$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft File: _whTCVKXG6BlIktSH1ZWO20hJO0.mft (raw, json) Hash identifier: L8tLvQbpVy/q3k0jr96+Sp7y7Xl8OJcV6x8UTbdkFZo= Subject key identifier: 2E:90:49:13:40:EF:E1:00:9E:EB:37:5E:68:E7:C1:81:F8:25:79:F4 Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0CE4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft Manifest number: 0CDE Signing time: Sat 10 May 2025 17:57:13 +0000 Manifest this update: Sat 10 May 2025 17:57:13 +0000 Manifest next update: Sat 17 May 2025 17:57:13 +0000 Files and hashes: 1: _whTCVKXG6BlIktSH1ZWO20hJO0.crl (hash: drKmSDQmD3iBL5ozyNXXyb2/G7FaojaToA/+9Ujl2Lg=) 2: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (hash: 7Dst7szyPWooV+5WFj8vI4oANvEvXDCaESLYXfhjMk0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 17:57:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3300 (0xce4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475, serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: May 10 17:57:13 2025 GMT Not After : May 17 17:57:13 2025 GMT Subject: CN=681f9379-dee0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:d4:55:ac:2c:c8:eb:29:01:12:52:a6:44:89: f0:37:24:0e:ab:fa:cf:fb:fe:52:db:64:24:3e:3c: c2:b1:db:56:bb:b9:62:c0:99:30:7a:0d:8f:ab:07: 94:a7:12:5e:c3:18:90:d7:4e:d5:e3:3a:3c:ee:00: 00:bf:fd:3c:a7:7f:67:4d:70:5b:a8:64:79:69:ae: a6:a8:b2:86:0b:fa:e9:2a:19:bf:a5:0c:61:76:a7: 6a:c1:57:47:30:df:ee:5e:f8:f0:09:e7:dc:60:39: 18:7c:16:69:e1:17:7d:be:b6:bd:2a:01:1f:1c:ca: 0c:94:a1:0a:b7:57:b2:9e:f9:c7:02:d3:8b:72:39: 5c:a6:4c:27:ea:04:a5:21:42:5e:70:07:ca:a2:d8: 23:76:28:5a:99:d2:6d:fd:bc:65:f2:56:d7:e3:9b: cf:c0:19:6b:4a:24:60:af:55:69:41:75:56:c7:fd: 6e:8c:28:c4:ff:00:94:5c:38:ea:c0:0d:9f:25:00: 71:c8:37:50:ca:83:ca:d0:83:33:77:1a:22:27:ed: ea:25:8d:a7:9c:49:9b:f9:08:64:2f:97:fd:d3:c6: 5a:6c:22:70:17:2a:c8:9c:06:fa:fc:4a:06:67:db: 3a:99:96:48:88:ae:41:b4:42:71:0a:4c:16:c1:11: e4:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:90:49:13:40:EF:E1:00:9E:EB:37:5E:68:E7:C1:81:F8:25:79:F4 X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:61:a4:3d:53:4f:eb:84:27:a2:d7:45:24:b7:87:0b:0d:68: 09:70:95:6b:7e:6b:89:f1:88:e0:bb:5b:a9:0e:a2:e1:8f:02: e4:6a:6d:0e:7c:da:7d:c8:52:f2:f6:cc:e8:5f:50:d9:40:33: a1:6a:b9:1c:b3:c0:82:09:73:c7:e4:24:ff:e8:5e:38:31:32: 36:7c:94:5b:35:cd:71:f3:23:d4:67:37:72:14:bf:1e:15:ef: 5e:78:c1:bf:19:88:db:e4:04:6c:89:61:c8:82:98:f1:80:a4: b0:10:40:9f:10:7d:62:fe:19:5a:de:ab:b3:f7:e7:14:88:fd: 9a:90:d9:14:7e:a8:63:5e:8d:18:a6:a2:e6:b0:e4:e4:e8:5e: 83:42:15:35:60:af:2a:b8:f0:dc:28:f8:83:8a:bb:59:0a:96: be:30:ea:1b:28:43:96:82:23:15:82:16:d3:21:d2:e7:19:38: 11:8d:6d:d7:44:ce:c2:53:04:23:47:e0:5c:be:e6:3f:c0:54: 50:26:d6:aa:95:fd:36:ad:6a:ca:18:96:7f:8a:a1:8e:80:7e: b9:9c:61:06:2a:aa:2e:c0:2d:22:31:42:8c:29:d8:8a:b8:55: c1:de:d5:a2:e6:b1:b0:6d:9a:a0:3e:7c:cc:d9:68:84:ad:a2: 70:d0:3d:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjUwNTEwMTc1NzEzWhcNMjUwNTE3MTc1NzEzWjAYMRYwFAYD VQQDEw02ODFmOTM3OS1kZWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqNRVrCzI6ykBElKmRInwNyQOq/rP+/5S22QkPjzCsdtWu7liwJkweg2PqweU pxJewxiQ107V4zo87gAAv/08p39nTXBbqGR5aa6mqLKGC/rpKhm/pQxhdqdqwVdH MN/uXvjwCefcYDkYfBZp4Rd9vra9KgEfHMoMlKEKt1eynvnHAtOLcjlcpkwn6gSl IUJecAfKotgjdihamdJt/bxl8lbX45vPwBlrSiRgr1VpQXVWx/1ujCjE/wCUXDjq wA2fJQBxyDdQyoPK0IMzdxoiJ+3qJY2nnEmb+QhkL5f908ZabCJwFyrInAb6/EoG Z9s6mZZIiK5BtEJxCkwWwRHkAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC6QSRNA 7+EAnus3XmjnwYH4JXn0MB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTQ3NS9EQkZCM0VCNEU0MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2 QmxJa3RTSDFaV08yMGhKTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiYaQ9U0/rhCei10Ukt4cLDWgJcJVrfmuJ8Yjgu1upDqLhjwLkam0O fNp9yFLy9szoX1DZQDOharkcs8CCCXPH5CT/6F44MTI2fJRbNc1x8yPUZzdyFL8e Fe9eeMG/GYjb5ARsiWHIgpjxgKSwEECfEH1i/hla3quz9+cUiP2akNkUfqhjXo0Y pqLmsOTk6F6DQhU1YK8quPDcKPiDirtZCpa+MOobKEOWgiMVghbTIdLnGTgRjW3X RM7CUwQjR+BcvuY/wFRQJtaqlf02rWrKGJZ/iqGOgH65nGEGKqouwC0iMUKMKdiK uFXB3tWi5rGwbZqgPnzM2WiEraJw0D1c -----END CERTIFICATE-----Generated at Sun May 11 12:30:06 2025 by rpki-client