$ rpki-client -vvf rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft File: vsKCSG834xbxe1ILRVKHvDB_ieg.mft (raw, json) Hash identifier: 5ahwNVYxWjmddlpBlqU6Ukra5ZBNP//8ZEmUhr5bCa4= Subject key identifier: 37:C3:20:FC:1E:A8:46:17:EE:9C:2C:CF:73:89:1C:33:B0:39:76:30 Authority key identifier: BE:C2:82:48:6F:37:E3:16:F1:7B:52:0B:45:52:87:BC:30:7F:89:E8 Certificate issuer: /CN=A918A469/serialNumber=BEC282486F37E316F17B520B455287BC307F89E8 Certificate serial: BB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft Manifest number: B9 Signing time: Mon 07 Apr 2025 04:48:59 +0000 Manifest this update: Mon 07 Apr 2025 04:48:58 +0000 Manifest next update: Mon 14 Apr 2025 04:48:58 +0000 Files and hashes: 1: vsKCSG834xbxe1ILRVKHvDB_ieg.crl (hash: I2hMO2Vv3pPQJexNEWcZVgQkePw57SYibLknsw6FizU=) 2: 71403B04F7E511EEBC67981CC4F9AE02.roa (hash: gx9z09oQ5hTA8YH4iSWgc7528eikGurKJ+1nJAQYPAQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.crl rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 04:48:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 187 (0xbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A469 Validity Not Before: Apr 7 04:48:58 2025 GMT Not After : Apr 14 04:48:58 2025 GMT Subject: CN=67f3593b-abd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:2a:d3:48:6f:6f:3e:ee:bd:27:8a:51:05:a7: 49:e7:68:38:5b:c4:32:33:c4:30:5c:60:66:34:43: f2:cc:c9:1a:e7:96:ef:59:ce:60:20:bc:c1:2d:7e: 0b:26:b7:0f:09:3d:be:11:db:43:b1:cf:c1:e6:91: f6:c5:55:26:c2:f8:ed:a0:dc:14:b2:44:b2:d5:a2: 28:f5:61:d7:3f:20:2d:a4:ee:5f:3c:da:66:de:75: 19:91:13:47:2c:fe:1a:05:63:b3:5d:ad:93:1f:67: 27:9b:63:df:87:e0:fa:b9:be:97:e9:7d:d5:56:85: 2f:f0:65:e6:81:c2:37:6c:3e:9e:c1:9d:8d:f4:f8: c7:a0:47:af:3c:91:96:11:b5:37:8b:b0:8d:79:fc: ad:73:37:d8:ec:54:ef:31:91:15:4f:bf:34:5d:62: 19:7c:80:67:9c:14:fa:81:4f:89:75:b0:a6:ba:e0: 31:bf:fd:d2:5d:22:46:2b:9f:4d:1f:eb:f6:38:84: 31:4e:78:74:27:cf:34:d0:50:9b:d6:7a:aa:c6:3e: 4c:d8:41:de:a2:05:12:f7:41:8d:46:55:87:d5:82: f5:ac:9b:00:51:60:db:41:ac:99:04:38:fa:6e:a1: e8:11:01:d8:f1:f6:08:ea:ef:4d:c5:e1:ff:02:84: c5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:C3:20:FC:1E:A8:46:17:EE:9C:2C:CF:73:89:1C:33:B0:39:76:30 X509v3 Authority Key Identifier: keyid:BE:C2:82:48:6F:37:E3:16:F1:7B:52:0B:45:52:87:BC:30:7F:89:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:7a:8e:12:43:71:bc:b5:a1:f3:97:4f:31:55:fd:42:02:1e: 12:5f:19:3e:4a:a3:d3:4c:23:43:52:19:2a:fd:dd:fc:7e:3f: 5b:ec:c6:16:e1:30:3f:dc:e4:35:d3:63:a3:c9:c6:aa:a9:e6: b7:38:65:5a:6c:93:7e:22:56:c9:4c:68:09:36:b2:f5:82:f5: bb:31:c0:e5:ef:aa:7d:01:3a:d0:ea:a3:a0:a7:7a:2c:df:a7: 63:db:f1:a7:9b:8e:f2:c6:14:44:f5:5f:7f:67:54:d4:e7:d9: 2d:cb:49:f4:9b:13:53:44:88:7d:a8:0e:88:e2:f1:1e:b2:f0: 98:23:64:64:8e:8b:be:fd:ad:e4:cc:bc:62:e7:ff:61:92:f6: a4:6e:96:4a:6a:64:8d:3e:cd:45:cd:2e:6f:f9:d1:55:0f:24: 2d:ac:6c:51:55:6d:ef:d2:86:e4:2f:45:6f:36:e6:fc:e0:9b: b0:f4:ed:fc:fd:20:5a:d1:a6:28:c7:57:3e:5e:11:72:f9:36: 40:68:e3:32:cf:c7:d7:f9:58:56:66:b9:6d:f9:29:17:04:1b: d6:29:e9:86:c7:8b:d6:6b:0f:62:59:65:94:19:e3:9e:6d:3a: 34:ff:9a:6a:b2:e2:7b:95:21:ae:0d:80:22:07:e0:16:bf:09: 3f:53:55:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEE0NjkxMTAvBgNVBAUTKEJFQzI4MjQ4NkYzN0UzMTZGMTdCNTIwQjQ1NTI4N0JD MzA3Rjg5RTgwHhcNMjUwNDA3MDQ0ODU4WhcNMjUwNDE0MDQ0ODU4WjAYMRYwFAYD VQQDEw02N2YzNTkzYi1hYmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8irTSG9vPu69J4pRBadJ52g4W8QyM8QwXGBmNEPyzMka55bvWc5gILzBLX4L JrcPCT2+EdtDsc/B5pH2xVUmwvjtoNwUskSy1aIo9WHXPyAtpO5fPNpm3nUZkRNH LP4aBWOzXa2TH2cnm2Pfh+D6ub6X6X3VVoUv8GXmgcI3bD6ewZ2N9PjHoEevPJGW EbU3i7CNefytczfY7FTvMZEVT780XWIZfIBnnBT6gU+JdbCmuuAxv/3SXSJGK59N H+v2OIQxTnh0J8800FCb1nqqxj5M2EHeogUS90GNRlWH1YL1rJsAUWDbQayZBDj6 bqHoEQHY8fYI6u9NxeH/AoTFKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDfDIPwe qEYX7pwsz3OJHDOwOXYwMB8GA1UdIwQYMBaAFL7CgkhvN+MW8XtSC0VSh7wwf4no MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTQ2OS9GNTg0MzhGRUY3 RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi92c0tDU0c4MzR4YnhlMUlMUlZLSHZEQl9p ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3ZzS0NTRzgzNHhieGUxSUxSVktIdkRCX2llZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTQ2OS9GNTg0MzhGRUY3RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi92c0tDU0c4MzR4 YnhlMUlMUlZLSHZEQl9pZWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPeo4SQ3G8taHzl08xVf1CAh4SXxk+SqPTTCNDUhkq/d38fj9b7MYW 4TA/3OQ102Ojycaqqea3OGVabJN+IlbJTGgJNrL1gvW7McDl76p9ATrQ6qOgp3os 36dj2/Gnm47yxhRE9V9/Z1TU59kty0n0mxNTRIh9qA6I4vEesvCYI2Rkjou+/a3k zLxi5/9hkvakbpZKamSNPs1FzS5v+dFVDyQtrGxRVW3v0obkL0VvNub84Juw9O38 /SBa0aYox1c+XhFy+TZAaOMyz8fX+VhWZrlt+SkXBBvWKemGx4vWaw9iWWWUGeOe bTo0/5pqsuJ7lSGuDYAiB+AWvwk/U1X5 -----END CERTIFICATE-----Generated at Tue Apr 8 19:00:32 2025 by rpki-client