$ rpki-client -vvf rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft File: 2-bH-ZCQRq41ohWw4hVErlIjfoo.mft (raw, json) Hash identifier: sac/pD9TMYy41RjxgMbwDx5klhuFSFi4xX8l89eaWPI= Subject key identifier: 43:2C:EF:CD:F1:6B:F7:FA:D2:5A:49:CE:8A:13:30:BE:2B:59:62:C8 Authority key identifier: DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A Certificate issuer: /CN=A914F697/serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Certificate serial: 0673 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft Manifest number: 07A1 Signing time: Sat 10 May 2025 20:40:30 +0000 Manifest this update: Sat 10 May 2025 20:40:29 +0000 Manifest next update: Sat 17 May 2025 20:40:29 +0000 Files and hashes: 1: 2-bH-ZCQRq41ohWw4hVErlIjfoo.crl (hash: 6cW9q7S9+1gIgDsXncf9iwkJ0hOPqG7DRFQgQuNXsQw=) 2: 1AA7504A92DD11EB9B9E993FC4F9AE02.roa (hash: C75Vrv4Uz+C6zFOBFG0FQ16ertvfsDBJQmC7BROeKb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:40:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1651 (0x673) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F697, serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Validity Not Before: May 10 20:40:29 2025 GMT Not After : May 17 20:40:29 2025 GMT Subject: CN=681fb9bd-3c05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:b2:67:93:86:e8:46:b3:f4:d4:74:05:47:dd: 30:9f:40:23:1f:57:5f:52:67:45:09:86:54:fe:54: 1a:1e:41:c7:ec:a2:c3:84:82:c1:68:a4:f8:d7:48: fc:f1:95:25:80:6c:e1:57:0e:f6:03:e9:58:98:94: 9d:21:c3:5a:a0:9e:3f:78:4f:11:ac:66:f3:9c:78: 88:2f:4c:6f:44:a3:1e:e3:82:1b:39:68:25:08:54: e6:37:36:b7:73:14:cc:69:d4:0c:ba:de:37:f1:ba: 2b:39:2b:d7:86:c3:76:09:51:7d:44:d6:d5:d2:70: 6c:a6:36:8f:86:85:c7:79:3d:a0:37:ac:44:66:22: c9:dd:ae:43:d1:0a:f1:1f:4d:49:73:ce:ec:00:09: 55:2d:c0:2a:25:d6:fe:21:ef:62:06:e9:42:d1:a3: c0:78:95:e6:1c:b4:98:89:b1:4a:dc:2c:6e:4e:5f: fb:b2:8b:0b:10:8f:ff:11:f5:1a:73:ec:2f:aa:db: f6:0d:58:93:10:c6:5c:40:76:e9:fd:93:17:53:da: 9a:30:4b:dd:a4:f1:f9:bf:32:2e:a8:88:d6:21:d4: 83:d8:33:da:22:f5:3e:bd:3a:6f:96:eb:19:53:f6: c6:08:de:65:67:f8:3b:9e:8d:f7:38:c3:50:28:22: c2:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:2C:EF:CD:F1:6B:F7:FA:D2:5A:49:CE:8A:13:30:BE:2B:59:62:C8 X509v3 Authority Key Identifier: keyid:DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:f2:49:51:ee:b6:a1:27:6e:d1:28:97:7a:74:9b:6f:e0:3c: b5:fb:d2:27:fe:75:06:24:85:31:28:75:08:48:6a:d0:ea:b4: 96:d2:c6:be:4d:6e:a2:45:9a:be:b2:76:a2:33:20:86:a5:e2: 27:62:78:6f:59:56:b1:c8:2b:9c:7a:db:c7:26:27:b9:4a:fb: 0b:a1:d9:6d:9e:32:52:78:13:9b:84:dc:9d:0b:f4:30:2f:26: a2:8c:c6:83:e1:f0:9f:4d:e6:67:8f:d1:a9:10:67:56:30:dc: 52:25:2c:64:5f:5e:09:ea:f9:bb:0a:f1:13:64:bf:34:d1:c0: 28:d0:58:99:d0:9b:cb:8b:a4:10:7e:74:8d:03:02:1e:2a:6a: 68:11:7a:83:a8:72:4f:8c:98:45:2f:87:96:84:23:c1:75:9b: c5:6e:70:c9:34:f1:f9:77:f2:84:bb:94:5d:63:19:5c:56:1d: e4:3a:4a:1f:6a:67:d3:98:5a:41:7c:03:77:c2:cc:66:cb:69: 59:3c:f4:a4:76:34:b3:81:40:32:f2:ee:18:6f:14:99:c5:36: 4e:29:a6:b3:91:ec:60:97:8d:61:ef:52:d5:ab:ea:2a:f2:d6: 93:36:c6:7b:c1:bc:87:ca:70:6c:48:d5:f1:81:31:8a:b1:61: 01:ab:f8:2e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY2OTcxMTAvBgNVBAUTKERCRTZDN0Y5OTA5MDQ2QUUzNUEyMTVCMEUyMTU0NEFF NTIyMzdFOEEwHhcNMjUwNTEwMjA0MDI5WhcNMjUwNTE3MjA0MDI5WjAYMRYwFAYD VQQDEw02ODFmYjliZC0zYzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3rJnk4boRrP01HQFR90wn0AjH1dfUmdFCYZU/lQaHkHH7KLDhILBaKT410j8 8ZUlgGzhVw72A+lYmJSdIcNaoJ4/eE8RrGbznHiIL0xvRKMe44IbOWglCFTmNza3 cxTMadQMut438borOSvXhsN2CVF9RNbV0nBspjaPhoXHeT2gN6xEZiLJ3a5D0Qrx H01Jc87sAAlVLcAqJdb+Ie9iBulC0aPAeJXmHLSYibFK3CxuTl/7sosLEI//EfUa c+wvqtv2DViTEMZcQHbp/ZMXU9qaMEvdpPH5vzIuqIjWIdSD2DPaIvU+vTpvlusZ U/bGCN5lZ/g7no33OMNQKCLC8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEMs783x a/f60lpJzooTML4rWWLIMB8GA1UdIwQYMBaAFNvmx/mQkEauNaIVsOIVRK5SI36K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjY5Ny83NTIxREZDMEU4 NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJxNDFvaFd3NGhWRXJsSWpm b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzItYkgtWkNRUnE0MW9oV3c0aFZFcmxJamZvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjY5Ny83NTIxREZDMEU4NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJx NDFvaFd3NGhWRXJsSWpmb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBX8klR7rahJ27RKJd6dJtv4Dy1+9In/nUGJIUxKHUISGrQ6rSW0sa+ TW6iRZq+snaiMyCGpeInYnhvWVaxyCucetvHJie5SvsLodltnjJSeBObhNydC/Qw LyaijMaD4fCfTeZnj9GpEGdWMNxSJSxkX14J6vm7CvETZL800cAo0FiZ0JvLi6QQ fnSNAwIeKmpoEXqDqHJPjJhFL4eWhCPBdZvFbnDJNPH5d/KEu5RdYxlcVh3kOkof amfTmFpBfAN3wsxmy2lZPPSkdjSzgUAy8u4YbxSZxTZOKaazkexgl41h71LVq+oq 8taTNsZ7wbyHynBsSNXxgTGKsWEBq/gu -----END CERTIFICATE-----Generated at Mon May 12 19:15:29 2025 by rpki-client