$ rpki-client -vvf rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft File: r0YdV6kKM1svp3p6rsFnNJVJI7E.mft (raw, json) Hash identifier: I0xnF4ekv8JlhJQA2WZQqjtEiU1LVtSJ+qFeIuY+Z6c= Subject key identifier: C6:35:CE:24:D0:1E:B8:91:84:17:F2:D6:6C:6E:C9:01:A6:62:6A:25 Authority key identifier: AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1 Certificate issuer: /CN=A9114EF6/serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1 Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft Manifest number: 43 Signing time: Fri 25 Apr 2025 06:34:09 +0000 Manifest this update: Fri 25 Apr 2025 06:34:09 +0000 Manifest next update: Fri 02 May 2025 06:34:09 +0000 Files and hashes: 1: r0YdV6kKM1svp3p6rsFnNJVJI7E.crl (hash: hYjfq0bQwIgy47Z7zJuYJcevHC99pe7ym+ZLIqWA52o=) 2: 7EF2846AD16911EF9ECCE01FC4F9AE02.roa (hash: rKGqZf7K9QKHRBXlpgZth78K2mjkrDt+mwCvAfFIYLc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.crl rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:34:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9114EF6, serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1 Validity Not Before: Apr 25 06:34:09 2025 GMT Not After : May 2 06:34:09 2025 GMT Subject: CN=680b2ce1-dea2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ed:29:25:6c:f3:06:6e:6c:6d:53:3f:7e:2f: 43:3d:05:57:a1:1a:c6:d9:4f:2f:9a:ee:b3:dd:1a: 30:dc:4d:72:78:69:c0:bd:fa:73:e2:14:7f:7c:e3: 0e:9f:0b:19:9e:b8:80:d8:48:9a:c0:81:53:e9:69: 77:f3:e7:f7:c4:18:bb:9b:c1:3c:9d:09:96:fe:e4: d1:26:30:73:01:71:49:e2:0d:eb:b8:21:1b:a9:17: 11:d9:61:19:ad:28:49:10:b4:56:2e:6a:01:9b:86: 5d:f7:05:50:2f:07:86:50:01:35:94:2c:6f:2a:df: 2e:73:57:cb:a0:d7:d9:64:12:b8:13:7f:1a:2d:5b: 1a:4b:69:a2:d8:18:c9:29:4b:4a:d5:57:a2:18:a6: 18:51:ee:2f:a7:69:21:74:59:0f:e1:c1:01:a6:55: bd:46:ef:d1:3b:68:36:0f:30:d1:44:c2:f1:c2:3c: ed:c6:56:39:10:16:ae:73:01:21:de:71:c5:43:6e: 3d:5a:b7:a1:99:71:d8:0b:bd:94:1f:d1:8a:6f:53: a5:d7:dd:40:de:42:ee:43:b2:fe:f2:e4:16:06:72: f0:c0:c0:54:59:dc:27:ae:55:b3:94:2d:85:74:3e: 40:7c:6b:4a:01:e5:2e:61:52:07:cd:3e:93:a5:83: 87:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:35:CE:24:D0:1E:B8:91:84:17:F2:D6:6C:6E:C9:01:A6:62:6A:25 X509v3 Authority Key Identifier: keyid:AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:4d:58:1a:6a:16:0a:ec:2d:9e:fc:e6:4a:5a:c3:7a:71:b5: dc:0a:a4:02:33:8f:51:69:79:fe:43:8e:8a:be:62:c4:f9:3e: a9:d9:c1:20:b5:fc:0b:bf:86:df:b2:2e:26:1f:89:7d:90:36: db:98:18:ed:ec:8a:52:e9:3e:a2:3b:81:44:ce:b1:7f:89:4d: 0a:5e:57:2b:56:e9:85:e6:0c:be:a9:5c:45:2d:2d:0e:08:89: 2b:a8:84:38:07:2c:83:43:13:1c:28:66:b7:8e:28:ef:35:66: dc:7e:54:dd:b5:f6:58:d0:6e:0a:b0:4d:e8:5f:26:1c:4c:b3: 92:c3:04:d8:1a:93:85:e2:49:e0:56:ee:5b:9a:20:b1:3c:6c: 27:0e:95:7c:fa:f1:ab:7b:80:ba:51:c7:f6:2c:66:a9:9b:83: 07:39:1f:55:ef:b1:b9:30:85:b3:2d:5c:2d:99:65:44:cc:a6: fd:83:d2:6c:df:00:18:1e:df:1e:68:dd:95:12:8a:7b:fb:0b: 5a:fa:59:a7:dc:53:e4:b2:c3:42:97:ff:78:12:97:92:09:7f: e1:b3:31:f2:81:52:50:8e:bd:52:c1:72:d1:54:99:67:e0:a0: 1e:9c:df:78:56:e4:99:f5:91:ff:88:94:5f:e3:48:61:48:4c: fe:49:a0:49 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx NEVGNjExMC8GA1UEBRMoQUY0NjFENTdBOTBBMzM1QjJGQTc3QTdBQUVDMTY3MzQ5 NTQ5MjNCMTAeFw0yNTA0MjUwNjM0MDlaFw0yNTA1MDIwNjM0MDlaMBgxFjAUBgNV BAMTDTY4MGIyY2UxLWRlYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC97SklbPMGbmxtUz9+L0M9BVehGsbZTy+a7rPdGjDcTXJ4acC9+nPiFH984w6f CxmeuIDYSJrAgVPpaXfz5/fEGLubwTydCZb+5NEmMHMBcUniDeu4IRupFxHZYRmt KEkQtFYuagGbhl33BVAvB4ZQATWULG8q3y5zV8ug19lkErgTfxotWxpLaaLYGMkp S0rVV6IYphhR7i+naSF0WQ/hwQGmVb1G79E7aDYPMNFEwvHCPO3GVjkQFq5zASHe ccVDbj1at6GZcdgLvZQf0YpvU6XX3UDeQu5Dsv7y5BYGcvDAwFRZ3CeuVbOULYV0 PkB8a0oB5S5hUgfNPpOlg4edAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxjXOJNAe uJGEF/LWbG7JAaZiaiUwHwYDVR0jBBgwFoAUr0YdV6kKM1svp3p6rsFnNJVJI7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0RUY2LzhEQUUwNUEwRDBE NDExRUZCQ0Q1MTIzRUM0RjlBRTAyL3IwWWRWNmtLTTFzdnAzcDZyc0ZuTkpWSkk3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcjBZZFY2a0tNMXN2cDNwNnJzRm5OSlZKSTdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0 RUY2LzhEQUUwNUEwRDBENDExRUZCQ0Q1MTIzRUM0RjlBRTAyL3IwWWRWNmtLTTFz dnAzcDZyc0ZuTkpWSkk3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC9NWBpqFgrsLZ785kpaw3pxtdwKpAIzj1Fpef5Djoq+YsT5PqnZwSC1 /Au/ht+yLiYfiX2QNtuYGO3silLpPqI7gUTOsX+JTQpeVytW6YXmDL6pXEUtLQ4I iSuohDgHLINDExwoZreOKO81Ztx+VN219ljQbgqwTehfJhxMs5LDBNgak4XiSeBW 7luaILE8bCcOlXz68at7gLpRx/YsZqmbgwc5H1XvsbkwhbMtXC2ZZUTMpv2D0mzf ABge3x5o3ZUSinv7C1r6WafcU+Syw0KX/3gSl5IJf+GzMfKBUlCOvVLBctFUmWfg oB6c33hW5Jn1kf+IlF/jSGFITP5JoEk= -----END CERTIFICATE-----Generated at Sat Apr 26 14:10:25 2025 by rpki-client