$ rpki-client -vvf rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft File: kI2z-bdG9SC7uahMhT9pJsFeub0.mft (raw, json) Hash identifier: sb+MWbzporcbttXn2sryNYcV2BSsq80f3aDnPLjbiXA= Subject key identifier: BD:9F:FD:2A:BA:88:4B:60:BE:65:CA:C6:0D:8A:45:7D:84:6E:50:D9 Authority key identifier: 90:8D:B3:F9:B7:46:F5:20:BB:B9:A8:4C:85:3F:69:26:C1:5E:B9:BD Certificate issuer: /CN=A919A909/serialNumber=908DB3F9B746F520BBB9A84C853F6926C15EB9BD Certificate serial: AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft Manifest number: AD Signing time: Sun 11 May 2025 04:52:01 +0000 Manifest this update: Sun 11 May 2025 04:52:00 +0000 Manifest next update: Sun 18 May 2025 04:52:00 +0000 Files and hashes: 1: kI2z-bdG9SC7uahMhT9pJsFeub0.crl (hash: xRUcoNx842dWzl5rTofR1iJAtKn0J7uyuXM18f8OsMs=) 2: 879152E62E4811EF929FE162C4F9AE02.roa (hash: 1IspOhl6gwbhdZvL5rloqYpEEE+IPoe5ali+fyL8EWw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.crl rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 04:52:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 175 (0xaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A909, serialNumber=908DB3F9B746F520BBB9A84C853F6926C15EB9BD Validity Not Before: May 11 04:52:00 2025 GMT Not After : May 18 04:52:00 2025 GMT Subject: CN=68202cf1-49e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:05:53:11:73:f8:dd:55:3a:fe:43:96:7a:b5: 4e:34:49:cf:2f:0d:1a:ac:8e:45:4a:3e:8b:e0:95: 9e:31:73:c8:47:ef:98:45:cd:eb:40:1e:96:1e:6f: 4f:d0:ac:51:69:04:3f:e1:01:f4:d0:a6:0e:14:33: 94:65:fe:45:83:dc:a7:cb:21:0c:b5:fd:c4:b8:68: d8:ed:76:d2:92:24:a6:4c:2a:a6:d2:d0:fe:9b:39: 98:09:0c:99:37:46:08:dd:5a:68:13:7b:7c:72:4b: 50:b0:c7:67:a9:15:6a:3c:f2:ed:28:f1:03:5b:d3: a6:08:88:c2:1e:db:5f:75:c1:e0:24:19:82:01:0a: e3:a1:58:1d:95:5f:4a:10:7e:f0:3c:78:eb:06:78: 93:de:3f:ff:7f:aa:69:ac:3d:85:d4:1c:77:ab:81: 37:7b:d4:a7:bb:c0:82:a3:a4:1b:06:8e:9d:c5:c5: 63:7e:a0:79:0b:1b:3d:d0:b2:91:be:3a:b2:e4:ac: 84:9a:3e:57:c1:d9:f8:fd:a5:09:1d:8a:a8:3d:24: f5:03:8c:09:ea:35:46:8f:47:8a:ce:da:30:00:ff: 8c:57:8d:53:3b:20:17:98:4e:b3:ed:b7:12:1f:00: 34:8b:1f:2c:2f:6a:c7:e9:30:9e:e5:f8:35:dd:b5: 3a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:9F:FD:2A:BA:88:4B:60:BE:65:CA:C6:0D:8A:45:7D:84:6E:50:D9 X509v3 Authority Key Identifier: keyid:90:8D:B3:F9:B7:46:F5:20:BB:B9:A8:4C:85:3F:69:26:C1:5E:B9:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:7d:71:4c:d0:71:74:6d:02:b1:0c:a4:a0:23:c0:55:29:19: 44:b8:6e:58:ad:6b:86:44:db:84:60:6c:57:7b:6d:1b:ea:46: 3a:30:a2:b1:c3:5e:45:3b:f7:ee:44:78:84:60:24:9b:ce:0e: 73:24:5c:71:69:d6:45:ec:35:12:44:aa:2e:d0:8b:2d:16:f6: f8:03:53:f2:a8:ae:81:e5:27:85:8f:f1:b6:15:d1:26:1d:e2: 60:7a:93:fa:9b:8f:09:dc:7f:62:09:b5:15:fa:f5:86:b5:93: d9:bc:ea:e4:79:03:bb:25:43:d0:4d:b6:82:3f:a7:8f:f0:04: 8d:c9:cd:63:10:d2:89:e5:d2:2e:3d:04:94:23:22:7e:a6:e0: b6:b9:c0:be:7a:be:bb:fa:bb:af:c2:2f:45:59:c7:2b:5e:85: 60:b7:37:21:c4:51:77:e1:74:89:31:fb:db:40:b0:ab:1e:62: ed:34:4b:2f:75:4a:f5:5d:2c:05:f0:be:59:da:8b:09:4a:22: 5c:47:36:fc:3d:4e:5e:e7:d2:89:7a:a6:23:b4:53:4f:47:ad: 07:ff:3d:7b:34:f5:c4:ca:f8:1f:96:fe:28:95:f3:27:4d:ee: 5c:4e:59:73:2c:c1:85:3e:05:d9:dd:d6:b4:6b:23:cc:df:25: 1c:8f:b5:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE5MDkxMTAvBgNVBAUTKDkwOERCM0Y5Qjc0NkY1MjBCQkI5QTg0Qzg1M0Y2OTI2 QzE1RUI5QkQwHhcNMjUwNTExMDQ1MjAwWhcNMjUwNTE4MDQ1MjAwWjAYMRYwFAYD VQQDEw02ODIwMmNmMS00OWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3AVTEXP43VU6/kOWerVONEnPLw0arI5FSj6L4JWeMXPIR++YRc3rQB6WHm9P 0KxRaQQ/4QH00KYOFDOUZf5Fg9ynyyEMtf3EuGjY7XbSkiSmTCqm0tD+mzmYCQyZ N0YI3VpoE3t8cktQsMdnqRVqPPLtKPEDW9OmCIjCHttfdcHgJBmCAQrjoVgdlV9K EH7wPHjrBniT3j//f6pprD2F1Bx3q4E3e9Snu8CCo6QbBo6dxcVjfqB5Cxs90LKR vjqy5KyEmj5Xwdn4/aUJHYqoPST1A4wJ6jVGj0eKztowAP+MV41TOyAXmE6z7bcS HwA0ix8sL2rH6TCe5fg13bU6ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2f/Sq6 iEtgvmXKxg2KRX2EblDZMB8GA1UdIwQYMBaAFJCNs/m3RvUgu7moTIU/aSbBXrm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTkwOS8yMDlFRERDRTJB MzMxMUVGQkU5QUE4NTlDNEY5QUUwMi9rSTJ6LWJkRzlTQzd1YWhNaFQ5cEpzRmV1 YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tJMnotYmRHOVNDN3VhaE1oVDlwSnNGZXViMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTkwOS8yMDlFRERDRTJBMzMxMUVGQkU5QUE4NTlDNEY5QUUwMi9rSTJ6LWJkRzlT Qzd1YWhNaFQ5cEpzRmV1YjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzfXFM0HF0bQKxDKSgI8BVKRlEuG5YrWuGRNuEYGxXe20b6kY6MKKx w15FO/fuRHiEYCSbzg5zJFxxadZF7DUSRKou0IstFvb4A1PyqK6B5SeFj/G2FdEm HeJgepP6m48J3H9iCbUV+vWGtZPZvOrkeQO7JUPQTbaCP6eP8ASNyc1jENKJ5dIu PQSUIyJ+puC2ucC+er67+ruvwi9FWccrXoVgtzchxFF34XSJMfvbQLCrHmLtNEsv dUr1XSwF8L5Z2osJSiJcRzb8PU5e59KJeqYjtFNPR60H/z17NPXEyvgflv4olfMn Te5cTllzLMGFPgXZ3da0ayPM3yUcj7WC -----END CERTIFICATE-----Generated at Sun May 11 16:37:43 2025 by rpki-client