$ rpki-client -vvf rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft File: 2QhrDfk0LcKwkbrobLd5_GJZvXs.mft (raw, json) Hash identifier: 4OzSaICIRvcJy4iVfZT9ECeQVfZaIEptFcaMqgab5/Y= Subject key identifier: 78:DB:1E:C8:42:1F:0A:F3:3E:83:54:46:EA:2D:C0:88:15:12:5F:1E Authority key identifier: D9:08:6B:0D:F9:34:2D:C2:B0:91:BA:E8:6C:B7:79:FC:62:59:BD:7B Certificate issuer: /CN=A914F2EC/serialNumber=D9086B0DF9342DC2B091BAE86CB779FC6259BD7B Certificate serial: 348D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft Manifest number: 3484 Signing time: Mon 12 May 2025 14:57:39 +0000 Manifest this update: Mon 12 May 2025 14:57:39 +0000 Manifest next update: Mon 19 May 2025 14:57:39 +0000 Files and hashes: 1: 2QhrDfk0LcKwkbrobLd5_GJZvXs.crl (hash: RyCrM/h8r+veiFQPDOGhf/29VHyOTnkIcSf/gsgU6do=) 2: 588BD7269A1211E8B97A623AC4F9AE02.roa (hash: KKbAooYir9kiM+kQeIhamjhStk+gbSQk/A73xTUucXs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.crl rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13453 (0x348d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F2EC, serialNumber=D9086B0DF9342DC2B091BAE86CB779FC6259BD7B Validity Not Before: May 12 14:57:39 2025 GMT Not After : May 19 14:57:39 2025 GMT Subject: CN=68220c63-92cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e8:09:e4:5f:6e:44:a8:9b:3c:6f:a4:1a:51: 38:22:33:67:9b:2f:5e:1c:68:0e:49:ea:7c:b7:fb: 9c:63:1e:54:b7:f1:38:79:04:3f:c0:82:12:b3:a1: fd:d9:dc:e6:5d:16:01:d6:ed:a8:27:1a:bc:3b:74: 34:a3:4c:df:dc:10:0b:3e:11:a4:1f:c4:b3:2a:02: 9c:f3:3d:21:07:54:09:36:a1:a5:e8:87:b1:d1:f6: 6e:16:8b:4f:98:d1:be:ae:5e:70:d5:ad:ae:52:93: b6:f8:be:1c:4f:ca:bf:c8:bb:2e:d6:e3:37:4e:65: 54:38:bf:8f:83:d7:14:aa:43:d0:78:25:58:e2:6f: 86:a6:2c:12:72:9f:3f:ef:bd:ed:ee:a2:f8:9f:63: 9a:d1:22:4d:7b:40:06:d1:75:c8:0f:73:bc:77:a2: a1:f5:21:f2:b4:fa:83:01:5b:36:0e:32:e4:71:17: 90:0c:70:d9:ea:48:c8:5c:a2:df:ad:94:df:d9:db: 5d:b3:6c:dd:4d:c5:e4:0a:fa:cd:ac:46:17:52:b8: 26:ec:74:26:d9:71:2b:f1:72:a7:c9:b0:c2:7e:4e: 1a:a9:52:5c:66:d5:26:db:96:ab:be:6c:80:f0:c5: cc:ea:c5:df:af:fb:38:97:8f:d4:a6:8e:2f:07:8f: 2d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:DB:1E:C8:42:1F:0A:F3:3E:83:54:46:EA:2D:C0:88:15:12:5F:1E X509v3 Authority Key Identifier: keyid:D9:08:6B:0D:F9:34:2D:C2:B0:91:BA:E8:6C:B7:79:FC:62:59:BD:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:29:8b:fc:ec:ce:b4:0a:84:e2:80:e5:b2:c3:dc:cb:19:b6: aa:21:77:b6:ff:fa:80:26:5a:e1:9c:68:7a:8e:a7:d1:b8:7c: 7f:68:f0:1a:40:56:b3:c2:5b:e8:86:20:55:9c:b2:2c:2a:f5: ea:5e:c1:13:db:91:2f:b5:8b:81:47:17:a5:ec:22:fc:e8:5e: af:9b:ae:33:a8:0e:28:7b:76:c4:48:a2:20:7d:fc:93:5a:88: 17:2b:94:35:3f:25:39:e1:5f:59:85:0a:64:8b:3e:b6:65:55: 3e:b3:db:f2:7d:5e:b1:e2:c4:0b:af:72:07:08:1a:d3:98:bd: 49:44:b2:0f:04:9a:e9:8f:a5:7d:15:b1:91:86:36:24:bc:27: f3:91:ff:05:5e:7f:6b:70:4d:68:02:d3:32:8a:d2:d7:f0:30: 80:10:a6:e7:f0:36:5f:62:0e:5e:ac:5c:d6:38:85:08:26:91: d1:40:27:c1:10:63:fe:4a:98:a4:1b:0b:f7:c0:cb:d6:fc:1a: 35:8a:a0:b1:d6:fc:76:d3:ab:98:58:30:2f:b2:ab:e1:25:f6: d3:c7:15:68:2b:76:97:77:6b:b2:71:e5:86:71:08:1b:a1:43: d8:df:1f:d8:94:f5:3d:5b:00:65:82:55:29:9f:36:39:d9:6c: 59:16:94:3a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEYyRUMxMTAvBgNVBAUTKEQ5MDg2QjBERjkzNDJEQzJCMDkxQkFFODZDQjc3OUZD NjI1OUJEN0IwHhcNMjUwNTEyMTQ1NzM5WhcNMjUwNTE5MTQ1NzM5WjAYMRYwFAYD VQQDEw02ODIyMGM2My05MmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqugJ5F9uRKibPG+kGlE4IjNnmy9eHGgOSep8t/ucYx5Ut/E4eQQ/wIISs6H9 2dzmXRYB1u2oJxq8O3Q0o0zf3BALPhGkH8SzKgKc8z0hB1QJNqGl6Iex0fZuFotP mNG+rl5w1a2uUpO2+L4cT8q/yLsu1uM3TmVUOL+Pg9cUqkPQeCVY4m+GpiwScp8/ 773t7qL4n2Oa0SJNe0AG0XXID3O8d6Kh9SHytPqDAVs2DjLkcReQDHDZ6kjIXKLf rZTf2dtds2zdTcXkCvrNrEYXUrgm7HQm2XEr8XKnybDCfk4aqVJcZtUm25arvmyA 8MXM6sXfr/s4l4/Upo4vB48tLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHjbHshC HwrzPoNURuotwIgVEl8eMB8GA1UdIwQYMBaAFNkIaw35NC3CsJG66Gy3efxiWb17 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjJFQy9ENThBMjI2QzFE OUMxMUUyOUJDM0IyOEIwOEIwMkNEMi8yUWhyRGZrMExjS3drYnJvYkxkNV9HSlp2 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRaHJEZmswTGNLd2ticm9iTGQ1X0dKWnZYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjJFQy9ENThBMjI2QzFEOUMxMUUyOUJDM0IyOEIwOEIwMkNEMi8yUWhyRGZrMExj S3drYnJvYkxkNV9HSlp2WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/KYv87M60CoTigOWyw9zLGbaqIXe2//qAJlrhnGh6jqfRuHx/aPAa QFazwlvohiBVnLIsKvXqXsET25EvtYuBRxel7CL86F6vm64zqA4oe3bESKIgffyT WogXK5Q1PyU54V9ZhQpkiz62ZVU+s9vyfV6x4sQLr3IHCBrTmL1JRLIPBJrpj6V9 FbGRhjYkvCfzkf8FXn9rcE1oAtMyitLX8DCAEKbn8DZfYg5erFzWOIUIJpHRQCfB EGP+SpikGwv3wMvW/Bo1iqCx1vx206uYWDAvsqvhJfbTxxVoK3aXd2uyceWGcQgb oUPY3x/YlPU9WwBlglUpnzY52WxZFpQ6 -----END CERTIFICATE-----Generated at Tue May 13 22:43:15 2025 by rpki-client