$ rpki-client -vvf rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.mft File: CrbdJlFcU-zFsEYrTEddWn5aVTc.mft (raw, json) Hash identifier: AmPPIb7PvpH3z7s+RXHoPsGcmWjq0fFlPPnLAaJfHdU= Subject key identifier: C4:CC:47:C1:8C:8C:63:26:F5:5D:37:92:AC:8B:2D:00:45:9B:97:13 Authority key identifier: 0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37 Certificate issuer: /CN=A918E4B7/serialNumber=0AB6DD26515C53ECC5B0462B4C475D5A7E5A5537 Certificate serial: 0500 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.mft Manifest number: 04DD Signing time: Tue 08 Apr 2025 23:34:52 +0000 Manifest this update: Tue 08 Apr 2025 23:34:52 +0000 Manifest next update: Tue 15 Apr 2025 23:34:52 +0000 Files and hashes: 1: CrbdJlFcU-zFsEYrTEddWn5aVTc.crl (hash: FY4Ru8CzrEPqdtxl2f3VYyGxQaqDi3ms2XJIMET0HQ4=) 2: BAA1B454654411EFACBF7956C4F9AE02.roa (hash: /oWh6sDf6JMhXVQFfiBK5T8ylerkJmv9WJJdVtYkSIU=) 3: 17A651BCA40E11EEAAB83671C4F9AE02.roa (hash: hF9MKD/FwgF9cY8hvh9m1ZRU6ZbNvnTiLbcgCIT5wPc=) 4: 16D4DB82A40E11EEAAB83671C4F9AE02.roa (hash: 9aBOau/kR05/ZlK4Ctxtvv3XFrOvJ/VU5zNEft0SiRE=) 5: 1ED4125C50C111EFA64C2437C4F9AE02.roa (hash: M9HaGHa7pI3ilHdh1OGWp/+WvUY2NRFrgXm0KqnYXRc=) 6: B9DEB77E654411EFACBF7956C4F9AE02.roa (hash: xYaxgWyzwtexyE7NeRo7CnQ16cP15TpfRCg28S5nmVo=) 7: ED8B1602A0D711EFB982AD62C4F9AE02.roa (hash: ERqr4ZgITrZRkOwS3AN4CJTqd2fIDLE15f/P4/QlBUI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 23:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1280 (0x500) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E4B7 Validity Not Before: Apr 8 23:34:52 2025 GMT Not After : Apr 15 23:34:52 2025 GMT Subject: CN=67f5b29c-b392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:be:0d:b6:d5:cd:88:16:49:40:6a:67:7f:36: d9:95:c9:5b:03:19:6c:bd:85:ca:1a:73:54:1e:76: 6c:a6:95:96:90:0b:8a:49:1a:1b:98:a9:45:c9:fe: e1:a7:39:e4:27:c4:d7:af:cc:00:48:d3:40:5d:0b: b5:ca:df:d7:58:b5:30:b3:cb:e7:31:b6:ce:4d:b7: cb:c9:1f:b8:6f:95:af:96:2d:15:bd:9e:d5:a9:29: ca:8d:b3:13:43:8e:ce:03:07:82:25:87:d4:70:3f: 80:21:d6:39:eb:64:bf:4d:46:37:13:61:e2:2f:a0: 43:65:43:db:96:cf:f1:2d:7f:02:81:42:01:ca:00: 9b:fb:59:3b:90:81:e8:61:f9:fc:ac:7d:73:a8:be: 2d:68:77:5c:a1:2a:97:9c:74:1f:3b:87:6b:55:af: d7:e0:89:fc:79:56:e4:29:fb:0a:e8:d4:d2:3b:d9: 12:25:37:22:9e:99:04:16:08:c8:16:46:a3:e1:82: 1a:8c:6d:00:1e:85:30:5b:d5:47:6a:db:a1:40:d1: 74:0b:da:93:5e:20:dc:1f:4d:41:6a:53:26:d1:81: 57:53:a8:c8:39:05:83:2b:46:57:d8:67:23:62:d1: b0:74:dc:df:d0:e3:0d:42:8e:f4:8c:71:9f:0a:4c: 78:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:CC:47:C1:8C:8C:63:26:F5:5D:37:92:AC:8B:2D:00:45:9B:97:13 X509v3 Authority Key Identifier: keyid:0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:27:46:2c:55:78:07:8a:7b:20:94:1f:21:1e:44:71:90:ac: a9:f1:f2:33:cb:40:79:fe:da:a0:37:07:8c:e4:02:95:8b:04: f1:8d:63:02:38:0c:08:de:28:ac:34:f8:bd:d2:ef:bf:78:b8: c4:90:37:e7:d8:0d:44:3c:e5:5c:28:c5:3a:d5:f8:e1:c6:33: 85:4c:c1:fd:26:cf:92:8e:53:9b:17:f0:59:30:6d:f8:19:ca: d3:d2:6a:34:1d:ce:5f:48:52:fb:34:1d:88:53:75:ca:6d:de: 7e:5a:2c:f8:70:c9:8c:43:ad:65:cd:07:34:e3:8e:16:98:31: 8e:61:0c:ec:5e:64:17:b0:9a:e8:b5:90:e6:47:cc:07:4f:1e: 70:74:38:e7:b6:c7:6d:ba:81:ec:2d:c2:d1:1e:f0:bf:dc:a0: bc:a4:6c:dd:be:1d:b2:2f:7a:3b:06:81:08:8c:6b:36:e2:b1: ca:df:66:8e:ba:63:c5:d1:f1:ce:1b:76:ca:85:ec:7a:63:a9: 43:d5:24:e4:ca:2e:fa:44:f5:b3:70:00:02:1a:f0:53:64:cb: 00:de:0b:5d:c3:40:f5:c0:fb:b3:9c:7d:28:9e:04:4c:b7:96: 80:e1:2b:ae:35:80:61:de:f7:35:f2:c0:74:ef:d1:ef:56:2f: f5:55:45:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEU0QjcxMTAvBgNVBAUTKDBBQjZERDI2NTE1QzUzRUNDNUIwNDYyQjRDNDc1RDVB N0U1QTU1MzcwHhcNMjUwNDA4MjMzNDUyWhcNMjUwNDE1MjMzNDUyWjAYMRYwFAYD VQQDEw02N2Y1YjI5Yy1iMzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtL4NttXNiBZJQGpnfzbZlclbAxlsvYXKGnNUHnZsppWWkAuKSRobmKlFyf7h pznkJ8TXr8wASNNAXQu1yt/XWLUws8vnMbbOTbfLyR+4b5Wvli0VvZ7VqSnKjbMT Q47OAweCJYfUcD+AIdY562S/TUY3E2HiL6BDZUPbls/xLX8CgUIBygCb+1k7kIHo Yfn8rH1zqL4taHdcoSqXnHQfO4drVa/X4In8eVbkKfsK6NTSO9kSJTcinpkEFgjI Fkaj4YIajG0AHoUwW9VHatuhQNF0C9qTXiDcH01BalMm0YFXU6jIOQWDK0ZX2Gcj YtGwdNzf0OMNQo70jHGfCkx4fQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMTMR8GM jGMm9V03kqyLLQBFm5cTMB8GA1UdIwQYMBaAFAq23SZRXFPsxbBGK0xHXVp+WlU3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTRCNy9FQjMxMkYwMjFF QUExMUVDQjc1NkJGMzBDNEY5QUUwMi9DcmJkSmxGY1UtekZzRVlyVEVkZFduNWFW VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NyYmRKbEZjVS16RnNFWXJURWRkV241YVZUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RTRCNy9FQjMxMkYwMjFFQUExMUVDQjc1NkJGMzBDNEY5QUUwMi9DcmJkSmxGY1Ut ekZzRVlyVEVkZFduNWFWVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZJ0YsVXgHinsglB8hHkRxkKyp8fIzy0B5/tqgNweM5AKViwTxjWMC OAwI3iisNPi90u+/eLjEkDfn2A1EPOVcKMU61fjhxjOFTMH9Js+SjlObF/BZMG34 GcrT0mo0Hc5fSFL7NB2IU3XKbd5+Wiz4cMmMQ61lzQc0444WmDGOYQzsXmQXsJro tZDmR8wHTx5wdDjntsdtuoHsLcLRHvC/3KC8pGzdvh2yL3o7BoEIjGs24rHK32aO umPF0fHOG3bKhex6Y6lD1STkyi76RPWzcAACGvBTZMsA3gtdw0D1wPuznH0ongRM t5aA4SuuNYBh3vc18sB079HvVi/1VUU4 -----END CERTIFICATE-----Generated at Wed Apr 9 02:14:48 2025 by rpki-client