$ rpki-client -vvf rpki.sub.apnic.net/repository/A917447B0000/0/BD435E3ED6FEEC26F879A0542F609A272CC71307.mft File: BD435E3ED6FEEC26F879A0542F609A272CC71307.mft (raw, json) Hash identifier: EQ5RD/694P+GKbHNQsSL0lOEW5OfRoFJEb8erXDAXMQ= Subject key identifier: CA:03:A5:3C:1D:56:0C:43:57:2F:22:FD:B0:BE:FF:50:D8:B3:64:65 Authority key identifier: BD:43:5E:3E:D6:FE:EC:26:F8:79:A0:54:2F:60:9A:27:2C:C7:13:07 Certificate issuer: /CN=A917447B0000/serialNumber=BD435E3ED6FEEC26F879A0542F609A272CC71307 Certificate serial: 705C07B2E4E4A03A62EE2B16074158DE1797088A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vUNePtb-7Cb4eaBUL2CaJyzHEwc.cer Subject info access: rsync://rpki.sub.apnic.net/repository/A917447B0000/0/BD435E3ED6FEEC26F879A0542F609A272CC71307.mft Manifest number: 0112 Signing time: Tue 08 Apr 2025 06:26:07 +0000 Manifest this update: Tue 08 Apr 2025 06:21:07 +0000 Manifest next update: Wed 09 Apr 2025 06:55:07 +0000 Files and hashes: 1: 3136302e3138372e3132352e302f32342d3234203d3e2039343936.roa (hash: WhqNy6vMWe7GumViS/KJCS3KPWIP584A3cKwH5/zuCE=) 2: BD435E3ED6FEEC26F879A0542F609A272CC71307.crl (hash: qNt6fNc926KEF5X9w0rk+pBsDEP2qomtHzvGUF97J1k=) 3: 3136302e3138372e3132342e302f32342d3234203d3e20313533333436.roa (hash: dSPHItX+NOX5ECRyNkdZrk0OmF0YgUo56LpSncOGGas=) Validation: OK Signature path: rsync://rpki.sub.apnic.net/repository/A917447B0000/0/BD435E3ED6FEEC26F879A0542F609A272CC71307.crl rsync://rpki.sub.apnic.net/repository/A917447B0000/0/BD435E3ED6FEEC26F879A0542F609A272CC71307.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vUNePtb-7Cb4eaBUL2CaJyzHEwc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 06:55:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:5c:07:b2:e4:e4:a0:3a:62:ee:2b:16:07:41:58:de:17:97:08:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917447B0000 Validity Not Before: Apr 8 06:21:07 2025 GMT Not After : Apr 9 06:55:07 2025 GMT Subject: CN=CA03A53C1D560C43572F22FDB0BEFF50D8B36465 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:69:ca:b8:b3:3a:91:cd:55:ec:f9:01:14:41: cf:a3:9e:a4:36:6b:4a:09:03:dc:95:1c:e9:f0:3d: 70:36:f3:58:c0:1f:f7:06:0e:10:a9:e4:3c:98:aa: d8:27:1b:ba:23:45:e8:8f:c8:26:9a:5a:76:5f:e3: 47:a9:98:64:2c:15:50:ad:7b:e7:91:83:67:a8:24: 08:c4:cf:08:68:a8:2b:db:11:8a:bb:59:07:d8:ff: 8f:9d:d5:47:e3:a5:e4:82:3d:a1:4f:63:41:86:fb: e9:13:66:b3:35:ed:b9:27:08:bf:ba:59:1c:99:58: 5c:76:6e:5e:fb:a3:1f:ef:54:b3:b3:17:98:a9:1c: 63:bc:cd:45:e3:52:f0:69:d9:7a:1a:77:34:b0:92: 64:06:4e:25:d2:85:74:6b:80:72:63:e0:d1:e7:a8: 7d:c7:c8:84:5b:a4:6d:97:e9:b4:27:2b:9c:c1:0b: 2d:ed:d2:25:7c:b0:d0:3e:9c:9d:2d:73:7b:40:c9: 98:bc:1b:eb:a9:0b:5a:0f:fc:31:b7:46:cf:d1:15: a1:26:d4:a2:70:3e:b2:fd:12:36:77:75:49:a6:29: 5a:f7:be:92:a3:ce:9e:f2:da:7a:35:8c:9f:7b:97: 40:39:dd:80:d2:f8:1e:05:43:df:90:1c:3d:58:75: 9b:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:03:A5:3C:1D:56:0C:43:57:2F:22:FD:B0:BE:FF:50:D8:B3:64:65 X509v3 Authority Key Identifier: keyid:BD:43:5E:3E:D6:FE:EC:26:F8:79:A0:54:2F:60:9A:27:2C:C7:13:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/0/BD435E3ED6FEEC26F879A0542F609A272CC71307.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vUNePtb-7Cb4eaBUL2CaJyzHEwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/0/BD435E3ED6FEEC26F879A0542F609A272CC71307.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:07:da:e4:78:1a:19:4a:9e:ac:93:ff:ca:f1:d6:a3:ca:4e: 61:f5:d4:f4:15:a6:65:72:52:68:a6:d5:b4:9d:0f:94:4b:e4: e8:5f:04:0e:c4:33:08:6b:11:ba:2f:b1:a9:15:ba:17:72:a7: eb:ea:5d:b0:e1:94:f2:81:36:7c:13:49:05:b7:fc:b1:a6:87: 6b:5d:7c:59:d7:2b:1f:15:fc:16:3d:1b:fc:ac:a7:64:b6:c3: 36:17:ac:e9:81:0a:28:7e:3d:6f:89:44:77:be:9d:f4:62:11: 09:c2:3a:68:b3:6c:17:a9:e7:2e:fd:44:23:83:00:8e:ac:a5: bb:b9:51:91:fe:e2:8f:9f:20:10:2a:74:03:b9:f2:dc:12:75: 7d:e3:d6:c8:26:d2:62:6d:60:49:8c:ba:a3:d5:9e:3a:aa:aa: e7:4d:7c:23:eb:74:d7:7d:b5:0d:bc:c5:25:4e:30:ec:86:c9: 39:fd:1e:98:2e:b1:1d:b0:b7:8e:e3:e3:05:ed:3d:e4:85:6b: 73:ce:e2:3c:79:0f:fc:f9:fa:55:f2:2d:59:44:2b:6d:fb:be: 3d:ca:e1:33:5b:60:12:08:96:07:21:8e:12:b1:3a:f4:05:07: b3:fe:fd:23:0c:93:15:6c:0e:76:78:d4:bc:58:44:75:31:2d: 73:89:28:3d -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUcFwHsuTkoDpi7isWB0FY3heXCIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNzQ0N0IwMDAwMTEwLwYDVQQFEyhCRDQzNUUzRUQ2 RkVFQzI2Rjg3OUEwNTQyRjYwOUEyNzJDQzcxMzA3MB4XDTI1MDQwODA2MjEwN1oX DTI1MDQwOTA2NTUwN1owMzExMC8GA1UEAxMoQ0EwM0E1M0MxRDU2MEM0MzU3MkYy MkZEQjBCRUZGNTBEOEIzNjQ2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1pyrizOpHNVez5ARRBz6OepDZrSgkD3JUc6fA9cDbzWMAf9wYOEKnkPJiq 2CcbuiNF6I/IJppadl/jR6mYZCwVUK1755GDZ6gkCMTPCGioK9sRirtZB9j/j53V R+Ol5II9oU9jQYb76RNmszXtuScIv7pZHJlYXHZuXvujH+9Us7MXmKkcY7zNReNS 8GnZehp3NLCSZAZOJdKFdGuAcmPg0eeofcfIhFukbZfptCcrnMELLe3SJXyw0D6c nS1ze0DJmLwb66kLWg/8MbdGz9EVoSbUonA+sv0SNnd1SaYpWve+kqPOnvLaejWM n3uXQDndgNL4HgVD35AcPVh1m0cCAwEAAaOCAhswggIXMB0GA1UdDgQWBBTKA6U8 HVYMQ1cvIv2wvv9Q2LNkZTAfBgNVHSMEGDAWgBS9Q14+1v7sJvh5oFQvYJonLMcT BzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3NDQ3QjAwMDAvMC9CRDQzNUUz RUQ2RkVFQzI2Rjg3OUEwNTQyRjYwOUEyNzJDQzcxMzA3LmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi92VU5lUHRiLTdD YjRlYUJVTDJDYUp5ekhFd2MuY2VyMH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcw C4ZhcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3NDQ3 QjAwMDAvMC9CRDQzNUUzRUQ2RkVFQzI2Rjg3OUEwNTQyRjYwOUEyNzJDQzcxMzA3 Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw EDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG 9w0BAQsFAAOCAQEATwfa5HgaGUqerJP/yvHWo8pOYfXU9BWmZXJSaKbVtJ0PlEvk 6F8EDsQzCGsRui+xqRW6F3Kn6+pdsOGU8oE2fBNJBbf8saaHa118WdcrHxX8Fj0b /KynZLbDNhes6YEKKH49b4lEd76d9GIRCcI6aLNsF6nnLv1EI4MAjqylu7lRkf7i j58gECp0A7ny3BJ1fePWyCbSYm1gSYy6o9WeOqqq5018I+t01321DbzFJU4w7IbJ Of0emC6xHbC3juPjBe095IVrc87iPHkP/Pn6VfItWUQrbfu+PcrhM1tgEgiWByGO ErE69AUHs/79IwyTFWwOdnjUvFhEdTEtc4koPQ== -----END CERTIFICATE-----Generated at Tue Apr 8 18:40:09 2025 by rpki-client