$ rpki-client -vvf rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft File: 9ES43awaKuycmNiYFhxzSCwu1Ig.mft (raw, json) Hash identifier: MfayVNPCORr/YXBVVg2IOi7OXxOfWqDPOJSoG2cqkqU= Subject key identifier: 73:FC:6B:65:24:82:40:EA:02:0A:3D:99:11:2A:63:5D:D0:C6:42:2B Authority key identifier: F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 Certificate issuer: /CN=A91427E2/serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft Manifest number: 3D Signing time: Sat 15 Feb 2025 08:52:46 +0000 Manifest this update: Sat 15 Feb 2025 08:52:46 +0000 Manifest next update: Sat 22 Feb 2025 08:52:46 +0000 Files and hashes: 1: 9ES43awaKuycmNiYFhxzSCwu1Ig.crl (hash: u+W7qMJKsLVm/Ekc8C1xpCF6I9LFP6qkfbyQr6MKsWc=) 2: 52EADE54935111EF98AA8C86C4F9AE02.roa (hash: 0fdxeAEBe9WDBbNHH1E08sqfA2VEHdavddZ4/AMBK2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91427E2 Validity Not Before: Feb 15 08:52:46 2025 GMT Not After : Feb 22 08:52:46 2025 GMT Subject: CN=67b055de-ba2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:73:f6:23:1d:9f:f7:a6:0b:60:95:4b:26:ae: 82:a9:f9:31:69:c6:d6:38:8b:e0:61:ac:9b:e7:05: 7d:55:5d:d4:46:51:04:1e:5f:6e:6c:d2:9f:41:5f: 93:45:24:67:35:15:bf:c6:3f:c5:ac:ef:d7:99:41: 9e:fb:00:b3:ef:74:ad:5a:38:d2:5c:d4:34:38:05: eb:2d:85:53:30:17:b3:01:c8:e5:7e:ee:33:56:22: 64:e5:3b:5a:7e:b2:e9:50:8d:c1:34:d0:72:11:3a: 2c:f8:38:66:17:0f:10:4f:70:0c:a5:4f:a6:31:8f: 6e:2a:9e:97:a1:90:02:dd:d4:5c:da:8e:54:c5:5f: f6:50:e6:18:0a:93:0f:11:cc:9d:d2:0b:e0:1c:d8: ca:3c:44:42:04:0d:a5:12:55:52:43:bf:b2:cc:b7: fd:ff:b3:58:78:d0:1e:97:6a:c5:77:3a:e5:2d:5a: f0:0d:1a:d8:e5:d6:ba:90:ac:29:f3:7b:9d:c6:d1: 65:39:cf:94:1c:f5:34:a8:f0:fa:de:fc:e9:83:a5: f1:0f:c5:75:b2:77:cb:c4:ff:f4:76:c6:a0:34:da: f9:fc:74:1a:70:83:f9:92:4e:88:59:c7:d8:b6:96: 1e:76:27:fa:25:7b:ef:6e:4c:07:b6:96:e7:ad:f7: 76:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:FC:6B:65:24:82:40:EA:02:0A:3D:99:11:2A:63:5D:D0:C6:42:2B X509v3 Authority Key Identifier: keyid:F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:68:61:66:32:44:5e:02:e3:2d:f1:94:c5:fa:4b:c3:43:38: 9e:6b:62:a8:f9:f6:7c:a7:fc:2c:d0:83:7d:a7:58:3c:ff:42: ce:48:8c:65:e0:e2:97:df:fd:4b:98:30:79:42:b1:33:78:b1: b7:19:58:05:5d:20:fd:86:22:09:87:9d:21:93:02:9b:f5:59: 7f:a6:98:6d:f1:3f:34:ba:ba:e7:a1:39:ec:f4:f3:0d:92:6b: fa:15:ae:e7:2c:5f:77:31:dd:af:2f:54:1c:52:b2:6b:8a:d5: 15:c6:6e:8e:09:4b:e0:c3:1c:06:e3:44:ae:96:c7:38:95:36: 02:e8:f3:15:33:ba:94:89:44:49:de:69:22:5a:02:25:f1:e1: 71:d6:df:db:8e:6b:35:6e:e4:65:ed:cd:08:a3:ea:ba:85:46: 97:f3:75:c8:f6:47:f6:60:ed:2c:6c:9c:67:07:94:bf:5a:ce: e4:60:d8:a5:20:ab:bb:9b:1c:bc:9a:4e:d3:8c:3b:00:7f:cb: 33:6b:72:4f:e0:cc:ea:7a:96:f4:19:08:84:6e:93:3e:42:5f: b2:07:f0:aa:74:c5:6a:3f:96:c3:9e:05:e8:11:ad:02:fd:4e: f1:0e:2a:43:b6:36:45:45:18:e4:3b:71:8b:0b:83:34:19:1b: 7c:ab:c0:d0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjdFMjExMC8GA1UEBRMoRjQ0NEI4RERBQzFBMkFFQzlDOThEODk4MTYxQzczNDgy QzJFRDQ4ODAeFw0yNTAyMTUwODUyNDZaFw0yNTAyMjIwODUyNDZaMBgxFjAUBgNV BAMTDTY3YjA1NWRlLWJhMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyc/YjHZ/3pgtglUsmroKp+TFpxtY4i+BhrJvnBX1VXdRGUQQeX25s0p9BX5NF JGc1Fb/GP8Ws79eZQZ77ALPvdK1aONJc1DQ4BesthVMwF7MByOV+7jNWImTlO1p+ sulQjcE00HIROiz4OGYXDxBPcAylT6Yxj24qnpehkALd1FzajlTFX/ZQ5hgKkw8R zJ3SC+Ac2Mo8REIEDaUSVVJDv7LMt/3/s1h40B6XasV3OuUtWvANGtjl1rqQrCnz e53G0WU5z5Qc9TSo8Pre/OmDpfEPxXWyd8vE//R2xqA02vn8dBpwg/mSTohZx9i2 lh52J/ole+9uTAe2luet93YfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUc/xrZSSC QOoCCj2ZESpjXdDGQiswHwYDVR0jBBgwFoAU9ES43awaKuycmNiYFhxzSCwu1Igw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyN0UyLzcwMzFBMUVDOTM1 MDExRUZCQUNFMDA0Q0M0RjlBRTAyLzlFUzQzYXdhS3V5Y21OaVlGaHh6U0N3dTFJ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvOUVTNDNhd2FLdXljbU5pWUZoeHpTQ3d1MUlnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy N0UyLzcwMzFBMUVDOTM1MDExRUZCQUNFMDA0Q0M0RjlBRTAyLzlFUzQzYXdhS3V5 Y21OaVlGaHh6U0N3dTFJZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALZoYWYyRF4C4y3xlMX6S8NDOJ5rYqj59nyn/CzQg32nWDz/Qs5IjGXg 4pff/UuYMHlCsTN4sbcZWAVdIP2GIgmHnSGTApv1WX+mmG3xPzS6uuehOez08w2S a/oVrucsX3cx3a8vVBxSsmuK1RXGbo4JS+DDHAbjRK6WxziVNgLo8xUzupSJREne aSJaAiXx4XHW39uOazVu5GXtzQij6rqFRpfzdcj2R/Zg7SxsnGcHlL9azuRg2KUg q7ubHLyaTtOMOwB/yzNrck/gzOp6lvQZCIRukz5CX7IH8Kp0xWo/lsOeBegRrQL9 TvEOKkO2NkVFGOQ7cYsLgzQZG3yrwNA= -----END CERTIFICATE-----Generated at Sun Feb 16 15:16:28 2025 by rpki-client