$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft File: h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft (raw, json) Hash identifier: XV6xxJ1gXYRAqhQEa6qFGvIKd8Dr1sarSixYfeXt/HI= Subject key identifier: 52:E6:BF:E3:2B:0B:39:61:DB:3C:24:F3:7E:2C:D5:39:9A:EE:45:E3 Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B Certificate issuer: /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B Certificate serial: E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft Manifest number: D8 Signing time: Fri 11 Apr 2025 16:56:48 +0000 Manifest this update: Fri 11 Apr 2025 16:56:47 +0000 Manifest next update: Fri 18 Apr 2025 16:56:47 +0000 Files and hashes: 1: h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl (hash: YfVCBTyPJXB+mRPFf1gv0L96bE037Qr8XeEGg/wtu7o=) 2: F2D5C21216F511F086107D74C4F9AE02.roa (hash: hlb2SfBxJYheUKrpN9mM5swhopWBRQyixAQ28JRvUzI=) 3: 9E54710E16D511F09EF28A4EC4F9AE02.roa (hash: 3XDa5Qvq48RtoRjAw8eS6iGbVpjU9ftFentU+xzbXfk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 16:56:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 232 (0xe8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919F9A8, serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B Validity Not Before: Apr 11 16:56:47 2025 GMT Not After : Apr 18 16:56:47 2025 GMT Subject: CN=67f949d0-afe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1d:1f:95:c2:a5:c2:f2:66:d2:11:82:2a:30: c3:73:00:f8:70:48:45:2d:c3:fc:ee:04:6d:9e:e3: 3d:58:86:ad:48:48:8f:93:fb:d6:a3:d8:76:a2:a4: c4:8a:99:98:2b:f0:bf:69:f7:34:bb:7c:9e:59:00: d6:97:b5:f6:18:a9:cf:e3:d6:d8:7c:90:6e:f3:91: 20:bd:26:fb:fd:3f:99:0e:2c:b0:65:9a:17:21:85: fc:22:47:8b:ad:61:fa:12:2e:27:eb:67:60:f6:da: bd:83:03:1c:35:21:34:00:a3:f7:07:f7:42:cd:05: 89:3c:7a:a5:ea:73:7b:80:85:b4:4b:0a:d3:2f:40: 94:a8:21:8f:8b:fc:f2:40:a3:74:99:43:3a:ba:06: ff:0b:85:bc:c3:2d:2f:7b:ec:5c:46:dd:d6:b7:fa: f3:ff:25:ef:51:63:f8:97:f8:d0:14:28:20:91:85: 84:25:1c:c2:46:c3:61:de:af:98:6d:c4:1b:ed:1d: 09:34:6e:5d:53:14:0d:c3:b8:a8:b0:d8:b4:d6:3d: 09:fd:44:40:9e:1f:6f:11:7d:fa:fc:37:dc:bc:a7: bb:5c:f9:ce:7c:ee:53:66:cd:00:2c:89:7a:b4:9c: a0:0a:77:30:3e:2f:26:7d:f8:66:77:e8:9c:44:cc: c5:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:E6:BF:E3:2B:0B:39:61:DB:3C:24:F3:7E:2C:D5:39:9A:EE:45:E3 X509v3 Authority Key Identifier: keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:0c:59:c6:0d:09:66:28:dd:c1:d5:c8:41:dc:c2:bd:84:2d: a1:0e:7a:50:ce:3b:24:f1:2a:36:d7:24:ec:47:0f:74:5c:c1: 21:35:cc:be:20:57:ce:a7:c5:77:c1:1a:0e:bd:15:df:26:e2: 2e:11:b1:5a:2b:c2:9d:9b:42:9e:0e:a7:79:11:76:8c:e1:bc: 55:ab:36:e0:37:d1:a1:7a:39:34:fb:5f:50:cb:0c:38:b9:52: 36:bd:18:ff:43:1a:e0:2a:a2:01:df:32:87:d0:27:be:c8:08: a9:b2:76:a6:69:92:8a:7d:91:91:d3:74:c4:1c:6b:2d:a9:cb: 6c:71:d1:dd:2c:3d:1b:9e:f4:d0:72:87:a0:e0:1f:b4:90:67: ab:00:c9:cb:c3:b8:5a:e6:59:97:fd:13:63:bf:b2:db:5f:8d: 66:07:4f:dd:e8:46:f3:1d:70:ac:46:b2:00:f1:e3:32:27:ab: 99:26:ed:0d:3e:e6:ae:aa:89:4a:c5:9c:0a:9e:86:cb:e4:86: b4:dd:e1:49:f3:bc:1d:38:ec:c8:a8:7c:91:12:82:bc:b2:1b: 70:e7:2c:72:75:68:de:e0:d3:7f:24:af:1d:44:90:3c:79:c0: dd:8c:44:c0:5e:ca:d4:fa:f7:3d:fb:f7:93:33:9b:aa:32:ed: 3b:ed:28:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUY5QTgxMTAvBgNVBAUTKDg3QjYyQzM0RThEQzVENDAyMzhDMEY2QkRFOTExNTZF NUQwNkE0NEIwHhcNMjUwNDExMTY1NjQ3WhcNMjUwNDE4MTY1NjQ3WjAYMRYwFAYD VQQDEw02N2Y5NDlkMC1hZmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtx0flcKlwvJm0hGCKjDDcwD4cEhFLcP87gRtnuM9WIatSEiPk/vWo9h2oqTE ipmYK/C/afc0u3yeWQDWl7X2GKnP49bYfJBu85EgvSb7/T+ZDiywZZoXIYX8IkeL rWH6Ei4n62dg9tq9gwMcNSE0AKP3B/dCzQWJPHql6nN7gIW0SwrTL0CUqCGPi/zy QKN0mUM6ugb/C4W8wy0ve+xcRt3Wt/rz/yXvUWP4l/jQFCggkYWEJRzCRsNh3q+Y bcQb7R0JNG5dUxQNw7iosNi01j0J/URAnh9vEX36/DfcvKe7XPnOfO5TZs0ALIl6 tJygCncwPi8mffhmd+icRMzFEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFLmv+Mr Czlh2zwk834s1Tma7kXjMB8GA1UdIwQYMBaAFIe2LDTo3F1AI4wPa96RFW5dBqRL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjlBOC9COTIzMDZGRUVC NkExMUVFOUMwM0I3MTFDNEY5QUUwMi9oN1lzTk9qY1hVQWpqQTlyM3BFVmJsMEdw RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RjlBOC9COTIzMDZGRUVCNkExMUVFOUMwM0I3MTFDNEY5QUUwMi9oN1lzTk9qY1hV QWpqQTlyM3BFVmJsMEdwRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1DFnGDQlmKN3B1chB3MK9hC2hDnpQzjsk8So21yTsRw90XMEhNcy+ IFfOp8V3wRoOvRXfJuIuEbFaK8Kdm0KeDqd5EXaM4bxVqzbgN9Ghejk0+19Qyww4 uVI2vRj/QxrgKqIB3zKH0Ce+yAipsnamaZKKfZGR03TEHGstqctscdHdLD0bnvTQ coeg4B+0kGerAMnLw7ha5lmX/RNjv7LbX41mB0/d6EbzHXCsRrIA8eMyJ6uZJu0N PuauqolKxZwKnobL5Ia03eFJ87wdOOzIqHyREoK8shtw5yxydWje4NN/JK8dRJA8 ecDdjETAXsrU+vc9+/eTM5uqMu077Sjg -----END CERTIFICATE-----Generated at Sat Apr 12 19:12:01 2025 by rpki-client