$ rpki-client -vvf rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft File: 2CIvXKRzliJE_BNBFXEOvtXjlWA.mft (raw, json) Hash identifier: qdSnTjanJbo9e/2aKz9QCd8/V/IWSRWv3aBfpL13WJc= Subject key identifier: A0:D7:A7:EB:88:B8:E9:4C:95:B8:5B:E0:F8:73:E9:83:98:35:1F:2B Authority key identifier: D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 Certificate issuer: /CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Certificate serial: 0C02 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft Manifest number: 0BFC Signing time: Mon 12 May 2025 17:53:54 +0000 Manifest this update: Mon 12 May 2025 17:53:53 +0000 Manifest next update: Mon 19 May 2025 17:53:53 +0000 Files and hashes: 1: 2CIvXKRzliJE_BNBFXEOvtXjlWA.crl (hash: 8MzG2FLOtLWy+6ryiWPMg0hO7pQg50dijXbojow2J80=) 2: A4049C06213E11EAAA89A95DC4F9AE02.roa (hash: fJj5V7B0tj2U/amxOYn7MfT1h8cR0RvRgHTxKdHbOM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:53:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3074 (0xc02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119624, serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Validity Not Before: May 12 17:53:53 2025 GMT Not After : May 19 17:53:53 2025 GMT Subject: CN=682235b2-1dd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7b:0f:b6:be:f8:4c:4d:2d:ec:0d:ab:7a:67: b3:a7:19:3f:49:ee:2d:03:c5:fa:44:ff:53:92:a5: a8:0f:b5:91:ce:ea:01:61:a0:f8:ac:fe:ef:66:53: f6:c6:df:82:dd:94:78:b8:b9:c9:d3:4c:43:6d:37: 0f:c4:7f:14:12:17:11:af:45:8c:fe:8c:65:3c:e9: d6:be:40:52:98:ed:37:89:b1:88:ac:d4:47:37:fc: 2f:68:a3:d8:e1:d0:fb:69:27:08:5e:05:81:95:4c: 3f:bb:9e:e2:a8:df:d1:66:01:9e:3f:9f:8a:18:54: 5c:80:d0:6f:0b:0f:8f:9b:da:de:1c:61:ab:9d:86: 6f:41:15:19:e3:91:a3:11:e3:10:14:87:76:27:55: b8:5b:c6:39:f5:60:3f:7d:33:d8:b2:5c:99:07:32: f1:b4:cf:b5:77:47:3d:aa:9d:34:ee:6d:8a:55:28: d6:5d:2e:a0:1b:3c:1b:2e:34:27:9b:b2:c1:97:ac: 45:1d:64:f7:b9:73:03:09:2b:c7:92:78:54:3b:63: c5:18:1c:84:40:ef:9f:b9:a4:ef:9f:33:a3:e1:d7: a3:f3:b7:ca:4e:5a:78:c9:0f:99:90:b8:c5:d8:0e: 5f:50:83:a0:94:ba:dc:28:b6:32:fa:45:06:d5:94: f9:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D7:A7:EB:88:B8:E9:4C:95:B8:5B:E0:F8:73:E9:83:98:35:1F:2B X509v3 Authority Key Identifier: keyid:D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:0c:a7:5b:35:81:4c:22:8f:45:99:bd:54:94:19:b3:c7:c4: 21:61:05:d4:41:b2:23:b8:04:73:ec:46:3a:3d:e8:47:73:c7: 2d:48:94:17:01:4d:53:85:44:b6:53:67:2c:52:1f:59:e3:b4: 4e:cb:e9:82:5d:85:84:6c:a3:40:bb:96:7d:5e:a8:5a:3c:d8: 24:51:5f:50:1f:a5:7c:e6:38:46:bc:a5:47:d8:3d:96:6f:7a: 52:49:29:18:e9:63:44:0d:30:10:ed:96:50:7f:9c:3e:f4:d6: e0:86:30:ce:50:6f:5b:d2:ca:eb:3c:82:7c:88:8b:e9:60:44: 33:33:e6:90:2b:b9:a4:ef:f2:e2:ad:f4:97:af:5a:33:f6:3b: 0d:b3:a5:cc:f3:2e:5f:ce:14:f9:09:04:4a:f0:64:33:94:6e: 8e:3d:47:6c:ff:4b:5c:18:b4:72:a1:2c:9a:55:56:f0:8b:ca: 18:eb:87:09:34:ec:50:ab:94:cb:90:bb:b8:ac:06:43:af:18: ae:dd:e2:1c:4e:21:43:ce:b7:d7:27:f9:50:c8:c1:4a:72:05: 6d:26:9a:b9:08:e1:5c:20:67:c6:2b:11:67:6c:cb:db:dc:df: e7:2f:80:e0:9d:21:ca:c6:45:34:d6:4d:8d:07:bb:a1:62:c7: d8:2a:e8:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2MjQxMTAvBgNVBAUTKEQ4MjIyRjVDQTQ3Mzk2MjI0NEZDMTM0MTE1NzEwRUJF RDVFMzk1NjAwHhcNMjUwNTEyMTc1MzUzWhcNMjUwNTE5MTc1MzUzWjAYMRYwFAYD VQQDEw02ODIyMzViMi0xZGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3XsPtr74TE0t7A2remezpxk/Se4tA8X6RP9TkqWoD7WRzuoBYaD4rP7vZlP2 xt+C3ZR4uLnJ00xDbTcPxH8UEhcRr0WM/oxlPOnWvkBSmO03ibGIrNRHN/wvaKPY 4dD7aScIXgWBlUw/u57iqN/RZgGeP5+KGFRcgNBvCw+Pm9reHGGrnYZvQRUZ45Gj EeMQFId2J1W4W8Y59WA/fTPYslyZBzLxtM+1d0c9qp007m2KVSjWXS6gGzwbLjQn m7LBl6xFHWT3uXMDCSvHknhUO2PFGByEQO+fuaTvnzOj4dej87fKTlp4yQ+ZkLjF 2A5fUIOglLrcKLYy+kUG1ZT5pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKDXp+uI uOlMlbhb4Phz6YOYNR8rMB8GA1UdIwQYMBaAFNgiL1ykc5YiRPwTQRVxDr7V45Vg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTYyNC9DNjk0ODIzNjEw RTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxpSkVfQk5CRlhFT3Z0WGps V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJDSXZYS1J6bGlKRV9CTkJGWEVPdnRYamxXQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTYyNC9DNjk0ODIzNjEwRTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxp SkVfQk5CRlhFT3Z0WGpsV0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRDKdbNYFMIo9Fmb1UlBmzx8QhYQXUQbIjuARz7EY6PehHc8ctSJQX AU1ThUS2U2csUh9Z47ROy+mCXYWEbKNAu5Z9XqhaPNgkUV9QH6V85jhGvKVH2D2W b3pSSSkY6WNEDTAQ7ZZQf5w+9NbghjDOUG9b0srrPIJ8iIvpYEQzM+aQK7mk7/Li rfSXr1oz9jsNs6XM8y5fzhT5CQRK8GQzlG6OPUds/0tcGLRyoSyaVVbwi8oY64cJ NOxQq5TLkLu4rAZDrxiu3eIcTiFDzrfXJ/lQyMFKcgVtJpq5COFcIGfGKxFnbMvb 3N/nL4DgnSHKxkU01k2NB7uhYsfYKugB -----END CERTIFICATE-----Generated at Wed May 14 12:46:24 2025 by rpki-client