$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: FwETdOVfriz/dRDYqbgkwk+YUySa17Di/iG4CS5zbp0= Subject key identifier: 32:DA:4B:7C:E6:FC:17:EB:B2:3C:ED:60:C1:CF:AB:3B:0D:D7:7D:84 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0DD1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0DCA Signing time: Fri 18 Apr 2025 18:00:52 +0000 Manifest this update: Fri 18 Apr 2025 18:00:52 +0000 Manifest next update: Fri 25 Apr 2025 18:00:52 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: M2IvZ9bsYcyB0eVPvigCOEivSvat++hxj38TQvCw7pE=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: +BalFw2CiL7uapLNj20tx3YBjmyA4tVc26LM7UMELNs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 18:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3537 (0xdd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Apr 18 18:00:52 2025 GMT Not After : Apr 25 18:00:52 2025 GMT Subject: CN=68029354-0d5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a7:9b:dc:64:99:d5:e5:77:47:c7:bd:24:36: 65:53:f6:af:5e:e9:60:8d:ab:88:95:fb:fb:11:46: 8c:11:59:6b:2c:85:89:39:8f:e1:b4:2e:6a:ae:ea: ab:13:64:54:f7:24:51:2e:21:e6:36:17:24:e1:b2: b0:5f:5c:fd:6e:51:a4:55:e9:3d:c9:ca:5d:1a:76: 71:14:d8:6d:8c:9f:25:ec:c8:58:4d:87:f4:14:b6: e5:b2:3e:0e:df:35:5b:b9:d5:e5:7f:57:6a:ca:e6: 36:49:c0:92:be:6b:1f:0f:0d:94:f1:82:e6:08:40: ff:33:91:c9:b6:9a:09:8f:a0:fb:b0:c7:f2:df:4f: f9:fd:6b:f7:4e:ee:b0:1d:72:6f:a7:e6:7a:97:bf: 82:eb:ca:da:5f:23:87:1e:b5:aa:60:3e:2c:6f:ad: 9d:2e:44:8b:de:e6:5e:20:bf:e9:91:52:cf:9f:82: ce:1f:ba:ee:da:a7:37:af:74:19:dc:b9:96:b1:f5: fa:d9:82:e5:14:87:a2:19:2b:79:08:fe:88:c1:ec: 70:f9:b3:ad:01:c2:ff:f3:84:12:f9:44:b9:34:4a: 1c:c8:0b:14:4d:61:34:23:7e:91:82:53:b1:f1:17: ca:7e:00:1a:49:72:33:c0:c2:e2:6a:59:82:0b:51: cb:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:DA:4B:7C:E6:FC:17:EB:B2:3C:ED:60:C1:CF:AB:3B:0D:D7:7D:84 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:12:a6:32:ec:87:73:e9:dd:5f:00:db:7c:aa:fc:b3:38:4a: 77:e1:28:13:3a:42:d7:59:89:11:8e:e2:a9:d4:34:92:e3:40: bb:fd:6a:c8:9a:4c:55:c8:53:04:9f:24:04:4c:49:75:70:87: bb:0f:04:00:44:dd:53:f5:e3:69:e1:52:86:b4:da:d6:39:ad: 04:d2:95:3e:ce:54:1e:8c:99:e2:b5:9c:bf:30:d6:51:b9:cc: 23:4a:30:46:f1:d9:a1:2f:40:73:48:85:2b:e7:62:9a:56:78: 2d:af:d6:a8:ae:21:c7:81:a3:4b:d9:cc:19:22:2e:86:a9:61: 97:98:ec:21:c1:36:8c:f0:4d:65:d5:7e:33:e6:3f:b4:0f:5a: c9:b3:e1:00:76:3d:25:43:27:0d:76:bf:6f:f3:df:ce:a9:c7: 7a:48:f1:5c:ad:de:b9:b9:60:2d:1a:72:0a:ee:03:7a:44:ed: da:dd:55:2f:e7:57:b0:6f:74:1b:a6:58:91:14:56:ac:fa:88: 89:f9:a4:08:e2:15:78:ff:86:55:1e:59:6b:d3:61:2a:39:3e: 88:c7:b8:a3:3c:09:19:35:53:a9:82:a0:30:21:e0:9e:61:ec: 4c:a8:d7:f0:f1:7a:64:d5:25:aa:e7:c6:af:ce:43:af:01:fc: d7:dd:ba:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUwNDE4MTgwMDUyWhcNMjUwNDI1MTgwMDUyWjAYMRYwFAYD VQQDEw02ODAyOTM1NC0wZDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA36eb3GSZ1eV3R8e9JDZlU/avXulgjauIlfv7EUaMEVlrLIWJOY/htC5qruqr E2RU9yRRLiHmNhck4bKwX1z9blGkVek9ycpdGnZxFNhtjJ8l7MhYTYf0FLblsj4O 3zVbudXlf1dqyuY2ScCSvmsfDw2U8YLmCED/M5HJtpoJj6D7sMfy30/5/Wv3Tu6w HXJvp+Z6l7+C68raXyOHHrWqYD4sb62dLkSL3uZeIL/pkVLPn4LOH7ru2qc3r3QZ 3LmWsfX62YLlFIeiGSt5CP6Iwexw+bOtAcL/84QS+US5NEocyAsUTWE0I36RglOx 8RfKfgAaSXIzwMLialmCC1HLCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLaS3zm /BfrsjztYMHPqzsN132EMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5EqYy7Idz6d1fANt8qvyzOEp34SgTOkLXWYkRjuKp1DSS40C7/WrI mkxVyFMEnyQETEl1cIe7DwQARN1T9eNp4VKGtNrWOa0E0pU+zlQejJnitZy/MNZR ucwjSjBG8dmhL0BzSIUr52KaVngtr9aoriHHgaNL2cwZIi6GqWGXmOwhwTaM8E1l 1X4z5j+0D1rJs+EAdj0lQycNdr9v89/Oqcd6SPFcrd65uWAtGnIK7gN6RO3a3VUv 51ewb3QbpliRFFas+oiJ+aQI4hV4/4ZVHllr02EqOT6Ix7ijPAkZNVOpgqAwIeCe YexMqNfw8Xpk1SWq58avzkOvAfzX3bpz -----END CERTIFICATE-----Generated at Sat Apr 19 08:26:15 2025 by rpki-client