$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft File: aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft (raw, json) Hash identifier: QQiLp+OBo8sPJpMNHvC/RtdDJqGQa1fM/l+NO+uH9JU= Subject key identifier: C7:FA:20:2A:98:F6:77:A0:1C:52:E1:0A:34:58:0C:FF:42:09:9E:5C Authority key identifier: 68:41:3D:41:F6:00:5E:03:16:E0:E2:57:6F:22:6C:21:88:AA:15:6F Certificate issuer: /CN=A911CA82/serialNumber=68413D41F6005E0316E0E2576F226C2188AA156F Certificate serial: 13 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEE9QfYAXgMW4OJXbyJsIYiqFW8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft Manifest number: 12 Signing time: Tue 04 Feb 2025 22:47:24 +0000 Manifest this update: Tue 04 Feb 2025 22:47:24 +0000 Manifest next update: Tue 11 Feb 2025 22:47:24 +0000 Files and hashes: 1: aEE9QfYAXgMW4OJXbyJsIYiqFW8.crl (hash: 6of7J1yTlwUkSEboyAIV4hNGugsRpQ5LmvKk7U4q0ao=) 2: AF4301D4CF8511EF94856A41C4F9AE02.roa (hash: Tyg27Srmq+wBuXC9F9mURa1viQP5KB2HJeFABkYn42g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.crl rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEE9QfYAXgMW4OJXbyJsIYiqFW8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Feb 2025 22:47:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA82 Validity Not Before: Feb 4 22:47:24 2025 GMT Not After : Feb 11 22:47:24 2025 GMT Subject: CN=67a298fc-2dd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cd:8b:21:9a:d7:68:0e:5d:9f:a4:6e:74:63: da:0c:a6:ed:52:07:30:1b:10:6b:c8:72:79:5e:d9: e9:e3:d9:91:2d:2c:19:f4:de:30:ac:e8:94:2c:22: 83:e2:20:c5:0f:65:f9:a7:06:6c:06:11:69:9a:44: a0:46:d5:a6:de:10:a0:04:99:3d:b9:53:9e:50:04: b2:05:c3:ba:d3:0d:09:cb:b4:60:34:4d:15:2d:d3: 44:33:ed:3d:94:c7:18:b3:1f:85:c0:1e:da:7e:2f: 71:56:b6:fe:38:86:7c:d7:bf:23:88:3c:43:a7:7d: 44:89:56:a4:98:eb:d7:04:d3:75:0b:ea:aa:71:23: b7:ca:e6:0b:86:73:7a:6e:58:63:62:ca:12:e4:f7: 05:fd:1c:04:e4:8e:37:ce:cd:18:9e:35:8a:41:3c: cd:c5:17:62:46:58:78:43:82:cd:67:2b:bc:75:95: 81:8e:66:3b:20:37:87:b4:7a:e3:39:9c:44:c4:15: 9b:bd:73:3a:de:b8:72:e2:0c:7c:05:a1:89:40:c6: 5d:1c:50:c1:45:ed:b5:be:39:22:4e:0a:34:5a:c8: 13:1e:5f:c8:c5:e2:35:83:c1:02:e3:de:1e:ae:1a: f1:d5:58:55:0c:d8:fa:c2:1d:09:2e:20:a1:b0:c8: 8d:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:FA:20:2A:98:F6:77:A0:1C:52:E1:0A:34:58:0C:FF:42:09:9E:5C X509v3 Authority Key Identifier: keyid:68:41:3D:41:F6:00:5E:03:16:E0:E2:57:6F:22:6C:21:88:AA:15:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEE9QfYAXgMW4OJXbyJsIYiqFW8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:af:29:96:fa:dc:46:e7:9f:0a:cd:83:3a:34:c7:8a:b2:d4: 89:7c:e7:d7:cc:8d:87:f1:70:7e:4c:9f:23:db:17:3c:59:e8: 39:f4:df:2d:cc:48:c5:46:50:dd:89:2d:2c:3e:2e:64:02:1f: 17:60:8b:c9:e0:88:dd:10:6b:21:fe:c5:25:7f:82:b8:33:3d: c9:f2:53:8f:40:b5:75:34:b5:60:9f:af:a8:92:96:de:e2:71: ab:b8:d0:1d:29:60:49:84:f5:9d:00:6f:3e:2b:fb:7a:0c:44: 24:57:0e:a4:bc:57:66:4b:d2:82:32:da:5d:8c:ad:d8:3e:94: 27:77:7f:13:d7:14:39:e2:ee:e8:29:3b:31:7a:27:8f:77:d9: ce:1f:02:33:ee:bc:41:8b:c0:ab:0c:f6:a8:43:bd:95:96:3f: 49:67:0f:83:05:49:14:89:09:04:75:40:3b:89:a3:32:5f:6d: 2b:1b:25:72:23:70:44:fb:ad:33:be:22:0c:48:0e:92:30:cb: eb:5c:fe:bb:c9:27:6b:46:6d:27:c7:82:6d:47:37:40:9e:e7: c0:48:43:aa:7e:a0:2f:1e:43:46:a2:e9:20:43:a4:84:21:f2: af:9a:9c:5b:ef:26:5a:fc:6f:78:f2:10:59:99:79:4f:d6:49: 00:fe:e7:63 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Q0E4MjExMC8GA1UEBRMoNjg0MTNENDFGNjAwNUUwMzE2RTBFMjU3NkYyMjZDMjE4 OEFBMTU2RjAeFw0yNTAyMDQyMjQ3MjRaFw0yNTAyMTEyMjQ3MjRaMBgxFjAUBgNV BAMTDTY3YTI5OGZjLTJkZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMzYshmtdoDl2fpG50Y9oMpu1SBzAbEGvIcnle2enj2ZEtLBn03jCs6JQsIoPi IMUPZfmnBmwGEWmaRKBG1abeEKAEmT25U55QBLIFw7rTDQnLtGA0TRUt00Qz7T2U xxizH4XAHtp+L3FWtv44hnzXvyOIPEOnfUSJVqSY69cE03UL6qpxI7fK5guGc3pu WGNiyhLk9wX9HATkjjfOzRieNYpBPM3FF2JGWHhDgs1nK7x1lYGOZjsgN4e0euM5 nETEFZu9czreuHLiDHwFoYlAxl0cUMFF7bW+OSJOCjRayBMeX8jF4jWDwQLj3h6u GvHVWFUM2PrCHQkuIKGwyI3HAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUx/ogKpj2 d6AcUuEKNFgM/0IJnlwwHwYDVR0jBBgwFoAUaEE9QfYAXgMW4OJXbyJsIYiqFW8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDQTgyL0Y2OTlFMzU0Q0Yx MjExRUY4RjFEMjA1QkM0RjlBRTAyL2FFRTlRZllBWGdNVzRPSlhieUpzSVlpcUZX OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYUVFOVFmWUFYZ01XNE9KWGJ5SnNJWWlxRlc4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFD QTgyL0Y2OTlFMzU0Q0YxMjExRUY4RjFEMjA1QkM0RjlBRTAyL2FFRTlRZllBWGdN VzRPSlhieUpzSVlpcUZXOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFOvKZb63EbnnwrNgzo0x4qy1Il859fMjYfxcH5MnyPbFzxZ6Dn03y3M SMVGUN2JLSw+LmQCHxdgi8ngiN0QayH+xSV/grgzPcnyU49AtXU0tWCfr6iSlt7i cau40B0pYEmE9Z0Abz4r+3oMRCRXDqS8V2ZL0oIy2l2Mrdg+lCd3fxPXFDni7ugp OzF6J4932c4fAjPuvEGLwKsM9qhDvZWWP0lnD4MFSRSJCQR1QDuJozJfbSsbJXIj cET7rTO+IgxIDpIwy+tc/rvJJ2tGbSfHgm1HN0Ce58BIQ6p+oC8eQ0ai6SBDpIQh 8q+anFvvJlr8b3jyEFmZeU/WSQD+52M= -----END CERTIFICATE-----Generated at Wed Feb 5 20:15:23 2025 by rpki-client