$ rpki-client -vvf rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft File: PS2TrIsQhlgX2adMyBoDDX010HQ.mft (raw, json) Hash identifier: ImZwQ+hykbjipDZJvg7F46YeEP1ebiwLnEbsnhzziqQ= Subject key identifier: 64:86:04:49:98:1A:16:7C:10:26:F2:C6:CC:23:BF:E4:C8:14:F2:04 Authority key identifier: 3D:2D:93:AC:8B:10:86:58:17:D9:A7:4C:C8:1A:03:0D:7D:35:D0:74 Certificate issuer: /CN=A9196D9E/serialNumber=3D2D93AC8B10865817D9A74CC81A030D7D35D074 Certificate serial: 010A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft Manifest number: 0109 Signing time: Mon 07 Apr 2025 03:54:30 +0000 Manifest this update: Mon 07 Apr 2025 03:54:29 +0000 Manifest next update: Mon 14 Apr 2025 03:54:29 +0000 Files and hashes: 1: PS2TrIsQhlgX2adMyBoDDX010HQ.crl (hash: aUPazx0MY7OBM3mBziUgbl6HgNjPG1y7pbPQUMJZOtg=) 2: C8BDA37CF68A11EFB7F91E24C4F9AE02.roa (hash: aRDWwCB81f6X4Sbu5aqqdwftigSG3lRUiRjjd/98tJw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.crl rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 03:54:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 266 (0x10a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9196D9E Validity Not Before: Apr 7 03:54:29 2025 GMT Not After : Apr 14 03:54:29 2025 GMT Subject: CN=67f34c75-6bf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:6f:e1:41:d7:ae:df:c9:9c:ed:c3:14:1d:b5: 23:1e:d8:c2:10:25:5f:75:84:bf:be:da:8f:08:03: c0:0c:44:d2:16:68:24:cc:88:9f:85:13:48:07:25: 1a:25:9c:67:2f:cc:96:3f:a0:d9:b7:a6:90:d6:e2: 34:eb:0b:e4:70:6f:81:76:92:5f:9f:3f:fc:ae:b0: 13:cc:26:04:6c:c1:59:b3:ec:ee:c0:ce:43:3a:5e: 24:2d:44:ac:c9:e2:e5:ac:9e:17:28:0a:65:d7:36: 39:a6:eb:d0:48:6c:dd:f6:35:cb:94:73:6d:76:72: a5:63:21:68:ac:11:82:2a:66:55:58:15:d9:43:23: f7:d8:37:cc:29:42:f5:9b:9c:f3:e3:e1:0f:1c:88: 32:4d:f8:f3:cb:d5:ba:26:92:69:dd:be:db:0a:ee: 73:e3:a5:7e:be:d7:4e:0b:33:e7:9e:07:be:60:2e: 98:dd:e5:5c:15:00:eb:ed:bc:5d:a7:49:68:e6:62: 3e:5a:d6:53:07:6b:9e:eb:7e:ec:81:34:5e:3a:2a: 38:14:d8:08:67:81:d8:4a:8a:6f:3f:e0:51:fb:ba: db:23:d0:44:2c:5e:4c:59:c2:22:13:9c:23:98:62: f8:ee:63:be:d8:23:84:be:84:c1:7d:8a:79:78:05: 3c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:86:04:49:98:1A:16:7C:10:26:F2:C6:CC:23:BF:E4:C8:14:F2:04 X509v3 Authority Key Identifier: keyid:3D:2D:93:AC:8B:10:86:58:17:D9:A7:4C:C8:1A:03:0D:7D:35:D0:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:57:82:2a:82:ce:48:3e:1d:02:14:28:fd:9e:d2:e0:17:c6: ce:90:1d:40:db:c6:76:d4:4b:2a:3a:3b:a5:10:11:4c:03:15: 4c:dd:c1:80:11:f7:60:49:8b:1c:91:7f:b0:50:ea:fa:6a:97: c0:23:76:54:9a:3d:bd:6a:82:19:e0:16:46:18:42:17:69:bd: 83:91:ac:59:93:98:cf:25:1a:23:84:3b:cc:16:c0:44:c3:e6: af:8b:ea:8c:07:c5:5a:c0:43:df:43:5a:e3:88:f3:59:75:4a: 9f:6b:fb:e6:ec:79:12:6a:ff:69:8d:da:ed:f8:1b:61:0e:1f: 0f:4d:6b:1d:56:e7:25:bd:52:c4:82:74:3f:5b:15:4d:c9:f2: 9e:05:5a:64:9a:70:93:10:43:c8:89:f8:97:1b:9f:9b:bb:57: 07:b6:1c:08:45:42:01:97:94:7a:85:fb:66:54:c3:13:b3:48: 45:5e:31:86:56:34:3e:f0:a5:13:d6:7d:73:4a:96:2e:eb:e6: 37:9a:39:ce:67:2d:a4:3d:48:5a:67:e9:46:ad:06:9e:3e:44: 13:f2:9c:2d:15:6a:1b:c4:10:46:87:57:08:95:56:22:eb:c6: 11:0d:83:a7:9d:8e:e0:b4:52:7c:cf:cc:17:d8:73:32:4c:68: 81:a1:55:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTZEOUUxMTAvBgNVBAUTKDNEMkQ5M0FDOEIxMDg2NTgxN0Q5QTc0Q0M4MUEwMzBE N0QzNUQwNzQwHhcNMjUwNDA3MDM1NDI5WhcNMjUwNDE0MDM1NDI5WjAYMRYwFAYD VQQDEw02N2YzNGM3NS02YmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3G/hQdeu38mc7cMUHbUjHtjCECVfdYS/vtqPCAPADETSFmgkzIifhRNIByUa JZxnL8yWP6DZt6aQ1uI06wvkcG+BdpJfnz/8rrATzCYEbMFZs+zuwM5DOl4kLUSs yeLlrJ4XKApl1zY5puvQSGzd9jXLlHNtdnKlYyForBGCKmZVWBXZQyP32DfMKUL1 m5zz4+EPHIgyTfjzy9W6JpJp3b7bCu5z46V+vtdOCzPnnge+YC6Y3eVcFQDr7bxd p0lo5mI+WtZTB2ue637sgTReOio4FNgIZ4HYSopvP+BR+7rbI9BELF5MWcIiE5wj mGL47mO+2COEvoTBfYp5eAU8EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGSGBEmY GhZ8ECbyxswjv+TIFPIEMB8GA1UdIwQYMBaAFD0tk6yLEIZYF9mnTMgaAw19NdB0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkQ5RS83N0JCOTg0QzdE NjExMUVFQjQ2M0M4NUFDNEY5QUUwMi9QUzJUcklzUWhsZ1gyYWRNeUJvRERYMDEw SFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BTMlRySXNRaGxnWDJhZE15Qm9ERFgwMTBIUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NkQ5RS83N0JCOTg0QzdENjExMUVFQjQ2M0M4NUFDNEY5QUUwMi9QUzJUcklzUWhs Z1gyYWRNeUJvRERYMDEwSFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnV4Iqgs5IPh0CFCj9ntLgF8bOkB1A28Z21EsqOjulEBFMAxVM3cGA EfdgSYsckX+wUOr6apfAI3ZUmj29aoIZ4BZGGEIXab2DkaxZk5jPJRojhDvMFsBE w+avi+qMB8VawEPfQ1rjiPNZdUqfa/vm7HkSav9pjdrt+BthDh8PTWsdVuclvVLE gnQ/WxVNyfKeBVpkmnCTEEPIifiXG5+bu1cHthwIRUIBl5R6hftmVMMTs0hFXjGG VjQ+8KUT1n1zSpYu6+Y3mjnOZy2kPUhaZ+lGrQaePkQT8pwtFWobxBBGh1cIlVYi 68YRDYOnnY7gtFJ8z8wX2HMyTGiBoVVM -----END CERTIFICATE-----Generated at Wed Apr 9 02:07:48 2025 by rpki-client