$ rpki-client -vvf rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft File: gez_R_JbIULxDfbUmuDiGf7XR_g.mft (raw, json) Hash identifier: 1PSC8Ws69EDbMVM6sb+S5t4xO39lGCh+IXwQBktJSFY= Subject key identifier: C8:BE:F7:16:1F:DA:BA:24:20:88:45:0D:25:A8:B7:1E:8D:D3:2D:95 Authority key identifier: 81:EC:FF:47:F2:5B:21:42:F1:0D:F6:D4:9A:E0:E2:19:FE:D7:47:F8 Certificate issuer: /CN=A913E5D6/serialNumber=81ECFF47F25B2142F10DF6D49AE0E219FED747F8 Certificate serial: 07CB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft Manifest number: 07C1 Signing time: Fri 14 Feb 2025 22:05:45 +0000 Manifest this update: Fri 14 Feb 2025 22:05:44 +0000 Manifest next update: Fri 21 Feb 2025 22:05:44 +0000 Files and hashes: 1: gez_R_JbIULxDfbUmuDiGf7XR_g.crl (hash: MXJkubFTGyXmQG2oVhgw1lNW/I9QHuvr+pAjEf5d05s=) 2: B287525CE81011EA926BE66FC4F9AE02.roa (hash: kQOgS4peBBp70aUmxSiUFHTW5T23lIg32+P5LpE+4Fo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.crl rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1995 (0x7cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E5D6 Validity Not Before: Feb 14 22:05:44 2025 GMT Not After : Feb 21 22:05:44 2025 GMT Subject: CN=67afbe39-4e0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:58:0c:d6:a9:b6:34:bb:cb:f7:2c:1f:de:4a: 93:a6:c3:f7:ae:65:61:c1:a4:6b:61:91:85:2f:26: b1:ee:12:d2:b1:d2:25:58:73:e5:67:1c:00:e6:0a: 6a:f1:e6:ba:b8:29:e3:0b:e0:ab:e8:c6:3a:d1:bf: 82:f3:59:0c:d3:88:38:71:4f:4d:04:a1:02:2e:35: ad:73:80:80:cc:12:9a:34:21:57:37:5b:89:9b:fe: 0c:b1:b8:67:31:5c:86:1d:b6:85:29:48:b1:e0:08: 1b:42:73:27:34:79:0c:c1:8f:d5:07:75:f6:ea:5f: aa:5e:ad:ab:c2:1c:a0:3a:24:df:9c:e6:9d:9b:23: 6b:7a:9d:31:74:41:ce:00:59:53:f3:02:59:e8:5d: 5e:c4:68:17:90:3c:3a:61:03:ad:55:8d:57:5a:20: 00:a9:1e:96:b4:77:27:c6:30:73:39:2e:59:5b:89: 63:17:e1:c1:73:e6:cf:36:b3:52:0f:12:94:31:7d: 81:b2:f0:f0:25:20:dd:93:3e:bd:6d:c4:6c:70:ed: 5c:d0:0c:6a:42:97:07:fe:64:88:fa:50:b6:a9:fe: de:2f:80:10:ae:ca:88:e0:6d:21:17:22:a0:6a:ba: 00:ca:f6:8e:7b:8d:8b:52:10:94:f5:f4:77:00:71: f8:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:BE:F7:16:1F:DA:BA:24:20:88:45:0D:25:A8:B7:1E:8D:D3:2D:95 X509v3 Authority Key Identifier: keyid:81:EC:FF:47:F2:5B:21:42:F1:0D:F6:D4:9A:E0:E2:19:FE:D7:47:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:98:9f:4e:a8:53:54:5b:75:e8:07:e7:5a:17:a1:89:c3:67: 57:00:ca:84:c9:76:e0:f7:d1:49:e7:cd:9d:6c:47:a4:24:18: 19:6e:0b:a3:e7:ac:ce:53:7c:8b:6b:b8:9a:3b:18:7f:85:79: 48:98:b7:40:b3:15:64:0b:68:c4:b6:c4:5f:6b:ce:c6:0f:35: 89:82:d8:32:72:69:7f:1d:bb:cb:06:46:9b:85:1d:52:98:0c: ba:8c:3f:3c:46:51:31:c5:4a:0c:6c:84:bb:34:48:96:7f:1b: 1d:38:1c:9f:33:5f:b6:b7:8d:15:ac:94:3a:21:fe:46:7d:8a: e3:32:96:7e:1e:71:50:a3:64:ed:f7:52:1a:bf:2a:99:ea:a5: 11:c2:7a:be:48:9e:50:88:fa:f6:e4:e0:2b:e2:9c:c7:30:85: 8c:b1:21:d6:b9:ed:b9:c7:90:a2:98:9f:30:a4:68:57:89:6f: 43:55:40:a8:a3:67:36:c1:9c:36:07:26:13:47:a9:b5:e3:f4: 3f:44:aa:5d:02:ee:bc:b6:31:da:30:67:45:89:77:e3:d2:33: 93:a6:fb:e3:62:40:f1:50:a2:2b:80:83:ce:02:5d:31:c2:64: 50:35:93:39:53:73:8f:49:a9:c5:60:b5:58:06:d3:74:ae:6c: 68:4a:e5:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U1RDYxMTAvBgNVBAUTKDgxRUNGRjQ3RjI1QjIxNDJGMTBERjZENDlBRTBFMjE5 RkVENzQ3RjgwHhcNMjUwMjE0MjIwNTQ0WhcNMjUwMjIxMjIwNTQ0WjAYMRYwFAYD VQQDEw02N2FmYmUzOS00ZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6FgM1qm2NLvL9ywf3kqTpsP3rmVhwaRrYZGFLyax7hLSsdIlWHPlZxwA5gpq 8ea6uCnjC+Cr6MY60b+C81kM04g4cU9NBKECLjWtc4CAzBKaNCFXN1uJm/4Msbhn MVyGHbaFKUix4AgbQnMnNHkMwY/VB3X26l+qXq2rwhygOiTfnOadmyNrep0xdEHO AFlT8wJZ6F1exGgXkDw6YQOtVY1XWiAAqR6WtHcnxjBzOS5ZW4ljF+HBc+bPNrNS DxKUMX2BsvDwJSDdkz69bcRscO1c0AxqQpcH/mSI+lC2qf7eL4AQrsqI4G0hFyKg aroAyvaOe42LUhCU9fR3AHH4lQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMi+9xYf 2rokIIhFDSWotx6N0y2VMB8GA1UdIwQYMBaAFIHs/0fyWyFC8Q321Jrg4hn+10f4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTVENi81QTUyRjkxMkU3 NUExMUVBQjk2RjlENjBDNEY5QUUwMi9nZXpfUl9KYklVTHhEZmJVbXVEaUdmN1hS X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2dlel9SX0piSVVMeERmYlVtdURpR2Y3WFJfZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTVENi81QTUyRjkxMkU3NUExMUVBQjk2RjlENjBDNEY5QUUwMi9nZXpfUl9KYklV THhEZmJVbXVEaUdmN1hSX2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCImJ9OqFNUW3XoB+daF6GJw2dXAMqEyXbg99FJ582dbEekJBgZbguj 56zOU3yLa7iaOxh/hXlImLdAsxVkC2jEtsRfa87GDzWJgtgycml/HbvLBkabhR1S mAy6jD88RlExxUoMbIS7NEiWfxsdOByfM1+2t40VrJQ6If5GfYrjMpZ+HnFQo2Tt 91IavyqZ6qURwnq+SJ5QiPr25OAr4pzHMIWMsSHWue25x5CimJ8wpGhXiW9DVUCo o2c2wZw2ByYTR6m14/Q/RKpdAu68tjHaMGdFiXfj0jOTpvvjYkDxUKIrgIPOAl0x wmRQNZM5U3OPSanFYLVYBtN0rmxoSuVq -----END CERTIFICATE-----Generated at Sun Feb 16 15:55:48 2025 by rpki-client