$ rpki-client -vvf rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft File: ny5XiO95WFurdhmHfTlierLl1Rk.mft (raw, json) Hash identifier: Auu1tBmx5Z9LAzBe4RWktXyyfuXgeWEzzj/JeCA+dmk= Subject key identifier: 9D:89:EB:15:7F:97:99:79:F0:98:06:5A:69:64:E1:13:00:05:BA:FC Authority key identifier: 9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19 Certificate issuer: /CN=A913A7A6/serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519 Certificate serial: 09E0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft Manifest number: 09D9 Signing time: Fri 14 Feb 2025 20:48:50 +0000 Manifest this update: Fri 14 Feb 2025 20:48:50 +0000 Manifest next update: Fri 21 Feb 2025 20:48:50 +0000 Files and hashes: 1: ny5XiO95WFurdhmHfTlierLl1Rk.crl (hash: 3R0np6IHN9L3s4/zVLs64gem/L0W67xrtR0RyIUIfS4=) 2: 4DAFC184ADC011ED897A4050C4F9AE02.roa (hash: /BGVJbRRDfivu1c+fyECLgKysqOT6aaM0UL54g9lwQ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2528 (0x9e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913A7A6 Validity Not Before: Feb 14 20:48:50 2025 GMT Not After : Feb 21 20:48:50 2025 GMT Subject: CN=67afac32-ba19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:58:f1:9f:87:38:ed:a3:d1:03:09:a3:a2:64: a2:91:4e:1d:4f:bc:b5:fa:0a:f8:14:8b:94:48:3f: 7f:68:97:3d:51:3a:dc:43:23:67:6c:71:d0:21:58: 3d:d5:9b:5c:8d:ef:a2:19:60:aa:fc:35:d9:9b:08: ce:b6:f0:cb:e4:53:d6:65:7c:d7:08:e4:9a:55:3b: b0:00:17:75:03:d9:0c:8f:df:e6:87:ec:2a:1b:fd: e2:4e:81:73:ab:9e:63:b2:31:d7:27:67:d3:ed:49: c4:ba:61:da:5c:ff:6d:14:90:38:8c:49:60:12:5f: bb:a7:48:90:ef:ba:99:b1:37:8a:21:22:d4:04:0c: 82:28:78:9b:f8:43:c7:14:fb:e1:c9:25:56:3e:7c: 25:78:a0:36:92:c1:6f:13:fb:b3:12:c2:fe:a4:2a: 2c:9a:1c:ef:d0:37:a1:22:ca:11:a4:75:08:37:df: 6f:16:c9:9e:3b:22:bb:03:5f:26:83:cd:ea:a4:41: 89:ea:a0:80:17:b5:3b:0b:48:71:f8:75:30:fc:28: 97:da:e7:d2:b9:10:74:26:2b:35:cb:e6:dc:2f:7f: b5:98:7a:30:53:6a:f0:ef:a4:78:40:e3:f5:f3:48: a7:f5:8d:25:28:56:ae:ae:55:b8:f1:78:c1:ac:72: 28:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:89:EB:15:7F:97:99:79:F0:98:06:5A:69:64:E1:13:00:05:BA:FC X509v3 Authority Key Identifier: keyid:9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:a3:ea:0d:6a:d6:8e:6f:38:5f:b8:9b:af:1a:db:6c:e4:42: 4b:9a:a2:7d:0e:5f:69:fa:31:da:f1:3f:6b:1f:c0:03:e9:6c: 70:16:ef:26:6f:7c:d3:e4:49:ba:13:bc:30:70:53:95:b9:83: 60:29:17:6d:e0:f7:b7:38:35:07:12:96:53:87:be:e8:07:da: b2:2f:ce:e1:d0:2d:9f:b3:ce:6f:5f:43:e1:f6:05:29:87:80: 16:e8:61:92:ca:e5:29:6a:62:e0:83:d8:64:9d:01:ec:ca:fa: c2:8b:d1:67:e4:50:b3:6b:3f:11:06:1d:ed:cd:4d:31:a5:9c: d0:e3:5f:65:ca:e0:69:c0:d7:8a:7c:d5:e6:db:5f:6e:9b:d2: a9:35:db:28:cd:f0:06:a7:56:59:48:d6:e5:70:bc:01:85:1d: 6d:0b:56:55:93:4c:b7:d6:47:28:49:94:1a:7d:a6:43:cc:59: 87:64:0b:7e:bf:fd:c0:63:de:83:a8:70:4b:9e:cd:c8:23:20: 52:f8:3f:b6:47:d5:e2:83:c1:05:29:f8:27:46:f4:f1:71:37: b4:f8:18:6a:8a:c8:ce:0b:8c:75:5a:cf:b4:f1:82:50:a5:2b: 77:f8:f4:0d:11:2f:c4:35:42:c9:dd:ee:93:a1:05:6a:05:0a: 89:c8:72:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCeAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0E3QTYxMTAvBgNVBAUTKDlGMkU1Nzg4RUY3OTU4NUJBQjc2MTk4NzdEMzk2MjdB QjJFNUQ1MTkwHhcNMjUwMjE0MjA0ODUwWhcNMjUwMjIxMjA0ODUwWjAYMRYwFAYD VQQDEw02N2FmYWMzMi1iYTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr1jxn4c47aPRAwmjomSikU4dT7y1+gr4FIuUSD9/aJc9UTrcQyNnbHHQIVg9 1Ztcje+iGWCq/DXZmwjOtvDL5FPWZXzXCOSaVTuwABd1A9kMj9/mh+wqG/3iToFz q55jsjHXJ2fT7UnEumHaXP9tFJA4jElgEl+7p0iQ77qZsTeKISLUBAyCKHib+EPH FPvhySVWPnwleKA2ksFvE/uzEsL+pCosmhzv0DehIsoRpHUIN99vFsmeOyK7A18m g83qpEGJ6qCAF7U7C0hx+HUw/CiX2ufSuRB0Jis1y+bcL3+1mHowU2rw76R4QOP1 80in9Y0lKFaurlW48XjBrHIo5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ2J6xV/ l5l58JgGWmlk4RMABbr8MB8GA1UdIwQYMBaAFJ8uV4jveVhbq3YZh305Ynqy5dUZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQTdBNi80NTdBOEU4Mjcz QjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdGdXJkaG1IZlRsaWVyTGwx UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL255NVhpTzk1V0Z1cmRobUhmVGxpZXJMbDFSay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QTdBNi80NTdBOEU4MjczQjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdG dXJkaG1IZlRsaWVyTGwxUmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwo+oNataObzhfuJuvGtts5EJLmqJ9Dl9p+jHa8T9rH8AD6WxwFu8m b3zT5Em6E7wwcFOVuYNgKRdt4Pe3ODUHEpZTh77oB9qyL87h0C2fs85vX0Ph9gUp h4AW6GGSyuUpamLgg9hknQHsyvrCi9Fn5FCzaz8RBh3tzU0xpZzQ419lyuBpwNeK fNXm219um9KpNdsozfAGp1ZZSNblcLwBhR1tC1ZVk0y31kcoSZQafaZDzFmHZAt+ v/3AY96DqHBLns3IIyBS+D+2R9Xig8EFKfgnRvTxcTe0+BhqisjOC4x1Ws+08YJQ pSt3+PQNES/ENULJ3e6ToQVqBQqJyHIB -----END CERTIFICATE-----Generated at Sun Feb 16 15:16:09 2025 by rpki-client