$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft File: GxesPclsojRSUCPv02J-ks2IR0g.mft (raw, json) Hash identifier: zbYDUQV+Gnn2ISyd4db+xdATvSBG8rLsBShIL3g+yuM= Subject key identifier: D0:06:C7:F1:86:CE:B0:92:6D:78:6F:8F:58:18:5C:47:E1:65:6F:D6 Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Certificate serial: 1D37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft Manifest number: 1CF8 Signing time: Fri 30 May 2025 16:20:54 +0000 Manifest this update: Fri 30 May 2025 16:20:53 +0000 Manifest next update: Fri 06 Jun 2025 16:20:53 +0000 Files and hashes: 1: GxesPclsojRSUCPv02J-ks2IR0g.crl (hash: 64jypz6v9FvObd1XA1kT8yyZlhZxwjv+ihf8gkccE8Y=) 2: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (hash: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=) 3: C154DA14E85C11EBA2171A25C4F9AE02.roa (hash: ZoYRtsKN6J+JTMHnmtPtNWovLxxrXzjOLNI6FTTDrJk=) 4: 907B9B20E8AD11EBAA895D0AC4F9AE02.roa (hash: Yy12wxP/cM0LLNtHiB2aLkhSaVEMx94WCa7jMCYf9WM=) 5: 89654CDAB83B11EFAA80DD09C4F9AE02.roa (hash: wZqrfI6axJ6OhiwV+iuxvLbJgC05OEzm0nCXJ1L7s34=) 6: 4D609E86FF3B11EB910E8847C4F9AE02.roa (hash: IlNlaUUrIO5psWG9zVe/2cJLa9A72orRKr8ki0wRJ+c=) 7: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (hash: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=) 8: 4E2669F4FF3B11EB910E8847C4F9AE02.roa (hash: RxEjxFNvI0DOGeP3888S1tn030BuNHUdNfLt3di15l4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 16:20:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7479 (0x1d37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DBF2, serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Validity Not Before: May 30 16:20:53 2025 GMT Not After : Jun 6 16:20:53 2025 GMT Subject: CN=6839dae5-f196 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c2:ab:51:c6:c4:6a:4f:2e:30:7c:e6:1b:22: 35:a5:3b:06:a5:b2:ab:25:60:06:90:c7:bb:51:6d: 37:bf:37:70:6b:77:ea:4a:ca:a5:c8:c1:01:6b:f6: 16:c8:77:67:dc:df:af:76:ef:0f:cb:0b:25:90:40: 73:fb:fd:b1:cc:ba:b7:d6:49:77:14:98:b6:31:43: 69:b5:e3:17:a5:be:e7:55:52:b4:3b:16:03:16:a8: 70:9b:25:0c:54:63:b8:a8:36:81:b3:46:55:0c:cd: 7c:73:b6:69:32:a5:fe:02:78:65:26:ed:0c:82:35: ea:71:a0:bc:c7:fb:5e:cf:81:07:15:35:16:5c:dd: 06:9f:72:e8:df:eb:eb:40:d6:09:c6:41:c0:ab:36: 02:a6:23:5f:ef:86:22:74:62:fd:55:95:b3:b2:72: 95:9f:af:21:a3:99:64:e1:12:6f:17:cb:af:09:bd: 68:27:d3:3a:a0:96:21:8e:33:98:7a:3e:99:51:a7: 67:7e:84:b7:76:07:bb:39:b1:c4:44:8a:5f:98:b8: 59:8e:8a:11:f0:d7:e4:b2:ef:37:17:cd:a1:40:73: 40:eb:3c:53:b3:72:f4:85:7d:a3:bd:59:ae:8f:60: 3b:20:d9:d6:68:e3:44:b0:24:14:ab:49:e2:7b:fd: 1d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:06:C7:F1:86:CE:B0:92:6D:78:6F:8F:58:18:5C:47:E1:65:6F:D6 X509v3 Authority Key Identifier: keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:ee:71:02:f7:65:e4:0e:c2:05:90:83:2c:ba:12:4f:b9:c7: 92:9d:e2:56:24:51:c0:7c:88:2a:52:6e:a4:fd:52:20:a4:6e: 24:3a:fd:86:e0:86:b9:76:a9:b1:81:d8:82:f9:3b:76:75:f9: a2:50:d5:7b:85:92:6f:f6:fc:cf:56:0e:50:9e:d9:5f:82:4c: 9c:e8:ac:b1:c5:d3:98:a5:e6:e3:d2:d7:e6:e8:9f:13:9a:8e: 24:05:c5:9c:2a:3e:cb:3e:6a:ee:f8:15:4e:86:1e:03:84:87: 95:72:09:8b:57:d1:3d:43:37:f0:36:29:0a:f7:f1:da:1e:a5: 35:42:32:13:73:4a:c7:79:53:84:b7:99:f3:cc:9b:a0:fa:eb: 44:d1:6c:71:b6:16:f4:c8:e3:2c:55:05:2e:3f:da:54:6f:e9: 09:9b:60:65:50:6d:04:66:c3:18:d9:a7:a3:6e:cb:74:70:65: b9:3a:f8:fa:10:35:d5:3a:ed:09:ac:34:0f:a6:43:1c:eb:48: d9:06:75:c6:3d:89:8f:01:05:53:7e:92:76:34:09:3c:3b:c0: 42:c5:0b:85:87:66:d5:db:82:8a:f0:a2:bc:e1:4a:d5:35:a9: f3:58:35:66:b4:27:01:88:1e:29:22:67:e2:86:71:50:1b:c5: d9:41:1b:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky Q0Q4ODQ3NDgwHhcNMjUwNTMwMTYyMDUzWhcNMjUwNjA2MTYyMDUzWjAYMRYwFAYD VQQDEw02ODM5ZGFlNS1mMTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArcKrUcbEak8uMHzmGyI1pTsGpbKrJWAGkMe7UW03vzdwa3fqSsqlyMEBa/YW yHdn3N+vdu8PywslkEBz+/2xzLq31kl3FJi2MUNpteMXpb7nVVK0OxYDFqhwmyUM VGO4qDaBs0ZVDM18c7ZpMqX+AnhlJu0MgjXqcaC8x/tez4EHFTUWXN0Gn3Lo3+vr QNYJxkHAqzYCpiNf74YidGL9VZWzsnKVn68ho5lk4RJvF8uvCb1oJ9M6oJYhjjOY ej6ZUadnfoS3dge7ObHERIpfmLhZjooR8Nfksu83F82hQHNA6zxTs3L0hX2jvVmu j2A7INnWaONEsCQUq0nie/0dJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNAGx/GG zrCSbXhvj1gYXEfhZW/WMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REJGMi9FMzQ0NTAxNkMyRjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29q UlNVQ1B2MDJKLWtzMklSMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAG7nEC92XkDsIFkIMsuhJPuceSneJWJFHAfIgqUm6k/VIgpG4kOv2G 4Ia5dqmxgdiC+Tt2dfmiUNV7hZJv9vzPVg5Qntlfgkyc6KyxxdOYpebj0tfm6J8T mo4kBcWcKj7LPmru+BVOhh4DhIeVcgmLV9E9QzfwNikK9/HaHqU1QjITc0rHeVOE t5nzzJug+utE0Wxxthb0yOMsVQUuP9pUb+kJm2BlUG0EZsMY2aejbst0cGW5Ovj6 EDXVOu0JrDQPpkMc60jZBnXGPYmPAQVTfpJ2NAk8O8BCxQuFh2bV24KK8KK84UrV NanzWDVmtCcBiB4pImfihnFQG8XZQRvL -----END CERTIFICATE-----Generated at Sat May 31 16:33:10 2025 by rpki-client