$ rpki-client -vvf rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft File: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft (raw, json) Hash identifier: ihrM1rXI/2EA6KJWLuLuhxvU9O+r3RC1YC2H8hdI9DM= Subject key identifier: 8F:43:CF:CB:28:49:64:46:79:7F:3A:5C:4F:C1:E7:18:74:BF:4A:0C Authority key identifier: E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30 Certificate issuer: /CN=A917F0AF/serialNumber=E114378DA934861469F495D97598E0F00289C330 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft Manifest number: 42 Signing time: Sun 11 May 2025 06:10:33 +0000 Manifest this update: Sun 11 May 2025 06:10:32 +0000 Manifest next update: Sun 18 May 2025 06:10:32 +0000 Files and hashes: 1: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl (hash: g9+TlA6feVpX7KZoIU4FcLh3aOjIMphxHn9d+cr3yuw=) 2: 27E5184CCC6211EFA20BEE1BC4F9AE02.roa (hash: Nfq9gOVsvHp+sAvDqwlNp+Rm9HqcCv4rXARNazxofGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:10:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F0AF, serialNumber=E114378DA934861469F495D97598E0F00289C330 Validity Not Before: May 11 06:10:32 2025 GMT Not After : May 18 06:10:32 2025 GMT Subject: CN=68203f59-3661 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4b:01:bb:6f:ad:b6:d0:65:97:be:46:54:90: 95:5d:d0:4c:8e:a6:97:83:50:f1:32:53:8f:f5:f6: ad:67:6a:9b:c1:db:da:22:c3:c6:3b:17:49:84:ad: a2:b1:9c:90:b9:a5:a1:09:50:b8:f4:bf:d7:f8:ff: 4d:6f:81:9a:d3:ec:63:bb:ba:b3:de:da:2a:e0:3c: c4:d8:ce:9f:6e:c4:3a:63:51:6f:8c:2b:5c:37:a5: 77:3e:4c:b1:a1:d3:8a:5e:d9:f3:27:ca:43:d2:10: db:d6:e7:f6:7f:73:c0:c6:6f:c9:f1:06:9e:b8:f6: 15:aa:69:11:5e:0c:86:5d:c4:2a:f1:a9:61:9b:8b: 81:42:d4:42:8a:35:09:6f:8d:d7:46:e0:01:c2:f9: ca:85:11:e3:7a:f2:41:59:7b:ad:08:66:3f:cc:67: b2:74:7b:4e:1b:b4:6c:66:87:0b:7d:d7:26:4e:fb: 0f:0a:01:d3:a5:b8:cd:df:80:5d:ed:41:83:7f:63: 58:dc:d0:1d:71:c1:1a:91:72:38:83:4f:33:e5:49: 24:46:3f:7c:ba:af:8a:cb:16:64:ba:3e:1e:06:72: 78:d8:e7:b1:70:b2:88:f4:9e:47:af:9c:ba:6f:5a: 7e:7b:6f:b9:be:55:25:13:d5:f0:5c:7b:8b:32:22: 6c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:43:CF:CB:28:49:64:46:79:7F:3A:5C:4F:C1:E7:18:74:BF:4A:0C X509v3 Authority Key Identifier: keyid:E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:b7:af:f5:50:40:4a:3b:64:71:85:28:02:93:1f:3c:71:2c: 25:57:f8:eb:12:09:ee:09:c4:6d:61:38:98:7d:28:99:3d:f3: 77:4f:70:4c:cd:e6:bc:a4:a6:59:93:e7:96:04:01:df:9f:b1: 0a:4a:50:c0:b3:ea:4d:84:40:2a:6a:a7:e5:be:a4:31:d6:a3: 2c:52:73:cd:62:c2:5c:b9:84:17:75:01:4c:b6:db:9f:c2:46: 14:36:3e:45:2b:73:e5:7b:a1:e3:1d:4d:c2:99:16:4b:97:ea: 95:16:36:21:e3:e8:2b:48:51:a0:e0:18:ca:75:c5:3b:a2:91: b9:8c:c8:54:ff:93:25:2e:a9:de:e4:1b:d0:87:74:de:3a:09: 78:e7:9b:26:6e:be:57:c0:df:e4:0e:e6:04:0b:74:4a:d6:94: d9:c8:23:49:94:21:ec:41:5a:b9:19:b2:df:fc:62:5f:58:79: e3:4f:11:c8:82:5c:73:b4:2d:63:6f:c2:27:65:62:cd:2e:59: f6:38:36:d8:5e:20:d5:0b:57:7a:dd:a2:be:5d:d3:f3:b8:46: e1:18:66:e1:09:3a:28:e5:86:17:69:18:9d:ca:db:ff:1b:00: c1:6e:f6:9e:77:b3:63:fc:ce:21:1b:45:15:58:07:ca:8d:b4: 52:5b:98:bd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RjBBRjExMC8GA1UEBRMoRTExNDM3OERBOTM0ODYxNDY5RjQ5NUQ5NzU5OEUwRjAw Mjg5QzMzMDAeFw0yNTA1MTEwNjEwMzJaFw0yNTA1MTgwNjEwMzJaMBgxFjAUBgNV BAMTDTY4MjAzZjU5LTM2NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+SwG7b6220GWXvkZUkJVd0EyOppeDUPEyU4/19q1napvB29oiw8Y7F0mEraKx nJC5paEJULj0v9f4/01vgZrT7GO7urPe2irgPMTYzp9uxDpjUW+MK1w3pXc+TLGh 04pe2fMnykPSENvW5/Z/c8DGb8nxBp649hWqaRFeDIZdxCrxqWGbi4FC1EKKNQlv jddG4AHC+cqFEeN68kFZe60IZj/MZ7J0e04btGxmhwt91yZO+w8KAdOluM3fgF3t QYN/Y1jc0B1xwRqRcjiDTzPlSSRGP3y6r4rLFmS6Ph4GcnjY57Fwsoj0nkevnLpv Wn57b7m+VSUT1fBce4syImyrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUj0PPyyhJ ZEZ5fzpcT8HnGHS/SgwwHwYDVR0jBBgwFoAU4RQ3jak0hhRp9JXZdZjg8AKJwzAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGMEFGLzJEN0E3RTBFQ0M0 RjExRUZBODlBOEYxNEM0RjlBRTAyLzRSUTNqYWswaGhScDlKWFpkWmpnOEFLSnd6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFJRM2phazBoaFJwOUpYWmRaamc4QUtKd3pBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdG MEFGLzJEN0E3RTBFQ0M0RjExRUZBODlBOEYxNEM0RjlBRTAyLzRSUTNqYWswaGhS cDlKWFpkWmpnOEFLSnd6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKS3r/VQQEo7ZHGFKAKTHzxxLCVX+OsSCe4JxG1hOJh9KJk983dPcEzN 5rykplmT55YEAd+fsQpKUMCz6k2EQCpqp+W+pDHWoyxSc81iwly5hBd1AUy225/C RhQ2PkUrc+V7oeMdTcKZFkuX6pUWNiHj6CtIUaDgGMp1xTuikbmMyFT/kyUuqd7k G9CHdN46CXjnmyZuvlfA3+QO5gQLdErWlNnII0mUIexBWrkZst/8Yl9YeeNPEciC XHO0LWNvwidlYs0uWfY4NtheINULV3rdor5d0/O4RuEYZuEJOijlhhdpGJ3K2/8b AMFu9p53s2P8ziEbRRVYB8qNtFJbmL0= -----END CERTIFICATE-----Generated at Sun May 11 23:03:43 2025 by rpki-client