9d:8b:df:1b: f5:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:8A:72:38:0C:45:39:77:BC:60:5F:3B:69:B2:91:42:9E:05:C2:A8 X509v3 Authority Key Identifier: keyid:E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c3:f1:63:32:b9:aa:65:a6:90:d7:f2:0b:13:1d:a3:0a:b8:87: 2c:6f:b3:71:89:96:8f:45:ea:7e:aa:46:52:1a:44:fd:18:ee: cf:d5:7c:4f:bd:0b:3b:38:0b:0b:d5:a1:b4:77:16:5a:c4:af: c4:2d:9d:0f:27:12:43:64:6f:32:f2:53:7d:90:b7:9b:e9:9e: 91:42:1f:b5:c8:a9:47:43:76:af:8e:95:d3:02:61:2f:a0:ca: 14:c4:13:7e:76:c9:ca:70:66:c5:26:34:d6:70:26:65:77:ae: 22:0c:bc:57:92:a2:43:bd:2c:1d:43:7f:0e:f6:93:77:f3:78: 93:d0:65:d4:c0:d9:48:a0:ba:9b:a5:6e:ea:ea:9f:b7:dd:d3: 38:73:24:ac:e9:f1:a1:e8:b1:78:36:cf:ef:1d:a9:b7:b9:98: d6:ae:a5:51:7f:80:75:85:21:1d:28:4a:ca:53:99:7f:5a:65: 47:bd:32:e0:17:97:e1:91:ab:e2:d0:f5:4d:d1:2e:63:80:a8: 89:13:f9:e5:98:01:eb:cf:37:7a:8a:be:57:3e:d1:00:e5:c7: 35:61:a4:ca:0a:92:63:63:17:d3:85:6c:8c:31:4f:34:b2:87: 03:b7:06:71:3f:58:9f:08:cf:82:8f:53:fe:1b:af:f1:a6:96: f1:04:e6:c8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RjBBRjExMC8GA1UEBRMoRTExNDM3OERBOTM0ODYxNDY5RjQ5NUQ5NzU5OEUwRjAw Mjg5QzMzMDAeFw0yNTAzMjkwNzAxNDZaFw0yNTA0MDUwNzAxNDZaMBgxFjAUBgNV BAMTDTY3ZTc5YWRiLTM2N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMsZzqOqE34/nfBHscLZ4sk4O0sKwMxe6LkpuwARPDxmnK2ZNy20xamvqJJlaW XfzD4Smx9AeiiHgTlvh3YHXA7E8epL5NQvsvCylzRVbumbBdVo+Z7EyYfiR5GYLS h/6iwep41c5eLZHtuEuSeW3uZp25X2ysFpEn/AFD5MtL0pXlRvrxaosnTTQ5m+My k75g+KxDdXDnMd3NV/17uFVj7kjIOPC2dvvQTcTGUfDpucp224tyeBYbTCYP/w6U y9k/+Fh1SnyExtTM6PCvslbzr11H8QLnS5BPTc/H3cCk3MQufg28atGa8MGxepyt q3KzOUbv+FqwG+6+nYvfG/WTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU34pyOAxF OXe8YF87abKRQp4FwqgwHwYDVR0jBBgwFoAU4RQ3jak0hhRp9JXZdZjg8AKJwzAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGMEFGLzJEN0E3RTBFQ0M0 RjExRUZBODlBOEYxNEM0RjlBRTAyLzRSUTNqYWswaGhScDlKWFpkWmpnOEFLSnd6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFJRM2phazBoaFJwOUpYWmRaamc4QUtKd3pBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdG MEFGLzJEN0E3RTBFQ0M0RjExRUZBODlBOEYxNEM0RjlBRTAyLzRSUTNqYWswaGhS cDlKWFpkWmpnOEFLSnd6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMPxYzK5qmWmkNfyCxMdowq4hyxvs3GJlo9F6n6qRlIaRP0Y7s/VfE+9 Czs4CwvVobR3FlrEr8QtnQ8nEkNkbzLyU32Qt5vpnpFCH7XIqUdDdq+OldMCYS+g yhTEE352ycpwZsUmNNZwJmV3riIMvFeSokO9LB1Dfw72k3fzeJPQZdTA2Uigupul burqn7fd0zhzJKzp8aHosXg2z+8dqbe5mNaupVF/gHWFIR0oSspTmX9aZUe9MuAX l+GRq+LQ9U3RLmOAqIkT+eWYAevPN3qKvlc+0QDlxzVhpMoKkmNjF9OFbIwxTzSy hwO3BnE/WJ8Iz4KPU/4br/GmlvEE5sg= -----END CERTIFICATE-----Generated at Fri Apr 4 21:53:59 2025 by rpki-client