$ rpki-client -vvf rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft File: kSlbu3W_quuVMbObNux1Id3jDWM.mft (raw, json) Hash identifier: KRHlOO6GeMdgXpxjomARpS2XV9aiPedI4MK6VG2Vrrk= Subject key identifier: 4E:97:DA:DD:D1:5F:3E:3E:68:73:1C:94:C1:DF:B1:37:C3:20:66:9A Authority key identifier: 91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63 Certificate issuer: /CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63 Certificate serial: 010F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft Manifest number: FF Signing time: Sat 15 Feb 2025 06:31:31 +0000 Manifest this update: Sat 15 Feb 2025 06:31:31 +0000 Manifest next update: Sat 22 Feb 2025 06:31:31 +0000 Files and hashes: 1: kSlbu3W_quuVMbObNux1Id3jDWM.crl (hash: RZ9kohijj/CRcDvQ58hb8wCzmT6VIsFcQGf95sHwtTc=) 2: 11A28878915611EE83F61C41C4F9AE02.roa (hash: PDLab9I2VoJXocP3omeTp4+5FxlvzesQ2sG877OCrkk=) 3: 59962840D01911EE96596B16C4F9AE02.roa (hash: jM6outMgdpJ44HUHhOOUfnOx+r280G0rdmU4B0AEX90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 271 (0x10f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D9B2 Validity Not Before: Feb 15 06:31:31 2025 GMT Not After : Feb 22 06:31:31 2025 GMT Subject: CN=67b034c3-af71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ff:5f:3d:10:9e:0e:38:0e:19:a7:09:19:67: 70:74:7d:eb:1a:a3:42:7d:f0:69:5f:db:80:e1:33: f1:d3:2b:5e:29:32:e5:1f:a0:52:6c:a4:c5:de:4f: 71:06:8e:eb:96:c6:ee:ac:e2:5b:02:e4:9e:58:30: f7:d5:dc:5b:94:08:97:6e:58:46:aa:b6:bb:65:62: cd:25:3f:e1:21:bc:78:6a:68:cd:4d:fa:06:75:8d: 89:ad:5c:a1:5c:93:e2:06:c0:93:12:86:01:dd:e6: e2:f4:36:f3:d3:5a:6b:0a:65:55:82:4a:35:da:8d: a5:42:ce:32:f9:d0:5e:2c:1d:97:1a:57:b3:48:a4: 2e:cc:89:e5:4b:ab:4a:f6:a4:25:27:ed:a0:dd:7e: f4:87:83:d9:df:2a:c3:a0:b1:83:e4:c6:66:23:5b: 54:24:c9:31:d7:a4:b3:f9:7b:cc:86:d8:3a:e9:da: a9:22:56:fa:45:fd:47:c4:7d:58:c0:47:55:08:e9: 3f:df:4b:4f:ec:f3:be:35:2e:2b:6d:7b:29:7b:cc: a3:ff:a5:b0:0c:64:ae:8b:2c:8f:4b:55:98:f6:74: 7f:ce:45:6c:5e:65:74:80:63:17:03:69:96:79:19: 09:d4:5c:15:1b:21:57:97:70:72:e9:89:62:27:08: 02:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:97:DA:DD:D1:5F:3E:3E:68:73:1C:94:C1:DF:B1:37:C3:20:66:9A X509v3 Authority Key Identifier: keyid:91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:86:5c:b7:d7:01:3b:cf:79:2f:8f:c4:04:8a:c2:13:e8:9a: 1b:01:5d:17:c5:4e:4e:2c:67:a0:be:df:f7:be:c4:73:01:75: 2d:9b:3c:02:1b:73:65:5a:d5:54:5c:f0:a3:28:ae:b7:04:55: 09:00:81:3e:86:b8:bc:f3:36:33:ad:6c:01:58:3b:69:8d:a6: e3:08:38:c6:ec:48:5c:62:0f:9f:d4:ec:67:09:94:1e:a2:1e: 69:c2:f8:79:4e:2e:1f:86:c9:a0:35:01:d3:a6:62:2c:4b:60: ec:b7:8d:68:73:7f:4e:e9:dd:f5:2c:ba:eb:75:a9:06:c0:77: e8:ff:8f:c2:58:ce:f8:c3:21:c7:fd:a0:c5:4b:e2:16:ec:7e: 88:d6:a3:c1:87:17:78:2e:28:22:f6:3f:8d:be:4a:66:2c:d5: 64:84:4e:b1:7d:52:37:b3:c6:5f:18:6c:cc:94:9b:d2:c8:1f: 51:88:52:b9:76:9a:7a:12:29:02:61:28:f1:82:45:cc:e9:b2: db:8c:50:80:a9:18:65:f9:b8:58:b5:a5:d1:4b:ed:4d:65:35: 23:f2:77:0a:f7:c3:6e:4b:d7:eb:1b:98:20:43:3f:51:54:23: 4a:da:39:30:61:17:79:9b:42:c4:27:7b:86:bf:f5:e3:d4:83: 52:1b:f4:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ5QjIxMTAvBgNVBAUTKDkxMjk1QkJCNzVCRkFBRUI5NTMxQjM5QjM2RUM3NTIx RERFMzBENjMwHhcNMjUwMjE1MDYzMTMxWhcNMjUwMjIyMDYzMTMxWjAYMRYwFAYD VQQDEw02N2IwMzRjMy1hZjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzv9fPRCeDjgOGacJGWdwdH3rGqNCffBpX9uA4TPx0yteKTLlH6BSbKTF3k9x Bo7rlsburOJbAuSeWDD31dxblAiXblhGqra7ZWLNJT/hIbx4amjNTfoGdY2JrVyh XJPiBsCTEoYB3ebi9Dbz01prCmVVgko12o2lQs4y+dBeLB2XGlezSKQuzInlS6tK 9qQlJ+2g3X70h4PZ3yrDoLGD5MZmI1tUJMkx16Sz+XvMhtg66dqpIlb6Rf1HxH1Y wEdVCOk/30tP7PO+NS4rbXspe8yj/6WwDGSuiyyPS1WY9nR/zkVsXmV0gGMXA2mW eRkJ1FwVGyFXl3By6YliJwgC8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE6X2t3R Xz4+aHMclMHfsTfDIGaaMB8GA1UdIwQYMBaAFJEpW7t1v6rrlTGzmzbsdSHd4w1j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDlCMi8wQTZGM0I0Mjkx NTUxMUVFQTRDMEY2NjhDNEY5QUUwMi9rU2xidTNXX3F1dVZNYk9iTnV4MUlkM2pE V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTbGJ1M1dfcXV1Vk1iT2JOdXgxSWQzakRXTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDlCMi8wQTZGM0I0MjkxNTUxMUVFQTRDMEY2NjhDNEY5QUUwMi9rU2xidTNXX3F1 dVZNYk9iTnV4MUlkM2pEV00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDFhly31wE7z3kvj8QEisIT6JobAV0XxU5OLGegvt/3vsRzAXUtmzwC G3NlWtVUXPCjKK63BFUJAIE+hri88zYzrWwBWDtpjabjCDjG7EhcYg+f1OxnCZQe oh5pwvh5Ti4fhsmgNQHTpmIsS2Dst41oc39O6d31LLrrdakGwHfo/4/CWM74wyHH /aDFS+IW7H6I1qPBhxd4Ligi9j+NvkpmLNVkhE6xfVI3s8ZfGGzMlJvSyB9RiFK5 dpp6EikCYSjxgkXM6bLbjFCAqRhl+bhYtaXRS+1NZTUj8ncK98NuS9frG5ggQz9R VCNK2jkwYRd5m0LEJ3uGv/Xj1INSG/QF -----END CERTIFICATE-----Generated at Sun Feb 16 22:04:37 2025 by rpki-client