$ rpki-client -vvf rpki.apnic.net/member_repository/A91982B6/E64B03B4CB5911EF86915B61C4F9AE02/7GeRaRd7nhMdDaoBOY1wA5gn0fY.mft File: 7GeRaRd7nhMdDaoBOY1wA5gn0fY.mft (raw, json) Hash identifier: DpRkLn/ZQPoxv60ovQgiu4ZUD65QcT5cQNjmCANliSI= Subject key identifier: F2:F6:FE:90:78:53:50:33:0B:04:64:8E:76:BA:BD:00:87:5B:24:63 Authority key identifier: EC:67:91:69:17:7B:9E:13:1D:0D:AA:01:39:8D:70:03:98:27:D1:F6 Certificate issuer: /CN=A91982B6/serialNumber=EC679169177B9E131D0DAA01398D70039827D1F6 Certificate serial: 13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7GeRaRd7nhMdDaoBOY1wA5gn0fY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91982B6/E64B03B4CB5911EF86915B61C4F9AE02/7GeRaRd7nhMdDaoBOY1wA5gn0fY.mft Manifest number: 12 Signing time: Wed 05 Feb 2025 06:25:51 +0000 Manifest this update: Wed 05 Feb 2025 06:25:50 +0000 Manifest next update: Wed 12 Feb 2025 06:25:50 +0000 Files and hashes: 1: 7GeRaRd7nhMdDaoBOY1wA5gn0fY.crl (hash: ulHFPDC61sJmYfheTPZIiZBaMYurrFZSJ3Etad0A+N8=) 2: 739C8BDECB5A11EFBEE64062C4F9AE02.roa (hash: WVqv1JuSt8hSNNolUiV5z8//m1vJSnq0q+Q8Ooe/S0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91982B6/E64B03B4CB5911EF86915B61C4F9AE02/7GeRaRd7nhMdDaoBOY1wA5gn0fY.crl rsync://rpki.apnic.net/member_repository/A91982B6/E64B03B4CB5911EF86915B61C4F9AE02/7GeRaRd7nhMdDaoBOY1wA5gn0fY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7GeRaRd7nhMdDaoBOY1wA5gn0fY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:25:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91982B6 Validity Not Before: Feb 5 06:25:50 2025 GMT Not After : Feb 12 06:25:50 2025 GMT Subject: CN=67a3046e-6b27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:1c:e7:49:f6:00:cd:3f:24:2f:47:7b:4c:f3: 6a:56:a6:36:53:c1:ad:31:a7:d5:92:0d:e7:9d:a9: 37:c0:f8:a8:12:5c:49:57:82:f2:3e:e2:68:3d:7c: 99:22:ba:9a:53:8b:5c:f4:f6:a3:c6:db:a3:73:e8: 57:85:ea:0b:fc:88:c5:92:44:ca:51:41:6d:13:7d: ac:0e:82:a2:ea:19:49:f6:9d:a5:1e:40:df:eb:1b: 59:a0:1b:73:c4:41:fa:3d:28:3d:0f:89:03:eb:07: 5a:c8:2b:0b:3d:be:cb:16:0e:1a:9d:32:46:7e:7a: 70:87:5c:00:28:c5:1b:95:c2:b2:d7:e5:c5:fc:b1: 0c:af:0d:9d:b3:2c:af:ca:a9:87:cf:06:7c:56:63: 04:e8:53:ee:d3:88:cb:4d:02:46:88:2a:62:4d:60: a2:98:f7:a8:19:9a:25:6a:44:e4:a5:cc:53:a8:2b: 80:2c:7a:97:54:9a:9a:ae:25:63:98:fe:8d:bd:3c: 0a:1b:68:1f:ec:7d:ff:5c:53:e0:3e:f5:ed:21:b0: 74:1b:fa:0e:2d:5e:e9:d0:41:a4:5f:55:83:21:ea: 5a:8a:0b:7e:7f:5a:ac:d4:79:48:36:06:84:d4:bb: cb:70:de:93:77:e7:90:46:24:8f:a6:d7:f1:e3:5b: b4:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:F6:FE:90:78:53:50:33:0B:04:64:8E:76:BA:BD:00:87:5B:24:63 X509v3 Authority Key Identifier: keyid:EC:67:91:69:17:7B:9E:13:1D:0D:AA:01:39:8D:70:03:98:27:D1:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91982B6/E64B03B4CB5911EF86915B61C4F9AE02/7GeRaRd7nhMdDaoBOY1wA5gn0fY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7GeRaRd7nhMdDaoBOY1wA5gn0fY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982B6/E64B03B4CB5911EF86915B61C4F9AE02/7GeRaRd7nhMdDaoBOY1wA5gn0fY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:9f:ef:32:b7:b7:c3:72:44:ae:13:6c:52:31:09:6c:f1:a4: 6f:ea:53:2c:5f:53:e1:ef:16:0a:f3:98:0b:e7:12:80:c8:7f: 72:f4:7c:3b:9e:75:e7:04:4a:1b:e2:f8:9d:45:05:3e:9f:90: 3f:78:c1:89:c6:43:0e:25:79:c0:c9:98:c2:08:aa:81:d0:af: 92:57:67:86:76:c7:ab:bb:4a:a9:49:38:87:85:5f:a4:c7:0f: 03:c9:de:42:4e:be:4e:48:7c:e2:eb:b6:fd:1d:bd:c2:bf:55: 4a:a1:b1:0c:4d:e1:7f:09:42:f4:60:59:00:72:5e:a9:50:51: 64:d1:2b:8a:64:c0:ae:0e:ee:e0:e9:33:9d:ab:be:aa:fe:29: 97:ca:59:1a:9c:53:0b:c6:53:a0:9b:21:37:d8:0f:03:ae:0d: 02:53:00:75:73:81:2c:de:e5:5c:d5:54:9b:aa:55:ef:01:14: 2d:7d:e4:74:50:0c:29:a7:7d:4d:a6:89:54:71:e0:76:77:b9: 8d:a0:20:1a:9c:36:ea:ca:0e:dc:16:b5:35:51:0e:9c:f4:c2: 6f:f9:65:58:b6:52:08:89:66:d5:1d:a8:dd:0a:b9:eb:4f:dc: eb:d3:16:27:54:a7:b1:a6:c9:65:32:47:e2:2c:7b:ad:3e:b1: 7e:44:e1:06 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 ODJCNjExMC8GA1UEBRMoRUM2NzkxNjkxNzdCOUUxMzFEMERBQTAxMzk4RDcwMDM5 ODI3RDFGNjAeFw0yNTAyMDUwNjI1NTBaFw0yNTAyMTIwNjI1NTBaMBgxFjAUBgNV BAMTDTY3YTMwNDZlLTZiMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDrHOdJ9gDNPyQvR3tM82pWpjZTwa0xp9WSDeedqTfA+KgSXElXgvI+4mg9fJki uppTi1z09qPG26Nz6FeF6gv8iMWSRMpRQW0TfawOgqLqGUn2naUeQN/rG1mgG3PE Qfo9KD0PiQPrB1rIKws9vssWDhqdMkZ+enCHXAAoxRuVwrLX5cX8sQyvDZ2zLK/K qYfPBnxWYwToU+7TiMtNAkaIKmJNYKKY96gZmiVqROSlzFOoK4AsepdUmpquJWOY /o29PAobaB/sff9cU+A+9e0hsHQb+g4tXunQQaRfVYMh6lqKC35/WqzUeUg2BoTU u8tw3pN355BGJI+m1/HjW7QJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8vb+kHhT UDMLBGSOdrq9AIdbJGMwHwYDVR0jBBgwFoAU7GeRaRd7nhMdDaoBOY1wA5gn0fYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4MkI2L0U2NEIwM0I0Q0I1 OTExRUY4NjkxNUI2MUM0RjlBRTAyLzdHZVJhUmQ3bmhNZERhb0JPWTF3QTVnbjBm WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvN0dlUmFSZDduaE1kRGFvQk9ZMXdBNWduMGZZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4 MkI2L0U2NEIwM0I0Q0I1OTExRUY4NjkxNUI2MUM0RjlBRTAyLzdHZVJhUmQ3bmhN ZERhb0JPWTF3QTVnbjBmWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKif7zK3t8NyRK4TbFIxCWzxpG/qUyxfU+HvFgrzmAvnEoDIf3L0fDue decEShvi+J1FBT6fkD94wYnGQw4lecDJmMIIqoHQr5JXZ4Z2x6u7SqlJOIeFX6TH DwPJ3kJOvk5IfOLrtv0dvcK/VUqhsQxN4X8JQvRgWQByXqlQUWTRK4pkwK4O7uDp M52rvqr+KZfKWRqcUwvGU6CbITfYDwOuDQJTAHVzgSze5VzVVJuqVe8BFC195HRQ DCmnfU2miVRx4HZ3uY2gIBqcNurKDtwWtTVRDpz0wm/5ZVi2UgiJZtUdqN0KuetP 3OvTFidUp7GmyWUyR+Ise60+sX5E4QY= -----END CERTIFICATE-----Generated at Thu Feb 6 03:45:51 2025 by rpki-client