$ rpki-client -vvf rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.mft File: rVRdJQT-Hekq4XZt9GV2N9t6fnU.mft (raw, json) Hash identifier: /0/UFFegBk/KznkXprH2l61e033EgJ5DuysQ819aFSo= Subject key identifier: 44:E9:FF:F6:10:AB:B4:15:30:5E:B8:73:FE:34:E5:AF:65:0E:08:AE Authority key identifier: AD:54:5D:25:04:FE:1D:E9:2A:E1:76:6D:F4:65:76:37:DB:7A:7E:75 Certificate issuer: /CN=A9172FC5/serialNumber=AD545D2504FE1DE92AE1766DF4657637DB7A7E75 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rVRdJQT-Hekq4XZt9GV2N9t6fnU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.mft Manifest number: 27 Signing time: Wed 05 Feb 2025 06:12:14 +0000 Manifest this update: Wed 05 Feb 2025 06:12:14 +0000 Manifest next update: Wed 12 Feb 2025 06:12:14 +0000 Files and hashes: 1: rVRdJQT-Hekq4XZt9GV2N9t6fnU.crl (hash: hTHk9iORdD8hNEvLaiuNZqH0OZQKIiMtgxo8aXw3RDI=) 2: 2CD73990AB4011EF849D9515C4F9AE02.roa (hash: n7B/UUcmtXjVJkGeKo3kLxJl+ZkT5f7+LU0DhIJENOU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.crl rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rVRdJQT-Hekq4XZt9GV2N9t6fnU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:12:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172FC5 Validity Not Before: Feb 5 06:12:14 2025 GMT Not After : Feb 12 06:12:14 2025 GMT Subject: CN=67a3013e-f917 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:17:23:fd:08:dc:f6:c2:12:34:2f:38:c8:4c: 6a:0c:14:70:ce:bc:73:d3:fc:e5:62:db:5e:58:fe: 5e:c3:ae:26:31:af:64:2a:eb:18:a6:4d:f8:f1:04: c3:4c:29:03:78:db:d1:14:d7:50:67:f4:9b:69:7e: de:bc:ca:a9:64:ca:50:1c:6d:63:7b:f8:1e:64:a4: b8:b6:2f:02:e6:97:5b:3b:5c:2a:41:e4:16:42:02: 55:2b:f7:3b:96:e1:92:d5:84:93:c9:0b:4e:ac:9e: 33:0b:20:6e:e9:d4:9e:ff:3c:2f:d6:6c:59:de:dc: ca:85:f7:40:8f:2e:c5:ae:9a:23:ab:24:82:cb:04: 32:50:6d:c6:7b:e8:60:ed:fd:a5:ec:97:52:f9:e4: ee:7a:65:53:ab:95:80:c0:2c:02:c5:6f:02:a3:1b: fd:e7:80:af:ee:a6:d1:a4:74:2a:53:21:e9:66:a3: 40:51:b1:5b:75:50:57:63:e0:3d:39:f3:62:19:c9: 2d:66:12:cf:30:3b:d4:77:f6:7e:18:a5:1c:7e:8c: b5:e8:3d:b4:c4:26:c0:56:aa:11:a9:76:df:ed:63: b7:af:4d:50:4e:1d:a0:bc:b6:a8:af:ca:11:4c:0c: e8:78:f1:a4:c1:06:d8:ad:9c:4f:89:4a:ad:a3:ae: 41:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:E9:FF:F6:10:AB:B4:15:30:5E:B8:73:FE:34:E5:AF:65:0E:08:AE X509v3 Authority Key Identifier: keyid:AD:54:5D:25:04:FE:1D:E9:2A:E1:76:6D:F4:65:76:37:DB:7A:7E:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rVRdJQT-Hekq4XZt9GV2N9t6fnU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:31:d3:16:ee:d2:94:aa:02:e0:d1:9c:84:4d:6a:1d:33:be: 1b:c7:91:d8:cf:d2:eb:ff:fe:6f:bd:59:d8:fc:e4:73:ef:5c: 53:c9:dd:48:16:07:de:46:84:b4:77:23:6e:c6:e3:5d:ef:40: ac:5a:70:a3:9d:59:32:9a:4f:c5:0b:8d:87:61:26:e1:a6:ff: 1a:8a:46:59:d9:90:4e:87:3d:51:39:56:8c:66:2f:f5:72:6c: 44:49:15:8f:16:b3:fa:2f:e3:62:96:1f:c0:e3:7e:17:e3:3c: 15:cb:b0:25:e6:39:0b:d8:3b:6c:56:18:94:fb:da:9f:de:1d: 8a:e2:8c:60:53:28:76:28:87:a3:0d:d2:5d:0c:f7:da:33:fb: 4c:12:ed:d3:36:fa:c5:14:84:8a:90:8f:c1:4b:b0:35:cc:c6: a9:4a:34:10:54:7d:cd:80:4d:d7:6e:2c:ce:f8:e2:43:56:dc: 84:44:46:af:4d:97:12:83:0e:81:cd:ca:79:91:34:1d:b6:23: 4f:8a:3c:b5:4b:6d:35:a2:b6:30:dc:ad:85:f3:9f:18:d2:85: ed:6b:e8:0c:3b:8e:82:2c:63:02:f3:f6:e4:ed:ab:61:da:03: 71:1a:44:62:63:c4:41:9e:73:ef:d9:d9:34:6f:7f:36:00:5b: 18:96:96:97 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MkZDNTExMC8GA1UEBRMoQUQ1NDVEMjUwNEZFMURFOTJBRTE3NjZERjQ2NTc2MzdE QjdBN0U3NTAeFw0yNTAyMDUwNjEyMTRaFw0yNTAyMTIwNjEyMTRaMBgxFjAUBgNV BAMTDTY3YTMwMTNlLWY5MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQFyP9CNz2whI0LzjITGoMFHDOvHPT/OVi215Y/l7DriYxr2Qq6ximTfjxBMNM KQN429EU11Bn9Jtpft68yqlkylAcbWN7+B5kpLi2LwLml1s7XCpB5BZCAlUr9zuW 4ZLVhJPJC06snjMLIG7p1J7/PC/WbFne3MqF90CPLsWumiOrJILLBDJQbcZ76GDt /aXsl1L55O56ZVOrlYDALALFbwKjG/3ngK/uptGkdCpTIelmo0BRsVt1UFdj4D05 82IZyS1mEs8wO9R39n4YpRx+jLXoPbTEJsBWqhGpdt/tY7evTVBOHaC8tqivyhFM DOh48aTBBtitnE+JSq2jrkFFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUROn/9hCr tBUwXrhz/jTlr2UOCK4wHwYDVR0jBBgwFoAUrVRdJQT+Hekq4XZt9GV2N9t6fnUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyRkM1L0U1MzlDREEwQUIz RjExRUZCRTAyQ0YxNEM0RjlBRTAyL3JWUmRKUVQtSGVrcTRYWnQ5R1YyTjl0NmZu VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvclZSZEpRVC1IZWtxNFhadDlHVjJOOXQ2Zm5VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcy RkM1L0U1MzlDREEwQUIzRjExRUZCRTAyQ0YxNEM0RjlBRTAyL3JWUmRKUVQtSGVr cTRYWnQ5R1YyTjl0NmZuVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF0x0xbu0pSqAuDRnIRNah0zvhvHkdjP0uv//m+9Wdj85HPvXFPJ3UgW B95GhLR3I27G413vQKxacKOdWTKaT8ULjYdhJuGm/xqKRlnZkE6HPVE5VoxmL/Vy bERJFY8Ws/ov42KWH8DjfhfjPBXLsCXmOQvYO2xWGJT72p/eHYrijGBTKHYoh6MN 0l0M99oz+0wS7dM2+sUUhIqQj8FLsDXMxqlKNBBUfc2ATdduLM744kNW3IRERq9N lxKDDoHNynmRNB22I0+KPLVLbTWitjDcrYXznxjShe1r6Aw7joIsYwLz9uTtq2Ha A3EaRGJjxEGec+/Z2TRvfzYAWxiWlpc= -----END CERTIFICATE-----Generated at Wed Feb 5 20:12:43 2025 by rpki-client