$ rpki-client -vvf rpki.apnic.net/member_repository/A914E1A8/A40A724AB13011ED847D4981C4F9AE02/i-zDY4Bwprefbc4ioOZbsh4Ndyk.mft File: i-zDY4Bwprefbc4ioOZbsh4Ndyk.mft (raw, json) Hash identifier: vaBKQ27YmfmwUh6xHvtZw+x+Ra1Uodjx/tOlVOhNZ3o= Subject key identifier: 8E:74:B8:61:37:99:DB:1E:FC:73:B8:9F:13:4A:9E:A1:1B:A3:FB:6B Authority key identifier: 8B:EC:C3:63:80:70:A6:B7:9F:6D:CE:22:A0:E6:5B:B2:1E:0D:77:29 Certificate issuer: /CN=A914E1A8/serialNumber=8BECC3638070A6B79F6DCE22A0E65BB21E0D7729 Certificate serial: 01B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-zDY4Bwprefbc4ioOZbsh4Ndyk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E1A8/A40A724AB13011ED847D4981C4F9AE02/i-zDY4Bwprefbc4ioOZbsh4Ndyk.mft Manifest number: 01A9 Signing time: Tue 13 May 2025 02:33:50 +0000 Manifest this update: Tue 13 May 2025 02:33:50 +0000 Manifest next update: Tue 20 May 2025 02:33:50 +0000 Files and hashes: 1: i-zDY4Bwprefbc4ioOZbsh4Ndyk.crl (hash: Kda40kTPltNOjukDl1U6Yq1sr2jZH1dtzm3AhS7Lt4I=) 2: 5D35DEC8B13411EDB6BEF584C4F9AE02.roa (hash: g7Iu0qsIgHA2DsVqzJPZwAHsWDw0BvGfzGeWjQmEdZA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E1A8/A40A724AB13011ED847D4981C4F9AE02/i-zDY4Bwprefbc4ioOZbsh4Ndyk.crl rsync://rpki.apnic.net/member_repository/A914E1A8/A40A724AB13011ED847D4981C4F9AE02/i-zDY4Bwprefbc4ioOZbsh4Ndyk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-zDY4Bwprefbc4ioOZbsh4Ndyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:33:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E1A8, serialNumber=8BECC3638070A6B79F6DCE22A0E65BB21E0D7729 Validity Not Before: May 13 02:33:50 2025 GMT Not After : May 20 02:33:50 2025 GMT Subject: CN=6822af8e-4d74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4d:a1:a0:76:f8:e6:8b:b8:87:db:e0:ce:c7: d7:98:f9:47:e5:bf:71:fb:38:68:a4:5f:38:ed:83: 25:1e:b2:f8:78:80:06:17:a7:df:37:6d:1a:13:48: a6:10:af:be:08:e5:92:eb:1f:54:0d:18:76:36:65: 4f:21:c3:b1:ab:d9:2f:08:06:fc:c8:ff:77:86:33: 6e:0c:fb:df:54:7a:9a:7b:1d:79:8d:8b:4f:c7:20: 8f:4b:2b:0d:1d:f8:a6:8e:e0:71:2f:f4:79:b6:e7: dd:2d:55:c3:5e:9b:81:eb:bd:dc:6e:32:26:e4:4a: 16:1e:8f:46:db:03:e2:15:55:c9:d2:74:1b:b6:16: 22:16:48:55:fa:3c:3f:71:03:35:cd:ff:c6:45:64: cc:e5:bd:88:49:af:db:42:a3:7a:c6:f9:05:f2:86: 43:f2:cb:08:5c:bc:ae:ee:63:c7:00:f1:d2:32:d9: 34:e7:d2:c0:0a:6c:86:35:54:e1:cd:0e:bf:7b:05: 69:cf:47:50:16:2d:82:8a:89:6c:fd:76:9e:dd:3f: 78:3b:85:06:4f:63:60:26:fd:a3:06:93:e3:86:1e: e7:0f:5e:de:fa:61:ef:ad:0b:02:22:f4:40:eb:80: 2f:a5:ec:e4:b8:59:7b:4f:19:90:51:fc:8d:a8:70: a3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:74:B8:61:37:99:DB:1E:FC:73:B8:9F:13:4A:9E:A1:1B:A3:FB:6B X509v3 Authority Key Identifier: keyid:8B:EC:C3:63:80:70:A6:B7:9F:6D:CE:22:A0:E6:5B:B2:1E:0D:77:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E1A8/A40A724AB13011ED847D4981C4F9AE02/i-zDY4Bwprefbc4ioOZbsh4Ndyk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-zDY4Bwprefbc4ioOZbsh4Ndyk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E1A8/A40A724AB13011ED847D4981C4F9AE02/i-zDY4Bwprefbc4ioOZbsh4Ndyk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:fb:b2:ed:cd:84:ea:08:ab:7b:0c:f7:2e:92:b5:b9:78:04: 80:15:1a:8a:f5:55:a3:1c:32:da:1c:f6:6d:53:61:2a:74:32: ca:b7:25:35:53:10:f7:2c:5d:d0:d5:e1:7f:c4:55:6e:0c:76: 87:e9:d6:46:2f:0d:91:83:07:6c:02:e7:e8:06:bf:db:ea:cd: 31:c8:2d:38:0d:d1:e0:1c:6e:45:df:59:24:9a:a4:59:4f:4c: e1:b3:97:60:98:6e:82:35:bc:7f:cd:d8:b6:a5:41:73:10:77: 02:3d:eb:9e:0e:aa:a3:ac:dc:20:79:3e:a9:6d:af:6a:31:b7: 79:8b:bd:49:50:52:50:0e:1a:5d:93:b0:c1:02:58:72:b2:ce: 3e:bc:84:47:d6:c6:cb:51:9a:a1:96:20:da:4f:07:4e:c0:de: ca:7f:db:58:4d:35:5d:aa:e3:7e:4a:ed:0c:8d:3e:d9:93:48: c4:26:bc:37:46:6d:5b:6b:5c:94:81:d2:2f:a9:dd:32:86:12: 97:e4:65:6c:42:83:fc:f4:7c:ae:06:a4:36:06:05:de:6c:21: c1:c6:b1:ee:e7:7b:3e:43:a2:1b:44:f9:be:82:28:43:7a:d4: 1b:19:fa:a5:eb:da:29:f5:c4:9a:bc:71:4b:e9:63:25:c6:8c: c9:1e:e7:f0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUxQTgxMTAvBgNVBAUTKDhCRUNDMzYzODA3MEE2Qjc5RjZEQ0UyMkEwRTY1QkIy MUUwRDc3MjkwHhcNMjUwNTEzMDIzMzUwWhcNMjUwNTIwMDIzMzUwWjAYMRYwFAYD VQQDEw02ODIyYWY4ZS00ZDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuk2hoHb45ou4h9vgzsfXmPlH5b9x+zhopF847YMlHrL4eIAGF6ffN20aE0im EK++COWS6x9UDRh2NmVPIcOxq9kvCAb8yP93hjNuDPvfVHqaex15jYtPxyCPSysN HfimjuBxL/R5tufdLVXDXpuB673cbjIm5EoWHo9G2wPiFVXJ0nQbthYiFkhV+jw/ cQM1zf/GRWTM5b2ISa/bQqN6xvkF8oZD8ssIXLyu7mPHAPHSMtk059LACmyGNVTh zQ6/ewVpz0dQFi2Ciols/Xae3T94O4UGT2NgJv2jBpPjhh7nD17e+mHvrQsCIvRA 64AvpezkuFl7TxmQUfyNqHCj6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI50uGE3 mdse/HO4nxNKnqEbo/trMB8GA1UdIwQYMBaAFIvsw2OAcKa3n23OIqDmW7IeDXcp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTFBOC9BNDBBNzI0QUIx MzAxMUVEODQ3RDQ5ODFDNEY5QUUwMi9pLXpEWTRCd3ByZWZiYzRpb09aYnNoNE5k eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ktekRZNEJ3cHJlZmJjNGlvT1pic2g0TmR5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTFBOC9BNDBBNzI0QUIxMzAxMUVEODQ3RDQ5ODFDNEY5QUUwMi9pLXpEWTRCd3By ZWZiYzRpb09aYnNoNE5keWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBL+7LtzYTqCKt7DPcukrW5eASAFRqK9VWjHDLaHPZtU2EqdDLKtyU1 UxD3LF3Q1eF/xFVuDHaH6dZGLw2RgwdsAufoBr/b6s0xyC04DdHgHG5F31kkmqRZ T0zhs5dgmG6CNbx/zdi2pUFzEHcCPeueDqqjrNwgeT6pba9qMbd5i71JUFJQDhpd k7DBAlhyss4+vIRH1sbLUZqhliDaTwdOwN7Kf9tYTTVdquN+Su0MjT7Zk0jEJrw3 Rm1ba1yUgdIvqd0yhhKX5GVsQoP89HyuBqQ2BgXebCHBxrHu53s+Q6IbRPm+gihD etQbGfql69op9cSavHFL6WMlxozJHufw -----END CERTIFICATE-----Generated at Tue May 13 08:25:02 2025 by rpki-client