$ rpki-client -vvf rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.mft File: kw3fQQEGkDvrmRnJm94BY4cGVa4.mft (raw, json) Hash identifier: HX7aKdHL+3NJupNK2Ue2BVskuNiKO6oDsViQyGwDfp0= Subject key identifier: 90:D9:7B:50:7E:AB:A7:50:88:A2:79:EC:07:5B:65:17:56:E0:C2:B3 Authority key identifier: 93:0D:DF:41:01:06:90:3B:EB:99:19:C9:9B:DE:01:63:87:06:55:AE Certificate issuer: /CN=A9198553/serialNumber=930DDF410106903BEB9919C99BDE0163870655AE Certificate serial: 14 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kw3fQQEGkDvrmRnJm94BY4cGVa4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.mft Manifest number: 11 Signing time: Wed 05 Feb 2025 06:31:11 +0000 Manifest this update: Wed 05 Feb 2025 06:31:11 +0000 Manifest next update: Wed 12 Feb 2025 06:31:11 +0000 Files and hashes: 1: kw3fQQEGkDvrmRnJm94BY4cGVa4.crl (hash: C9iaEXUm18yOOz3v/RfQtc/V4QhEP+HeNfH9/9LF3Ow=) 2: 5042D03ED2EF11EFBA610425C4F9AE02.roa (hash: Td45KF7s5KJjDmYTPbjMG6cwXZMtoTfhOtwsLcRRVB4=) 3: B56BC994E18A11EF94F99968C4F9AE02.roa (hash: gzNobaLbEvK3FJ3mC0CiPYdWO820L9Sv8IKQdUKftFE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.crl rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kw3fQQEGkDvrmRnJm94BY4cGVa4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:31:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198553 Validity Not Before: Feb 5 06:31:11 2025 GMT Not After : Feb 12 06:31:11 2025 GMT Subject: CN=67a305af-1daf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:2f:92:bc:2c:7f:c7:61:e6:39:50:8f:32:33: 30:c5:14:5a:c4:a6:38:eb:d1:bf:4e:9f:b6:eb:0c: 35:46:f7:f6:96:cd:f6:37:10:a0:8e:01:bd:ed:fd: 03:91:4d:7f:16:e0:76:f8:08:93:fb:d0:7a:52:f2: 7f:24:9a:04:fd:52:0d:77:4a:b4:0b:24:f1:98:df: c1:9b:96:79:66:de:55:45:12:8f:25:90:4e:c5:56: 0f:92:8c:56:2e:50:74:1b:01:7c:bf:b6:1b:52:4d: 48:66:69:88:3a:63:94:f0:53:bc:f2:a2:b2:5f:1c: 55:9d:2a:04:72:21:bf:10:4c:71:fc:20:99:0f:29: c4:a9:ec:d6:28:15:aa:05:c8:e5:97:75:de:7a:31: b1:91:49:2e:0d:ce:4f:31:86:d7:04:1c:09:93:57: 60:8e:79:57:6f:00:de:a7:5c:4d:60:73:06:c8:0a: 9b:de:93:5d:13:3b:ce:7e:a5:a8:ac:53:31:4c:24: ed:38:9f:ba:95:83:7e:ba:31:db:90:5c:65:5b:8b: dd:74:89:28:f7:f3:58:9f:af:3f:a8:6e:5c:65:c3: 41:80:73:ca:0c:d1:76:81:db:62:bc:c2:4a:b9:04: 00:0a:a5:c0:6f:d6:27:19:e6:37:54:92:bc:d9:53: fb:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:D9:7B:50:7E:AB:A7:50:88:A2:79:EC:07:5B:65:17:56:E0:C2:B3 X509v3 Authority Key Identifier: keyid:93:0D:DF:41:01:06:90:3B:EB:99:19:C9:9B:DE:01:63:87:06:55:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kw3fQQEGkDvrmRnJm94BY4cGVa4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:4f:e8:c3:c4:f4:5b:d0:1b:1c:50:be:c2:f0:23:71:28:15: fa:80:74:e3:ba:39:bf:1f:da:b5:3c:61:94:e3:2f:82:75:3c: 35:e7:a3:4d:87:07:f8:e1:86:b4:3d:e5:d6:98:3c:cf:f9:c7: 34:f8:0c:43:35:f7:81:49:a3:cc:5c:78:2a:94:34:62:55:66: ed:9e:7d:18:2d:e7:55:6d:62:7c:65:68:75:5b:fa:c8:33:78: 0c:db:6f:1a:c4:6b:fd:0f:3f:b0:48:1d:51:23:b1:b0:61:8e: 4b:37:0f:89:0f:86:93:95:7b:ca:2e:33:12:83:4c:6e:23:56: 55:c9:b7:76:79:9c:41:d2:52:f8:24:54:73:0f:e9:14:5d:3c: 5a:ec:61:fc:ff:5d:d1:f0:3f:b1:5e:87:bd:a7:34:aa:ca:e0: dc:5a:0b:e7:6f:31:0d:c9:39:0a:4a:8a:2d:3e:49:8f:cb:3c: 97:bc:28:3d:5a:f7:dd:93:d1:2f:01:8f:ff:9e:a0:da:f4:cd: 9e:25:21:02:2e:d2:86:1a:a1:18:a6:cf:1b:e7:97:8c:d5:fe: 9b:99:5c:1d:e6:14:f6:d2:f8:5d:f2:c3:af:59:3e:e2:e7:f5: 90:06:ef:29:4a:5c:b9:ba:45:5f:ba:19:9f:27:60:bc:09:5f: 7d:30:85:e6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 ODU1MzExMC8GA1UEBRMoOTMwRERGNDEwMTA2OTAzQkVCOTkxOUM5OUJERTAxNjM4 NzA2NTVBRTAeFw0yNTAyMDUwNjMxMTFaFw0yNTAyMTIwNjMxMTFaMBgxFjAUBgNV BAMTDTY3YTMwNWFmLTFkYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfL5K8LH/HYeY5UI8yMzDFFFrEpjjr0b9On7brDDVG9/aWzfY3EKCOAb3t/QOR TX8W4Hb4CJP70HpS8n8kmgT9Ug13SrQLJPGY38Gblnlm3lVFEo8lkE7FVg+SjFYu UHQbAXy/thtSTUhmaYg6Y5TwU7zyorJfHFWdKgRyIb8QTHH8IJkPKcSp7NYoFaoF yOWXdd56MbGRSS4Nzk8xhtcEHAmTV2COeVdvAN6nXE1gcwbICpvek10TO85+pais UzFMJO04n7qVg366MduQXGVbi910iSj381ifrz+oblxlw0GAc8oM0XaB22K8wkq5 BAAKpcBv1icZ5jdUkrzZU/uBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkNl7UH6r p1CIonnsB1tlF1bgwrMwHwYDVR0jBBgwFoAUkw3fQQEGkDvrmRnJm94BY4cGVa4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4NTUzL0E1OUJGRkU0RDJF RDExRUY4REVFNTEyMEM0RjlBRTAyL2t3M2ZRUUVHa0R2cm1SbkptOTRCWTRjR1Zh NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIva3czZlFRRUdrRHZybVJuSm05NEJZNGNHVmE0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4 NTUzL0E1OUJGRkU0RDJFRDExRUY4REVFNTEyMEM0RjlBRTAyL2t3M2ZRUUVHa0R2 cm1SbkptOTRCWTRjR1ZhNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFZP6MPE9FvQGxxQvsLwI3EoFfqAdOO6Ob8f2rU8YZTjL4J1PDXno02H B/jhhrQ95daYPM/5xzT4DEM194FJo8xceCqUNGJVZu2efRgt51VtYnxlaHVb+sgz eAzbbxrEa/0PP7BIHVEjsbBhjks3D4kPhpOVe8ouMxKDTG4jVlXJt3Z5nEHSUvgk VHMP6RRdPFrsYfz/XdHwP7Feh72nNKrK4NxaC+dvMQ3JOQpKii0+SY/LPJe8KD1a 992T0S8Bj/+eoNr0zZ4lIQIu0oYaoRimzxvnl4zV/puZXB3mFPbS+F3yw69ZPuLn 9ZAG7ylKXLm6RV+6GZ8nYLwJX30wheY= -----END CERTIFICATE-----Generated at Wed Feb 5 20:00:32 2025 by rpki-client