$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft File: GxesPclsojRSUCPv02J-ks2IR0g.mft (raw, json) Hash identifier: RHHZPO2xxu6ur0Mp4KZzylckimEihPwEBqajr43BuPI= Subject key identifier: 6B:1A:E1:0C:4F:F9:27:7E:DD:A1:75:BD:15:2A:77:C1:B0:5E:72:A9 Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Certificate serial: 1D2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft Manifest number: 1CED Signing time: Thu 08 May 2025 16:14:13 +0000 Manifest this update: Thu 08 May 2025 16:14:12 +0000 Manifest next update: Thu 15 May 2025 16:14:12 +0000 Files and hashes: 1: GxesPclsojRSUCPv02J-ks2IR0g.crl (hash: Ifqo1FOxU+es6JdjO8E4AkmQwrY9KIjfbstvM70HcO4=) 2: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (hash: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=) 3: C154DA14E85C11EBA2171A25C4F9AE02.roa (hash: ZoYRtsKN6J+JTMHnmtPtNWovLxxrXzjOLNI6FTTDrJk=) 4: 907B9B20E8AD11EBAA895D0AC4F9AE02.roa (hash: Yy12wxP/cM0LLNtHiB2aLkhSaVEMx94WCa7jMCYf9WM=) 5: 89654CDAB83B11EFAA80DD09C4F9AE02.roa (hash: wZqrfI6axJ6OhiwV+iuxvLbJgC05OEzm0nCXJ1L7s34=) 6: 4D609E86FF3B11EB910E8847C4F9AE02.roa (hash: IlNlaUUrIO5psWG9zVe/2cJLa9A72orRKr8ki0wRJ+c=) 7: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (hash: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=) 8: 4E2669F4FF3B11EB910E8847C4F9AE02.roa (hash: RxEjxFNvI0DOGeP3888S1tn030BuNHUdNfLt3di15l4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 16:14:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7468 (0x1d2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DBF2, serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Validity Not Before: May 8 16:14:12 2025 GMT Not After : May 15 16:14:12 2025 GMT Subject: CN=681cd855-925a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a1:f9:fa:09:7f:23:40:cc:16:96:78:b5:da: 38:6d:86:22:c7:0e:b9:81:c3:d9:7f:40:d0:7a:63: ca:67:b1:0e:ca:34:1d:81:93:80:3b:44:c4:e0:c2: 62:ee:be:d3:61:58:28:c9:5c:37:22:6f:01:83:de: 5a:89:62:2a:a7:eb:11:af:0c:f2:0b:a1:0b:d3:5a: 6a:d7:84:3a:21:ed:8f:a2:24:68:6d:05:de:b1:04: 49:59:3f:13:cb:86:c2:ff:65:2f:90:89:b9:c4:2c: ec:71:2a:c8:e4:49:a9:57:d0:2e:54:8a:3b:c1:34: 20:e1:a8:14:42:6b:2f:1a:ab:fb:71:15:51:fb:83: 73:56:0c:35:d0:ec:76:84:da:37:13:fe:c6:ff:a4: 57:5f:1e:ee:da:31:75:e3:2d:12:b1:cb:a9:8d:80: f8:7a:a5:e9:cd:0b:a3:12:65:b5:a3:04:ef:94:02: d3:8e:20:06:70:3d:c2:4e:b2:7e:bb:44:30:c4:c5: cf:2f:4b:63:7c:b2:c4:49:89:ad:9e:c7:a4:11:ad: 88:87:01:40:58:30:d7:c8:db:35:d2:40:e7:21:20: 69:4e:46:d4:e9:d3:2e:19:ec:cc:32:b9:05:c6:46: 47:e5:13:a1:54:af:fd:0b:4b:b6:c7:59:68:1f:87: b6:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:1A:E1:0C:4F:F9:27:7E:DD:A1:75:BD:15:2A:77:C1:B0:5E:72:A9 X509v3 Authority Key Identifier: keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:fc:88:9f:70:8b:ee:b8:59:cc:29:17:04:68:3d:6f:dd:1e: 44:29:76:39:78:72:27:94:7c:24:04:bd:02:8d:90:6e:3b:f3: d2:48:22:01:06:45:e2:a8:90:51:d1:cf:9b:e4:9b:9b:ec:6a: 3f:3e:cc:bc:45:0c:f2:f6:56:0d:76:bd:f1:b2:a7:75:9a:5a: 2e:ea:34:63:3b:3d:ff:d3:b8:1e:26:b4:7c:cd:33:87:25:ff: c3:cc:40:25:34:66:25:84:11:2f:2d:55:cb:d9:9b:42:7b:b1: 7f:5f:4c:de:0d:43:e0:ff:02:70:6a:94:a9:7e:d3:e1:84:e7: 20:1a:02:f2:75:44:71:3d:9f:ef:97:87:c0:0f:6f:c0:15:d1: 6c:dd:d2:a5:57:b7:cb:a7:36:0c:ab:46:8b:e9:6b:3c:6c:7c: df:d8:ed:af:1f:da:bb:b2:dd:b9:1a:ab:17:34:85:00:b7:bd: 0a:79:de:50:76:60:86:77:a2:f3:93:15:83:a5:46:ae:64:5f: e3:d6:da:c5:7e:f7:59:ba:59:a9:2c:db:50:7d:33:5c:e3:5d: 7c:33:da:80:a8:95:79:34:98:f4:86:c0:a0:be:ad:c7:f4:0e: f0:2c:97:6b:d0:10:11:87:31:01:1b:ab:7b:3a:4b:de:9f:c8: 54:e2:35:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky Q0Q4ODQ3NDgwHhcNMjUwNTA4MTYxNDEyWhcNMjUwNTE1MTYxNDEyWjAYMRYwFAYD VQQDEw02ODFjZDg1NS05MjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1KH5+gl/I0DMFpZ4tdo4bYYixw65gcPZf0DQemPKZ7EOyjQdgZOAO0TE4MJi 7r7TYVgoyVw3Im8Bg95aiWIqp+sRrwzyC6EL01pq14Q6Ie2PoiRobQXesQRJWT8T y4bC/2UvkIm5xCzscSrI5EmpV9AuVIo7wTQg4agUQmsvGqv7cRVR+4NzVgw10Ox2 hNo3E/7G/6RXXx7u2jF14y0SscupjYD4eqXpzQujEmW1owTvlALTjiAGcD3CTrJ+ u0QwxMXPL0tjfLLESYmtnsekEa2IhwFAWDDXyNs10kDnISBpTkbU6dMuGezMMrkF xkZH5ROhVK/9C0u2x1loH4e25QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGsa4QxP +Sd+3aF1vRUqd8GwXnKpMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REJGMi9FMzQ0NTAxNkMyRjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29q UlNVQ1B2MDJKLWtzMklSMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBt/IifcIvuuFnMKRcEaD1v3R5EKXY5eHInlHwkBL0CjZBuO/PSSCIB BkXiqJBR0c+b5Jub7Go/Psy8RQzy9lYNdr3xsqd1mlou6jRjOz3/07geJrR8zTOH Jf/DzEAlNGYlhBEvLVXL2ZtCe7F/X0zeDUPg/wJwapSpftPhhOcgGgLydURxPZ/v l4fAD2/AFdFs3dKlV7fLpzYMq0aL6Ws8bHzf2O2vH9q7st25GqsXNIUAt70Ked5Q dmCGd6LzkxWDpUauZF/j1trFfvdZulmpLNtQfTNc4118M9qAqJV5NJj0hsCgvq3H 9A7wLJdr0BARhzEBG6t7Okven8hU4jWw -----END CERTIFICATE-----Generated at Sat May 10 10:33:47 2025 by rpki-client