$ rpki-client -vvf rpki.apnic.net/member_repository/A919D180/774287F2D6C711EFA3E1D81CC4F9AE02/h9pEpM-DnDiBxrw4aDzNwwjKfOk.mft File: h9pEpM-DnDiBxrw4aDzNwwjKfOk.mft (raw, json) Hash identifier: yFI9LkopPlRZH8BlPv1tc4ob/PKS/YBRbZg4jit52Jo= Subject key identifier: 38:23:98:9D:C2:2F:3A:54:AD:9C:BE:79:C5:4F:76:2F:20:44:DF:4B Authority key identifier: 87:DA:44:A4:CF:83:9C:38:81:C6:BC:38:68:3C:CD:C3:08:CA:7C:E9 Certificate issuer: /CN=A919D180/serialNumber=87DA44A4CF839C3881C6BC38683CCDC308CA7CE9 Certificate serial: 30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9pEpM-DnDiBxrw4aDzNwwjKfOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919D180/774287F2D6C711EFA3E1D81CC4F9AE02/h9pEpM-DnDiBxrw4aDzNwwjKfOk.mft Manifest number: 28 Signing time: Tue 11 Mar 2025 07:02:45 +0000 Manifest this update: Tue 11 Mar 2025 07:02:45 +0000 Manifest next update: Tue 18 Mar 2025 07:02:45 +0000 Files and hashes: 1: h9pEpM-DnDiBxrw4aDzNwwjKfOk.crl (hash: Heg9sr0l+ZLJneWPsrqsb5xePLxC2es466qfUKVGPSA=) 2: C8D5160AE75E11EF97E59E40C4F9AE02.roa (hash: bKr4P1tj2W/ZQ8OT//pbumAfeisJIxJ7Wd8AUxErHkY=) 3: 8A991E5AD6DC11EF9E9B2B15C4F9AE02.roa (hash: QCzs9DtUBneLczNateHgF9QDoBD6O2A9yziLaXOtyBM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919D180/774287F2D6C711EFA3E1D81CC4F9AE02/h9pEpM-DnDiBxrw4aDzNwwjKfOk.crl rsync://rpki.apnic.net/member_repository/A919D180/774287F2D6C711EFA3E1D81CC4F9AE02/h9pEpM-DnDiBxrw4aDzNwwjKfOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9pEpM-DnDiBxrw4aDzNwwjKfOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Mar 2025 07:02:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48 (0x30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919D180 Validity Not Before: Mar 11 07:02:45 2025 GMT Not After : Mar 18 07:02:45 2025 GMT Subject: CN=67cfe015-49cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:80:b8:20:21:e0:19:ec:d9:a9:29:1b:12:21: b1:a1:ca:63:7a:54:64:a0:5f:d1:29:2d:9d:d6:de: 63:b0:d0:ac:46:e1:4d:63:be:f8:1e:8c:c1:b5:a3: c1:6b:e7:85:3a:88:17:a8:76:6d:27:de:65:19:b6: 60:5a:bb:d8:0a:ce:1f:f0:fd:67:a9:f5:55:ab:37: 30:49:a2:5e:45:95:57:f2:dd:ee:2f:fc:17:ff:29: 40:6b:92:f3:ee:dc:40:51:71:a5:fb:7e:8c:bb:1f: 49:e5:96:43:a1:95:66:af:c2:57:15:1c:4b:29:94: 73:af:89:44:4c:e3:6f:d6:e8:fc:a3:4f:68:51:d2: 03:34:2e:97:c2:04:26:a9:98:58:f6:b1:e9:3a:ad: 12:ee:0f:a9:1c:fb:a7:07:c5:d0:93:74:a0:fa:64: cc:6c:36:bd:98:60:19:e8:ef:99:ad:07:b5:d7:f7: e2:8e:06:17:4f:2c:10:d6:d8:ca:b5:b0:ac:fb:97: 04:75:e3:76:0e:56:36:24:95:4e:06:40:11:81:e6: 61:e0:1d:03:da:e5:05:6e:33:c5:db:67:9c:fc:75: c7:0d:53:ab:34:b4:90:5e:23:2c:30:f5:a9:e1:59: d6:1d:cc:17:d2:00:35:1b:ea:27:db:78:35:ab:20: e5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:23:98:9D:C2:2F:3A:54:AD:9C:BE:79:C5:4F:76:2F:20:44:DF:4B X509v3 Authority Key Identifier: keyid:87:DA:44:A4:CF:83:9C:38:81:C6:BC:38:68:3C:CD:C3:08:CA:7C:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919D180/774287F2D6C711EFA3E1D81CC4F9AE02/h9pEpM-DnDiBxrw4aDzNwwjKfOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9pEpM-DnDiBxrw4aDzNwwjKfOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D180/774287F2D6C711EFA3E1D81CC4F9AE02/h9pEpM-DnDiBxrw4aDzNwwjKfOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:19:92:30:1c:b7:dd:6f:1b:f1:b3:e7:b0:0e:a3:37:30:32: 68:fc:70:12:31:c1:7a:da:5f:dc:54:6d:18:a8:ed:8f:52:be: 57:cb:e2:72:d6:bb:26:32:9e:ec:b8:5f:f6:2b:3d:43:4c:26: 33:46:61:6f:a5:25:43:fb:77:5d:5d:57:a5:9f:62:da:04:03: ea:1a:08:47:66:be:22:db:12:8e:31:90:12:d4:fc:2e:7b:16: 5c:2c:69:05:5d:4f:99:cb:de:c7:b7:f4:6b:27:cb:2b:1c:35: c2:42:0a:ae:fe:e1:c6:76:40:2d:77:50:7f:1b:da:76:b1:fc: 46:90:9e:53:89:5a:18:70:cb:db:b8:b2:84:93:77:4f:9c:a6: f2:98:43:d1:cd:18:2c:74:d7:c6:7a:ae:ea:3c:8f:27:1c:68: 16:b2:45:0a:8b:b7:ea:bf:14:52:4c:db:86:a4:ef:e7:31:b9: f9:57:93:5c:15:e9:c3:a0:7c:f5:c9:86:83:03:8d:63:61:cf: 26:10:cb:69:ea:a0:bf:58:f5:16:d3:82:52:df:84:c1:fa:52: 48:fc:08:4b:5e:53:74:84:81:8f:9f:9b:03:70:e4:07:76:3b: 5b:a5:af:95:d7:fb:2b:97:66:5b:3f:70:f0:05:b0:01:61:31: 06:a3:a7:67 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 RDE4MDExMC8GA1UEBRMoODdEQTQ0QTRDRjgzOUMzODgxQzZCQzM4NjgzQ0NEQzMw OENBN0NFOTAeFw0yNTAzMTEwNzAyNDVaFw0yNTAzMTgwNzAyNDVaMBgxFjAUBgNV BAMTDTY3Y2ZlMDE1LTQ5Y2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMgLggIeAZ7NmpKRsSIbGhymN6VGSgX9EpLZ3W3mOw0KxG4U1jvvgejMG1o8Fr 54U6iBeodm0n3mUZtmBau9gKzh/w/Wep9VWrNzBJol5FlVfy3e4v/Bf/KUBrkvPu 3EBRcaX7foy7H0nllkOhlWavwlcVHEsplHOviURM42/W6PyjT2hR0gM0LpfCBCap mFj2sek6rRLuD6kc+6cHxdCTdKD6ZMxsNr2YYBno75mtB7XX9+KOBhdPLBDW2Mq1 sKz7lwR143YOVjYklU4GQBGB5mHgHQPa5QVuM8XbZ5z8dccNU6s0tJBeIyww9anh WdYdzBfSADUb6ifbeDWrIOV9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOCOYncIv OlStnL55xU92LyBE30swHwYDVR0jBBgwFoAUh9pEpM+DnDiBxrw4aDzNwwjKfOkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlEMTgwLzc3NDI4N0YyRDZD NzExRUZBM0UxRDgxQ0M0RjlBRTAyL2g5cEVwTS1EbkRpQnhydzRhRHpOd3dqS2ZP ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDlwRXBNLURuRGlCeHJ3NGFEek53d2pLZk9rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlE MTgwLzc3NDI4N0YyRDZDNzExRUZBM0UxRDgxQ0M0RjlBRTAyL2g5cEVwTS1EbkRp QnhydzRhRHpOd3dqS2ZPay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACkZkjAct91vG/Gz57AOozcwMmj8cBIxwXraX9xUbRio7Y9SvlfL4nLW uyYynuy4X/YrPUNMJjNGYW+lJUP7d11dV6WfYtoEA+oaCEdmviLbEo4xkBLU/C57 FlwsaQVdT5nL3se39GsnyyscNcJCCq7+4cZ2QC13UH8b2nax/EaQnlOJWhhwy9u4 soSTd0+cpvKYQ9HNGCx018Z6ruo8jyccaBayRQqLt+q/FFJM24ak7+cxuflXk1wV 6cOgfPXJhoMDjWNhzyYQy2nqoL9Y9RbTglLfhMH6Ukj8CEteU3SEgY+fmwNw5Ad2 O1ulr5XX+yuXZls/cPAFsAFhMQajp2c= -----END CERTIFICATE-----Generated at Wed Mar 12 07:13:00 2025 by rpki-client