$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.mft File: g4-9CzleqQcGxsKJrCaw1zigQkE.mft (raw, json) Hash identifier: lwgQ0/zI3l/+6+wajyujeWFaK0GpQge9xDOBWHBT0KA= Subject key identifier: 22:AB:2D:E2:C4:AA:B7:DB:CA:A5:24:4F:82:55:B1:EF:E7:45:20:B3 Authority key identifier: 83:8F:BD:0B:39:5E:A9:07:06:C6:C2:89:AC:26:B0:D7:38:A0:42:41 Certificate issuer: /CN=A917BB9A/serialNumber=838FBD0B395EA90706C6C289AC26B0D738A04241 Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.mft Manifest number: 17 Signing time: Wed 05 Feb 2025 06:28:42 +0000 Manifest this update: Wed 05 Feb 2025 06:28:41 +0000 Manifest next update: Wed 12 Feb 2025 06:28:41 +0000 Files and hashes: 1: g4-9CzleqQcGxsKJrCaw1zigQkE.crl (hash: VLP/MymTFJG6l25WU/kjakPVgenSa6eR6uYls2VF7R8=) 2: 0CBF3110D59011EFB76D6824C4F9AE02.roa (hash: wO5XBFfOCrDOLzTAwG2c8QWB5MqE2ajRI+6xibW2aso=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.crl rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:28:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BB9A Validity Not Before: Feb 5 06:28:41 2025 GMT Not After : Feb 12 06:28:41 2025 GMT Subject: CN=67a3051a-33a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:87:2b:4a:37:fb:6c:0e:0d:61:de:48:9c:d0: 84:d2:c1:6b:0a:6d:63:0b:91:03:64:47:53:d3:04: 3b:4d:34:ea:e1:13:9a:fa:db:c8:c0:56:60:84:a2: d2:06:2f:7f:64:a4:f0:75:38:91:fd:a4:e0:2b:8b: 3c:e6:9e:88:a0:32:80:dc:af:1b:31:a7:03:4b:2e: 40:2d:b4:86:6f:be:b6:60:dd:3e:95:fd:30:4c:65: 91:5c:6d:b8:dd:48:ca:c4:0c:2a:65:2b:39:e4:bc: 48:70:4f:39:55:bc:c3:fe:bf:df:ea:c8:71:60:7c: ad:58:cd:fe:ee:af:33:ef:65:b8:20:d4:7f:87:f3: 53:a5:59:da:55:bd:41:a3:af:72:b9:55:ba:06:a9: c6:7c:de:c4:9a:e2:b1:d8:93:a5:f3:21:ec:35:fc: 93:14:63:a1:cf:0a:5a:54:61:1e:1f:79:ae:85:14: a3:f1:67:a6:f9:cd:52:43:f2:c7:6b:6b:4b:c6:9e: 1f:2b:c9:d1:7f:12:ca:99:41:fe:1e:6f:89:57:b7: f8:e3:15:18:bf:de:37:a8:70:a1:9e:c1:fc:af:e0: 72:42:75:92:e4:7e:3f:94:d5:c9:e0:d8:d6:64:7c: 28:75:16:f8:49:5e:ae:f9:e2:8d:d9:3b:42:74:59: 1c:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:AB:2D:E2:C4:AA:B7:DB:CA:A5:24:4F:82:55:B1:EF:E7:45:20:B3 X509v3 Authority Key Identifier: keyid:83:8F:BD:0B:39:5E:A9:07:06:C6:C2:89:AC:26:B0:D7:38:A0:42:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:f3:3f:6c:fd:4a:dc:e3:1f:ac:c2:90:ab:8b:2a:19:ba:6e: 69:9b:d6:8f:df:1f:44:c0:71:f7:71:60:da:e3:99:b7:10:a0: e2:f1:94:31:8d:28:73:f2:e8:4f:d3:ac:99:18:5f:ff:6f:3d: 44:3b:63:b6:16:4d:01:eb:5f:1c:02:87:ee:f9:de:7e:fc:0c: d5:d1:4b:3e:49:81:80:c0:f5:5e:5e:14:a7:fc:41:6c:eb:9d: 0e:a6:bb:ff:f2:d1:d9:2e:81:93:e5:63:aa:d7:40:11:50:a6: 3d:31:54:63:85:7b:98:cc:b9:21:ca:77:4c:31:17:0e:55:89: 9b:76:44:5b:ce:8c:ad:d9:f4:d3:09:0b:c3:0a:de:f6:f3:32: 5f:fa:bf:f3:98:04:c6:3e:6f:7a:68:db:cf:05:e4:a2:29:1c: cf:38:cc:0c:e1:9b:88:f0:b2:51:f0:8c:69:38:56:74:79:7e: 90:58:f6:30:b7:db:58:2c:49:65:a6:49:56:a7:f3:7f:a9:c3: ba:90:51:e4:66:24:f6:59:8c:4e:4c:ae:1c:01:97:00:a6:f6: de:c6:25:63:20:ab:e4:0a:b3:c3:00:49:b0:04:e8:b3:dd:2f: 9f:9d:a0:87:24:1c:cd:26:c6:31:ca:db:46:33:23:20:77:04: de:08:3c:a7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QkI5QTExMC8GA1UEBRMoODM4RkJEMEIzOTVFQTkwNzA2QzZDMjg5QUMyNkIwRDcz OEEwNDI0MTAeFw0yNTAyMDUwNjI4NDFaFw0yNTAyMTIwNjI4NDFaMBgxFjAUBgNV BAMTDTY3YTMwNTFhLTMzYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAhytKN/tsDg1h3kic0ITSwWsKbWMLkQNkR1PTBDtNNOrhE5r628jAVmCEotIG L39kpPB1OJH9pOArizzmnoigMoDcrxsxpwNLLkAttIZvvrZg3T6V/TBMZZFcbbjd SMrEDCplKznkvEhwTzlVvMP+v9/qyHFgfK1Yzf7urzPvZbgg1H+H81OlWdpVvUGj r3K5VboGqcZ83sSa4rHYk6XzIew1/JMUY6HPClpUYR4fea6FFKPxZ6b5zVJD8sdr a0vGnh8rydF/EsqZQf4eb4lXt/jjFRi/3jeocKGewfyv4HJCdZLkfj+U1cng2NZk fCh1FvhJXq754o3ZO0J0WRy7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIqst4sSq t9vKpSRPglWx7+dFILMwHwYDVR0jBBgwFoAUg4+9CzleqQcGxsKJrCaw1zigQkEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCQjlBLzQxMzkwQkNBQ0ZG MzExRUY5MDYyRTUyMUM0RjlBRTAyL2c0LTlDemxlcVFjR3hzS0pyQ2F3MXppZ1Fr RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZzQtOUN6bGVxUWNHeHNLSnJDYXcxemlnUWtFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdC QjlBLzQxMzkwQkNBQ0ZGMzExRUY5MDYyRTUyMUM0RjlBRTAyL2c0LTlDemxlcVFj R3hzS0pyQ2F3MXppZ1FrRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABXzP2z9StzjH6zCkKuLKhm6bmmb1o/fH0TAcfdxYNrjmbcQoOLxlDGN KHPy6E/TrJkYX/9vPUQ7Y7YWTQHrXxwCh+753n78DNXRSz5JgYDA9V5eFKf8QWzr nQ6mu//y0dkugZPlY6rXQBFQpj0xVGOFe5jMuSHKd0wxFw5ViZt2RFvOjK3Z9NMJ C8MK3vbzMl/6v/OYBMY+b3po288F5KIpHM84zAzhm4jwslHwjGk4VnR5fpBY9jC3 21gsSWWmSVan83+pw7qQUeRmJPZZjE5MrhwBlwCm9t7GJWMgq+QKs8MASbAE6LPd L5+doIckHM0mxjHK20YzIyB3BN4IPKc= -----END CERTIFICATE-----Generated at Wed Feb 5 20:04:52 2025 by rpki-client