$ rpki-client -vvf rpki.apnic.net/member_repository/A9110A69/E3ABD042214111EABDF67769C4F9AE02/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.mft File: G24yksg1ZU5JFJLlWEz5k_Bb2ZA.mft (raw, json) Hash identifier: Kdxcs0Xro9FSc/p3c1xJi9gIyGMDnVbAJw1uJmFK/II= Subject key identifier: 3D:D8:2C:47:4C:9B:21:5A:83:EC:C7:C2:41:DF:22:DF:A0:A9:21:EB Authority key identifier: 1B:6E:32:92:C8:35:65:4E:49:14:92:E5:58:4C:F9:93:F0:5B:D9:90 Certificate issuer: /CN=A9110A69/serialNumber=1B6E3292C835654E491492E5584CF993F05BD990 Certificate serial: 0BAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9110A69/E3ABD042214111EABDF67769C4F9AE02/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.mft Manifest number: 0BA8 Signing time: Mon 12 May 2025 18:48:46 +0000 Manifest this update: Mon 12 May 2025 18:48:46 +0000 Manifest next update: Mon 19 May 2025 18:48:46 +0000 Files and hashes: 1: G24yksg1ZU5JFJLlWEz5k_Bb2ZA.crl (hash: Dk+fR8Czwt45Bem5SkNQhpJrN6hqLBfzei/bYiPjf3I=) 2: 1407117C216311EA90D74C52C4F9AE02.roa (hash: 2C78FaeQx3m8f9CmVKBPjRPsChYY+d/Ump5Gj8ph3JM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9110A69/E3ABD042214111EABDF67769C4F9AE02/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.crl rsync://rpki.apnic.net/member_repository/A9110A69/E3ABD042214111EABDF67769C4F9AE02/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:48:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2990 (0xbae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9110A69, serialNumber=1B6E3292C835654E491492E5584CF993F05BD990 Validity Not Before: May 12 18:48:46 2025 GMT Not After : May 19 18:48:46 2025 GMT Subject: CN=6822428e-56c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:5e:f7:f4:45:d1:47:95:1f:51:ab:a0:6a:d1: 72:6f:81:e3:7f:c2:67:62:b9:64:06:bc:4c:70:e3: 0f:3d:eb:d8:3e:0c:6d:f2:78:ad:aa:1b:48:37:15: cd:bd:56:3b:49:87:cc:2f:40:11:cc:0c:9b:15:4f: 6f:ba:17:8a:5b:f0:94:b9:0a:dd:e0:6b:df:80:29: 3d:b8:31:07:32:29:c2:ef:58:78:f1:c4:df:03:5c: fa:bb:68:61:90:f6:ea:dc:7d:59:cd:0b:2f:84:27: dd:ec:41:77:3f:a6:a0:e5:c9:4c:15:3c:37:15:a0: 6c:e0:c8:70:58:24:c4:c9:39:30:ec:33:5a:e8:b9: a7:2b:74:a2:f6:4f:a5:22:ec:54:ac:c8:14:b7:a8: 97:4a:82:4a:a6:83:f3:c9:a0:99:80:ab:1e:78:45: 06:57:d2:f1:f8:ec:eb:8f:af:a3:67:6d:5c:d9:f5: c0:42:d9:2d:69:c0:bc:c6:2d:4a:86:b8:60:6e:c5: a3:1f:9a:a1:94:aa:e2:03:8e:2c:05:6b:5a:58:0f: 57:c4:a9:d5:c6:de:34:ff:c1:4f:cc:bb:2f:7c:3d: 99:e0:78:5f:71:0e:17:45:5b:63:e1:24:f7:e1:9e: 19:f9:5a:4d:f5:ed:eb:b5:6a:d5:77:a1:bc:95:7e: c5:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:D8:2C:47:4C:9B:21:5A:83:EC:C7:C2:41:DF:22:DF:A0:A9:21:EB X509v3 Authority Key Identifier: keyid:1B:6E:32:92:C8:35:65:4E:49:14:92:E5:58:4C:F9:93:F0:5B:D9:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9110A69/E3ABD042214111EABDF67769C4F9AE02/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110A69/E3ABD042214111EABDF67769C4F9AE02/G24yksg1ZU5JFJLlWEz5k_Bb2ZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:c8:8b:e0:4e:8b:83:de:fb:ce:63:54:44:39:5a:d1:8a:b4: 07:95:a6:2c:48:6d:2e:ee:e9:44:a5:a3:61:ea:35:8a:0c:e3: f6:d3:52:a4:84:93:80:da:f8:c3:23:45:3f:84:dc:03:a2:7c: 87:eb:ac:ad:30:bb:de:de:a5:86:4d:3b:92:ba:aa:d4:a3:3e: 11:72:a0:df:c3:03:f0:94:34:58:68:ed:3b:bb:ee:c3:87:89: bd:d5:e0:07:99:63:c5:3b:70:d8:08:3c:15:c7:2d:11:19:5c: 53:67:0a:d3:a1:50:7b:72:cd:3e:27:d8:96:0f:e8:6e:b1:c6: 3e:a6:f3:e9:19:4d:79:90:c2:4f:53:41:f6:81:8e:32:46:18: ea:69:54:23:e7:06:27:bd:7a:92:c7:9d:1d:1d:1a:de:d8:9f: f5:b6:e1:a5:2a:6f:40:e8:a5:8f:77:d4:9d:dd:f4:1b:2c:5d: 85:09:45:bf:b8:2f:a6:34:3c:26:cb:52:91:f7:51:eb:ae:e6: a3:94:b8:d1:55:34:47:12:81:76:75:df:fb:69:13:b6:6a:81: 01:b8:bd:24:dd:24:a6:d1:8e:a4:17:6f:94:2c:79:63:92:84: 1a:6d:6e:f2:75:d3:38:61:b3:c3:f8:d2:b6:e6:2c:bf:e5:41: c6:bb:1d:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTBBNjkxMTAvBgNVBAUTKDFCNkUzMjkyQzgzNTY1NEU0OTE0OTJFNTU4NENGOTkz RjA1QkQ5OTAwHhcNMjUwNTEyMTg0ODQ2WhcNMjUwNTE5MTg0ODQ2WjAYMRYwFAYD VQQDEw02ODIyNDI4ZS01NmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyF739EXRR5UfUaugatFyb4Hjf8JnYrlkBrxMcOMPPevYPgxt8nitqhtINxXN vVY7SYfML0ARzAybFU9vuheKW/CUuQrd4GvfgCk9uDEHMinC71h48cTfA1z6u2hh kPbq3H1ZzQsvhCfd7EF3P6ag5clMFTw3FaBs4MhwWCTEyTkw7DNa6LmnK3Si9k+l IuxUrMgUt6iXSoJKpoPzyaCZgKseeEUGV9Lx+Ozrj6+jZ21c2fXAQtktacC8xi1K hrhgbsWjH5qhlKriA44sBWtaWA9XxKnVxt40/8FPzLsvfD2Z4HhfcQ4XRVtj4ST3 4Z4Z+VpN9e3rtWrVd6G8lX7FpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD3YLEdM myFag+zHwkHfIt+gqSHrMB8GA1UdIwQYMBaAFBtuMpLINWVOSRSS5VhM+ZPwW9mQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEE2OS9FM0FCRDA0MjIx NDExMUVBQkRGNjc3NjlDNEY5QUUwMi9HMjR5a3NnMVpVNUpGSkxsV0V6NWtfQmIy WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0cyNHlrc2cxWlU1SkZKTGxXRXo1a19CYjJaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MEE2OS9FM0FCRDA0MjIxNDExMUVBQkRGNjc3NjlDNEY5QUUwMi9HMjR5a3NnMVpV NUpGSkxsV0V6NWtfQmIyWkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdyIvgTouD3vvOY1REOVrRirQHlaYsSG0u7ulEpaNh6jWKDOP201Kk hJOA2vjDI0U/hNwDonyH66ytMLve3qWGTTuSuqrUoz4RcqDfwwPwlDRYaO07u+7D h4m91eAHmWPFO3DYCDwVxy0RGVxTZwrToVB7cs0+J9iWD+huscY+pvPpGU15kMJP U0H2gY4yRhjqaVQj5wYnvXqSx50dHRre2J/1tuGlKm9A6KWPd9Sd3fQbLF2FCUW/ uC+mNDwmy1KR91HrruajlLjRVTRHEoF2dd/7aRO2aoEBuL0k3SSm0Y6kF2+ULHlj koQabW7yddM4YbPD+NK25iy/5UHGux2I -----END CERTIFICATE-----Generated at Wed May 14 10:33:50 2025 by rpki-client