$ rpki-client -vvf rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.mft File: 489F-AUQY7vbMX_dFREyqUAE_Vs.mft (raw, json) Hash identifier: aRLHd4y96IKqshkdbRJzKWT8/YypR+PoXOWADeM31WE= Subject key identifier: 92:DE:14:1D:45:6E:DF:8C:D6:97:0A:77:2E:50:C3:A4:E7:28:32:03 Authority key identifier: E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B Certificate issuer: /CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B Certificate serial: 02D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.mft Manifest number: 02BE Signing time: Sun 11 May 2025 01:01:48 +0000 Manifest this update: Sun 11 May 2025 01:01:48 +0000 Manifest next update: Sun 18 May 2025 01:01:48 +0000 Files and hashes: 1: 489F-AUQY7vbMX_dFREyqUAE_Vs.crl (hash: LUStFH+jNmu0gDv5QRvTZ4eTXEOV2sut+YVrpifMIWs=) 2: 920E981CCAAA11ED8371524CC4F9AE02.roa (hash: 53m8lgTS9MVUv1Vw8PSfBdAvCrqd3v5hMo0nMfwS2c0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.crl rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 01:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 725 (0x2d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197202, serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B Validity Not Before: May 11 01:01:48 2025 GMT Not After : May 18 01:01:48 2025 GMT Subject: CN=681ff6fc-3867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4b:d2:ee:23:9b:bb:1a:40:4f:58:b2:e8:7f: a9:d1:3b:c1:e8:8b:ec:74:64:47:d7:5d:bc:cd:2f: 1e:40:2c:01:f7:87:1f:7b:c2:c3:c1:c6:ec:c3:39: 76:54:94:04:b4:99:83:eb:fa:db:bf:0f:c7:d8:3b: 82:1c:f8:21:b1:71:da:82:67:df:82:ff:a4:7d:b8: ec:d9:17:76:a4:19:fa:14:08:ee:6b:74:64:05:1a: 60:c0:2b:45:a6:84:ef:c5:d2:3f:11:d8:f1:96:26: 77:33:60:50:83:27:d1:02:e4:fe:eb:7a:e0:c1:22: b8:4f:39:1b:62:c3:ee:ff:6f:e5:cc:65:89:40:27: e5:8c:04:2d:d4:a9:6f:0c:50:96:7e:d3:a3:13:67: bc:4e:52:6e:96:21:76:cf:32:2e:95:34:78:27:aa: 37:c1:53:1c:dc:e9:e7:92:b8:11:df:74:fe:a3:54: 69:12:c6:4f:23:eb:17:da:33:a7:c7:3a:7f:11:9b: cd:ea:40:4f:ba:a3:dc:7f:f6:98:f9:ac:93:d6:8e: 19:b7:f2:a4:0f:74:49:ba:60:5e:c7:bb:4f:eb:e2: f1:bc:40:b3:12:7b:65:47:2b:97:db:80:17:0f:59: 98:70:99:5c:5b:d4:20:9d:f2:ba:23:1f:ec:45:ab: 9a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:DE:14:1D:45:6E:DF:8C:D6:97:0A:77:2E:50:C3:A4:E7:28:32:03 X509v3 Authority Key Identifier: keyid:E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:42:eb:ad:c3:70:e6:1c:0e:9a:7c:2a:42:b6:a0:58:c4:04: d5:c2:dd:c0:eb:c6:c0:ac:a4:3a:bd:07:27:9d:9b:88:a1:09: b9:31:38:2e:e2:17:3f:9f:bf:fc:11:9d:e0:7a:b5:da:c0:68: 36:86:47:47:a0:7f:dd:7e:28:ca:5c:70:4f:a6:ad:0e:d0:60: 59:34:1b:ea:18:8e:f8:07:b2:20:39:f4:9a:57:ac:b4:47:e7: 32:6f:78:ca:d4:5c:44:da:cb:f3:31:fa:db:5a:df:e9:d3:84: 89:c2:7b:c5:dc:d6:be:42:1d:91:7b:38:70:88:d7:3a:3f:19: 42:93:2a:25:70:26:d5:16:83:6e:e4:10:19:1c:b3:cd:a5:65: c9:6f:b4:54:35:df:77:10:6b:e9:23:41:2c:34:42:b4:a0:88: 3c:e1:b5:15:9d:6c:24:1d:93:a2:c2:03:c5:a8:03:cd:04:2a: 4b:48:3c:cc:be:e2:03:d6:3c:33:7b:da:7f:8c:a7:be:8e:9b: 7c:c9:b3:f7:70:ef:1c:43:42:e9:99:e8:a4:f7:d8:f1:11:91: 50:1a:28:5e:17:52:0b:eb:a1:e9:b7:72:2f:45:fa:21:07:21: e1:85:52:c9:4d:85:d3:ee:a3:dc:88:2f:a4:d8:0c:6a:cd:fe: 82:7b:0b:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTcyMDIxMTAvBgNVBAUTKEUzQ0Y0NUY4MDUxMDYzQkJEQjMxN0ZERDE1MTEzMkE5 NDAwNEZENUIwHhcNMjUwNTExMDEwMTQ4WhcNMjUwNTE4MDEwMTQ4WjAYMRYwFAYD VQQDEw02ODFmZjZmYy0zODY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA00vS7iObuxpAT1iy6H+p0TvB6IvsdGRH1128zS8eQCwB94cfe8LDwcbswzl2 VJQEtJmD6/rbvw/H2DuCHPghsXHagmffgv+kfbjs2Rd2pBn6FAjua3RkBRpgwCtF poTvxdI/EdjxliZ3M2BQgyfRAuT+63rgwSK4TzkbYsPu/2/lzGWJQCfljAQt1Klv DFCWftOjE2e8TlJuliF2zzIulTR4J6o3wVMc3OnnkrgR33T+o1RpEsZPI+sX2jOn xzp/EZvN6kBPuqPcf/aY+ayT1o4Zt/KkD3RJumBex7tP6+LxvECzEntlRyuX24AX D1mYcJlcW9QgnfK6Ix/sRauarwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJLeFB1F bt+M1pcKdy5Qw6TnKDIDMB8GA1UdIwQYMBaAFOPPRfgFEGO72zF/3RURMqlABP1b MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIwMi8wQUZFQ0E3MEY3 MDgxMUVDOTg0OUYzNUVDNEY5QUUwMi80ODlGLUFVUVk3dmJNWF9kRlJFeXFVQUVf VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ4OUYtQVVRWTd2Yk1YX2RGUkV5cVVBRV9Wcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzIwMi8wQUZFQ0E3MEY3MDgxMUVDOTg0OUYzNUVDNEY5QUUwMi80ODlGLUFVUVk3 dmJNWF9kRlJFeXFVQUVfVnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWQuutw3DmHA6afCpCtqBYxATVwt3A68bArKQ6vQcnnZuIoQm5MTgu 4hc/n7/8EZ3gerXawGg2hkdHoH/dfijKXHBPpq0O0GBZNBvqGI74B7IgOfSaV6y0 R+cyb3jK1FxE2svzMfrbWt/p04SJwnvF3Na+Qh2RezhwiNc6PxlCkyolcCbVFoNu 5BAZHLPNpWXJb7RUNd93EGvpI0EsNEK0oIg84bUVnWwkHZOiwgPFqAPNBCpLSDzM vuID1jwze9p/jKe+jpt8ybP3cO8cQ0Lpmeik99jxEZFQGiheF1IL66Hpt3IvRfoh ByHhhVLJTYXT7qPciC+k2Axqzf6Cewsd -----END CERTIFICATE-----Generated at Mon May 12 22:07:12 2025 by rpki-client