$ rpki-client -vvf rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft File: tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft (raw, json) Hash identifier: HxqBZnsULjW3uWEqErVCNwBwMUDLK/wHlXm9/HljMGY= Subject key identifier: E2:90:13:89:E5:59:15:6E:BF:03:AE:E1:2C:21:A9:ED:CC:01:94:6A Authority key identifier: B4:86:5E:3B:E9:C5:69:D2:B9:3F:2C:35:1C:AB:24:D1:50:6A:AC:0D Certificate issuer: /CN=A9197CBD/serialNumber=B4865E3BE9C569D2B93F2C351CAB24D1506AAC0D Certificate serial: D2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft Manifest number: CF Signing time: Sat 15 Feb 2025 06:46:50 +0000 Manifest this update: Sat 15 Feb 2025 06:46:49 +0000 Manifest next update: Sat 22 Feb 2025 06:46:49 +0000 Files and hashes: 1: tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl (hash: xqXQsfS6Dcv7a9aWpbbksDbTs1zGn4Muazf7IKO/vD8=) 2: 4074E5EA7B1D11EFB5696E45C4F9AE02.roa (hash: F2NpThp6u1EHvtpSfuQSKh4rQckl95uV13TeHsZUUho=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 210 (0xd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197CBD Validity Not Before: Feb 15 06:46:49 2025 GMT Not After : Feb 22 06:46:49 2025 GMT Subject: CN=67b03859-2d2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:10:6c:40:95:2d:17:0b:83:57:1e:c9:93:68: 53:6e:4d:60:cc:73:88:c6:a0:68:39:0d:ec:9c:76: 2b:23:38:63:2c:74:19:bf:92:b9:e1:f5:86:0b:70: 6e:63:ca:fb:61:37:f8:8b:d1:ea:3f:55:4f:ce:72: 00:fc:5d:ac:35:4e:39:72:c7:e5:7c:58:32:28:aa: 74:65:06:22:99:17:c1:dd:9d:a2:7f:86:6e:28:ce: 28:29:bd:f2:b5:01:10:e4:07:a1:89:38:9d:0f:ce: dc:1b:a1:94:f2:54:eb:fd:54:db:f9:8f:69:11:ef: bf:1b:cf:e2:07:ac:c9:4f:5d:eb:66:50:73:ca:ef: d0:c2:34:03:35:1c:1c:97:f1:13:b1:22:96:d7:ec: 84:9d:b9:82:3e:c5:b6:47:96:f9:6c:01:a6:6c:52: 2d:1a:a8:f9:6b:c0:18:d7:a4:cc:e1:b6:6f:7a:80: a7:b4:dc:6b:f2:f5:f0:7f:3a:8c:b8:67:ae:50:a0: a6:59:c6:76:16:b4:1b:96:8f:4b:ca:6f:42:79:7a: dd:9a:91:5e:37:7a:cf:61:bb:54:7f:e2:89:0f:0b: e9:5b:61:c6:b8:0b:3f:5e:ca:86:27:fc:c1:dc:d2: 5e:ac:7a:11:9d:0a:6f:65:da:e2:0e:b3:c7:0f:70: 60:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:90:13:89:E5:59:15:6E:BF:03:AE:E1:2C:21:A9:ED:CC:01:94:6A X509v3 Authority Key Identifier: keyid:B4:86:5E:3B:E9:C5:69:D2:B9:3F:2C:35:1C:AB:24:D1:50:6A:AC:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:3b:a4:94:80:b9:71:b0:2f:3e:47:61:4d:58:29:57:97:c4: 60:05:cd:fe:3e:40:2e:90:a3:e3:1c:ef:3b:3f:8c:74:7c:36: 23:ce:9f:3e:fa:97:0a:c3:72:77:ab:bc:0c:0b:c4:cf:99:87: f0:db:d4:e1:e5:40:99:4b:9d:03:a1:78:70:e0:95:91:c6:6b: 57:47:c1:3b:a6:75:93:ed:aa:1c:a8:f9:6b:d6:c8:da:19:1d: 38:1c:33:90:08:98:1d:21:7a:81:2b:93:9e:04:72:f7:00:84: 4e:13:e1:01:ce:67:6b:7c:48:be:84:9d:e4:aa:9e:14:03:cd: 30:4b:bf:af:da:5c:b2:90:d6:73:cd:9c:b7:54:7b:a6:67:63: 86:de:14:e3:6b:e5:ba:c3:fe:1a:91:8b:25:96:2e:d1:b7:dc: ff:2c:ea:11:04:44:38:b6:f1:83:62:90:88:64:c7:2d:8c:63: b0:75:43:93:e9:f4:21:73:37:90:fe:23:54:79:c0:74:8f:4c: a3:7c:58:53:d4:c6:38:56:1c:8e:e0:ac:85:3c:bc:94:2a:57: 09:ab:67:aa:2e:66:9e:4f:9f:93:47:7e:d7:4b:18:09:9c:5a: 33:de:0c:86:82:a4:94:1b:97:0f:15:27:24:48:29:4f:2c:f5: 40:14:11:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdDQkQxMTAvBgNVBAUTKEI0ODY1RTNCRTlDNTY5RDJCOTNGMkMzNTFDQUIyNEQx NTA2QUFDMEQwHhcNMjUwMjE1MDY0NjQ5WhcNMjUwMjIyMDY0NjQ5WjAYMRYwFAYD VQQDEw02N2IwMzg1OS0yZDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuhBsQJUtFwuDVx7Jk2hTbk1gzHOIxqBoOQ3snHYrIzhjLHQZv5K54fWGC3Bu Y8r7YTf4i9HqP1VPznIA/F2sNU45csflfFgyKKp0ZQYimRfB3Z2if4ZuKM4oKb3y tQEQ5AehiTidD87cG6GU8lTr/VTb+Y9pEe+/G8/iB6zJT13rZlBzyu/QwjQDNRwc l/ETsSKW1+yEnbmCPsW2R5b5bAGmbFItGqj5a8AY16TM4bZveoCntNxr8vXwfzqM uGeuUKCmWcZ2FrQblo9Lym9CeXrdmpFeN3rPYbtUf+KJDwvpW2HGuAs/XsqGJ/zB 3NJerHoRnQpvZdriDrPHD3BgzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOKQE4nl WRVuvwOu4Swhqe3MAZRqMB8GA1UdIwQYMBaAFLSGXjvpxWnSuT8sNRyrJNFQaqwN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0NCRC8zNTcwREYyRUIx MTQxMUVFOTVFNzQzNjVDNEY5QUUwMi90SVplTy1uRmFkSzVQeXcxSEtzazBWQnFy QTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3RJWmVPLW5GYWRLNVB5dzFIS3NrMFZCcXJBMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0NCRC8zNTcwREYyRUIxMTQxMUVFOTVFNzQzNjVDNEY5QUUwMi90SVplTy1uRmFk SzVQeXcxSEtzazBWQnFyQTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8O6SUgLlxsC8+R2FNWClXl8RgBc3+PkAukKPjHO87P4x0fDYjzp8+ +pcKw3J3q7wMC8TPmYfw29Th5UCZS50DoXhw4JWRxmtXR8E7pnWT7aocqPlr1sja GR04HDOQCJgdIXqBK5OeBHL3AIROE+EBzmdrfEi+hJ3kqp4UA80wS7+v2lyykNZz zZy3VHumZ2OG3hTja+W6w/4akYslli7Rt9z/LOoRBEQ4tvGDYpCIZMctjGOwdUOT 6fQhczeQ/iNUecB0j0yjfFhT1MY4VhyO4KyFPLyUKlcJq2eqLmaeT5+TR37XSxgJ nFoz3gyGgqSUG5cPFSckSClPLPVAFBF5 -----END CERTIFICATE-----Generated at Sun Feb 16 15:33:36 2025 by rpki-client