$ rpki-client -vvf rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft File: tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft (raw, json) Hash identifier: tIUrjTEj/bTuLdGlQ2HDow52KSxZonxikreV5HaXyck= Subject key identifier: 65:8E:A5:8F:EB:F8:CC:1B:82:3E:4B:52:F6:11:5A:32:EE:3E:32:EC Authority key identifier: B4:86:5E:3B:E9:C5:69:D2:B9:3F:2C:35:1C:AB:24:D1:50:6A:AC:0D Certificate issuer: /CN=A9197CBD/serialNumber=B4865E3BE9C569D2B93F2C351CAB24D1506AAC0D Certificate serial: E2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft Manifest number: DE Signing time: Thu 13 Mar 2025 03:41:13 +0000 Manifest this update: Thu 13 Mar 2025 03:41:12 +0000 Manifest next update: Thu 20 Mar 2025 03:41:12 +0000 Files and hashes: 1: tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl (hash: vqnRXA2n0+C/yXeDQqkL2XF5f2LUnF/tjWkj8+xlFTQ=) 2: 4074E5EA7B1D11EFB5696E45C4F9AE02.roa (hash: 1SdPp/miyItNAEGeBSAKuJFOP+wIUKHiHtHU72zXu1w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 03:41:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 226 (0xe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197CBD Validity Not Before: Mar 13 03:41:12 2025 GMT Not After : Mar 20 03:41:12 2025 GMT Subject: CN=67d253d8-4212 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:47:d8:13:03:99:cf:f3:8b:80:17:89:25:82: 53:96:dc:3d:c9:a0:5c:2d:23:2d:ae:5e:c8:d7:92: 40:e5:38:11:3f:59:b7:a2:f6:c4:27:06:97:bf:3d: 94:a1:44:3a:7c:f3:77:9d:8e:73:9b:52:dc:50:3a: f3:a2:4a:c6:6b:75:96:76:b4:81:b9:cd:35:15:7c: 96:e2:50:5c:b0:67:12:c4:9d:45:69:31:71:39:58: 05:14:da:f9:52:a9:4b:31:ad:86:0b:76:38:33:72: 7d:bc:ee:a9:65:e9:39:75:c8:96:8f:48:fd:d4:52: c0:ac:50:38:99:86:68:e6:60:94:ab:d1:5f:06:fb: b9:15:08:ef:4d:8e:85:53:f3:a7:ed:87:ef:78:cd: fc:ac:5d:74:de:4b:0d:3c:98:c3:ce:cb:ae:4a:bb: 73:c0:7a:bf:18:67:49:4b:72:c2:5a:89:06:da:da: 11:f1:dc:de:20:53:ed:a8:e2:22:c1:03:b3:44:41: 94:bd:82:f2:82:9e:12:3a:a3:9b:61:5c:8f:65:10: ad:ab:67:82:66:34:fd:fd:e2:48:08:75:a6:5f:16: dd:9d:ea:87:61:cf:81:0d:2d:d9:f9:d7:fd:fd:e9: 67:e7:08:a4:2a:76:06:57:b0:1c:c5:d4:f5:9f:10: 10:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:8E:A5:8F:EB:F8:CC:1B:82:3E:4B:52:F6:11:5A:32:EE:3E:32:EC X509v3 Authority Key Identifier: keyid:B4:86:5E:3B:E9:C5:69:D2:B9:3F:2C:35:1C:AB:24:D1:50:6A:AC:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:6f:48:33:76:1e:7b:19:0e:9f:a1:bb:f8:25:48:aa:f4:76: aa:57:3a:d8:46:30:aa:91:5f:d4:62:51:1f:77:1b:e1:63:d9: 48:aa:47:5f:d3:0e:21:9a:04:d3:9e:07:3a:86:c3:98:74:6c: d2:be:50:bc:a0:83:11:df:b2:d2:cf:54:b5:8e:58:af:12:fb: f2:60:fd:8e:41:93:40:cb:ae:26:1c:4f:1c:1e:df:34:e3:fb: f9:54:13:61:50:93:31:eb:89:0f:34:b2:2f:b7:8f:1e:78:4c: 91:77:b2:3d:91:97:ed:10:39:e1:e2:e2:6a:b0:9d:7b:1d:e3: 82:44:bb:12:e4:db:a5:78:74:5c:69:a6:63:fb:8b:96:42:fa: 65:ed:2d:17:99:44:cb:7b:16:30:01:81:1a:1c:57:e8:b6:34: a1:41:b1:66:2b:b4:ad:15:da:ff:da:08:29:36:8d:59:d1:35: c5:bb:42:75:2e:a2:63:db:08:73:f1:60:cf:9a:40:d9:77:de: dc:60:93:44:68:3e:e4:42:87:35:3c:27:91:66:53:50:38:a5: bf:ac:33:62:19:3e:01:41:33:b0:64:01:15:73:82:9c:21:2e: 04:89:5c:67:af:4d:d4:4b:88:46:ea:8d:96:50:1f:3e:89:25: 49:92:77:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdDQkQxMTAvBgNVBAUTKEI0ODY1RTNCRTlDNTY5RDJCOTNGMkMzNTFDQUIyNEQx NTA2QUFDMEQwHhcNMjUwMzEzMDM0MTEyWhcNMjUwMzIwMDM0MTEyWjAYMRYwFAYD VQQDEw02N2QyNTNkOC00MjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu0fYEwOZz/OLgBeJJYJTltw9yaBcLSMtrl7I15JA5TgRP1m3ovbEJwaXvz2U oUQ6fPN3nY5zm1LcUDrzokrGa3WWdrSBuc01FXyW4lBcsGcSxJ1FaTFxOVgFFNr5 UqlLMa2GC3Y4M3J9vO6pZek5dciWj0j91FLArFA4mYZo5mCUq9FfBvu5FQjvTY6F U/On7YfveM38rF103ksNPJjDzsuuSrtzwHq/GGdJS3LCWokG2toR8dzeIFPtqOIi wQOzREGUvYLygp4SOqObYVyPZRCtq2eCZjT9/eJICHWmXxbdneqHYc+BDS3Z+df9 /eln5wikKnYGV7AcxdT1nxAQTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGWOpY/r +Mwbgj5LUvYRWjLuPjLsMB8GA1UdIwQYMBaAFLSGXjvpxWnSuT8sNRyrJNFQaqwN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0NCRC8zNTcwREYyRUIx MTQxMUVFOTVFNzQzNjVDNEY5QUUwMi90SVplTy1uRmFkSzVQeXcxSEtzazBWQnFy QTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3RJWmVPLW5GYWRLNVB5dzFIS3NrMFZCcXJBMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0NCRC8zNTcwREYyRUIxMTQxMUVFOTVFNzQzNjVDNEY5QUUwMi90SVplTy1uRmFk SzVQeXcxSEtzazBWQnFyQTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEb0gzdh57GQ6fobv4JUiq9HaqVzrYRjCqkV/UYlEfdxvhY9lIqkdf 0w4hmgTTngc6hsOYdGzSvlC8oIMR37LSz1S1jlivEvvyYP2OQZNAy64mHE8cHt80 4/v5VBNhUJMx64kPNLIvt48eeEyRd7I9kZftEDnh4uJqsJ17HeOCRLsS5NuleHRc aaZj+4uWQvpl7S0XmUTLexYwAYEaHFfotjShQbFmK7StFdr/2ggpNo1Z0TXFu0J1 LqJj2whz8WDPmkDZd97cYJNEaD7kQoc1PCeRZlNQOKW/rDNiGT4BQTOwZAEVc4Kc IS4EiVxnr03US4hG6o2WUB8+iSVJkndM -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:44 2025 by rpki-client