$ rpki-client -vvf rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft File: 2DkrDZFbmsH00jv5hBlxQG-2GsY.mft (raw, json) Hash identifier: G4w/ZB4fmORzUtpJ1dB9AIaw75H83mjEe0Ku3DpMkp0= Subject key identifier: 7E:AE:18:2F:DC:42:65:E8:F0:46:44:D2:71:9D:45:C2:14:4A:E4:95 Authority key identifier: D8:39:2B:0D:91:5B:9A:C1:F4:D2:3B:F9:84:19:71:40:6F:B6:1A:C6 Certificate issuer: /CN=A9196DE5/serialNumber=D8392B0D915B9AC1F4D23BF9841971406FB61AC6 Certificate serial: 0948 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft Manifest number: 093A Signing time: Fri 14 Feb 2025 21:13:54 +0000 Manifest this update: Fri 14 Feb 2025 21:13:53 +0000 Manifest next update: Fri 21 Feb 2025 21:13:53 +0000 Files and hashes: 1: 2DkrDZFbmsH00jv5hBlxQG-2GsY.crl (hash: k1E+0VXziSwqBJIwDhoI6ROr7+Dl7Kuv9EZn1zBbcbE=) 2: 9738F1BAD46611ECA1A27035C4F9AE02.roa (hash: WTrtE83EIPIFAQBP1Rd+6bCGyCXh3/D0h/wvCesMWrU=) 3: 6CEF4F06697C11EEBAF2E544C4F9AE02.roa (hash: Zf62lP/wVBucTVDv//7CsthHyoB46FPVyR5yKdn9a8M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.crl rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2376 (0x948) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9196DE5 Validity Not Before: Feb 14 21:13:53 2025 GMT Not After : Feb 21 21:13:53 2025 GMT Subject: CN=67afb211-d161 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b2:52:03:9e:5e:e1:ba:25:e2:cb:61:42:ea: 67:01:c3:31:a3:30:94:89:69:8e:6b:17:64:0f:76: e5:da:08:43:d5:17:25:d8:31:c7:37:3c:82:dd:2b: 0b:c5:ef:83:33:80:05:1a:d7:c5:a0:2c:a1:6b:6c: 68:ac:1a:15:4c:02:ac:4a:e8:db:2e:1a:95:92:a3: a9:da:92:1b:6e:99:f1:c7:1e:27:a2:b6:00:77:ff: 58:b9:13:6c:47:c5:e8:c7:69:86:37:72:fa:c1:56: 84:b5:19:69:9d:07:c7:a7:2f:34:1d:38:19:5b:3d: 24:2c:a5:23:f4:5c:90:76:61:3a:11:94:d4:70:e3: 7f:3d:b6:e9:d8:52:72:59:ac:9e:23:c0:9b:77:d0: e5:14:eb:f7:b5:d3:8f:8b:63:c4:bf:d2:88:eb:c0: 33:c6:fa:85:24:34:e0:cb:b3:35:9b:30:24:02:2b: 60:55:b2:a5:d9:fa:d0:a7:69:7a:3d:d1:c7:10:8e: 23:b4:14:65:80:7b:a9:5b:29:58:e5:1a:2b:af:67: 4d:e0:96:65:4d:b8:4a:9c:1d:bb:fc:47:4f:d6:f0: 21:32:fd:5c:fd:bf:9e:1b:3c:d7:fc:20:18:63:36: e1:37:3c:b6:25:95:4a:d4:93:be:cd:bb:ad:28:41: 46:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:AE:18:2F:DC:42:65:E8:F0:46:44:D2:71:9D:45:C2:14:4A:E4:95 X509v3 Authority Key Identifier: keyid:D8:39:2B:0D:91:5B:9A:C1:F4:D2:3B:F9:84:19:71:40:6F:B6:1A:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:d2:a4:3e:d7:44:d2:e7:b4:9a:4f:90:1d:0b:d5:0b:22:96: 5b:01:58:db:b4:bc:c1:8b:cb:e3:5a:35:8e:43:46:26:15:3a: 6f:a3:0f:d8:8d:94:e2:94:d3:8a:73:64:97:ed:4c:66:3c:1c: e0:7b:c8:8d:7d:39:8c:33:d2:16:1d:e8:8a:19:38:0f:5b:f4: 7e:ca:2d:b7:2f:ca:f5:86:f1:a4:ee:fa:e4:5a:3b:33:52:fd: dc:13:73:07:4c:14:4a:37:d9:af:bb:98:95:d6:cc:4d:b9:7a: 0b:bb:6a:5e:f6:05:93:84:00:4c:d1:36:af:5d:40:0c:40:4e: 7e:3c:e2:51:c1:14:ce:8a:85:9b:87:bf:ed:52:2b:97:08:e2: 9b:8c:0f:ef:1e:80:af:70:a4:34:fb:88:e4:1f:a6:76:53:9e: e1:e1:02:03:4f:a9:ff:04:70:42:fd:f3:8f:53:60:6f:da:16: 43:0f:83:1a:b0:06:f0:c6:0b:96:89:b2:c4:ad:bc:50:f7:a6: fd:f8:08:48:3d:b7:c4:35:5c:4a:d7:d1:55:30:1d:b0:23:24: 2b:98:15:7b:48:48:92:94:59:8d:29:98:fb:93:61:72:bf:a3: 68:5e:92:37:9d:27:bc:8e:e1:35:e0:d1:e0:13:70:0c:70:c1: a8:2c:c7:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTZERTUxMTAvBgNVBAUTKEQ4MzkyQjBEOTE1QjlBQzFGNEQyM0JGOTg0MTk3MTQw NkZCNjFBQzYwHhcNMjUwMjE0MjExMzUzWhcNMjUwMjIxMjExMzUzWjAYMRYwFAYD VQQDEw02N2FmYjIxMS1kMTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqbJSA55e4bol4sthQupnAcMxozCUiWmOaxdkD3bl2ghD1Rcl2DHHNzyC3SsL xe+DM4AFGtfFoCyha2xorBoVTAKsSujbLhqVkqOp2pIbbpnxxx4norYAd/9YuRNs R8Xox2mGN3L6wVaEtRlpnQfHpy80HTgZWz0kLKUj9FyQdmE6EZTUcON/Pbbp2FJy WayeI8Cbd9DlFOv3tdOPi2PEv9KI68AzxvqFJDTgy7M1mzAkAitgVbKl2frQp2l6 PdHHEI4jtBRlgHupWylY5Rorr2dN4JZlTbhKnB27/EdP1vAhMv1c/b+eGzzX/CAY YzbhNzy2JZVK1JO+zbutKEFGaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH6uGC/c QmXo8EZE0nGdRcIUSuSVMB8GA1UdIwQYMBaAFNg5Kw2RW5rB9NI7+YQZcUBvthrG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkRFNS83MkM1QTlDQzk0 MzAxMUVBQkQ3NUY5ODNDNEY5QUUwMi8yRGtyRFpGYm1zSDAwanY1aEJseFFHLTJH c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJEa3JEWkZibXNIMDBqdjVoQmx4UUctMkdzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NkRFNS83MkM1QTlDQzk0MzAxMUVBQkQ3NUY5ODNDNEY5QUUwMi8yRGtyRFpGYm1z SDAwanY1aEJseFFHLTJHc1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/0qQ+10TS57SaT5AdC9ULIpZbAVjbtLzBi8vjWjWOQ0YmFTpvow/Y jZTilNOKc2SX7UxmPBzge8iNfTmMM9IWHeiKGTgPW/R+yi23L8r1hvGk7vrkWjsz Uv3cE3MHTBRKN9mvu5iV1sxNuXoLu2pe9gWThABM0TavXUAMQE5+POJRwRTOioWb h7/tUiuXCOKbjA/vHoCvcKQ0+4jkH6Z2U57h4QIDT6n/BHBC/fOPU2Bv2hZDD4Ma sAbwxguWibLErbxQ96b9+AhIPbfENVxK19FVMB2wIyQrmBV7SEiSlFmNKZj7k2Fy v6NoXpI3nSe8juE14NHgE3AMcMGoLMeD -----END CERTIFICATE-----Generated at Sun Feb 16 20:44:30 2025 by rpki-client