$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft File: hA_W9-iR44BKfbMJ0EzoXBr3htE.mft (raw, json) Hash identifier: wwawHXh2IJzJWoBkQ00E0Acw7yhpp2kfAtDP6mdDvHY= Subject key identifier: 23:B2:80:CC:B7:FD:54:2D:08:26:3E:37:C5:6E:FD:FE:0A:E5:2D:5B Authority key identifier: 84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1 Certificate issuer: /CN=A912C8AF/serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1 Certificate serial: 52 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft Manifest number: 52 Signing time: Mon 12 May 2025 19:28:23 +0000 Manifest this update: Mon 12 May 2025 19:28:23 +0000 Manifest next update: Mon 19 May 2025 19:28:23 +0000 Files and hashes: 1: hA_W9-iR44BKfbMJ0EzoXBr3htE.crl (hash: 24oOJZpZ7lDvTuIAl6BadOgGGAYjBCd4eMIEmoF119E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:28:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 82 (0x52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8AF, serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1 Validity Not Before: May 12 19:28:23 2025 GMT Not After : May 19 19:28:23 2025 GMT Subject: CN=68224bd7-e044 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ff:b7:b3:df:26:f6:3e:cb:f0:35:1e:80:c1: 9c:30:b8:aa:ec:32:56:67:33:30:ae:07:0e:c5:4c: 3d:06:85:c1:64:24:db:29:6e:d1:ed:3c:7d:ca:30: 18:59:19:9e:ec:d5:67:58:c7:a6:37:1f:d4:59:8a: 73:6e:35:35:22:b5:56:20:ba:f1:65:46:08:f2:70: cc:95:38:4e:1b:bd:93:96:fd:98:71:35:e1:00:35: df:48:fa:9a:3f:67:ba:47:93:b9:c2:01:3c:77:b0: 07:cb:cd:fb:1d:d1:ce:7a:28:04:71:ae:90:14:fa: 97:51:8d:a7:31:73:1b:ab:71:1c:24:03:7c:48:45: ac:27:d5:be:a6:58:b1:ec:a3:88:a1:72:92:12:e9: 15:fb:3d:60:2b:80:49:76:90:42:9c:c6:95:04:c8: ef:18:cd:5c:15:39:06:da:df:55:d3:52:71:fd:ff: a2:c4:73:41:23:ee:e1:8c:3c:dc:b8:aa:08:6e:9c: 1e:da:48:da:37:80:8a:0a:b7:e6:4f:5e:c0:2d:06: 51:27:01:f4:c7:c6:f0:75:89:2f:fd:2a:61:61:04: 26:b8:f8:45:92:de:be:6c:91:c1:42:84:07:7c:69: 53:5d:1d:9b:ab:eb:58:e6:ef:4b:b3:9a:ac:55:72: 95:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:B2:80:CC:B7:FD:54:2D:08:26:3E:37:C5:6E:FD:FE:0A:E5:2D:5B X509v3 Authority Key Identifier: keyid:84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:b6:fc:eb:7c:7a:c3:3c:20:09:80:4d:0c:5d:a0:49:b0:53: e2:ee:da:67:fd:fb:01:9a:d2:30:98:62:14:2c:99:73:a1:d6: b2:06:27:65:6e:4a:55:a7:e4:59:80:b4:6b:d3:06:f9:5c:ca: 80:92:97:c5:46:b0:61:21:1f:3b:68:8d:2a:ab:46:63:38:be: 5b:db:30:8d:22:88:d5:ab:15:9f:88:f2:1e:bf:87:07:67:3f: 2f:7c:75:1c:c3:10:6d:81:29:c9:e3:1e:94:22:cf:35:8d:79: e5:6a:46:00:78:08:d1:6e:aa:42:46:ca:50:a6:90:e5:be:74: 5a:dd:fb:c2:3e:ab:9a:4e:2e:1f:f5:6e:79:a4:4c:56:fb:83: f1:3f:3e:c8:b7:b3:1d:b3:ac:9d:69:01:6d:37:a7:1f:a2:69: 1c:f7:f7:46:1b:12:19:19:2b:04:d6:65:98:b7:ac:34:24:e0: d2:de:0b:c0:ea:98:5d:47:d0:9c:2e:84:3b:c5:eb:8f:62:7a: 5d:46:0f:5c:73:99:d5:3a:53:94:18:f9:c7:6a:5f:dd:9a:4a: 90:8e:76:d4:c6:50:ec:08:66:bb:6c:99:09:bf:aa:ae:cb:18: 36:ff:06:d7:27:46:2d:c0:97:23:e2:77:d2:50:2b:2b:cf:7f: 85:58:86:6e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QzhBRjExMC8GA1UEBRMoODQwRkQ2RjdFODkxRTM4MDRBN0RCMzA5RDA0Q0U4NUMx QUY3ODZEMTAeFw0yNTA1MTIxOTI4MjNaFw0yNTA1MTkxOTI4MjNaMBgxFjAUBgNV BAMTDTY4MjI0YmQ3LWUwNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDN/7ez3yb2PsvwNR6AwZwwuKrsMlZnMzCuBw7FTD0GhcFkJNspbtHtPH3KMBhZ GZ7s1WdYx6Y3H9RZinNuNTUitVYguvFlRgjycMyVOE4bvZOW/ZhxNeEANd9I+po/ Z7pHk7nCATx3sAfLzfsd0c56KARxrpAU+pdRjacxcxurcRwkA3xIRawn1b6mWLHs o4ihcpIS6RX7PWArgEl2kEKcxpUEyO8YzVwVOQba31XTUnH9/6LEc0Ej7uGMPNy4 qghunB7aSNo3gIoKt+ZPXsAtBlEnAfTHxvB1iS/9KmFhBCa4+EWS3r5skcFChAd8 aVNdHZur61jm70uzmqxVcpXbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUI7KAzLf9 VC0IJj43xW79/grlLVswHwYDVR0jBBgwFoAUhA/W9+iR44BKfbMJ0EzoXBr3htEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDOEFGLzE5N0ZGN0EyQjQw OTExRUY5NEU2NzQ1REM0RjlBRTAyL2hBX1c5LWlSNDRCS2ZiTUowRXpvWEJyM2h0 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaEFfVzktaVI0NEJLZmJNSjBFem9YQnIzaHRFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJD OEFGLzE5N0ZGN0EyQjQwOTExRUY5NEU2NzQ1REM0RjlBRTAyL2hBX1c5LWlSNDRC S2ZiTUowRXpvWEJyM2h0RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHS2/Ot8esM8IAmATQxdoEmwU+Lu2mf9+wGa0jCYYhQsmXOh1rIGJ2Vu SlWn5FmAtGvTBvlcyoCSl8VGsGEhHztojSqrRmM4vlvbMI0iiNWrFZ+I8h6/hwdn Py98dRzDEG2BKcnjHpQizzWNeeVqRgB4CNFuqkJGylCmkOW+dFrd+8I+q5pOLh/1 bnmkTFb7g/E/Psi3sx2zrJ1pAW03px+iaRz390YbEhkZKwTWZZi3rDQk4NLeC8Dq mF1H0JwuhDvF649iel1GD1xzmdU6U5QY+cdqX92aSpCOdtTGUOwIZrtsmQm/qq7L GDb/BtcnRi3AlyPid9JQKyvPf4VYhm4= -----END CERTIFICATE-----Generated at Wed May 14 01:29:35 2025 by rpki-client