$ rpki-client -vvf rpki.apnic.net/member_repository/A9188D8F/B852FB3C432411EA9263254AC4F9AE02/pS-PmFnKxH1oVCcjTSYW655TljQ.mft File: pS-PmFnKxH1oVCcjTSYW655TljQ.mft (raw, json) Hash identifier: foWonD22cm0xlTpYZQuz6HSmZScPaFAITOyxtInDP3o= Subject key identifier: B0:4E:43:42:C8:8B:EC:99:1C:B0:C4:82:97:64:46:60:74:60:AF:4C Authority key identifier: A5:2F:8F:98:59:CA:C4:7D:68:54:27:23:4D:26:16:EB:9E:53:96:34 Certificate issuer: /CN=A9188D8F/serialNumber=A52F8F9859CAC47D685427234D2616EB9E539634 Certificate serial: 0AF5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pS-PmFnKxH1oVCcjTSYW655TljQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9188D8F/B852FB3C432411EA9263254AC4F9AE02/pS-PmFnKxH1oVCcjTSYW655TljQ.mft Manifest number: 0AEE Signing time: Wed 16 Apr 2025 19:12:32 +0000 Manifest this update: Wed 16 Apr 2025 19:12:31 +0000 Manifest next update: Wed 23 Apr 2025 19:12:31 +0000 Files and hashes: 1: pS-PmFnKxH1oVCcjTSYW655TljQ.crl (hash: 09etZXBkqKbVaTc3P3yPr0BsXB/ttnMskTq3u0Nod34=) 2: A84F7CEE432711EA87CB0E53C4F9AE02.roa (hash: 9D2VyaAKjVgoxkaamh4Z/Ffje6FAagohXWssSAvixLM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9188D8F/B852FB3C432411EA9263254AC4F9AE02/pS-PmFnKxH1oVCcjTSYW655TljQ.crl rsync://rpki.apnic.net/member_repository/A9188D8F/B852FB3C432411EA9263254AC4F9AE02/pS-PmFnKxH1oVCcjTSYW655TljQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pS-PmFnKxH1oVCcjTSYW655TljQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 19:12:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2805 (0xaf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9188D8F, serialNumber=A52F8F9859CAC47D685427234D2616EB9E539634 Validity Not Before: Apr 16 19:12:31 2025 GMT Not After : Apr 23 19:12:31 2025 GMT Subject: CN=68000120-00d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:01:d2:dc:01:ac:0d:be:40:89:86:d1:4e:3c: 22:bb:20:10:48:6f:f4:42:3c:4d:ba:72:73:9b:62: 39:83:92:fd:93:f3:56:cf:8b:8f:4a:4a:5b:e2:78: d3:75:16:62:29:e8:82:cf:31:24:5f:71:dd:1c:36: 31:81:18:00:9d:92:7c:2d:8b:97:8c:71:32:d6:aa: 50:37:05:eb:87:83:32:17:1d:6a:c0:84:47:99:b8: 1f:b8:bd:62:32:09:65:76:b4:7f:07:ad:b3:ff:23: 19:f5:c0:fc:e4:fb:47:d7:bf:d7:bf:1c:67:8e:81: 62:94:41:1d:76:9c:f9:ea:9e:9d:b2:87:94:14:70: 13:2a:51:7b:8d:d6:7b:db:a1:73:4a:9c:e7:c6:90: b0:b1:ee:4f:1e:de:d5:b2:c5:64:30:e5:0e:0c:f1: 8e:94:c1:5e:b9:a9:05:81:1e:29:d9:bf:f8:31:d1: d9:b1:07:3c:f9:64:cf:c5:e2:33:78:d3:92:53:97: 97:14:e9:6a:24:bd:50:10:8b:62:61:8b:64:a7:9f: b5:4a:b6:0c:b2:51:72:db:f7:00:14:5a:4a:f6:55: 30:d8:25:a8:c4:60:26:96:f6:74:b2:66:f1:ec:63: 10:e2:f3:67:26:5f:34:b4:32:9e:cf:fc:00:f0:62: c9:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:4E:43:42:C8:8B:EC:99:1C:B0:C4:82:97:64:46:60:74:60:AF:4C X509v3 Authority Key Identifier: keyid:A5:2F:8F:98:59:CA:C4:7D:68:54:27:23:4D:26:16:EB:9E:53:96:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9188D8F/B852FB3C432411EA9263254AC4F9AE02/pS-PmFnKxH1oVCcjTSYW655TljQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pS-PmFnKxH1oVCcjTSYW655TljQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188D8F/B852FB3C432411EA9263254AC4F9AE02/pS-PmFnKxH1oVCcjTSYW655TljQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:9b:c6:a6:5d:87:7a:ea:27:a6:90:39:b8:f6:98:8c:c8:51: 54:92:9d:28:ae:25:5e:92:5f:74:52:84:48:3f:ca:38:9f:1b: a4:a1:36:98:cf:f3:eb:15:8a:c9:80:2d:ec:10:ff:a7:ee:8c: ba:66:9a:e5:6b:cc:35:7d:b2:9d:65:67:2e:52:b1:c3:25:41: 26:df:cf:ea:d6:b0:c0:d5:43:cd:01:c1:53:b4:2f:b3:07:5b: 02:ca:7a:20:07:a8:f3:3d:2c:4d:a9:eb:59:37:6f:16:e1:c7: ed:69:29:f0:66:df:c2:1c:18:57:0b:d3:f5:bb:47:25:b2:4f: aa:11:36:27:e6:ea:bb:fc:5e:d3:c2:7d:79:11:6b:cb:b7:da: 30:3f:07:a1:df:81:3c:bb:b8:f1:32:db:4f:28:2c:55:26:92: d3:21:5a:c4:a8:f4:b9:07:8f:85:0e:7b:2b:f7:c0:64:e5:45: ed:d5:5f:b8:a9:f7:68:b2:5b:8e:98:3e:5a:84:c9:db:bf:3d: 9d:f8:1c:05:71:2e:c9:d1:1b:08:26:27:10:7e:28:e7:49:a2: b1:34:c0:e4:49:11:e5:8c:9d:a9:7e:96:a0:86:98:a5:f2:a3: ac:4f:fb:8e:ab:ca:be:17:0c:14:37:d3:77:7a:23:88:8f:59: b4:d6:a7:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODhEOEYxMTAvBgNVBAUTKEE1MkY4Rjk4NTlDQUM0N0Q2ODU0MjcyMzREMjYxNkVC OUU1Mzk2MzQwHhcNMjUwNDE2MTkxMjMxWhcNMjUwNDIzMTkxMjMxWjAYMRYwFAYD VQQDEw02ODAwMDEyMC0wMGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwAHS3AGsDb5AiYbRTjwiuyAQSG/0QjxNunJzm2I5g5L9k/NWz4uPSkpb4njT dRZiKeiCzzEkX3HdHDYxgRgAnZJ8LYuXjHEy1qpQNwXrh4MyFx1qwIRHmbgfuL1i MglldrR/B62z/yMZ9cD85PtH17/XvxxnjoFilEEddpz56p6dsoeUFHATKlF7jdZ7 26FzSpznxpCwse5PHt7VssVkMOUODPGOlMFeuakFgR4p2b/4MdHZsQc8+WTPxeIz eNOSU5eXFOlqJL1QEItiYYtkp5+1SrYMslFy2/cAFFpK9lUw2CWoxGAmlvZ0smbx 7GMQ4vNnJl80tDKez/wA8GLJYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLBOQ0LI i+yZHLDEgpdkRmB0YK9MMB8GA1UdIwQYMBaAFKUvj5hZysR9aFQnI00mFuueU5Y0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEQ4Ri9CODUyRkIzQzQz MjQxMUVBOTI2MzI1NEFDNEY5QUUwMi9wUy1QbUZuS3hIMW9WQ2NqVFNZVzY1NVRs alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTLVBtRm5LeEgxb1ZDY2pUU1lXNjU1VGxqUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 OEQ4Ri9CODUyRkIzQzQzMjQxMUVBOTI2MzI1NEFDNEY5QUUwMi9wUy1QbUZuS3hI MW9WQ2NqVFNZVzY1NVRsalEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGm8amXYd66iemkDm49piMyFFUkp0oriVekl90UoRIP8o4nxukoTaY z/PrFYrJgC3sEP+n7oy6Zprla8w1fbKdZWcuUrHDJUEm38/q1rDA1UPNAcFTtC+z B1sCynogB6jzPSxNqetZN28W4cftaSnwZt/CHBhXC9P1u0clsk+qETYn5uq7/F7T wn15EWvLt9owPweh34E8u7jxMttPKCxVJpLTIVrEqPS5B4+FDnsr98Bk5UXt1V+4 qfdosluOmD5ahMnbvz2d+BwFcS7J0RsIJicQfijnSaKxNMDkSRHljJ2pfpaghpil 8qOsT/uOq8q+FwwUN9N3eiOIj1m01qdU -----END CERTIFICATE-----Generated at Fri Apr 18 12:57:15 2025 by rpki-client