$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft File: yozvXh2MPaWsm67lsZbvBmCaOVk.mft (raw, json) Hash identifier: HAoGq2QB/4DNOuLGKmPlUNXypK4VJzLQ+9M76Z0sqIs= Subject key identifier: 43:BC:49:E3:53:05:14:52:5C:0B:CE:68:A5:A3:11:7C:40:D9:9D:C6 Authority key identifier: CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 Certificate issuer: /CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Certificate serial: 0AEC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft Manifest number: 0AEA Signing time: Sun 16 Feb 2025 19:45:55 +0000 Manifest this update: Sun 16 Feb 2025 19:45:54 +0000 Manifest next update: Sun 23 Feb 2025 19:45:54 +0000 Files and hashes: 1: yozvXh2MPaWsm67lsZbvBmCaOVk.crl (hash: as43VxW5mm/v252J5WxpaBzkZ2RiTTi8uQlweKE4Dx4=) 2: 410BAD2095F011EFA9137C67C4F9AE02.roa (hash: SNO/bBZDGGjsIOKkc1Q9a6n7NxtIrWP6e7L/IhWULh8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2796 (0xaec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5BA Validity Not Before: Feb 16 19:45:54 2025 GMT Not After : Feb 23 19:45:54 2025 GMT Subject: CN=67b24073-dc5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:15:0b:36:58:f8:24:1a:f9:fc:f7:56:10:8e: 08:39:b8:48:69:c5:43:ff:80:ab:24:f9:05:3b:ae: 8f:6c:9f:9e:c8:e0:27:e3:3e:38:a2:b6:56:a7:bc: bf:79:3b:4f:b7:8a:7e:8e:7e:4c:b8:75:a7:fd:65: 7a:6a:61:f7:bc:47:80:8d:76:e0:37:8b:55:76:96: ca:cc:fc:81:84:64:2f:43:77:b6:fe:ed:c1:25:3c: 2c:db:a5:cf:4d:61:25:79:b3:33:fc:26:5b:e6:fd: 79:7c:c8:2a:d4:3b:a5:21:8b:dc:87:e1:cd:91:16: 47:9c:05:c3:d5:80:d8:04:d2:8a:c2:14:54:9e:69: 29:e5:b2:5c:9e:e5:1e:71:d7:be:11:2e:fa:54:2d: 19:d4:5d:fb:c3:d0:49:4d:1d:fd:a8:5e:a9:46:a3: e5:81:14:74:a1:c0:0b:6f:ed:07:da:d1:d5:ef:0e: 37:7d:d0:b7:a4:8a:d9:93:e8:ab:d7:02:87:ab:b9: 2b:d0:24:ee:a0:0a:85:13:8c:18:d7:b5:f4:32:4f: f0:67:80:29:c8:db:0c:25:16:ba:23:43:1a:a2:52: 39:b6:d7:b0:55:69:8a:27:67:d2:40:09:c4:5a:db: c5:87:0d:8a:d0:30:0e:cc:fa:16:3b:65:37:9c:a0: 7d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:BC:49:E3:53:05:14:52:5C:0B:CE:68:A5:A3:11:7C:40:D9:9D:C6 X509v3 Authority Key Identifier: keyid:CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:e5:d1:64:c4:4f:24:8a:cc:b4:93:9e:3d:fb:7e:4f:51:6c: 2a:10:c4:5a:1a:94:31:0e:63:96:37:f4:be:48:03:ba:06:85: 84:a9:7e:b4:6f:e4:6f:05:34:d4:de:12:89:65:11:1e:75:db: 33:5f:83:8e:4c:af:b5:03:5b:7a:5d:fe:55:16:b7:71:83:23: 8c:c2:65:47:09:ad:48:cc:4b:1f:77:7d:25:d3:ac:d4:a3:d1: 50:e8:46:93:fc:7d:90:41:d6:be:66:70:1a:1f:00:b4:80:21: b6:8d:43:c2:54:da:a5:57:79:e3:b9:d4:82:d2:cf:db:40:98: 3f:6e:b7:07:f0:d3:ce:e0:63:91:90:4e:79:1d:76:b9:15:39: 7d:63:55:b7:4f:28:d1:97:51:0c:8a:ef:13:43:13:4b:a7:9b: b4:d4:18:10:91:a6:a4:22:39:66:00:ed:0a:c2:59:a6:69:6f: 45:b9:e2:91:82:91:71:75:f0:aa:47:07:2c:7d:63:68:e6:83: 9b:ed:77:6d:12:fd:31:a5:82:63:03:dd:5e:b4:38:ef:a8:32: 0f:67:bf:bc:08:2e:ec:c0:fa:3e:60:74:b4:4a:a9:cb:19:6d: f9:62:1c:2d:5f:d7:78:a0:1b:bd:3e:76:54:d7:18:f6:ea:4d: 1c:16:80:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QkExMTAvBgNVBAUTKENBOENFRjVFMUQ4QzNEQTVBQzlCQUVFNUIxOTZFRjA2 NjA5QTM5NTkwHhcNMjUwMjE2MTk0NTU0WhcNMjUwMjIzMTk0NTU0WjAYMRYwFAYD VQQDEw02N2IyNDA3My1kYzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuRULNlj4JBr5/PdWEI4IObhIacVD/4CrJPkFO66PbJ+eyOAn4z44orZWp7y/ eTtPt4p+jn5MuHWn/WV6amH3vEeAjXbgN4tVdpbKzPyBhGQvQ3e2/u3BJTws26XP TWElebMz/CZb5v15fMgq1DulIYvch+HNkRZHnAXD1YDYBNKKwhRUnmkp5bJcnuUe cde+ES76VC0Z1F37w9BJTR39qF6pRqPlgRR0ocALb+0H2tHV7w43fdC3pIrZk+ir 1wKHq7kr0CTuoAqFE4wY17X0Mk/wZ4ApyNsMJRa6I0MaolI5ttewVWmKJ2fSQAnE WtvFhw2K0DAOzPoWO2U3nKB93QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEO8SeNT BRRSXAvOaKWjEXxA2Z3GMB8GA1UdIwQYMBaAFMqM714djD2lrJuu5bGW7wZgmjlZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCQS85M0UyRkIwQzNE QTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBhV3NtNjdsc1pidkJtQ2FP VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvenZYaDJNUGFXc202N2xzWmJ2Qm1DYU9Way5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjVCQS85M0UyRkIwQzNEQTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBh V3NtNjdsc1pidkJtQ2FPVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBf5dFkxE8kisy0k549+35PUWwqEMRaGpQxDmOWN/S+SAO6BoWEqX60 b+RvBTTU3hKJZREeddszX4OOTK+1A1t6Xf5VFrdxgyOMwmVHCa1IzEsfd30l06zU o9FQ6EaT/H2QQda+ZnAaHwC0gCG2jUPCVNqlV3njudSC0s/bQJg/brcH8NPO4GOR kE55HXa5FTl9Y1W3TyjRl1EMiu8TQxNLp5u01BgQkaakIjlmAO0KwlmmaW9FueKR gpFxdfCqRwcsfWNo5oOb7XdtEv0xpYJjA91etDjvqDIPZ7+8CC7swPo+YHS0SqnL GW35YhwtX9d4oBu9PnZU1xj26k0cFoCe -----END CERTIFICATE-----Generated at Thu Feb 20 03:31:16 2025 by rpki-client