$ rpki-client -vvf rpki.apnic.net/member_repository/A9144F34/4D22EEE0BDE911EFBFD53882C4F9AE02/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.mft File: SzEIvFdYhD1j3_b8ZAl_KxZEy4o.mft (raw, json) Hash identifier: 4dZKa0w9UxnJurap3yKw8tbo2yKQpThOXICw2DqDowo= Subject key identifier: EF:08:50:41:98:F5:45:14:6E:51:7C:D1:47:3B:54:BA:22:96:D0:9B Authority key identifier: 4B:31:08:BC:57:58:84:3D:63:DF:F6:FC:64:09:7F:2B:16:44:CB:8A Certificate issuer: /CN=A9144F34/serialNumber=4B3108BC5758843D63DFF6FC64097F2B1644CB8A Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144F34/4D22EEE0BDE911EFBFD53882C4F9AE02/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.mft Manifest number: 1B Signing time: Wed 05 Feb 2025 06:21:24 +0000 Manifest this update: Wed 05 Feb 2025 06:21:24 +0000 Manifest next update: Wed 12 Feb 2025 06:21:24 +0000 Files and hashes: 1: SzEIvFdYhD1j3_b8ZAl_KxZEy4o.crl (hash: z/1/dg574JAVzzcwQUkEILX0Bojq96gTsozufKL+PgM=) 2: AA14EED2BDE911EFB07EE682C4F9AE02.roa (hash: 8Lz3SihiRlFf9NOxeybLJutdQF61khJ8l8jmKMF421Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144F34/4D22EEE0BDE911EFBFD53882C4F9AE02/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.crl rsync://rpki.apnic.net/member_repository/A9144F34/4D22EEE0BDE911EFBFD53882C4F9AE02/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:21:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144F34 Validity Not Before: Feb 5 06:21:24 2025 GMT Not After : Feb 12 06:21:24 2025 GMT Subject: CN=67a30364-0fcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:dc:eb:27:0c:0e:b2:00:7d:a0:2a:63:1e:66: de:28:50:fb:d6:f4:20:58:99:f7:07:67:26:e9:6e: df:d2:5b:46:04:03:c0:c9:7a:7b:f9:09:77:9f:6f: 35:d1:c3:64:60:6f:d3:d3:d2:a9:24:91:0a:29:3a: 05:3e:6f:3c:96:9c:f0:7b:a0:6a:96:79:94:bf:b0: 66:08:9c:23:75:34:e2:e0:c8:54:ca:01:f5:17:60: fd:5e:80:91:68:cd:24:66:32:74:3f:1a:1c:e1:49: 32:ff:96:be:b1:67:c6:ba:95:4b:13:d2:ba:aa:09: 0e:3b:cd:5f:ed:65:c5:bd:0d:98:6a:ce:7c:33:90: 7a:b5:2a:27:5c:7b:ab:50:eb:fa:48:82:6c:28:a8: bd:f0:45:2d:8e:af:65:76:b9:05:b8:54:cf:b3:20: 85:b6:40:5c:93:5d:bd:ff:ed:4a:af:6f:80:2b:25: 75:51:8b:bb:61:54:b9:2a:a8:5c:34:9f:19:8f:bf: 67:14:59:8d:2e:1a:c7:aa:45:0a:ea:db:99:26:c1: 31:56:df:08:04:5e:57:2c:e5:bf:1a:8f:dd:dd:80: 70:54:14:76:92:39:cf:5d:de:56:c6:31:cd:6a:c1: 95:d1:4c:3c:37:56:ab:ee:bb:8c:f6:7c:c1:f7:e9: 86:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:08:50:41:98:F5:45:14:6E:51:7C:D1:47:3B:54:BA:22:96:D0:9B X509v3 Authority Key Identifier: keyid:4B:31:08:BC:57:58:84:3D:63:DF:F6:FC:64:09:7F:2B:16:44:CB:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144F34/4D22EEE0BDE911EFBFD53882C4F9AE02/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144F34/4D22EEE0BDE911EFBFD53882C4F9AE02/SzEIvFdYhD1j3_b8ZAl_KxZEy4o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:dd:2b:be:bf:e0:42:37:34:75:27:5f:47:4c:a5:da:24:3b: 49:11:26:8c:e1:c6:0e:84:bc:bd:cc:05:9e:7e:f8:2e:52:7b: 50:d6:ab:3d:c8:c9:db:c0:6f:f6:07:17:7c:b2:85:11:f2:3e: af:52:6b:d7:7d:ec:d5:23:82:e4:3d:e7:fc:0e:24:8d:33:54: 79:18:31:9c:89:5b:31:80:4f:bf:bd:25:37:a5:18:7b:ae:28: 29:c9:d8:1c:22:b2:39:28:ca:65:a6:71:c3:c0:91:59:b2:42: f2:49:5a:17:01:e6:00:a8:c4:ab:17:9c:53:56:56:fb:b9:1f: 24:a3:79:55:73:c8:dc:6d:88:44:00:4c:69:85:03:1d:0b:af: d3:5d:75:c0:45:e7:b5:05:e7:75:ff:00:fe:3e:28:9d:1c:cb: 9d:3a:da:83:aa:fa:30:fe:30:73:05:d6:6a:00:44:fa:52:ff: 48:a7:ae:6b:23:5e:69:5b:f5:88:8e:0e:51:fd:5b:4e:6d:f7: e7:2e:15:84:67:1b:c1:58:6b:92:13:4b:a4:db:4a:0f:52:02: a9:90:d1:67:8c:80:26:2f:97:19:e1:5d:43:10:3d:cf:17:93: 93:65:92:dc:b1:bd:a6:bb:54:5d:69:5b:cc:ba:f5:5b:96:43: 73:c8:4e:9b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NEYzNDExMC8GA1UEBRMoNEIzMTA4QkM1NzU4ODQzRDYzREZGNkZDNjQwOTdGMkIx NjQ0Q0I4QTAeFw0yNTAyMDUwNjIxMjRaFw0yNTAyMTIwNjIxMjRaMBgxFjAUBgNV BAMTDTY3YTMwMzY0LTBmY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC73OsnDA6yAH2gKmMeZt4oUPvW9CBYmfcHZybpbt/SW0YEA8DJenv5CXefbzXR w2Rgb9PT0qkkkQopOgU+bzyWnPB7oGqWeZS/sGYInCN1NOLgyFTKAfUXYP1egJFo zSRmMnQ/GhzhSTL/lr6xZ8a6lUsT0rqqCQ47zV/tZcW9DZhqznwzkHq1Kidce6tQ 6/pIgmwoqL3wRS2Or2V2uQW4VM+zIIW2QFyTXb3/7Uqvb4ArJXVRi7thVLkqqFw0 nxmPv2cUWY0uGseqRQrq25kmwTFW3wgEXlcs5b8aj93dgHBUFHaSOc9d3lbGMc1q wZXRTDw3Vqvuu4z2fMH36YbHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7whQQZj1 RRRuUXzRRztUuiKW0JswHwYDVR0jBBgwFoAUSzEIvFdYhD1j3/b8ZAl/KxZEy4ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0RjM0LzREMjJFRUUwQkRF OTExRUZCRkQ1Mzg4MkM0RjlBRTAyL1N6RUl2RmRZaEQxajNfYjhaQWxfS3haRXk0 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvU3pFSXZGZFloRDFqM19iOFpBbF9LeFpFeTRvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0 RjM0LzREMjJFRUUwQkRFOTExRUZCRkQ1Mzg4MkM0RjlBRTAyL1N6RUl2RmRZaEQx ajNfYjhaQWxfS3haRXk0by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKHdK76/4EI3NHUnX0dMpdokO0kRJozhxg6EvL3MBZ5++C5Se1DWqz3I ydvAb/YHF3yyhRHyPq9Sa9d97NUjguQ95/wOJI0zVHkYMZyJWzGAT7+9JTelGHuu KCnJ2BwisjkoymWmccPAkVmyQvJJWhcB5gCoxKsXnFNWVvu5HySjeVVzyNxtiEQA TGmFAx0Lr9NddcBF57UF53X/AP4+KJ0cy5062oOq+jD+MHMF1moARPpS/0inrmsj Xmlb9YiODlH9W05t9+cuFYRnG8FYa5ITS6TbSg9SAqmQ0WeMgCYvlxnhXUMQPc8X k5Nlktyxvaa7VF1pW8y69VuWQ3PITps= -----END CERTIFICATE-----Generated at Wed Feb 5 20:11:19 2025 by rpki-client