$ rpki-client -vvf rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.mft File: rOKNq-U2SWN_puTjId4bY0Y7g88.mft (raw, json) Hash identifier: ssKnvOUgP1+740IszckNC7KtZSfkUNVOE8jr62ANNqc= Subject key identifier: 6C:F1:E5:26:DF:83:96:71:8E:A3:F4:67:98:DE:B0:D2:69:3D:65:09 Authority key identifier: AC:E2:8D:AB:E5:36:49:63:7F:A6:E4:E3:21:DE:1B:63:46:3B:83:CF Certificate issuer: /CN=A9186249/serialNumber=ACE28DABE53649637FA6E4E321DE1B63463B83CF Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOKNq-U2SWN_puTjId4bY0Y7g88.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.mft Manifest number: D1 Signing time: Sat 29 Mar 2025 05:05:10 +0000 Manifest this update: Sat 29 Mar 2025 05:05:10 +0000 Manifest next update: Sat 05 Apr 2025 05:05:10 +0000 Files and hashes: 1: rOKNq-U2SWN_puTjId4bY0Y7g88.crl (hash: IIBRK+PlriYbFuCd+l5Ndqk/bN3iGsf3d0m8tG6XPiY=) 2: E7F6D15AD17411EE87F7325DC4F9AE02.roa (hash: roB5hg8LbgyHBq3NzG2BxN4ORRxykj532WnJpDlGnj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.crl rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOKNq-U2SWN_puTjId4bY0Y7g88.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:05:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186249 Validity Not Before: Mar 29 05:05:10 2025 GMT Not After : Apr 5 05:05:10 2025 GMT Subject: CN=67e77f86-10f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5a:47:51:72:5d:ea:89:03:1d:ab:2c:85:c1: ba:b1:de:43:b4:1b:08:4c:de:6a:71:97:30:30:b7: 4d:22:35:63:79:d7:dd:97:e7:3e:1b:e0:d1:14:35: 6f:35:67:ca:ee:8b:6b:df:59:e4:80:0e:db:f8:03: 65:e8:ef:c4:aa:f5:5f:e1:ed:12:ee:21:3a:18:94: d4:65:23:09:92:1e:f2:d1:e9:73:39:68:51:61:1d: ef:21:ec:91:35:fe:43:15:23:c1:f5:8e:d0:c8:da: 7e:52:52:42:ed:65:93:d6:d4:0d:6f:1e:97:3a:53: f8:9d:af:9b:37:82:33:f5:e9:67:8a:80:0f:8b:67: 99:d2:34:b4:10:25:58:5b:9c:8f:d6:7d:9e:c4:72: 79:17:3c:28:5f:3a:7f:d9:5f:e0:a2:a2:7f:7b:02: f5:2f:0e:65:63:34:83:53:9c:33:77:58:ee:7d:d2: 23:71:de:e1:85:05:a6:28:3c:6c:30:90:5c:d6:0c: 6c:27:b2:99:a1:79:79:e6:22:8f:0f:d1:4e:24:7d: b8:78:c8:64:6d:54:b2:4c:12:7f:94:ea:ab:ce:46: d7:6f:dc:9b:4f:8e:a4:8f:76:ae:93:f7:4d:a0:57: 5f:f6:78:ef:f6:8b:a7:e8:2c:ee:95:33:8a:eb:09: 65:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:F1:E5:26:DF:83:96:71:8E:A3:F4:67:98:DE:B0:D2:69:3D:65:09 X509v3 Authority Key Identifier: keyid:AC:E2:8D:AB:E5:36:49:63:7F:A6:E4:E3:21:DE:1B:63:46:3B:83:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOKNq-U2SWN_puTjId4bY0Y7g88.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c6:6c:25:cf:23:7f:9c:5b:f8:8d:4b:4c:56:a3:b1:8a:89:7d: c5:60:e2:e9:96:54:82:d5:37:b9:e5:62:9b:0d:a3:d1:bd:66: 21:60:e2:10:56:9a:4f:2d:d1:09:0f:ca:92:8f:88:8f:02:a0: 84:05:7f:35:8e:c9:86:ec:8c:88:61:b4:02:e9:f6:7a:5d:56: c6:7f:6d:f4:75:e5:95:15:f1:fc:08:bd:6b:38:16:a9:f9:a1: aa:85:75:b9:af:bb:2a:6f:51:fe:4b:30:60:1c:66:db:16:45: 71:2f:9a:d1:76:f9:9b:44:d0:9a:5f:ba:ed:17:63:f3:99:e2: fe:9a:ef:10:82:40:7e:f5:51:ba:20:d0:d6:62:07:11:50:9e: 95:31:5d:7c:3c:d5:fe:89:2c:a6:8e:df:c7:55:8d:b0:e9:b7: 3e:14:94:b2:5f:d7:84:a8:69:5f:36:5c:97:99:dd:93:68:68: ae:d6:43:d7:b0:5e:b3:c7:51:59:4c:d5:6c:c1:b4:9b:dd:47: ab:94:96:43:27:43:e8:3d:7e:b1:cb:5a:1b:b7:20:00:91:7a: f0:4e:52:bb:e9:da:cf:67:a2:b1:1b:de:73:8f:0b:35:6e:19: 06:0e:de:21:08:42:81:7b:63:58:58:d0:68:b9:00:e9:b1:8c: a1:dc:25:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYyNDkxMTAvBgNVBAUTKEFDRTI4REFCRTUzNjQ5NjM3RkE2RTRFMzIxREUxQjYz NDYzQjgzQ0YwHhcNMjUwMzI5MDUwNTEwWhcNMjUwNDA1MDUwNTEwWjAYMRYwFAYD VQQDEw02N2U3N2Y4Ni0xMGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxFpHUXJd6okDHasshcG6sd5DtBsITN5qcZcwMLdNIjVjedfdl+c+G+DRFDVv NWfK7otr31nkgA7b+ANl6O/EqvVf4e0S7iE6GJTUZSMJkh7y0elzOWhRYR3vIeyR Nf5DFSPB9Y7QyNp+UlJC7WWT1tQNbx6XOlP4na+bN4Iz9elnioAPi2eZ0jS0ECVY W5yP1n2exHJ5FzwoXzp/2V/goqJ/ewL1Lw5lYzSDU5wzd1jufdIjcd7hhQWmKDxs MJBc1gxsJ7KZoXl55iKPD9FOJH24eMhkbVSyTBJ/lOqrzkbXb9ybT46kj3auk/dN oFdf9njv9oun6CzulTOK6wllZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGzx5Sbf g5ZxjqP0Z5jesNJpPWUJMB8GA1UdIwQYMBaAFKzijavlNkljf6bk4yHeG2NGO4PP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjI0OS9BMUYyMzQzQ0Qx NzAxMUVFQTYxNTFDNERDNEY5QUUwMi9yT0tOcS1VMlNXTl9wdVRqSWQ0YlkwWTdn ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JPS05xLVUyU1dOX3B1VGpJZDRiWTBZN2c4OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NjI0OS9BMUYyMzQzQ0QxNzAxMUVFQTYxNTFDNERDNEY5QUUwMi9yT0tOcS1VMlNX Tl9wdVRqSWQ0YlkwWTdnODgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDGbCXPI3+cW/iNS0xWo7GKiX3FYOLpllSC1Te55WKbDaPRvWYhYOIQ VppPLdEJD8qSj4iPAqCEBX81jsmG7IyIYbQC6fZ6XVbGf230deWVFfH8CL1rOBap +aGqhXW5r7sqb1H+SzBgHGbbFkVxL5rRdvmbRNCaX7rtF2PzmeL+mu8QgkB+9VG6 INDWYgcRUJ6VMV18PNX+iSymjt/HVY2w6bc+FJSyX9eEqGlfNlyXmd2TaGiu1kPX sF6zx1FZTNVswbSb3UerlJZDJ0PoPX6xy1obtyAAkXrwTlK76drPZ6KxG95zjws1 bhkGDt4hCEKBe2NYWNBouQDpsYyh3CWs -----END CERTIFICATE-----Generated at Fri Apr 4 22:15:08 2025 by rpki-client