$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: jhIIOc9UR7jX2t/iceHeGpdTyHa3N0QiZo2APWw41e0= Subject key identifier: D1:45:76:DE:D4:78:25:B1:F7:11:CE:A9:C6:93:24:0F:CF:E4:19:DC Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0BAF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0BA7 Signing time: Wed 12 Mar 2025 18:43:44 +0000 Manifest this update: Wed 12 Mar 2025 18:43:44 +0000 Manifest next update: Wed 19 Mar 2025 18:43:43 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: p5EoB3BtkNQ3LKaYEwu1ddaOVweR15x/lQGH0lXvwts=) 2: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (hash: mW8L1FLDXuwnCDk5B3rFgpB45GljzNSPgwbjM/e2Wu0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 18:43:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2991 (0xbaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22 Validity Not Before: Mar 12 18:43:44 2025 GMT Not After : Mar 19 18:43:43 2025 GMT Subject: CN=67d1d5e0-b502 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:be:e9:09:8e:e2:e5:1f:11:8c:e9:0b:18:04: ec:4c:45:cf:67:41:ae:c1:95:7f:00:76:59:2a:b5: d7:7b:00:e7:aa:7c:53:52:cd:fc:01:e0:73:d3:b8: b3:50:2c:fc:10:93:7b:39:d6:db:08:2b:fd:6b:6b: be:37:d2:59:41:7c:32:3d:52:7d:b5:64:d8:5e:96: b1:4a:f3:29:48:80:18:ca:36:ef:50:25:9b:a9:d9: a8:6b:67:ba:d7:ac:aa:5f:24:91:da:a9:18:2e:88: 1f:8d:80:c5:1c:42:23:dc:a2:3f:de:9b:b0:66:53: 3d:71:9f:88:c7:d4:6c:4f:7e:9e:0d:0b:00:11:77: 65:ae:a9:99:39:a4:d8:0d:89:33:30:70:53:ed:5d: 2e:de:3c:2b:b2:06:b4:4e:80:f3:5c:b6:24:1a:ba: 87:af:6a:33:97:c2:21:dc:d6:62:15:87:11:dc:2c: 76:6a:ac:14:e9:63:56:c4:f3:61:28:e5:16:07:3e: 1b:89:f9:9a:12:91:87:e3:78:d8:df:7c:e4:1b:89: b4:d8:25:df:01:b3:f3:8a:1d:28:3e:2d:02:c3:05: 65:ae:dc:f3:16:bf:8f:0b:27:5d:79:f0:8b:f2:00: 72:12:ac:d3:d4:ed:10:6c:35:df:3c:2a:05:73:32: 49:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:45:76:DE:D4:78:25:B1:F7:11:CE:A9:C6:93:24:0F:CF:E4:19:DC X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:cc:d5:43:d4:6f:1b:02:b7:12:0a:ed:5f:86:89:ce:80:c4: 97:e8:8c:b3:45:6c:e7:73:24:85:34:70:33:8b:8d:88:bf:6c: 10:b2:f2:41:71:bc:ff:88:a0:e6:a4:a1:af:1e:7f:00:96:f1: d9:46:fb:bc:3f:ef:97:34:c9:32:76:d2:9a:e0:75:08:a0:9b: 4c:3e:cb:3f:b0:6a:bd:6b:73:84:6e:39:cb:c5:4b:39:ac:64: f0:75:5b:60:c4:a8:31:65:b7:76:79:75:fa:f9:3a:ec:72:22: e2:79:af:d8:f1:f8:eb:1e:7a:df:de:ef:57:19:46:9a:b2:b2: bc:79:f3:9e:79:47:99:a9:40:50:8b:07:df:3f:88:00:f4:87: 3a:67:1c:61:b6:32:4b:34:8d:05:18:6b:d3:c5:cc:a6:ca:b1: ef:ba:b1:19:4c:1b:56:c0:15:93:ee:f5:23:64:db:3e:36:a0: 66:bb:0f:99:a5:25:62:1f:60:66:88:d0:a4:26:78:69:5b:82: 08:9b:16:cc:b4:47:6c:c6:3c:01:7d:52:80:dd:a4:38:73:18: 90:4c:85:19:83:09:36:7a:85:79:f8:fa:18:f1:80:e7:a5:8a: 10:9d:bf:b0:2a:f4:72:e4:a9:90:1a:da:cd:dc:8b:c4:d2:0a: c0:5f:0f:70 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwMzEyMTg0MzQ0WhcNMjUwMzE5MTg0MzQzWjAYMRYwFAYD VQQDEw02N2QxZDVlMC1iNTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5L7pCY7i5R8RjOkLGATsTEXPZ0GuwZV/AHZZKrXXewDnqnxTUs38AeBz07iz UCz8EJN7OdbbCCv9a2u+N9JZQXwyPVJ9tWTYXpaxSvMpSIAYyjbvUCWbqdmoa2e6 16yqXySR2qkYLogfjYDFHEIj3KI/3puwZlM9cZ+Ix9RsT36eDQsAEXdlrqmZOaTY DYkzMHBT7V0u3jwrsga0ToDzXLYkGrqHr2ozl8Ih3NZiFYcR3Cx2aqwU6WNWxPNh KOUWBz4bifmaEpGH43jY33zkG4m02CXfAbPzih0oPi0CwwVlrtzzFr+PCyddefCL 8gByEqzT1O0QbDXfPCoFczJJ5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNFFdt7U eCWx9xHOqcaTJA/P5BncMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3zNVD1G8bArcSCu1fhonOgMSX6IyzRWzncySFNHAzi42Iv2wQsvJB cbz/iKDmpKGvHn8AlvHZRvu8P++XNMkydtKa4HUIoJtMPss/sGq9a3OEbjnLxUs5 rGTwdVtgxKgxZbd2eXX6+TrsciLiea/Y8fjrHnrf3u9XGUaasrK8efOeeUeZqUBQ iwffP4gA9Ic6ZxxhtjJLNI0FGGvTxcymyrHvurEZTBtWwBWT7vUjZNs+NqBmuw+Z pSViH2BmiNCkJnhpW4IImxbMtEdsxjwBfVKA3aQ4cxiQTIUZgwk2eoV5+PoY8YDn pYoQnb+wKvRy5KmQGtrN3IvE0grAXw9w -----END CERTIFICATE-----Generated at Thu Mar 13 21:28:53 2025 by rpki-client