$ rpki-client -vvf rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft File: D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft (raw, json) Hash identifier: ICBtUzHLnwvEawUvK/qhPwx8TNKs3XlRe6dC6JDrluU= Subject key identifier: E9:30:D0:E1:7B:4C:85:D7:89:0E:8D:82:31:BA:71:A3:F6:4E:D3:A0 Authority key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 Certificate issuer: /CN=A911E0B4/serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft Manifest number: 26 Signing time: Wed 05 Feb 2025 06:14:37 +0000 Manifest this update: Wed 05 Feb 2025 06:14:36 +0000 Manifest next update: Wed 12 Feb 2025 06:14:36 +0000 Files and hashes: 1: D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl (hash: 60QALgjg6Y9urBXffIG/5BWBOIKCquy+yBg3n+c1GTQ=) 2: 5AF3ECBEAFBA11EF91955453C4F9AE02.roa (hash: x22vmPwJWZ5KhIsY5PtxJtvF9T7oNt50WfxUCDRwJlo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:14:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E0B4 Validity Not Before: Feb 5 06:14:36 2025 GMT Not After : Feb 12 06:14:36 2025 GMT Subject: CN=67a301cd-2664 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:6f:8f:54:1e:d4:e9:f3:0c:25:8b:a8:66:e4: 70:fe:5a:49:19:98:4b:d0:b1:e3:68:c0:d5:2b:59: ac:76:09:52:98:b1:4b:07:3e:83:ba:90:5f:1d:d1: 1a:d8:37:b0:2b:85:9a:83:17:55:c2:23:99:8d:ed: 39:a5:76:65:8a:77:6c:90:2f:1c:d6:49:2b:76:ec: 9c:7c:37:33:be:14:ee:6a:13:9a:62:60:9e:2f:a0: 4b:70:28:28:8b:c6:04:a5:6a:a3:e2:de:32:b5:c8: 5f:78:22:37:f1:54:82:20:6c:29:17:ed:73:0f:58: e2:ad:0f:50:aa:fe:b2:d2:c4:47:88:fa:13:cd:cb: f7:83:59:6b:25:a5:4c:73:ad:ce:4f:51:a6:34:ec: 6c:51:60:ef:39:6f:8f:c9:cd:58:38:9d:e0:96:da: 66:4f:2a:3a:24:62:cd:96:35:a4:98:4d:90:6a:32: 0d:bc:9f:cc:a8:77:f6:c9:ad:19:2a:ad:20:ea:58: 22:5c:e1:c0:a6:fb:21:38:c4:2e:3c:92:d2:29:d8: 8d:75:b2:78:f7:67:98:8e:ff:43:e7:a7:94:e8:32: 70:9c:9d:c3:0d:47:10:c1:e6:5e:fc:b0:44:fa:9d: 5a:1b:3b:4a:4d:ae:45:51:64:0e:48:cb:5b:e2:8b: d4:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:30:D0:E1:7B:4C:85:D7:89:0E:8D:82:31:BA:71:A3:F6:4E:D3:A0 X509v3 Authority Key Identifier: keyid:0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:f1:15:c4:fd:b7:af:e2:88:b6:bf:59:dd:e9:ac:8c:56:9f: fd:11:b2:e0:8a:43:8d:d0:c1:30:ce:f0:e0:3e:09:e7:8c:20: c4:2f:75:ca:6b:83:16:4f:d6:19:67:0f:9d:22:b9:bd:b2:78: f6:43:a1:af:51:d1:31:c1:b6:11:54:ad:08:ca:70:89:86:2e: 16:ac:56:e7:58:80:c6:ad:a8:3a:3e:6a:2c:a7:52:d2:d5:00: ce:fb:9d:ff:c9:6c:e5:be:e2:44:ae:c0:ff:84:f3:0f:a1:bc: 68:95:a5:89:2c:f0:a2:3c:2b:77:e5:e3:62:c2:a4:4c:f1:01: 7f:25:7e:ad:df:ca:e2:c5:e2:f9:cf:a9:67:6f:42:67:c5:ab: 2e:7c:81:2d:d8:db:98:16:eb:9b:3e:41:0e:2a:2d:1d:e8:9c: cf:c7:51:d7:01:aa:7d:5a:63:1f:3a:31:fe:d5:ef:fd:49:84: ad:6b:74:b5:2c:c6:60:b6:a1:0b:ba:45:ce:42:20:cf:1b:84: cc:52:b3:be:c3:b3:66:ef:26:ff:1b:82:e7:79:f3:a6:6e:78: db:05:4d:b4:51:b7:40:d0:d0:38:a9:a8:b3:f3:26:51:b1:48: 0b:37:f8:a6:84:57:57:a8:5d:ae:7e:39:34:6e:94:43:6b:59: 2e:be:2b:37 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RTBCNDExMC8GA1UEBRMoMEZENDQzNzUyMURCNUMwQkM5OUU0NUI1OTc1NEZGN0I2 NzFGODZGMzAeFw0yNTAyMDUwNjE0MzZaFw0yNTAyMTIwNjE0MzZaMBgxFjAUBgNV BAMTDTY3YTMwMWNkLTI2NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyb49UHtTp8wwli6hm5HD+WkkZmEvQseNowNUrWax2CVKYsUsHPoO6kF8d0RrY N7ArhZqDF1XCI5mN7TmldmWKd2yQLxzWSSt27Jx8NzO+FO5qE5piYJ4voEtwKCiL xgSlaqPi3jK1yF94IjfxVIIgbCkX7XMPWOKtD1Cq/rLSxEeI+hPNy/eDWWslpUxz rc5PUaY07GxRYO85b4/JzVg4neCW2mZPKjokYs2WNaSYTZBqMg28n8yod/bJrRkq rSDqWCJc4cCm+yE4xC48ktIp2I11snj3Z5iO/0Pnp5ToMnCcncMNRxDB5l78sET6 nVobO0pNrkVRZA5Iy1vii9T5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU6TDQ4XtM hdeJDo2CMbpxo/ZO06AwHwYDVR0jBBgwFoAUD9RDdSHbXAvJnkW1l1T/e2cfhvMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFMEI0L0U5NjQ4OUFFQUYz ODExRUZBMjBERDAxM0M0RjlBRTAyL0Q5UkRkU0hiWEF2Sm5rVzFsMVRfZTJjZmh2 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvRDlSRGRTSGJYQXZKbmtXMWwxVF9lMmNmaHZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFF MEI0L0U5NjQ4OUFFQUYzODExRUZBMjBERDAxM0M0RjlBRTAyL0Q5UkRkU0hiWEF2 Sm5rVzFsMVRfZTJjZmh2TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG3xFcT9t6/iiLa/Wd3prIxWn/0RsuCKQ43QwTDO8OA+CeeMIMQvdcpr gxZP1hlnD50iub2yePZDoa9R0THBthFUrQjKcImGLhasVudYgMatqDo+aiynUtLV AM77nf/JbOW+4kSuwP+E8w+hvGiVpYks8KI8K3fl42LCpEzxAX8lfq3fyuLF4vnP qWdvQmfFqy58gS3Y25gW65s+QQ4qLR3onM/HUdcBqn1aYx86Mf7V7/1JhK1rdLUs xmC2oQu6Rc5CIM8bhMxSs77Ds2bvJv8bgud586ZueNsFTbRRt0DQ0DipqLPzJlGx SAs3+KaEV1eoXa5+OTRulENrWS6+Kzc= -----END CERTIFICATE-----Generated at Wed Feb 5 18:59:22 2025 by rpki-client