$ rpki-client -vvf rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft File: gez_R_JbIULxDfbUmuDiGf7XR_g.mft (raw, json) Hash identifier: Uov4o2QdepZ3ePUjF8huJ+55TiEQ99fB7qCq5HSW08M= Subject key identifier: CA:D0:2D:09:E2:25:23:E0:A0:58:07:F9:DF:3E:47:E2:AF:09:B2:83 Authority key identifier: 81:EC:FF:47:F2:5B:21:42:F1:0D:F6:D4:9A:E0:E2:19:FE:D7:47:F8 Certificate issuer: /CN=A913E5D6/serialNumber=81ECFF47F25B2142F10DF6D49AE0E219FED747F8 Certificate serial: 07F6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft Manifest number: 07EB Signing time: Sun 04 May 2025 20:43:33 +0000 Manifest this update: Sun 04 May 2025 20:43:32 +0000 Manifest next update: Sun 11 May 2025 20:43:32 +0000 Files and hashes: 1: gez_R_JbIULxDfbUmuDiGf7XR_g.crl (hash: RbqVXpqxpGBf7N+MuZt39GlIt50MJJwRdQhDG1ItPLM=) 2: B287525CE81011EA926BE66FC4F9AE02.roa (hash: qhioOnup64H2Oct1uVBt6trwRt6rR40e8Cq4NvfLSAw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.crl rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 20:43:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2038 (0x7f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E5D6, serialNumber=81ECFF47F25B2142F10DF6D49AE0E219FED747F8 Validity Not Before: May 4 20:43:32 2025 GMT Not After : May 11 20:43:32 2025 GMT Subject: CN=6817d175-c1a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f8:2d:07:ab:3c:92:17:07:53:58:53:60:38: 8e:77:f9:43:56:63:ef:7f:dc:00:b4:ff:7b:82:2d: 9f:57:d8:f1:15:9b:10:2c:f0:12:ec:8a:ba:29:11: 6f:16:97:66:90:7c:11:99:39:cf:ba:21:30:f3:af: f0:f3:70:55:62:32:a4:88:fb:53:59:e3:56:e6:21: 2a:92:ac:91:9d:ab:a0:35:c0:5c:46:a4:20:91:ff: c7:bd:25:0f:4f:0a:63:ed:6e:6f:ff:bd:6e:9e:bc: 00:9f:3c:a7:59:ab:dd:5c:5e:cf:d6:fb:0a:7d:88: 46:40:ff:db:cf:da:d1:b2:ca:e0:27:e3:53:3d:9b: b1:66:50:fe:85:6e:3d:5c:53:f8:f0:3e:7b:49:df: 0a:7c:ad:06:52:5e:08:54:fe:24:dc:e3:ea:12:4f: 8f:61:eb:9f:5d:bf:14:a9:61:d7:57:74:a8:d1:15: 3c:d5:c4:0a:5a:3f:93:05:d5:fa:ab:67:4d:75:41: dd:0f:eb:dc:98:6a:52:30:78:22:d0:86:7f:0e:6f: 3f:a5:5c:73:be:16:d5:d1:98:cd:ba:83:aa:ec:56: 6e:f5:67:f3:dc:0c:04:df:b1:af:7c:71:59:d6:25: b0:8a:59:22:88:8a:d1:5a:94:24:16:b0:c5:b9:e4: 31:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:D0:2D:09:E2:25:23:E0:A0:58:07:F9:DF:3E:47:E2:AF:09:B2:83 X509v3 Authority Key Identifier: keyid:81:EC:FF:47:F2:5B:21:42:F1:0D:F6:D4:9A:E0:E2:19:FE:D7:47:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:57:04:89:73:6e:18:e1:af:cc:f8:52:61:e7:98:50:f8:c2: fe:dc:74:aa:f7:67:31:75:17:1a:fc:a5:21:16:84:f4:63:07: 24:e6:07:a3:69:d0:65:63:b5:41:32:1c:2f:b2:db:31:9c:02: 6b:5d:1a:4c:20:34:10:c5:a8:d5:3a:d1:6d:68:f6:89:91:43: e3:16:de:a7:42:c1:4f:5f:c3:a9:7e:28:e0:4b:97:1a:00:e4: fc:75:8f:bf:c1:2c:36:9f:67:83:78:27:c9:a8:32:79:9d:3d: 20:66:50:5c:95:87:cb:2c:c5:e2:4a:37:9a:13:cd:cd:3f:c3: e0:f1:23:54:0f:d5:ff:28:ac:92:4a:67:45:51:00:fe:46:95: 7a:58:87:66:e5:6b:da:50:00:45:24:79:58:43:cf:2d:e7:e9: 1d:a9:e5:ba:44:27:88:9d:43:7e:8e:ed:ab:d5:d3:1a:eb:41: 8c:e5:d8:35:48:13:1d:a8:8b:35:b4:1c:01:3b:8c:7b:ad:60: 23:f0:38:2c:14:a0:ea:64:0b:7c:47:e9:f1:e2:96:e5:28:8e: 6f:6c:95:20:ba:f5:c9:8a:ee:d8:12:c5:2c:08:ab:d8:16:db: 5d:7f:f2:a8:fe:0c:8a:f9:84:0f:87:82:1d:c5:a0:26:24:d2: d6:12:66:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U1RDYxMTAvBgNVBAUTKDgxRUNGRjQ3RjI1QjIxNDJGMTBERjZENDlBRTBFMjE5 RkVENzQ3RjgwHhcNMjUwNTA0MjA0MzMyWhcNMjUwNTExMjA0MzMyWjAYMRYwFAYD VQQDEw02ODE3ZDE3NS1jMWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyPgtB6s8khcHU1hTYDiOd/lDVmPvf9wAtP97gi2fV9jxFZsQLPAS7Iq6KRFv FpdmkHwRmTnPuiEw86/w83BVYjKkiPtTWeNW5iEqkqyRnaugNcBcRqQgkf/HvSUP Twpj7W5v/71unrwAnzynWavdXF7P1vsKfYhGQP/bz9rRssrgJ+NTPZuxZlD+hW49 XFP48D57Sd8KfK0GUl4IVP4k3OPqEk+PYeufXb8UqWHXV3So0RU81cQKWj+TBdX6 q2dNdUHdD+vcmGpSMHgi0IZ/Dm8/pVxzvhbV0ZjNuoOq7FZu9Wfz3AwE37GvfHFZ 1iWwilkiiIrRWpQkFrDFueQxEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMrQLQni JSPgoFgH+d8+R+KvCbKDMB8GA1UdIwQYMBaAFIHs/0fyWyFC8Q321Jrg4hn+10f4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTVENi81QTUyRjkxMkU3 NUExMUVBQjk2RjlENjBDNEY5QUUwMi9nZXpfUl9KYklVTHhEZmJVbXVEaUdmN1hS X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2dlel9SX0piSVVMeERmYlVtdURpR2Y3WFJfZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTVENi81QTUyRjkxMkU3NUExMUVBQjk2RjlENjBDNEY5QUUwMi9nZXpfUl9KYklV THhEZmJVbXVEaUdmN1hSX2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIVwSJc24Y4a/M+FJh55hQ+ML+3HSq92cxdRca/KUhFoT0Ywck5gej adBlY7VBMhwvstsxnAJrXRpMIDQQxajVOtFtaPaJkUPjFt6nQsFPX8OpfijgS5ca AOT8dY+/wSw2n2eDeCfJqDJ5nT0gZlBclYfLLMXiSjeaE83NP8Pg8SNUD9X/KKyS SmdFUQD+RpV6WIdm5WvaUABFJHlYQ88t5+kdqeW6RCeInUN+ju2r1dMa60GM5dg1 SBMdqIs1tBwBO4x7rWAj8DgsFKDqZAt8R+nx4pblKI5vbJUguvXJiu7YEsUsCKvY Fttdf/Ko/gyK+YQPh4IdxaAmJNLWEmaE -----END CERTIFICATE-----Generated at Mon May 5 13:13:24 2025 by rpki-client