$ rpki-client -vvf rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft File: vsKCSG834xbxe1ILRVKHvDB_ieg.mft (raw, json) Hash identifier: Zx/DGJbL5icWjtNb711jvAZ+Gi6idC1luoOpCbWrpis= Subject key identifier: 21:9B:E6:01:16:CB:8D:8C:24:5B:7A:1E:CC:C4:F5:DB:21:B8:4F:30 Authority key identifier: BE:C2:82:48:6F:37:E3:16:F1:7B:52:0B:45:52:87:BC:30:7F:89:E8 Certificate issuer: /CN=A918A469/serialNumber=BEC282486F37E316F17B520B455287BC307F89E8 Certificate serial: CB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft Manifest number: C9 Signing time: Fri 09 May 2025 04:46:58 +0000 Manifest this update: Fri 09 May 2025 04:46:58 +0000 Manifest next update: Fri 16 May 2025 04:46:58 +0000 Files and hashes: 1: vsKCSG834xbxe1ILRVKHvDB_ieg.crl (hash: t0qfQT50i6IBp7skdcIDR5L5ygmk035RccfB25y/eR0=) 2: 71403B04F7E511EEBC67981CC4F9AE02.roa (hash: gx9z09oQ5hTA8YH4iSWgc7528eikGurKJ+1nJAQYPAQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.crl rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 203 (0xcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A469, serialNumber=BEC282486F37E316F17B520B455287BC307F89E8 Validity Not Before: May 9 04:46:58 2025 GMT Not After : May 16 04:46:58 2025 GMT Subject: CN=681d88c2-fff0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:95:05:17:4d:11:53:70:01:9a:1a:fb:9e:38: 62:48:34:de:72:ed:9a:5f:08:bd:73:4f:aa:09:0b: e5:b0:80:eb:31:55:ac:fb:ea:ae:e2:32:8c:bb:bd: 05:2b:d1:c5:8b:d2:bc:64:db:61:e6:40:ff:0d:bb: c8:1e:3e:d2:f4:8b:0d:9e:d1:26:9a:5b:23:e3:8e: 04:db:46:17:8c:de:51:f6:ad:21:60:9e:c4:25:0b: 5a:98:4f:c0:b6:25:e4:05:bb:79:56:e5:56:bd:7c: 3f:e1:ab:83:d9:b1:97:b2:28:82:96:77:ba:df:16: 1c:6f:6d:16:de:a4:25:4d:e7:f6:50:bf:f2:1f:e2: 20:70:1e:56:a7:47:b5:aa:98:6d:de:84:f7:02:9e: fa:bb:21:2e:28:65:96:52:58:dc:c5:6b:95:41:4a: 4f:16:eb:76:25:eb:3e:29:73:1b:9f:51:8e:24:92: bd:f9:5e:5c:de:29:20:fd:02:b5:2f:8d:62:3c:f6: 5b:0d:20:71:60:0d:50:e8:cb:f1:3f:4e:3e:f0:06: 3b:34:e5:aa:1d:c0:f6:03:e8:f6:0d:e8:fb:fd:f8: a1:f7:a8:8c:ad:05:a3:24:5c:28:7a:5e:74:01:aa: d6:50:f6:b8:4a:94:61:05:66:73:d9:4d:27:54:b4: 90:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:9B:E6:01:16:CB:8D:8C:24:5B:7A:1E:CC:C4:F5:DB:21:B8:4F:30 X509v3 Authority Key Identifier: keyid:BE:C2:82:48:6F:37:E3:16:F1:7B:52:0B:45:52:87:BC:30:7F:89:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cf:54:96:3e:61:33:64:5b:c3:cc:86:7f:21:9e:04:68:14:f9: 5c:da:0c:3b:b6:9e:26:93:b0:a4:de:c8:0b:ef:e2:bc:21:52: f4:97:7e:3c:b7:8e:cb:cc:d0:ea:68:5f:12:09:61:8d:d6:a1: 86:f9:e7:85:11:6d:57:22:bc:3d:6b:2a:cc:71:ab:23:0e:ec: 94:cc:5c:e0:dd:e5:3f:3a:b6:3a:ff:c9:96:38:c7:b2:0f:fa: e2:33:c0:67:f3:76:e4:4a:ec:7a:3a:f4:23:28:3b:13:87:d4: 36:3c:70:49:bb:b0:69:6a:8e:0d:53:7d:ab:f6:be:8a:2c:92: 0c:08:88:2a:43:cf:64:93:16:c9:73:f5:01:eb:d9:7d:b8:37: ed:33:8b:e0:de:e1:06:29:86:5f:22:68:94:b0:4a:fe:f1:e0: f9:1a:79:1b:8c:53:e8:c8:9b:9c:c8:fb:3e:31:d8:35:fd:81: f0:1e:6d:64:bd:28:42:6c:08:99:0b:ba:0e:bb:cc:1f:66:56: 03:60:06:d8:24:1d:b1:af:3a:60:64:50:0e:49:93:82:fb:37: 85:0b:89:a6:e7:71:b5:23:b6:9c:ab:a6:48:b7:78:90:d5:e1: c4:38:e1:de:ee:e8:91:dc:bf:be:c6:01:82:3a:a1:ee:63:18: 3c:ac:47:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEE0NjkxMTAvBgNVBAUTKEJFQzI4MjQ4NkYzN0UzMTZGMTdCNTIwQjQ1NTI4N0JD MzA3Rjg5RTgwHhcNMjUwNTA5MDQ0NjU4WhcNMjUwNTE2MDQ0NjU4WjAYMRYwFAYD VQQDEw02ODFkODhjMi1mZmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZUFF00RU3ABmhr7njhiSDTecu2aXwi9c0+qCQvlsIDrMVWs++qu4jKMu70F K9HFi9K8ZNth5kD/DbvIHj7S9IsNntEmmlsj444E20YXjN5R9q0hYJ7EJQtamE/A tiXkBbt5VuVWvXw/4auD2bGXsiiClne63xYcb20W3qQlTef2UL/yH+IgcB5Wp0e1 qpht3oT3Ap76uyEuKGWWUljcxWuVQUpPFut2Jes+KXMbn1GOJJK9+V5c3ikg/QK1 L41iPPZbDSBxYA1Q6MvxP04+8AY7NOWqHcD2A+j2Dej7/fih96iMrQWjJFwoel50 AarWUPa4SpRhBWZz2U0nVLSQdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCGb5gEW y42MJFt6HszE9dshuE8wMB8GA1UdIwQYMBaAFL7CgkhvN+MW8XtSC0VSh7wwf4no MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTQ2OS9GNTg0MzhGRUY3 RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi92c0tDU0c4MzR4YnhlMUlMUlZLSHZEQl9p ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3ZzS0NTRzgzNHhieGUxSUxSVktIdkRCX2llZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTQ2OS9GNTg0MzhGRUY3RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi92c0tDU0c4MzR4 YnhlMUlMUlZLSHZEQl9pZWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDPVJY+YTNkW8PMhn8hngRoFPlc2gw7tp4mk7Ck3sgL7+K8IVL0l348 t47LzNDqaF8SCWGN1qGG+eeFEW1XIrw9ayrMcasjDuyUzFzg3eU/OrY6/8mWOMey D/riM8Bn83bkSux6OvQjKDsTh9Q2PHBJu7Bpao4NU32r9r6KLJIMCIgqQ89kkxbJ c/UB69l9uDftM4vg3uEGKYZfImiUsEr+8eD5GnkbjFPoyJucyPs+Mdg1/YHwHm1k vShCbAiZC7oOu8wfZlYDYAbYJB2xrzpgZFAOSZOC+zeFC4mm53G1I7acq6ZIt3iQ 1eHEOOHe7uiR3L++xgGCOqHuYxg8rEeU -----END CERTIFICATE-----Generated at Fri May 9 10:55:29 2025 by rpki-client