$ rpki-client -vvf rpki.apnic.net/member_repository/A9171B8D/1CF9A87A03D111F0B234BC15C4F9AE02/vmOANw9kBuY_dG-vUrxQHsTQvVI.mft File: vmOANw9kBuY_dG-vUrxQHsTQvVI.mft (raw, json) Hash identifier: lBKl8PvQ8nNEeFL2S6mFFDNqef4kkmecnXuQja0O+mk= Subject key identifier: 5F:0F:5E:EA:8A:0D:63:E3:72:AC:A9:B9:57:A3:3A:1A:95:0D:93:74 Authority key identifier: BE:63:80:37:0F:64:06:E6:3F:74:6F:AF:52:BC:50:1E:C4:D0:BD:52 Certificate issuer: /CN=A9171B8D/serialNumber=BE6380370F6406E63F746FAF52BC501EC4D0BD52 Certificate serial: 1F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmOANw9kBuY_dG-vUrxQHsTQvVI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171B8D/1CF9A87A03D111F0B234BC15C4F9AE02/vmOANw9kBuY_dG-vUrxQHsTQvVI.mft Manifest number: 1F Signing time: Tue 13 May 2025 07:07:45 +0000 Manifest this update: Tue 13 May 2025 07:07:44 +0000 Manifest next update: Tue 20 May 2025 07:07:44 +0000 Files and hashes: 1: vmOANw9kBuY_dG-vUrxQHsTQvVI.crl (hash: 8LurtcUm8MBvvSc4L2Kc4DMCJ2Ve4aVHxy+YQx4k7z8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171B8D/1CF9A87A03D111F0B234BC15C4F9AE02/vmOANw9kBuY_dG-vUrxQHsTQvVI.crl rsync://rpki.apnic.net/member_repository/A9171B8D/1CF9A87A03D111F0B234BC15C4F9AE02/vmOANw9kBuY_dG-vUrxQHsTQvVI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmOANw9kBuY_dG-vUrxQHsTQvVI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 07:07:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31 (0x1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171B8D, serialNumber=BE6380370F6406E63F746FAF52BC501EC4D0BD52 Validity Not Before: May 13 07:07:44 2025 GMT Not After : May 20 07:07:44 2025 GMT Subject: CN=6822efc0-3392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:14:f7:bc:e1:a0:59:e5:77:17:a6:da:45:62: be:e0:9a:a3:c5:92:35:45:cf:72:15:93:b3:62:8c: ee:ac:50:df:50:55:cc:3f:f1:02:59:2e:37:a9:09: bc:55:a8:30:34:dc:4a:34:47:28:6b:9c:6d:ad:27: 13:9e:be:69:ac:2a:7f:c0:05:08:36:aa:4c:f6:6e: e4:60:06:e3:35:d4:69:ba:ba:30:30:1f:4e:33:8c: 05:36:22:d7:bc:45:74:46:71:fe:ff:84:d0:de:7e: 92:78:c0:86:02:44:9a:93:0a:6a:5a:46:f0:1f:2c: 29:3b:77:84:bf:8c:7d:d3:1b:64:c5:47:38:9c:fe: 7c:ff:e7:42:90:e8:a8:ce:d8:5f:fe:cd:b5:e1:8c: 4c:f8:0e:65:17:b3:a1:e2:77:39:4a:bf:66:12:3b: fb:80:e7:c8:67:2d:95:2a:6b:3a:b6:e4:53:3d:5c: 3a:e3:6d:68:0b:be:9d:d5:02:fe:23:46:c0:a4:ee: 8e:87:1d:0e:df:7f:db:98:00:5a:d3:dc:a2:11:85: b0:61:cc:30:91:3a:99:06:e6:1f:4f:5e:f8:21:84: f1:50:74:2f:9a:3d:9c:d1:82:a9:62:f8:29:e3:2e: 54:7c:dd:72:b2:d9:a2:86:1e:69:09:63:21:1b:32: f4:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:0F:5E:EA:8A:0D:63:E3:72:AC:A9:B9:57:A3:3A:1A:95:0D:93:74 X509v3 Authority Key Identifier: keyid:BE:63:80:37:0F:64:06:E6:3F:74:6F:AF:52:BC:50:1E:C4:D0:BD:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171B8D/1CF9A87A03D111F0B234BC15C4F9AE02/vmOANw9kBuY_dG-vUrxQHsTQvVI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmOANw9kBuY_dG-vUrxQHsTQvVI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171B8D/1CF9A87A03D111F0B234BC15C4F9AE02/vmOANw9kBuY_dG-vUrxQHsTQvVI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:ec:2c:1c:ae:16:a2:3a:2a:b6:22:58:f6:6c:2d:f6:13:09: df:92:bb:eb:d6:62:62:17:d4:91:1d:98:e1:38:30:a8:5d:1a: a8:d0:cc:aa:ca:d0:a4:d1:3a:99:ed:7d:80:d5:dd:4b:a2:e6: 1b:30:50:ee:b9:c6:61:b8:35:34:f3:63:be:1d:4a:95:28:a3: 10:81:d5:ad:a3:e8:92:3f:64:3b:b6:9d:c6:5b:f1:bb:8b:74: 89:6e:dd:9d:d6:45:c3:b7:ce:29:bd:47:51:41:9a:63:c1:39: 41:c4:50:5f:6d:60:1e:c5:5a:f1:76:4f:e6:1c:a2:94:a0:a0: ea:9c:a6:bd:2f:32:c9:b8:e5:63:a8:35:8f:c3:87:07:91:8a: c6:5c:7b:57:42:fe:cb:8f:05:f2:3c:3a:44:99:81:30:96:a0: 7f:28:8f:0d:59:84:ad:21:64:26:31:f9:d5:20:1f:ae:9d:42: 48:57:f2:84:c2:7a:5e:c6:97:5b:c3:28:2c:11:92:da:55:8b: 46:95:21:3a:f8:5b:ea:1f:01:fa:a8:13:d1:f0:35:6d:6b:69: eb:d0:65:87:64:df:41:f8:23:12:12:0a:b1:59:51:d0:94:c4: 2f:c4:a0:fa:73:a0:c5:19:6d:c4:91:c5:88:90:3a:e7:a0:b8: af:e1:72:31 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MUI4RDExMC8GA1UEBRMoQkU2MzgwMzcwRjY0MDZFNjNGNzQ2RkFGNTJCQzUwMUVD NEQwQkQ1MjAeFw0yNTA1MTMwNzA3NDRaFw0yNTA1MjAwNzA3NDRaMBgxFjAUBgNV BAMTDTY4MjJlZmMwLTMzOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJFPe84aBZ5XcXptpFYr7gmqPFkjVFz3IVk7NijO6sUN9QVcw/8QJZLjepCbxV qDA03Eo0RyhrnG2tJxOevmmsKn/ABQg2qkz2buRgBuM11Gm6ujAwH04zjAU2Ite8 RXRGcf7/hNDefpJ4wIYCRJqTCmpaRvAfLCk7d4S/jH3TG2TFRzic/nz/50KQ6KjO 2F/+zbXhjEz4DmUXs6HidzlKv2YSO/uA58hnLZUqazq25FM9XDrjbWgLvp3VAv4j RsCk7o6HHQ7ff9uYAFrT3KIRhbBhzDCROpkG5h9PXvghhPFQdC+aPZzRgqli+Cnj LlR83XKy2aKGHmkJYyEbMvTPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXw9e6ooN Y+NyrKm5V6M6GpUNk3QwHwYDVR0jBBgwFoAUvmOANw9kBuY/dG+vUrxQHsTQvVIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcxQjhELzFDRjlBODdBMDNE MTExRjBCMjM0QkMxNUM0RjlBRTAyL3ZtT0FOdzlrQnVZX2RHLXZVcnhRSHNUUXZW SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdm1PQU53OWtCdVlfZEctdlVyeFFIc1RRdlZJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcx QjhELzFDRjlBODdBMDNEMTExRjBCMjM0QkMxNUM0RjlBRTAyL3ZtT0FOdzlrQnVZ X2RHLXZVcnhRSHNUUXZWSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAETsLByuFqI6KrYiWPZsLfYTCd+Su+vWYmIX1JEdmOE4MKhdGqjQzKrK 0KTROpntfYDV3Uui5hswUO65xmG4NTTzY74dSpUooxCB1a2j6JI/ZDu2ncZb8buL dIlu3Z3WRcO3zim9R1FBmmPBOUHEUF9tYB7FWvF2T+YcopSgoOqcpr0vMsm45WOo NY/DhweRisZce1dC/suPBfI8OkSZgTCWoH8ojw1ZhK0hZCYx+dUgH66dQkhX8oTC el7Gl1vDKCwRktpVi0aVITr4W+ofAfqoE9HwNW1raevQZYdk30H4IxISCrFZUdCU xC/EoPpzoMUZbcSRxYiQOueguK/hcjE= -----END CERTIFICATE-----Generated at Wed May 14 18:28:37 2025 by rpki-client