$ rpki-client -vvf rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft File: RoxqeSq7PkX-7iIo0o54AxNytFU.mft (raw, json) Hash identifier: nLwt2fBOQvl8DD9IRntSPYllkrPw3DLE6oaxOSDv+rA= Subject key identifier: 34:17:38:35:8D:FF:C1:8E:31:2C:4A:1C:9B:BA:EC:C0:6B:AF:7D:3C Authority key identifier: 46:8C:6A:79:2A:BB:3E:45:FE:EE:22:28:D2:8E:78:03:13:72:B4:55 Certificate issuer: /CN=A912DD15/serialNumber=468C6A792ABB3E45FEEE2228D28E78031372B455 Certificate serial: 019C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft Manifest number: 0196 Signing time: Sun 11 May 2025 02:27:53 +0000 Manifest this update: Sun 11 May 2025 02:27:53 +0000 Manifest next update: Sun 18 May 2025 02:27:53 +0000 Files and hashes: 1: RoxqeSq7PkX-7iIo0o54AxNytFU.crl (hash: BoVBCo9uD74RdrQABFTTsGi6uxQYUZGNX58UZNC4IVM=) 2: 43CE5D5A236911EEAC33285DC4F9AE02.roa (hash: frHxqt/yG7rr6fCbelfcQdfPa8QFjBnwgHPUnZu57so=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.crl rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:27:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 412 (0x19c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DD15, serialNumber=468C6A792ABB3E45FEEE2228D28E78031372B455 Validity Not Before: May 11 02:27:53 2025 GMT Not After : May 18 02:27:53 2025 GMT Subject: CN=68200b29-70c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:38:3d:61:7d:03:2a:8b:e9:92:da:16:95:72: 7f:72:71:5d:94:e2:4a:bb:30:e0:d1:62:fb:2b:cf: f9:e5:f6:9d:ff:07:aa:50:60:4f:c8:28:2f:d3:c7: a7:c9:1a:b6:30:ed:5c:57:a9:56:78:79:78:76:d9: 3b:56:ca:59:eb:77:d1:92:e6:f0:af:35:32:2a:7f: 67:57:4c:23:dd:7f:9a:9a:ef:28:52:4e:a1:60:66: a1:c4:49:3f:29:fc:fd:b1:1b:d8:4a:20:90:f4:62: 0f:a8:58:78:2c:ae:4e:76:a7:a9:18:69:d0:64:12: e9:f3:92:5a:b9:bf:90:41:c5:93:e6:7e:70:98:f3: 5d:13:5b:d6:1d:7a:26:ce:4c:bf:c6:5e:1e:fd:b4: 30:9a:e3:95:98:54:2f:13:c6:54:27:cc:c9:48:6e: df:d8:03:40:ae:ba:02:05:6f:79:b4:e2:0d:f1:2e: 58:75:4b:1d:7e:03:d4:77:aa:b5:a5:68:e6:4b:04: 8e:62:3f:23:75:ec:ba:75:97:ee:dc:b4:4a:5a:2c: d0:44:18:d9:84:e8:45:f0:c0:34:10:ec:3d:6b:77: 27:8d:ef:db:e4:e5:31:ec:63:68:af:41:2a:c2:db: 59:84:21:f1:17:a0:7f:e4:17:8c:85:40:65:e0:2e: d7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:17:38:35:8D:FF:C1:8E:31:2C:4A:1C:9B:BA:EC:C0:6B:AF:7D:3C X509v3 Authority Key Identifier: keyid:46:8C:6A:79:2A:BB:3E:45:FE:EE:22:28:D2:8E:78:03:13:72:B4:55 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:b7:36:65:26:ec:10:9d:09:90:0b:20:15:d7:a5:a7:ef:8f: 5a:3c:a4:57:10:23:45:cb:16:9e:6e:00:5b:b2:d1:2a:c5:76: 61:a8:d6:91:5c:44:7a:9a:3c:93:43:8f:55:b7:e5:ee:11:10: c8:ad:90:a2:e2:2e:ad:02:f3:ef:5e:71:b0:cd:93:40:98:31: b1:90:85:52:2c:59:a2:08:9f:cd:2b:94:7d:a9:e9:95:22:db: 96:bd:95:ea:24:72:eb:1d:75:dc:04:d8:a6:e0:4d:61:13:ee: 01:3a:5e:3f:e2:54:35:13:f2:a0:68:b5:6c:57:0b:6b:f2:f0: ef:0f:4a:96:b1:87:e8:c5:5c:b7:80:d7:60:84:56:66:e0:2c: b5:14:2c:be:02:c9:f5:cf:fa:54:aa:1b:17:5d:fa:1e:38:09: ce:60:5e:56:31:dd:ef:6f:ed:70:c1:d3:11:24:04:f1:d5:de: 26:1d:f1:ee:2c:5b:6c:41:f4:cc:90:8a:ca:7d:70:cb:23:75: e3:a7:64:d3:40:24:1d:61:6a:52:48:2a:2e:4c:a2:5a:dc:d0: d0:e2:b0:c9:ed:5f:bd:94:90:0d:f9:fe:5f:c1:1a:4a:b0:11: f2:f8:f1:72:3a:3b:34:06:ff:28:03:20:77:a2:77:e6:d0:7f: b4:f1:5f:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkREMTUxMTAvBgNVBAUTKDQ2OEM2QTc5MkFCQjNFNDVGRUVFMjIyOEQyOEU3ODAz MTM3MkI0NTUwHhcNMjUwNTExMDIyNzUzWhcNMjUwNTE4MDIyNzUzWjAYMRYwFAYD VQQDEw02ODIwMGIyOS03MGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsjg9YX0DKovpktoWlXJ/cnFdlOJKuzDg0WL7K8/55fad/weqUGBPyCgv08en yRq2MO1cV6lWeHl4dtk7VspZ63fRkubwrzUyKn9nV0wj3X+amu8oUk6hYGahxEk/ Kfz9sRvYSiCQ9GIPqFh4LK5OdqepGGnQZBLp85Jaub+QQcWT5n5wmPNdE1vWHXom zky/xl4e/bQwmuOVmFQvE8ZUJ8zJSG7f2ANArroCBW95tOIN8S5YdUsdfgPUd6q1 pWjmSwSOYj8jdey6dZfu3LRKWizQRBjZhOhF8MA0EOw9a3cnje/b5OUx7GNor0Eq wttZhCHxF6B/5BeMhUBl4C7XzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDQXODWN /8GOMSxKHJu67MBrr308MB8GA1UdIwQYMBaAFEaMankquz5F/u4iKNKOeAMTcrRV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREQxNS9CREFEQTg2MEND NTIxMUVEQTgyOTFEMTBDNEY5QUUwMi9Sb3hxZVNxN1BrWC03aUlvMG81NEF4Tnl0 RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JveHFlU3E3UGtYLTdpSW8wbzU0QXhOeXRGVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy REQxNS9CREFEQTg2MENDNTIxMUVEQTgyOTFEMTBDNEY5QUUwMi9Sb3hxZVNxN1Br WC03aUlvMG81NEF4Tnl0RlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACtzZlJuwQnQmQCyAV16Wn749aPKRXECNFyxaebgBbstEqxXZhqNaR XER6mjyTQ49Vt+XuERDIrZCi4i6tAvPvXnGwzZNAmDGxkIVSLFmiCJ/NK5R9qemV ItuWvZXqJHLrHXXcBNim4E1hE+4BOl4/4lQ1E/KgaLVsVwtr8vDvD0qWsYfoxVy3 gNdghFZm4Cy1FCy+Asn1z/pUqhsXXfoeOAnOYF5WMd3vb+1wwdMRJATx1d4mHfHu LFtsQfTMkIrKfXDLI3Xjp2TTQCQdYWpSSCouTKJa3NDQ4rDJ7V+9lJAN+f5fwRpK sBHy+PFyOjs0Bv8oAyB3onfm0H+08V/G -----END CERTIFICATE-----Generated at Sun May 11 18:49:43 2025 by rpki-client