$ rpki-client -vvf rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft File: 9ES43awaKuycmNiYFhxzSCwu1Ig.mft (raw, json) Hash identifier: mUbmVNFWFjPlAgpjG3Xg2To4yvwWZsCsMV/iVvul/d8= Subject key identifier: 38:3C:D8:ED:FE:84:77:64:4B:EA:9C:29:D9:49:4C:7F:F7:6E:05:04 Authority key identifier: F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 Certificate issuer: /CN=A91427E2/serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft Manifest number: 4A Signing time: Thu 13 Mar 2025 05:26:22 +0000 Manifest this update: Thu 13 Mar 2025 05:26:22 +0000 Manifest next update: Thu 20 Mar 2025 05:26:22 +0000 Files and hashes: 1: 9ES43awaKuycmNiYFhxzSCwu1Ig.crl (hash: ZHtoTe6pCu5/AnY8oHlw4lrXnnrQJ3fHq+AS/Fwm9UY=) 2: 52EADE54935111EF98AA8C86C4F9AE02.roa (hash: 0fdxeAEBe9WDBbNHH1E08sqfA2VEHdavddZ4/AMBK2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 05:26:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91427E2 Validity Not Before: Mar 13 05:26:22 2025 GMT Not After : Mar 20 05:26:22 2025 GMT Subject: CN=67d26c7e-664b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:03:ae:07:71:20:5a:78:6b:67:35:e9:60:65: 80:fd:58:1c:11:c6:96:20:0d:ae:a2:e6:73:20:f1: c0:07:72:fa:12:69:28:ab:bc:55:4e:3b:29:d6:56: 1d:0c:a6:25:e2:bd:6e:fa:b4:c5:56:ba:3a:02:1e: 0b:71:32:8e:fd:c1:96:9d:28:1a:3b:c3:ef:1f:99: 74:39:b2:ea:eb:db:be:e0:d6:28:98:8a:bf:0d:fe: 46:8b:a0:7e:a2:89:fc:56:be:ea:67:59:2f:1a:05: 00:a4:cb:77:f0:97:96:c6:28:e6:94:28:57:83:bb: 48:9a:8c:d5:e3:cb:80:af:e6:fc:2b:85:db:34:53: 15:3b:9c:20:de:0c:18:72:7e:b4:a9:2a:54:6c:d3: e4:95:fc:e5:65:0e:78:5b:ec:46:16:93:05:c8:3d: 78:0d:45:76:d3:51:ad:b9:2d:bc:4b:1c:cb:8b:05: 1a:c7:0f:16:36:5b:de:8d:d7:17:19:d5:6d:7e:29: 08:7e:98:67:3c:37:3b:3e:65:c8:ff:43:07:9a:f9: 7e:1c:6e:b2:d5:07:25:4d:d2:a9:c4:9e:73:93:f0: a6:6c:3c:53:06:8b:d2:72:a7:cf:5a:7f:a4:29:d5: 00:af:4e:d7:68:d4:a2:f4:27:5d:c7:a4:3e:4f:35: ed:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:3C:D8:ED:FE:84:77:64:4B:EA:9C:29:D9:49:4C:7F:F7:6E:05:04 X509v3 Authority Key Identifier: keyid:F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:ff:23:04:2d:50:dc:50:b3:e8:4f:10:6d:b5:a3:af:34:6a: 7e:c3:6f:9f:1f:cf:75:86:51:34:95:65:fe:05:a7:1c:29:61: d1:f5:f3:0e:01:4f:f1:12:76:0a:e5:b1:6c:af:68:bc:49:69: d2:73:fb:c9:74:99:92:fc:91:32:e5:92:31:33:02:c1:5e:da: 6c:8e:e7:37:2e:1f:e8:d5:76:3f:e9:27:09:35:d1:d0:b8:64: b9:83:1e:b7:6e:b5:66:a3:c8:8b:90:73:56:f5:0c:59:78:87: ce:b9:40:7b:51:3e:7b:3e:ae:a9:cb:2e:10:fd:25:15:d0:d7: fe:eb:76:17:51:ca:fe:69:90:4a:51:89:67:9e:14:9d:64:ca: 4e:8e:e4:87:a0:ad:9f:a9:3d:d7:1c:09:fc:32:6d:46:21:0e: 60:0e:62:cb:ac:5e:b1:2e:99:b5:41:20:45:85:45:cb:21:65: 1a:97:59:63:87:3d:3f:fe:0c:92:da:5d:0a:fe:a3:be:17:2a: b3:27:fb:2a:1a:bd:1b:ee:f5:d2:49:a1:5b:a3:bb:7f:29:96: c4:46:d8:cb:97:b3:75:35:1b:bf:07:75:ea:c2:5a:79:2d:cf: a1:2e:97:0c:29:e8:4a:87:5d:bc:bd:f0:75:a3:e5:e4:77:36: 26:37:b9:0e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjdFMjExMC8GA1UEBRMoRjQ0NEI4RERBQzFBMkFFQzlDOThEODk4MTYxQzczNDgy QzJFRDQ4ODAeFw0yNTAzMTMwNTI2MjJaFw0yNTAzMjAwNTI2MjJaMBgxFjAUBgNV BAMTDTY3ZDI2YzdlLTY2NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+A64HcSBaeGtnNelgZYD9WBwRxpYgDa6i5nMg8cAHcvoSaSirvFVOOynWVh0M piXivW76tMVWujoCHgtxMo79wZadKBo7w+8fmXQ5surr277g1iiYir8N/kaLoH6i ifxWvupnWS8aBQCky3fwl5bGKOaUKFeDu0iajNXjy4Cv5vwrhds0UxU7nCDeDBhy frSpKlRs0+SV/OVlDnhb7EYWkwXIPXgNRXbTUa25LbxLHMuLBRrHDxY2W96N1xcZ 1W1+KQh+mGc8Nzs+Zcj/Qwea+X4cbrLVByVN0qnEnnOT8KZsPFMGi9Jyp89af6Qp 1QCvTtdo1KL0J13HpD5PNe0/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUODzY7f6E d2RL6pwp2UlMf/duBQQwHwYDVR0jBBgwFoAU9ES43awaKuycmNiYFhxzSCwu1Igw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyN0UyLzcwMzFBMUVDOTM1 MDExRUZCQUNFMDA0Q0M0RjlBRTAyLzlFUzQzYXdhS3V5Y21OaVlGaHh6U0N3dTFJ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvOUVTNDNhd2FLdXljbU5pWUZoeHpTQ3d1MUlnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy N0UyLzcwMzFBMUVDOTM1MDExRUZCQUNFMDA0Q0M0RjlBRTAyLzlFUzQzYXdhS3V5 Y21OaVlGaHh6U0N3dTFJZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABr/IwQtUNxQs+hPEG21o680an7Db58fz3WGUTSVZf4FpxwpYdH18w4B T/ESdgrlsWyvaLxJadJz+8l0mZL8kTLlkjEzAsFe2myO5zcuH+jVdj/pJwk10dC4 ZLmDHrdutWajyIuQc1b1DFl4h865QHtRPns+rqnLLhD9JRXQ1/7rdhdRyv5pkEpR iWeeFJ1kyk6O5IegrZ+pPdccCfwybUYhDmAOYsusXrEumbVBIEWFRcshZRqXWWOH PT/+DJLaXQr+o74XKrMn+yoavRvu9dJJoVuju38plsRG2MuXs3U1G78HderCWnkt z6Eulwwp6EqHXby98HWj5eR3NiY3uQ4= -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:52 2025 by rpki-client