$ rpki-client -vvf rpki.apnic.net/member_repository/A919DC79/A63F93D627CE11EA8E407E5BC4F9AE02/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.mft File: ds0CHgwoHaX-ZNh4A1U4CIiaEWc.mft (raw, json) Hash identifier: W32pZt6pm8skH0aRMx2diWgvh2mcwA++3t2GJQiFPIA= Subject key identifier: 5F:70:D7:1F:5E:F7:84:C3:9C:C5:C0:12:F7:97:18:E7:91:0A:CA:2B Authority key identifier: 76:CD:02:1E:0C:28:1D:A5:FE:64:D8:78:03:55:38:08:88:9A:11:67 Certificate issuer: /CN=A919DC79/serialNumber=76CD021E0C281DA5FE64D87803553808889A1167 Certificate serial: 0B9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919DC79/A63F93D627CE11EA8E407E5BC4F9AE02/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.mft Manifest number: 0B8E Signing time: Sat 10 May 2025 18:48:24 +0000 Manifest this update: Sat 10 May 2025 18:48:23 +0000 Manifest next update: Sat 17 May 2025 18:48:23 +0000 Files and hashes: 1: ds0CHgwoHaX-ZNh4A1U4CIiaEWc.crl (hash: Vxyd2XI5K2uX5Oo/TFlBnC3Cd9cd8SVbcMBBAuxYkvw=) 2: FB5C375499DB11EBBC50C376C4F9AE02.roa (hash: 5Tmm0+rmyNGdrIMpYadnPDVCCaqTEqx1NCKBxNGJPGM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919DC79/A63F93D627CE11EA8E407E5BC4F9AE02/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.crl rsync://rpki.apnic.net/member_repository/A919DC79/A63F93D627CE11EA8E407E5BC4F9AE02/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 18:48:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2970 (0xb9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919DC79, serialNumber=76CD021E0C281DA5FE64D87803553808889A1167 Validity Not Before: May 10 18:48:23 2025 GMT Not After : May 17 18:48:23 2025 GMT Subject: CN=681f9f77-749b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:15:48:0b:89:ec:9d:81:0f:a8:18:24:ec:32: e8:ea:f4:a7:30:0b:6f:60:98:78:76:36:ef:56:96: 1e:f3:fd:6e:db:a1:7c:c7:2b:e7:de:e2:27:65:38: 34:92:ae:ac:30:66:10:8f:ba:fb:b7:f6:82:d8:bc: 06:66:51:04:1c:6e:d5:f2:32:c0:c7:6d:d8:66:4c: ca:29:3e:18:c5:0f:55:a8:d9:b1:ef:8a:f2:63:c1: 18:e9:d7:f0:7d:2d:90:23:d1:97:e9:36:0c:a0:23: 0c:ca:58:d2:ce:a0:1f:41:50:b9:33:ad:d8:19:91: cd:b6:91:18:90:48:2a:1f:7e:4d:ad:7e:0a:d8:3b: 77:e5:91:7d:f7:95:86:eb:62:40:d3:e3:82:33:67: ab:e1:4b:d8:9f:58:ad:07:af:d5:72:88:81:03:49: 78:f6:f0:70:8d:1c:66:63:83:08:36:04:1a:01:97: 7e:df:9d:94:21:43:89:f7:c6:9e:f5:aa:f4:79:09: 32:f7:0c:41:0c:3b:3f:2a:3a:db:a6:5d:4f:f5:36: 31:b0:0f:b8:34:ed:5a:83:03:46:01:86:a0:5f:3a: ee:08:de:08:9c:6a:97:ea:26:16:6f:db:2a:4f:9a: a8:66:49:7d:b0:7e:4a:af:62:bc:ab:61:9e:a2:39: 5c:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:70:D7:1F:5E:F7:84:C3:9C:C5:C0:12:F7:97:18:E7:91:0A:CA:2B X509v3 Authority Key Identifier: keyid:76:CD:02:1E:0C:28:1D:A5:FE:64:D8:78:03:55:38:08:88:9A:11:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919DC79/A63F93D627CE11EA8E407E5BC4F9AE02/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DC79/A63F93D627CE11EA8E407E5BC4F9AE02/ds0CHgwoHaX-ZNh4A1U4CIiaEWc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:a5:6c:03:2e:f3:0d:f7:0f:68:61:8c:2d:d8:e1:41:9c:55: b3:14:32:b9:68:23:d2:9e:07:14:2c:f7:63:59:6a:b7:3c:9f: bf:19:06:50:d5:f0:ac:ae:ed:40:bb:7b:52:64:ad:59:b4:b3: 1a:87:ab:b5:78:8a:22:7f:44:49:3d:ad:9b:d2:cc:9a:38:fa: be:bc:8a:54:8d:52:ed:5c:7b:bc:ae:e2:4c:d8:21:0a:f3:a8: aa:98:5c:5f:20:78:a0:81:17:d5:c1:51:f3:25:2c:e7:48:94: 70:a0:cf:c4:21:c8:18:8d:3d:dd:5a:69:e4:f6:3e:bf:98:c3: 09:6c:ee:2d:57:44:f5:77:7d:93:63:9a:0a:00:6c:e2:39:73: 10:f0:82:2b:98:6a:1e:da:25:53:4e:d5:49:d9:fe:0f:23:e5: e6:cf:a8:15:dc:60:93:01:77:53:ce:de:82:d5:f6:73:3f:c9: 24:23:5c:39:78:36:ed:8c:46:2a:58:b3:34:f6:b3:90:b6:80: 5d:76:cf:01:0b:a9:84:34:81:3b:73:0a:d0:a5:06:a8:71:9b: 82:38:a4:3d:ad:a1:2a:d6:e4:c3:6d:9a:f4:8c:56:47:0d:70: d4:46:1e:bc:89:e4:5e:9b:2d:db:d8:e9:09:f4:cf:3c:11:24: a7:d5:74:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OURDNzkxMTAvBgNVBAUTKDc2Q0QwMjFFMEMyODFEQTVGRTY0RDg3ODAzNTUzODA4 ODg5QTExNjcwHhcNMjUwNTEwMTg0ODIzWhcNMjUwNTE3MTg0ODIzWjAYMRYwFAYD VQQDEw02ODFmOWY3Ny03NDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxRVIC4nsnYEPqBgk7DLo6vSnMAtvYJh4djbvVpYe8/1u26F8xyvn3uInZTg0 kq6sMGYQj7r7t/aC2LwGZlEEHG7V8jLAx23YZkzKKT4YxQ9VqNmx74ryY8EY6dfw fS2QI9GX6TYMoCMMyljSzqAfQVC5M63YGZHNtpEYkEgqH35NrX4K2Dt35ZF995WG 62JA0+OCM2er4UvYn1itB6/VcoiBA0l49vBwjRxmY4MINgQaAZd+352UIUOJ98ae 9ar0eQky9wxBDDs/Kjrbpl1P9TYxsA+4NO1agwNGAYagXzruCN4InGqX6iYWb9sq T5qoZkl9sH5Kr2K8q2GeojlcvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF9w1x9e 94TDnMXAEveXGOeRCsorMB8GA1UdIwQYMBaAFHbNAh4MKB2l/mTYeANVOAiImhFn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REM3OS9BNjNGOTNENjI3 Q0UxMUVBOEU0MDdFNUJDNEY5QUUwMi9kczBDSGd3b0hhWC1aTmg0QTFVNENJaWFF V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RzMENIZ3dvSGFYLVpOaDRBMVU0Q0lpYUVXYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 REM3OS9BNjNGOTNENjI3Q0UxMUVBOEU0MDdFNUJDNEY5QUUwMi9kczBDSGd3b0hh WC1aTmg0QTFVNENJaWFFV2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKpWwDLvMN9w9oYYwt2OFBnFWzFDK5aCPSngcULPdjWWq3PJ+/GQZQ 1fCsru1Au3tSZK1ZtLMah6u1eIoif0RJPa2b0syaOPq+vIpUjVLtXHu8ruJM2CEK 86iqmFxfIHiggRfVwVHzJSznSJRwoM/EIcgYjT3dWmnk9j6/mMMJbO4tV0T1d32T Y5oKAGziOXMQ8IIrmGoe2iVTTtVJ2f4PI+Xmz6gV3GCTAXdTzt6C1fZzP8kkI1w5 eDbtjEYqWLM09rOQtoBdds8BC6mENIE7cwrQpQaocZuCOKQ9raEq1uTDbZr0jFZH DXDURh68ieRemy3b2OkJ9M88ESSn1XQO -----END CERTIFICATE-----Generated at Sun May 11 22:59:41 2025 by rpki-client