$ rpki-client -vvf rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft File: kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft (raw, json) Hash identifier: vHh62CwYxcTsoxoUcZ137onwhzarMvC2i1fiENsla+Q= Subject key identifier: AC:F8:F5:46:B6:ED:DE:A2:BB:E2:D7:21:E3:11:E2:25:D6:51:DC:99 Authority key identifier: 91:26:EF:E5:0D:5E:3B:53:1F:EE:E4:54:9A:B3:0B:FE:7A:54:55:07 Certificate issuer: /CN=A917F4D3/serialNumber=9126EFE50D5E3B531FEEE4549AB30BFE7A545507 Certificate serial: 01CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSbv5Q1eO1Mf7uRUmrML_npUVQc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft Manifest number: 01C8 Signing time: Sat 19 Apr 2025 02:13:28 +0000 Manifest this update: Sat 19 Apr 2025 02:13:28 +0000 Manifest next update: Sat 26 Apr 2025 02:13:28 +0000 Files and hashes: 1: kSbv5Q1eO1Mf7uRUmrML_npUVQc.crl (hash: OcEoKIMFVdmw0c6dchAUJJ8l23htLPPP1UwT24c7iM8=) 2: 32091726626D11ED87BDAC82C4F9AE02.roa (hash: hbdkOUT0eBQ98Cc0oj/9P37h6+6Kubs6FMec8+3wPTM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.crl rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSbv5Q1eO1Mf7uRUmrML_npUVQc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 02:13:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 459 (0x1cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F4D3, serialNumber=9126EFE50D5E3B531FEEE4549AB30BFE7A545507 Validity Not Before: Apr 19 02:13:28 2025 GMT Not After : Apr 26 02:13:28 2025 GMT Subject: CN=680306c8-21be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f6:40:ab:ee:f8:f3:f7:a9:ac:a4:9b:9d:18: 2a:db:b4:9a:27:d0:1d:2a:02:43:1f:61:cc:78:d7: 7a:5e:0b:0a:8c:c6:ab:1f:49:df:ba:35:f1:c6:8b: cd:8e:d8:c5:19:2b:f1:44:83:b7:a3:a8:88:80:3e: 0a:71:4d:79:5d:b6:5e:4b:47:ed:1f:9d:93:0c:a4: b8:7b:cf:31:77:b2:a0:c5:a6:5a:f6:75:ab:8a:1f: 45:8f:eb:88:4c:ae:3c:11:fb:f4:51:34:f2:a9:ce: 69:5f:cd:02:fa:bf:8b:a3:34:b6:9a:bb:be:6f:56: 44:6d:b3:ee:e0:2f:b4:79:e8:26:96:e4:09:83:57: fb:6a:89:a1:72:21:6e:d8:0d:7f:98:2a:58:af:d6: d9:8c:d9:7d:1c:72:5f:6b:82:a5:c5:4b:dd:a5:43: b5:02:6d:5c:23:e6:80:06:85:48:1a:7e:8a:2b:e1: 79:02:ac:67:77:fe:d2:9b:69:7a:7c:7f:d6:aa:47: 31:81:f9:e2:00:44:65:60:bd:4b:66:32:04:6a:14: cd:25:9b:dc:63:6c:98:e4:df:2d:76:30:0a:84:76: d1:eb:f8:2a:45:3f:47:87:98:a0:55:80:63:8f:73: b2:f0:51:d6:f5:7f:6a:25:09:53:2d:35:ca:d7:2b: e7:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:F8:F5:46:B6:ED:DE:A2:BB:E2:D7:21:E3:11:E2:25:D6:51:DC:99 X509v3 Authority Key Identifier: keyid:91:26:EF:E5:0D:5E:3B:53:1F:EE:E4:54:9A:B3:0B:FE:7A:54:55:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSbv5Q1eO1Mf7uRUmrML_npUVQc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:b5:65:a1:40:95:71:e3:50:2e:45:04:69:43:51:03:5e:c1: ca:8e:38:3a:31:7f:69:66:12:21:84:5d:13:f1:db:d9:42:80: a7:75:32:40:b2:72:94:f8:77:3a:d7:5f:46:8b:30:c0:82:c6: 77:dc:53:78:a8:76:5f:41:c5:0e:7e:d8:c8:9c:73:04:de:ca: 03:67:a2:4a:92:22:76:39:e8:ba:57:bc:07:f9:56:63:32:81: f1:ca:0a:64:eb:f0:21:f5:4a:88:47:eb:a8:ce:72:7d:61:e1: 9e:d2:01:9f:ca:c9:fb:09:fb:42:a2:0f:6b:f8:c0:f4:4a:50: f1:d5:b8:02:75:63:ed:26:0e:21:98:90:bb:48:95:44:38:f9: 3f:7f:16:fb:f2:e8:b1:84:ca:05:19:1b:98:9a:69:21:1f:fa: bd:6e:8f:32:8b:c8:38:55:2e:98:39:0f:78:e5:0e:0c:0a:44: d0:32:52:67:7a:a8:65:00:86:1b:ae:9f:27:80:70:f1:43:61: 2e:b9:bf:36:04:91:ac:da:88:b4:0f:04:30:e1:b9:cb:29:fe: c8:52:ff:00:a7:e3:0c:f9:6f:c4:58:ee:c1:0e:da:3c:af:2c: be:0b:66:64:48:5a:eb:25:3a:0a:63:26:79:30:d3:d6:20:6b: 14:9f:14:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y0RDMxMTAvBgNVBAUTKDkxMjZFRkU1MEQ1RTNCNTMxRkVFRTQ1NDlBQjMwQkZF N0E1NDU1MDcwHhcNMjUwNDE5MDIxMzI4WhcNMjUwNDI2MDIxMzI4WjAYMRYwFAYD VQQDEw02ODAzMDZjOC0yMWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv/ZAq+748/eprKSbnRgq27SaJ9AdKgJDH2HMeNd6XgsKjMarH0nfujXxxovN jtjFGSvxRIO3o6iIgD4KcU15XbZeS0ftH52TDKS4e88xd7KgxaZa9nWrih9Fj+uI TK48Efv0UTTyqc5pX80C+r+LozS2mru+b1ZEbbPu4C+0eegmluQJg1f7aomhciFu 2A1/mCpYr9bZjNl9HHJfa4KlxUvdpUO1Am1cI+aABoVIGn6KK+F5Aqxnd/7Sm2l6 fH/WqkcxgfniAERlYL1LZjIEahTNJZvcY2yY5N8tdjAKhHbR6/gqRT9Hh5igVYBj j3Oy8FHW9X9qJQlTLTXK1yvnNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKz49Ua2 7d6iu+LXIeMR4iXWUdyZMB8GA1UdIwQYMBaAFJEm7+UNXjtTH+7kVJqzC/56VFUH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjREMy82ODAzNEM2ODYy NjYxMUVEODI0MkM3ODZDNEY5QUUwMi9rU2J2NVExZU8xTWY3dVJVbXJNTF9ucFVW UWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTYnY1UTFlTzFNZjd1UlVtck1MX25wVVZRYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjREMy82ODAzNEM2ODYyNjYxMUVEODI0MkM3ODZDNEY5QUUwMi9rU2J2NVExZU8x TWY3dVJVbXJNTF9ucFVWUWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEtWWhQJVx41AuRQRpQ1EDXsHKjjg6MX9pZhIhhF0T8dvZQoCndTJA snKU+Hc6119GizDAgsZ33FN4qHZfQcUOftjInHME3soDZ6JKkiJ2Oei6V7wH+VZj MoHxygpk6/Ah9UqIR+uoznJ9YeGe0gGfysn7CftCog9r+MD0SlDx1bgCdWPtJg4h mJC7SJVEOPk/fxb78uixhMoFGRuYmmkhH/q9bo8yi8g4VS6YOQ945Q4MCkTQMlJn eqhlAIYbrp8ngHDxQ2Euub82BJGs2oi0DwQw4bnLKf7IUv8Ap+MM+W/EWO7BDto8 ryy+C2ZkSFrrJToKYyZ5MNPWIGsUnxSW -----END CERTIFICATE-----Generated at Sun Apr 20 22:36:14 2025 by rpki-client