$ rpki-client -vvf rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft File: 2DkrDZFbmsH00jv5hBlxQG-2GsY.mft (raw, json) Hash identifier: g4+Ic0L3xRM+67x24iwqZuwW2JiBHMoRTurlmNfJErI= Subject key identifier: 11:43:34:02:A1:29:B5:28:5E:B2:DD:F6:68:88:34:94:BA:67:68:FA Authority key identifier: D8:39:2B:0D:91:5B:9A:C1:F4:D2:3B:F9:84:19:71:40:6F:B6:1A:C6 Certificate issuer: /CN=A9196DE5/serialNumber=D8392B0D915B9AC1F4D23BF9841971406FB61AC6 Certificate serial: 0955 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft Manifest number: 0947 Signing time: Wed 12 Mar 2025 20:00:22 +0000 Manifest this update: Wed 12 Mar 2025 20:00:22 +0000 Manifest next update: Wed 19 Mar 2025 20:00:22 +0000 Files and hashes: 1: 2DkrDZFbmsH00jv5hBlxQG-2GsY.crl (hash: Qru9AiMrkYz6gUSm9NHG3/Z0681BgH1wcoFE81oHYdc=) 2: 9738F1BAD46611ECA1A27035C4F9AE02.roa (hash: WTrtE83EIPIFAQBP1Rd+6bCGyCXh3/D0h/wvCesMWrU=) 3: 6CEF4F06697C11EEBAF2E544C4F9AE02.roa (hash: Zf62lP/wVBucTVDv//7CsthHyoB46FPVyR5yKdn9a8M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.crl rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 20:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2389 (0x955) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9196DE5 Validity Not Before: Mar 12 20:00:22 2025 GMT Not After : Mar 19 20:00:22 2025 GMT Subject: CN=67d1e7d6-67d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:15:27:85:26:f3:ea:4c:8b:38:0e:db:f5:af: bf:a7:34:d9:80:c7:ae:bf:43:af:ac:91:d7:e7:ec: cc:9b:f6:31:e5:27:d4:ad:73:fa:34:09:fe:24:e5: 49:a4:19:d7:cb:70:77:5f:9b:b9:c3:2a:38:31:ad: f7:1a:45:61:62:97:66:d4:f1:27:6b:cc:9c:9b:47: 95:3b:ce:c5:72:c9:32:10:fd:a0:19:65:eb:b5:2c: 15:d1:3a:0e:76:84:6d:84:ed:ad:33:0d:e2:28:3d: f1:58:b1:87:a1:b2:a2:2e:c9:30:64:b6:8c:d4:e3: 81:b2:eb:e1:27:91:75:9a:3a:28:f6:69:f2:ea:cc: 02:86:a2:ee:a0:c2:68:94:4e:44:8a:d8:da:a7:55: 2e:62:40:c4:a4:82:f1:92:c5:ae:da:c2:0d:a6:8f: 20:a2:f9:98:24:36:fd:cc:c3:ee:2f:d4:d2:3a:ec: 40:7e:35:9c:6b:36:d2:81:bb:01:47:fa:fa:89:09: 82:2d:4b:c7:15:63:ba:d9:40:51:3a:e2:01:db:1a: 51:9a:23:fa:9a:86:67:3c:90:45:2c:ce:6f:64:b5: 96:6e:e4:4b:9b:93:bf:fc:e1:60:cf:74:90:f1:5e: 55:ae:d9:76:53:af:47:05:57:05:41:f3:63:5e:af: 05:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:43:34:02:A1:29:B5:28:5E:B2:DD:F6:68:88:34:94:BA:67:68:FA X509v3 Authority Key Identifier: keyid:D8:39:2B:0D:91:5B:9A:C1:F4:D2:3B:F9:84:19:71:40:6F:B6:1A:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:d5:e7:6e:9f:96:1a:81:e7:f6:ba:a7:8f:57:28:02:1c:7f: 85:3f:c6:37:36:ce:5d:e1:c1:28:71:36:c7:aa:3d:a3:99:ee: 54:45:16:e5:c7:a6:14:d8:be:93:e3:cb:8f:55:37:c5:0f:51: 5f:30:94:98:c8:91:c3:24:ab:c3:75:6e:a6:41:98:53:d0:1f: 54:43:f8:5b:c5:62:af:69:d0:c5:cd:54:2e:11:12:66:fd:39: dc:dd:5b:ca:6e:25:2d:c8:25:32:30:b0:fa:54:a7:7d:25:9d: 7c:5b:1d:95:a0:48:53:bd:e5:82:f8:36:b2:ec:c6:0d:09:31: f3:cb:14:28:fe:13:a8:8e:7b:ca:d4:f8:78:3a:25:a0:d3:37: 97:a8:db:22:1a:a8:77:fa:d3:0d:76:98:43:83:65:90:62:74: 9f:3c:30:84:e1:57:d0:31:b5:7b:7e:bd:87:96:2e:41:55:86: 2e:0c:b3:be:c2:55:18:8b:00:ee:9b:6f:6c:de:22:f4:2d:e0: 19:57:41:c5:e1:b5:2a:4d:27:10:86:92:fd:6c:76:d3:45:82: 19:dc:b4:25:1d:9d:64:e8:70:a4:48:df:b8:78:2a:86:9e:8b: ba:8c:8d:d3:59:29:ab:bf:bf:eb:cc:36:b5:e8:df:14:c2:78: f5:c9:6a:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTZERTUxMTAvBgNVBAUTKEQ4MzkyQjBEOTE1QjlBQzFGNEQyM0JGOTg0MTk3MTQw NkZCNjFBQzYwHhcNMjUwMzEyMjAwMDIyWhcNMjUwMzE5MjAwMDIyWjAYMRYwFAYD VQQDEw02N2QxZTdkNi02N2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoBUnhSbz6kyLOA7b9a+/pzTZgMeuv0OvrJHX5+zMm/Yx5SfUrXP6NAn+JOVJ pBnXy3B3X5u5wyo4Ma33GkVhYpdm1PEna8ycm0eVO87FcskyEP2gGWXrtSwV0ToO doRthO2tMw3iKD3xWLGHobKiLskwZLaM1OOBsuvhJ5F1mjoo9mny6swChqLuoMJo lE5Eitjap1UuYkDEpILxksWu2sINpo8govmYJDb9zMPuL9TSOuxAfjWcazbSgbsB R/r6iQmCLUvHFWO62UBROuIB2xpRmiP6moZnPJBFLM5vZLWWbuRLm5O//OFgz3SQ 8V5Vrtl2U69HBVcFQfNjXq8F+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBFDNAKh KbUoXrLd9miINJS6Z2j6MB8GA1UdIwQYMBaAFNg5Kw2RW5rB9NI7+YQZcUBvthrG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkRFNS83MkM1QTlDQzk0 MzAxMUVBQkQ3NUY5ODNDNEY5QUUwMi8yRGtyRFpGYm1zSDAwanY1aEJseFFHLTJH c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJEa3JEWkZibXNIMDBqdjVoQmx4UUctMkdzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NkRFNS83MkM1QTlDQzk0MzAxMUVBQkQ3NUY5ODNDNEY5QUUwMi8yRGtyRFpGYm1z SDAwanY1aEJseFFHLTJHc1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCo1edun5Yagef2uqePVygCHH+FP8Y3Ns5d4cEocTbHqj2jme5URRbl x6YU2L6T48uPVTfFD1FfMJSYyJHDJKvDdW6mQZhT0B9UQ/hbxWKvadDFzVQuERJm /Tnc3VvKbiUtyCUyMLD6VKd9JZ18Wx2VoEhTveWC+Day7MYNCTHzyxQo/hOojnvK 1Ph4OiWg0zeXqNsiGqh3+tMNdphDg2WQYnSfPDCE4VfQMbV7fr2Hli5BVYYuDLO+ wlUYiwDum29s3iL0LeAZV0HF4bUqTScQhpL9bHbTRYIZ3LQlHZ1k6HCkSN+4eCqG nou6jI3TWSmrv7/rzDa16N8Uwnj1yWr4 -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:55 2025 by rpki-client