$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: 3dDxPebtxZCxka6J9/mBA9yZ/XjcgZ9wYOPPnRJGBys= Subject key identifier: 08:74:A9:EF:AC:DA:01:B4:A7:88:E9:64:4B:2F:1B:6D:F5:AD:98:35 Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 01CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 01CA Signing time: Tue 13 May 2025 02:10:33 +0000 Manifest this update: Tue 13 May 2025 02:10:32 +0000 Manifest next update: Tue 20 May 2025 02:10:32 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: nkctRC0er7aIzWjynC/qUMJSE3sn0EI+KIbzzahgdh4=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: C5+qR+xwM5riTT+23t/1tPZQq66L4etzO1hAZvNu09M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:10:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB, serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: May 13 02:10:32 2025 GMT Not After : May 20 02:10:32 2025 GMT Subject: CN=6822aa18-65d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:23:39:2c:81:99:7c:f2:ef:9b:c9:4f:25:5f: 33:39:25:42:7c:d5:b1:da:33:0b:af:97:f8:49:7d: a8:d5:5d:23:43:fb:b9:7e:b2:b0:b8:a5:16:2f:b1: e5:a9:e2:5e:bc:ac:c9:1f:59:ea:28:99:c2:70:e5: a3:45:b5:1b:18:c3:08:4b:29:1d:dc:c1:14:90:20: 32:83:0c:5c:72:50:98:25:30:9f:b8:13:f5:18:6f: c2:10:18:64:b4:f5:e7:4d:25:31:13:ef:74:12:fd: 13:9e:5c:66:8a:29:68:54:82:d5:be:df:8f:68:a2: 13:85:c2:29:f6:cb:fb:35:0b:c1:be:7d:5c:40:86: 81:bb:a8:1b:0d:dd:5d:5d:99:b9:db:bb:87:42:4a: 1c:52:60:da:f6:8c:a2:47:88:11:9d:88:6d:6f:83: 28:f8:58:4d:71:1f:17:11:2f:af:e1:82:81:ac:66: 9b:de:5d:e0:eb:89:fd:67:93:09:91:ee:16:1d:84: b7:f7:66:99:e4:2c:aa:70:46:89:e8:24:00:d3:e0: 88:ec:7c:df:32:2e:df:ce:56:aa:31:0e:79:d6:b0: e2:24:1b:ae:03:a8:56:b0:e2:2a:17:77:7a:8b:df: 64:d6:b3:f2:00:73:1d:11:05:6f:4e:7a:13:c1:e0: 94:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:74:A9:EF:AC:DA:01:B4:A7:88:E9:64:4B:2F:1B:6D:F5:AD:98:35 X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:e6:e6:86:8a:02:05:cf:0d:8f:a9:b0:31:6f:28:81:b8:ae: ef:db:e6:33:31:01:f9:b8:86:5b:c8:bd:79:6a:27:4b:2d:75: 0f:fa:39:60:c0:5b:47:7d:d6:5f:40:89:f0:a8:49:ef:bc:94: e1:11:91:0f:1f:eb:09:86:4b:fd:1c:62:1e:90:1f:3d:95:0b: ce:8c:8d:28:08:00:0a:dd:ad:81:e2:72:20:21:10:94:0b:39: b0:4f:a1:ac:0d:0a:f9:26:16:ac:53:6a:a1:72:e3:03:69:cb: 21:d2:ee:5b:85:2a:3f:ee:35:3b:59:66:04:15:33:14:c5:02: 68:4c:aa:eb:80:47:76:0f:d2:e8:af:18:8b:95:f6:a8:3e:36: 4a:b8:99:00:eb:52:b0:0e:04:43:c5:45:fb:9b:26:38:70:aa: 21:0b:d9:f0:3e:52:87:80:64:91:e1:d0:c8:34:02:56:22:70: a5:28:e3:73:71:94:88:e7:ae:a2:8c:9e:ea:91:87:2f:93:a3: 3c:6a:bf:ea:5a:35:69:6c:71:23:e8:7a:99:81:54:92:14:56: e7:06:3b:a8:f9:2c:a8:98:14:d0:66:07:b9:af:78:df:fa:21: ea:ec:fc:6d:96:63:09:b7:93:75:e4:08:a2:bd:98:2c:a7:5e: 25:79:40:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjUwNTEzMDIxMDMyWhcNMjUwNTIwMDIxMDMyWjAYMRYwFAYD VQQDEw02ODIyYWExOC02NWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqSM5LIGZfPLvm8lPJV8zOSVCfNWx2jMLr5f4SX2o1V0jQ/u5frKwuKUWL7Hl qeJevKzJH1nqKJnCcOWjRbUbGMMISykd3MEUkCAygwxcclCYJTCfuBP1GG/CEBhk tPXnTSUxE+90Ev0TnlxmiiloVILVvt+PaKIThcIp9sv7NQvBvn1cQIaBu6gbDd1d XZm527uHQkocUmDa9oyiR4gRnYhtb4Mo+FhNcR8XES+v4YKBrGab3l3g64n9Z5MJ ke4WHYS392aZ5CyqcEaJ6CQA0+CI7HzfMi7fzlaqMQ551rDiJBuuA6hWsOIqF3d6 i99k1rPyAHMdEQVvTnoTweCUtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAh0qe+s 2gG0p4jpZEsvG231rZg1MB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAh5uaGigIFzw2PqbAxbyiBuK7v2+YzMQH5uIZbyL15aidLLXUP+jlg wFtHfdZfQInwqEnvvJThEZEPH+sJhkv9HGIekB89lQvOjI0oCAAK3a2B4nIgIRCU CzmwT6GsDQr5JhasU2qhcuMDacsh0u5bhSo/7jU7WWYEFTMUxQJoTKrrgEd2D9Lo rxiLlfaoPjZKuJkA61KwDgRDxUX7myY4cKohC9nwPlKHgGSR4dDINAJWInClKONz cZSI566ijJ7qkYcvk6M8ar/qWjVpbHEj6HqZgVSSFFbnBjuo+SyomBTQZge5r3jf +iHq7PxtlmMJt5N15AiivZgsp14leUAR -----END CERTIFICATE-----Generated at Tue May 13 22:50:35 2025 by rpki-client