$ rpki-client -vvf rpki.apnic.net/member_repository/A9177E33/A80ECE481D8611E2BE930ADE08B02CD2/4klmeNb9TiLorA6f9s1YENb7eU0.mft File: 4klmeNb9TiLorA6f9s1YENb7eU0.mft (raw, json) Hash identifier: h//rVrvrk5yMiqE0ypggqpJaqh2/VHkqIDPJqRV2ae4= Subject key identifier: D0:F5:0F:F2:04:E3:93:D6:8F:A3:6B:09:7C:EF:D5:98:57:1C:04:36 Authority key identifier: E2:49:66:78:D6:FD:4E:22:E8:AC:0E:9F:F6:CD:58:10:D6:FB:79:4D Certificate issuer: /CN=A9177E33/serialNumber=E2496678D6FD4E22E8AC0E9FF6CD5810D6FB794D Certificate serial: 347A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4klmeNb9TiLorA6f9s1YENb7eU0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9177E33/A80ECE481D8611E2BE930ADE08B02CD2/4klmeNb9TiLorA6f9s1YENb7eU0.mft Manifest number: 3479 Signing time: Thu 08 May 2025 14:28:26 +0000 Manifest this update: Thu 08 May 2025 14:28:26 +0000 Manifest next update: Thu 15 May 2025 14:28:26 +0000 Files and hashes: 1: 4klmeNb9TiLorA6f9s1YENb7eU0.crl (hash: YBUKK+lhLpZI66xBijLmkgW9z2rxCbihjwBEHz3/QdM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9177E33/A80ECE481D8611E2BE930ADE08B02CD2/4klmeNb9TiLorA6f9s1YENb7eU0.crl rsync://rpki.apnic.net/member_repository/A9177E33/A80ECE481D8611E2BE930ADE08B02CD2/4klmeNb9TiLorA6f9s1YENb7eU0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4klmeNb9TiLorA6f9s1YENb7eU0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 14:28:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13434 (0x347a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9177E33, serialNumber=E2496678D6FD4E22E8AC0E9FF6CD5810D6FB794D Validity Not Before: May 8 14:28:26 2025 GMT Not After : May 15 14:28:26 2025 GMT Subject: CN=681cbf8a-1cf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9d:c9:e3:c7:7a:38:76:97:c3:7f:c4:62:8b: 91:d0:28:5d:a7:89:01:ff:fc:ef:54:5a:62:bb:15: 5d:e2:fc:92:e1:ba:17:6b:b4:90:7f:54:8a:6a:a3: 68:2e:f3:bb:a3:8b:54:02:1d:fe:9f:a7:80:60:7a: 78:6b:4f:04:75:8a:f4:f8:3c:94:22:7b:92:4f:59: 25:ad:8b:5d:a7:09:2e:d4:21:9d:18:df:ca:46:ca: 8b:c6:9f:19:f8:05:7a:0e:e1:61:2b:24:c6:d2:34: 34:c6:71:f1:66:df:94:65:5d:d3:71:dc:5e:09:df: 21:92:11:9f:4d:f4:cf:ab:0a:b7:60:30:13:53:3b: c2:87:b5:2e:02:92:d4:1d:c9:66:68:25:63:df:c8: c8:0a:80:9c:6b:59:04:af:ea:2a:36:b0:00:2d:3e: 1f:8f:42:52:a8:bc:96:6a:0d:c7:6e:fe:3e:f0:d8: aa:3d:33:bb:81:61:73:40:4e:42:e9:55:e7:b8:87: b6:0d:99:bb:dd:35:14:bd:b6:64:dd:67:94:4f:3c: 21:4f:a2:7f:4a:57:3e:97:77:40:2c:76:da:ad:ea: 8b:34:9c:83:04:78:a1:7c:38:fc:51:17:d4:16:ff: 67:89:a4:8e:37:eb:95:89:c2:3b:62:d6:21:0e:a9: 95:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:F5:0F:F2:04:E3:93:D6:8F:A3:6B:09:7C:EF:D5:98:57:1C:04:36 X509v3 Authority Key Identifier: keyid:E2:49:66:78:D6:FD:4E:22:E8:AC:0E:9F:F6:CD:58:10:D6:FB:79:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9177E33/A80ECE481D8611E2BE930ADE08B02CD2/4klmeNb9TiLorA6f9s1YENb7eU0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4klmeNb9TiLorA6f9s1YENb7eU0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9177E33/A80ECE481D8611E2BE930ADE08B02CD2/4klmeNb9TiLorA6f9s1YENb7eU0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:4b:f0:3d:3c:12:20:04:11:88:13:46:be:75:08:c7:0d:e6: a7:07:f4:81:f9:9a:87:89:fb:f5:d1:77:0c:86:92:99:07:1a: 67:43:26:61:29:a6:8d:19:a5:1b:a2:f9:b0:98:3d:d5:23:63: 22:d4:0f:39:64:da:01:5d:09:e5:8d:b2:34:3e:33:33:79:8f: 22:dc:f4:88:5d:bc:02:cb:21:70:b4:3a:8a:1c:6b:a5:b3:08: 1c:e9:ca:da:2c:45:f6:01:cc:f4:92:de:69:ff:9f:55:67:4b: 92:13:43:2b:5d:48:7c:1e:a1:f4:0b:f5:94:32:fa:a6:01:98: 3e:99:78:d9:b1:e3:22:16:97:96:f6:7a:31:07:5c:8d:30:cd: cc:17:22:1f:12:a5:0d:c8:39:1c:08:49:5e:10:a4:31:72:24: c5:e2:97:2d:62:34:26:56:85:b3:9c:d3:4d:35:ac:a3:41:0d: 4c:6e:c6:b8:6b:16:31:1b:e1:20:7d:ad:ae:64:b1:04:8e:ea: 27:29:e4:f7:b8:8c:da:cd:70:33:6e:d3:34:4e:4d:40:fc:8d: 4c:bf:d7:3e:23:c1:43:73:0c:7a:40:0a:8e:af:80:10:17:98: 04:05:85:fa:b9:35:0d:bd:83:85:52:dd:de:af:68:c7:96:03: 7e:53:37:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzdFMzMxMTAvBgNVBAUTKEUyNDk2Njc4RDZGRDRFMjJFOEFDMEU5RkY2Q0Q1ODEw RDZGQjc5NEQwHhcNMjUwNTA4MTQyODI2WhcNMjUwNTE1MTQyODI2WjAYMRYwFAYD VQQDEw02ODFjYmY4YS0xY2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnJ3J48d6OHaXw3/EYouR0Chdp4kB//zvVFpiuxVd4vyS4boXa7SQf1SKaqNo LvO7o4tUAh3+n6eAYHp4a08EdYr0+DyUInuST1klrYtdpwku1CGdGN/KRsqLxp8Z +AV6DuFhKyTG0jQ0xnHxZt+UZV3TcdxeCd8hkhGfTfTPqwq3YDATUzvCh7UuApLU HclmaCVj38jICoCca1kEr+oqNrAALT4fj0JSqLyWag3Hbv4+8NiqPTO7gWFzQE5C 6VXnuIe2DZm73TUUvbZk3WeUTzwhT6J/Slc+l3dALHbareqLNJyDBHihfDj8URfU Fv9niaSON+uVicI7YtYhDqmVWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFND1D/IE 45PWj6NrCXzv1ZhXHAQ2MB8GA1UdIwQYMBaAFOJJZnjW/U4i6KwOn/bNWBDW+3lN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3N0UzMy9BODBFQ0U0ODFE ODYxMUUyQkU5MzBBREUwOEIwMkNEMi80a2xtZU5iOVRpTG9yQTZmOXMxWUVOYjdl VTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRrbG1lTmI5VGlMb3JBNmY5czFZRU5iN2VVMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 N0UzMy9BODBFQ0U0ODFEODYxMUUyQkU5MzBBREUwOEIwMkNEMi80a2xtZU5iOVRp TG9yQTZmOXMxWUVOYjdlVTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFS/A9PBIgBBGIE0a+dQjHDeanB/SB+ZqHifv10XcMhpKZBxpnQyZh KaaNGaUbovmwmD3VI2Mi1A85ZNoBXQnljbI0PjMzeY8i3PSIXbwCyyFwtDqKHGul swgc6craLEX2Acz0kt5p/59VZ0uSE0MrXUh8HqH0C/WUMvqmAZg+mXjZseMiFpeW 9noxB1yNMM3MFyIfEqUNyDkcCEleEKQxciTF4pctYjQmVoWznNNNNayjQQ1Mbsa4 axYxG+Egfa2uZLEEjuonKeT3uIzazXAzbtM0Tk1A/I1Mv9c+I8FDcwx6QAqOr4AQ F5gEBYX6uTUNvYOFUt3er2jHlgN+Uze0 -----END CERTIFICATE-----Generated at Fri May 9 14:46:14 2025 by rpki-client