$ rpki-client -vvf rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft File: D9l6GEHJl08fSQQu2j5yhCGq5f4.mft (raw, json) Hash identifier: rARUHWUTJjvZ7AVnpPwGxhG1l6xBQGJVfU2kXz0wnho= Subject key identifier: 64:BB:4F:3F:C8:E4:17:41:75:A3:C5:BA:50:AC:DD:2E:5A:4C:6D:25 Authority key identifier: 0F:D9:7A:18:41:C9:97:4F:1F:49:04:2E:DA:3E:72:84:21:AA:E5:FE Certificate issuer: /CN=A914ED2B/serialNumber=0FD97A1841C9974F1F49042EDA3E728421AAE5FE Certificate serial: 07CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft Manifest number: 07C1 Signing time: Sun 04 May 2025 20:50:59 +0000 Manifest this update: Sun 04 May 2025 20:50:58 +0000 Manifest next update: Sun 11 May 2025 20:50:58 +0000 Files and hashes: 1: D9l6GEHJl08fSQQu2j5yhCGq5f4.crl (hash: zDITLi/1nY53Fohk0+jnfpmLS0dyCUggy4SHn6TsfWo=) 2: D31B3092F40911EA8A5C9E70C4F9AE02.roa (hash: Es/KgzPMe1zYauziZBRZHyjZJ35reOpMCOBV6MckhCs=) 3: D25A6970F40911EA8A5C9E70C4F9AE02.roa (hash: Ka3pUjVhAjV8Jw2bqRS1fw1Jl4NqlRDOjR/Fjs/H0+M=) 4: CD0710DA3F3511ED84AFEA5BC4F9AE02.roa (hash: OhYJKozvfID8ylqYGKB5GjbLkxxbmKyR5Jo0rIME+Bo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.crl rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 20:50:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1999 (0x7cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914ED2B, serialNumber=0FD97A1841C9974F1F49042EDA3E728421AAE5FE Validity Not Before: May 4 20:50:58 2025 GMT Not After : May 11 20:50:58 2025 GMT Subject: CN=6817d333-8390 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fa:e0:fb:e7:10:92:3d:23:54:b7:ac:62:8a: 98:39:67:8b:57:ac:8c:4d:26:e6:48:c6:38:a9:cf: 03:f5:b8:9f:95:2b:04:1b:60:68:46:76:c4:0e:61: e9:4b:c1:75:69:11:d7:d6:a8:da:98:7e:3e:b3:09: 68:31:2e:d3:ab:e7:ae:ed:98:cf:9f:56:67:d3:9b: 5d:35:fb:39:4f:4d:26:f1:cb:d5:a6:17:7b:d5:9a: be:59:e6:b0:1e:50:84:0a:bc:5d:4f:6e:4f:7c:20: 50:86:99:30:91:ac:6a:19:9c:6f:4a:1c:60:8c:6f: ba:23:ea:be:25:d9:7c:32:51:61:6b:91:c9:78:61: 99:07:0b:22:65:eb:a9:62:be:bd:85:58:e8:38:c3: ab:7e:39:85:bd:65:f1:f5:98:f1:ae:36:e8:4b:59: ef:61:4a:cb:5b:2d:3d:8d:50:08:00:8c:4e:98:78: b0:1c:80:37:39:f7:b0:d3:f7:e9:1f:25:d8:95:fa: dc:8d:1c:cd:a4:e1:3e:23:7f:d4:be:d3:7a:a1:9c: 47:ac:6b:36:f6:b5:c3:f0:4a:97:da:df:2f:ab:17: 84:a6:0a:7a:4e:67:03:b9:23:6a:f5:19:ea:ce:06: ce:8e:5d:0a:c6:da:5f:a5:53:65:81:92:56:15:a6: e9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:BB:4F:3F:C8:E4:17:41:75:A3:C5:BA:50:AC:DD:2E:5A:4C:6D:25 X509v3 Authority Key Identifier: keyid:0F:D9:7A:18:41:C9:97:4F:1F:49:04:2E:DA:3E:72:84:21:AA:E5:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:81:76:de:45:fe:e5:79:f5:64:55:f4:8b:ac:d9:2e:2c:14: 79:e6:cd:07:b8:4c:50:e1:b0:6d:5b:91:06:63:1b:f5:3b:6a: 3b:29:60:aa:27:fd:58:db:eb:60:f8:89:5f:e8:68:75:7f:74: 23:5a:41:b9:95:85:3c:7d:a7:bc:cc:ea:37:57:14:e7:77:0b: 91:3a:d1:42:80:ad:8f:a1:32:4e:b9:38:45:79:3f:c8:67:36: b9:95:0b:8d:89:dc:44:a3:1a:68:24:c0:ca:22:3c:0b:80:94: f5:01:b2:35:7b:4f:85:a2:23:46:3a:eb:b7:4e:0e:d7:45:7a: f4:a2:f1:ed:c4:de:a7:54:cf:aa:98:63:71:ca:fb:87:f1:b2: 61:72:dd:26:0a:4a:4e:d5:8f:dd:85:bb:1d:b1:78:a1:83:33: 9a:32:81:4e:ae:bc:8d:10:ac:01:3d:95:23:61:69:00:d7:36: fd:7a:cf:6d:24:a5:8e:10:25:f8:98:fb:1d:50:01:a1:9a:ab: 2b:bd:32:2e:cb:72:d6:69:c9:f7:b1:1a:4f:23:39:f7:38:6a: b0:74:a5:57:e7:4e:a2:27:4d:ac:f5:02:7f:f0:f9:68:6b:37: 33:7e:c1:2f:c7:49:f7:7d:dc:20:42:04:de:aa:af:91:ff:71: db:4e:7d:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB88wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVEMkIxMTAvBgNVBAUTKDBGRDk3QTE4NDFDOTk3NEYxRjQ5MDQyRURBM0U3Mjg0 MjFBQUU1RkUwHhcNMjUwNTA0MjA1MDU4WhcNMjUwNTExMjA1MDU4WjAYMRYwFAYD VQQDEw02ODE3ZDMzMy04MzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAufrg++cQkj0jVLesYoqYOWeLV6yMTSbmSMY4qc8D9biflSsEG2BoRnbEDmHp S8F1aRHX1qjamH4+swloMS7Tq+eu7ZjPn1Zn05tdNfs5T00m8cvVphd71Zq+Weaw HlCECrxdT25PfCBQhpkwkaxqGZxvShxgjG+6I+q+Jdl8MlFha5HJeGGZBwsiZeup Yr69hVjoOMOrfjmFvWXx9ZjxrjboS1nvYUrLWy09jVAIAIxOmHiwHIA3Ofew0/fp HyXYlfrcjRzNpOE+I3/UvtN6oZxHrGs29rXD8EqX2t8vqxeEpgp6TmcDuSNq9Rnq zgbOjl0KxtpfpVNlgZJWFabpkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGS7Tz/I 5BdBdaPFulCs3S5aTG0lMB8GA1UdIwQYMBaAFA/ZehhByZdPH0kELto+coQhquX+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUQyQi84QjY3MDBBNkY0 MDgxMUVBOTBBQzU2NkZDNEY5QUUwMi9EOWw2R0VISmwwOGZTUVF1Mmo1eWhDR3E1 ZjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Q5bDZHRUhKbDA4ZlNRUXUyajV5aENHcTVmNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RUQyQi84QjY3MDBBNkY0MDgxMUVBOTBBQzU2NkZDNEY5QUUwMi9EOWw2R0VISmww OGZTUVF1Mmo1eWhDR3E1ZjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqgXbeRf7lefVkVfSLrNkuLBR55s0HuExQ4bBtW5EGYxv1O2o7KWCq J/1Y2+tg+Ilf6Gh1f3QjWkG5lYU8fae8zOo3VxTndwuROtFCgK2PoTJOuThFeT/I Zza5lQuNidxEoxpoJMDKIjwLgJT1AbI1e0+FoiNGOuu3Tg7XRXr0ovHtxN6nVM+q mGNxyvuH8bJhct0mCkpO1Y/dhbsdsXihgzOaMoFOrryNEKwBPZUjYWkA1zb9es9t JKWOECX4mPsdUAGhmqsrvTIuy3LWacn3sRpPIzn3OGqwdKVX506iJ02s9QJ/8Plo azczfsEvx0n3fdwgQgTeqq+R/3HbTn2Y -----END CERTIFICATE-----Generated at Mon May 5 03:13:47 2025 by rpki-client