$ rpki-client -vvf rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft File: 4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft (raw, json) Hash identifier: 9QL+lMQO5+mX3VZvh1raKbibxt0bxEE2BChKIUs/csw= Subject key identifier: C9:3D:AE:B1:2C:76:E1:42:45:F2:F3:26:04:E7:02:60:06:B5:65:FE Authority key identifier: E0:CA:AD:17:C0:68:D8:60:2B:CC:EB:46:7B:45:55:10:BC:52:39:0E Certificate issuer: /CN=A9118799/serialNumber=E0CAAD17C068D8602BCCEB467B455510BC52390E Certificate serial: 1920 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft Manifest number: 1911 Signing time: Thu 24 Apr 2025 16:26:42 +0000 Manifest this update: Thu 24 Apr 2025 16:26:42 +0000 Manifest next update: Thu 01 May 2025 16:26:42 +0000 Files and hashes: 1: 4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl (hash: OWjZOSdsJuNwgWr/eeBhPDJ9NdBTHPqOIIp4vGWAjF8=) 2: 99AB821E859C11E7A1FEC80AC4F9AE02.roa (hash: P4Ek16t0ZEw/MnJDtAJSlLMC0jHATAWAbBg4OWQTq78=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:26:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6432 (0x1920) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118799, serialNumber=E0CAAD17C068D8602BCCEB467B455510BC52390E Validity Not Before: Apr 24 16:26:42 2025 GMT Not After : May 1 16:26:42 2025 GMT Subject: CN=680a6642-02e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:09:1e:6e:96:3b:27:15:8f:91:76:fd:d5:f2: a6:78:7f:a9:23:17:65:e7:49:25:d5:88:3a:49:ca: 79:ef:a6:89:45:d2:48:67:f9:b0:ba:29:fb:6a:06: 54:ea:a3:49:28:2d:71:d5:3f:dd:fe:43:1d:a4:b7: fe:66:ee:68:42:47:60:88:c3:10:f2:e3:c8:23:35: d7:42:c8:3a:37:62:fd:a2:2b:74:51:b4:54:74:48: eb:c6:1a:22:a4:4c:39:45:6c:3c:42:42:bd:4d:ff: 63:46:44:cd:b0:02:d4:2c:66:30:eb:ab:93:5d:b0: 93:2f:8e:5c:87:7a:d5:5f:19:3b:28:15:a0:09:4d: f4:98:7f:fc:51:1a:6b:96:bc:cb:6c:5e:68:a4:8b: df:bc:db:48:0a:35:c4:70:5d:53:9a:c0:99:59:cd: d4:67:76:f6:4c:56:17:53:2b:47:52:84:db:a4:ed: f7:cc:39:6c:be:26:f3:ef:48:70:15:a7:2d:4b:12: 69:d5:d2:fd:a9:db:50:24:e7:20:ab:47:c6:8d:d9: d0:c7:38:c2:57:38:8d:7c:45:c6:76:2e:b9:7f:47: cd:22:5b:6c:1f:2a:e6:ad:db:48:d5:1b:2a:94:c5: 83:59:bc:64:e1:c5:83:fc:35:6e:af:a2:af:db:2a: 33:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:3D:AE:B1:2C:76:E1:42:45:F2:F3:26:04:E7:02:60:06:B5:65:FE X509v3 Authority Key Identifier: keyid:E0:CA:AD:17:C0:68:D8:60:2B:CC:EB:46:7B:45:55:10:BC:52:39:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:37:af:cb:98:36:49:e2:bf:9a:0e:07:a4:68:b2:ea:43:04: e3:6c:ae:15:dc:3e:ea:ab:fc:7b:4c:e4:fc:96:8a:81:d9:2d: 80:5d:89:c6:ef:04:0d:e5:6f:12:fc:73:8f:73:48:9b:4f:03: e8:c1:98:3b:c2:f6:be:54:28:cb:ec:d3:14:6b:c2:9b:eb:54: 22:fd:8b:32:40:34:8a:ca:a2:9d:77:41:43:5d:fd:6b:77:89: 39:2f:c4:dd:6a:ee:8a:ad:75:49:d1:e4:64:11:73:5b:0a:d0: e4:1e:29:76:ef:b3:d1:6b:a6:c1:3a:d6:ae:57:13:83:b0:e4: fb:7b:3a:c3:5e:aa:e7:f4:8e:d0:50:85:bf:70:7d:80:95:18: 4d:b8:d9:bf:cd:4c:ba:d5:62:48:a2:4c:88:65:65:ed:2e:e5: 14:2f:8b:52:73:c1:d1:ed:78:97:9b:e7:11:b2:25:56:37:af: b3:85:6c:84:9e:fc:56:e1:d2:89:00:8d:bc:c1:87:20:2a:3b: 9f:d7:e1:99:ef:68:64:c3:fa:69:32:82:90:b4:f8:77:40:e8: ea:5f:53:e2:4b:95:25:74:c5:3c:71:f8:df:0f:ba:d6:60:2f: b5:08:46:3e:35:47:bb:a2:ec:f8:91:73:38:f7:b0:ae:47:1e: 07:c2:c3:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTg3OTkxMTAvBgNVBAUTKEUwQ0FBRDE3QzA2OEQ4NjAyQkNDRUI0NjdCNDU1NTEw QkM1MjM5MEUwHhcNMjUwNDI0MTYyNjQyWhcNMjUwNTAxMTYyNjQyWjAYMRYwFAYD VQQDEw02ODBhNjY0Mi0wMmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvQkebpY7JxWPkXb91fKmeH+pIxdl50kl1Yg6Scp576aJRdJIZ/mwuin7agZU 6qNJKC1x1T/d/kMdpLf+Zu5oQkdgiMMQ8uPIIzXXQsg6N2L9oit0UbRUdEjrxhoi pEw5RWw8QkK9Tf9jRkTNsALULGYw66uTXbCTL45ch3rVXxk7KBWgCU30mH/8URpr lrzLbF5opIvfvNtICjXEcF1TmsCZWc3UZ3b2TFYXUytHUoTbpO33zDlsvibz70hw FactSxJp1dL9qdtQJOcgq0fGjdnQxzjCVziNfEXGdi65f0fNIltsHyrmrdtI1Rsq lMWDWbxk4cWD/DVur6Kv2yozpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMk9rrEs duFCRfLzJgTnAmAGtWX+MB8GA1UdIwQYMBaAFODKrRfAaNhgK8zrRntFVRC8UjkO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODc5OS8zMjg3QkZBMjdF QzcxMUU3ODgzRTJFNThDNEY5QUUwMi80TXF0RjhCbzJHQXJ6T3RHZTBWVkVMeFNP UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRNcXRGOEJvMkdBcnpPdEdlMFZWRUx4U09RNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODc5OS8zMjg3QkZBMjdFQzcxMUU3ODgzRTJFNThDNEY5QUUwMi80TXF0RjhCbzJH QXJ6T3RHZTBWVkVMeFNPUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxN6/LmDZJ4r+aDgekaLLqQwTjbK4V3D7qq/x7TOT8loqB2S2AXYnG 7wQN5W8S/HOPc0ibTwPowZg7wva+VCjL7NMUa8Kb61Qi/YsyQDSKyqKdd0FDXf1r d4k5L8Tdau6KrXVJ0eRkEXNbCtDkHil277PRa6bBOtauVxODsOT7ezrDXqrn9I7Q UIW/cH2AlRhNuNm/zUy61WJIokyIZWXtLuUUL4tSc8HR7XiXm+cRsiVWN6+zhWyE nvxW4dKJAI28wYcgKjuf1+GZ72hkw/ppMoKQtPh3QOjqX1PiS5UldMU8cfjfD7rW YC+1CEY+NUe7ouz4kXM497CuRx4HwsNm -----END CERTIFICATE-----Generated at Sat Apr 26 04:29:41 2025 by rpki-client