$ rpki-client -vvf rpki.apnic.net/member_repository/A9196F73/A29707F653A111EAAEEEBE0BC4F9AE02/iaMdROlPHMJ4ULusFsAsIKqznOU.mft File: iaMdROlPHMJ4ULusFsAsIKqznOU.mft (raw, json) Hash identifier: KECXKRkwHn0XAVu8Bs4HcgmihdJR2lFsOh33LNfg1Dc= Subject key identifier: 58:83:54:06:98:F7:6C:2A:1C:00:23:A2:DC:08:2E:E0:3F:D6:90:C2 Authority key identifier: 89:A3:1D:44:E9:4F:1C:C2:78:50:BB:AC:16:C0:2C:20:AA:B3:9C:E5 Certificate issuer: /CN=A9196F73/serialNumber=89A31D44E94F1CC27850BBAC16C02C20AAB39CE5 Certificate serial: 0AA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iaMdROlPHMJ4ULusFsAsIKqznOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9196F73/A29707F653A111EAAEEEBE0BC4F9AE02/iaMdROlPHMJ4ULusFsAsIKqznOU.mft Manifest number: 0A97 Signing time: Fri 04 Apr 2025 19:42:14 +0000 Manifest this update: Fri 04 Apr 2025 19:42:13 +0000 Manifest next update: Fri 11 Apr 2025 19:42:13 +0000 Files and hashes: 1: iaMdROlPHMJ4ULusFsAsIKqznOU.crl (hash: iDCqzP5mwkkOZxDjVncouNWC8iw9sh5HPkghaqqbjqU=) 2: 9AE4F7EC53A211EA8D26BD0CC4F9AE02.roa (hash: jqqBqCZOKu2qIALXNmkWZIy2E6GEnPXSik4fgBrMrDA=) 3: F392CF9E53A311EAB1641213C4F9AE02.roa (hash: lxeOojn+XYimi3V1BZ9O9tBljDRntCvGVjoxX3VG+x8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9196F73/A29707F653A111EAAEEEBE0BC4F9AE02/iaMdROlPHMJ4ULusFsAsIKqznOU.crl rsync://rpki.apnic.net/member_repository/A9196F73/A29707F653A111EAAEEEBE0BC4F9AE02/iaMdROlPHMJ4ULusFsAsIKqznOU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iaMdROlPHMJ4ULusFsAsIKqznOU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:42:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2727 (0xaa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9196F73 Validity Not Before: Apr 4 19:42:13 2025 GMT Not After : Apr 11 19:42:13 2025 GMT Subject: CN=67f03615-e4ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:de:4c:ce:b1:df:82:99:cf:b0:5c:7a:2f:35: ce:ef:0b:23:9c:19:8c:e9:69:48:c2:7a:b1:ec:7c: 85:1c:b5:ff:ab:a6:a9:67:5d:3c:e5:b3:b3:2c:66: cb:67:d4:c3:fc:77:c3:e2:69:e5:ff:31:23:ea:53: fe:ff:e8:67:be:98:34:7e:6d:dd:96:87:1e:c4:15: c3:d6:39:81:29:b5:01:0a:47:10:cc:dd:53:a6:be: 80:af:b7:fa:53:4d:07:5b:ac:a1:de:74:af:3d:3d: ab:23:67:98:b5:20:cb:ad:22:f9:88:30:a9:24:8c: 40:2f:26:b2:1b:6f:e5:9c:7f:dd:9b:b7:47:40:1c: 7d:17:da:44:9f:17:a8:fd:80:e3:16:21:6e:66:96: 43:c2:8e:c2:96:4e:c5:19:2a:8f:fd:8f:41:c0:2f: 4b:40:dc:cb:87:14:95:67:fd:f5:53:f4:65:23:72: 8c:b3:67:62:d8:30:c4:50:8b:20:55:42:27:50:2f: 24:0f:4c:f6:dc:8e:1d:f1:61:95:b6:52:65:06:9a: 6a:27:13:18:70:ae:b0:aa:c2:5b:b8:3e:33:55:44: c8:8f:e3:f4:58:89:01:f3:b1:e9:fe:74:4f:5c:00: 5d:f1:fa:e8:bf:95:bf:28:ee:68:52:b8:a2:22:4c: 87:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:83:54:06:98:F7:6C:2A:1C:00:23:A2:DC:08:2E:E0:3F:D6:90:C2 X509v3 Authority Key Identifier: keyid:89:A3:1D:44:E9:4F:1C:C2:78:50:BB:AC:16:C0:2C:20:AA:B3:9C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9196F73/A29707F653A111EAAEEEBE0BC4F9AE02/iaMdROlPHMJ4ULusFsAsIKqznOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iaMdROlPHMJ4ULusFsAsIKqznOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196F73/A29707F653A111EAAEEEBE0BC4F9AE02/iaMdROlPHMJ4ULusFsAsIKqznOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:50:60:31:63:32:7e:c1:75:9f:72:cc:7b:e4:bc:c5:89:71: 78:d4:cf:24:d5:9d:76:eb:80:c9:b3:1f:60:17:70:6c:b5:23: e4:88:a5:be:73:32:91:bf:ac:5f:74:0b:7e:6d:a9:69:e4:af: b4:20:52:f8:25:c4:53:cb:4c:e0:15:8b:91:7f:de:f4:e7:b8: 52:d8:2a:e7:56:ce:64:be:d6:8a:43:ef:61:75:52:4a:12:80: 73:f9:b9:16:6c:7e:dd:37:7a:5b:eb:76:bc:91:da:cf:4b:c2: 14:d9:b4:28:30:44:3e:8d:6c:a0:bf:f8:1f:88:83:83:74:6e: ab:dc:9c:cc:aa:a3:4f:9e:b3:f8:a2:be:29:fc:19:d5:8a:5e: bc:ad:83:56:c2:0a:da:30:0d:04:47:df:53:43:97:18:14:5b: f3:92:fe:31:70:09:82:ee:57:c8:a5:ce:2a:28:3b:d7:ca:4b: f7:9d:57:47:8d:d4:4f:2b:68:7e:b5:d9:4a:61:0d:51:58:07: c1:2f:2c:73:50:7d:41:ae:c2:c4:7e:5e:a4:27:e6:31:a5:91: e3:5c:fb:55:78:ea:ab:f6:52:5b:da:95:18:2c:4b:bb:3d:c0: aa:c1:46:a6:5a:7b:16:ea:1a:db:f9:de:86:30:2f:38:a6:a2: 77:d3:67:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTZGNzMxMTAvBgNVBAUTKDg5QTMxRDQ0RTk0RjFDQzI3ODUwQkJBQzE2QzAyQzIw QUFCMzlDRTUwHhcNMjUwNDA0MTk0MjEzWhcNMjUwNDExMTk0MjEzWjAYMRYwFAYD VQQDEw02N2YwMzYxNS1lNGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuN5MzrHfgpnPsFx6LzXO7wsjnBmM6WlIwnqx7HyFHLX/q6apZ1085bOzLGbL Z9TD/HfD4mnl/zEj6lP+/+hnvpg0fm3dlocexBXD1jmBKbUBCkcQzN1Tpr6Ar7f6 U00HW6yh3nSvPT2rI2eYtSDLrSL5iDCpJIxALyayG2/lnH/dm7dHQBx9F9pEnxeo /YDjFiFuZpZDwo7Clk7FGSqP/Y9BwC9LQNzLhxSVZ/31U/RlI3KMs2di2DDEUIsg VUInUC8kD0z23I4d8WGVtlJlBppqJxMYcK6wqsJbuD4zVUTIj+P0WIkB87Hp/nRP XABd8frov5W/KO5oUriiIkyHSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFiDVAaY 92wqHAAjotwILuA/1pDCMB8GA1UdIwQYMBaAFImjHUTpTxzCeFC7rBbALCCqs5zl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkY3My9BMjk3MDdGNjUz QTExMUVBQUVFRUJFMEJDNEY5QUUwMi9pYU1kUk9sUEhNSjRVTHVzRnNBc0lLcXpu T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lhTWRST2xQSE1KNFVMdXNGc0FzSUtxem5PVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NkY3My9BMjk3MDdGNjUzQTExMUVBQUVFRUJFMEJDNEY5QUUwMi9pYU1kUk9sUEhN SjRVTHVzRnNBc0lLcXpuT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6UGAxYzJ+wXWfcsx75LzFiXF41M8k1Z1264DJsx9gF3BstSPkiKW+ czKRv6xfdAt+balp5K+0IFL4JcRTy0zgFYuRf97057hS2CrnVs5kvtaKQ+9hdVJK EoBz+bkWbH7dN3pb63a8kdrPS8IU2bQoMEQ+jWygv/gfiIODdG6r3JzMqqNPnrP4 or4p/BnVil68rYNWwgraMA0ER99TQ5cYFFvzkv4xcAmC7lfIpc4qKDvXykv3nVdH jdRPK2h+tdlKYQ1RWAfBLyxzUH1BrsLEfl6kJ+YxpZHjXPtVeOqr9lJb2pUYLEu7 PcCqwUamWnsW6hrb+d6GMC84pqJ302fk -----END CERTIFICATE-----Generated at Sat Apr 5 08:11:49 2025 by rpki-client