$ rpki-client -vvf rpki.apnic.net/member_repository/A911A108/F958FC4A6C0011EEB98B430EC4F9AE02/ao09a_bbD13jJOQgxXOwqRhDx5Q.mft File: ao09a_bbD13jJOQgxXOwqRhDx5Q.mft (raw, json) Hash identifier: 0MeH5IOmqoxK1VHHQdT6l9vMdgyigwbXsvIl6IGOlfU= Subject key identifier: BE:DE:3B:E2:73:E1:B2:75:44:DB:B5:EE:1E:AA:47:D3:EC:F4:04:44 Authority key identifier: 6A:8D:3D:6B:F6:DB:0F:5D:E3:24:E4:20:C5:73:B0:A9:18:43:C7:94 Certificate issuer: /CN=A911A108/serialNumber=6A8D3D6BF6DB0F5DE324E420C573B0A91843C794 Certificate serial: 0124 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ao09a_bbD13jJOQgxXOwqRhDx5Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911A108/F958FC4A6C0011EEB98B430EC4F9AE02/ao09a_bbD13jJOQgxXOwqRhDx5Q.mft Manifest number: 0121 Signing time: Fri 25 Apr 2025 03:49:02 +0000 Manifest this update: Fri 25 Apr 2025 03:49:02 +0000 Manifest next update: Fri 02 May 2025 03:49:02 +0000 Files and hashes: 1: ao09a_bbD13jJOQgxXOwqRhDx5Q.crl (hash: ED3q+INFdhJMxcA7PPOkxnZIGMryv0+azV+9VMsw660=) 2: 2152B7B06C0411EEBC1AA814C4F9AE02.roa (hash: uM3aIpNluGtsYzZphAI84X+sXAAc8YbQ0FM++FIKSB0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911A108/F958FC4A6C0011EEB98B430EC4F9AE02/ao09a_bbD13jJOQgxXOwqRhDx5Q.crl rsync://rpki.apnic.net/member_repository/A911A108/F958FC4A6C0011EEB98B430EC4F9AE02/ao09a_bbD13jJOQgxXOwqRhDx5Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ao09a_bbD13jJOQgxXOwqRhDx5Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:49:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 292 (0x124) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911A108, serialNumber=6A8D3D6BF6DB0F5DE324E420C573B0A91843C794 Validity Not Before: Apr 25 03:49:02 2025 GMT Not After : May 2 03:49:02 2025 GMT Subject: CN=680b062e-cdc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:73:b9:91:d6:55:5f:61:7f:72:11:c7:95:d6: 94:40:1e:8b:34:77:46:80:45:41:bf:20:20:ec:f0: 35:f9:37:88:84:3e:2a:d3:1f:64:3b:32:5d:74:2c: 45:6d:94:59:78:13:86:32:91:a7:09:90:9a:08:6c: 52:b0:37:3e:c0:a6:69:19:bc:9c:0e:3b:b1:4a:36: 8c:2c:23:8f:3e:a2:a5:4a:ac:7a:d9:54:2d:31:f5: cd:c9:40:2b:46:f5:69:48:ad:91:7d:d6:e0:60:ce: 4c:6a:b7:19:43:9f:77:96:d1:4d:60:c9:7d:0b:bd: f1:b5:29:40:5d:5a:b3:5f:ca:a9:28:93:27:0d:f1: f3:aa:65:48:1f:41:e8:47:72:a5:7f:68:31:4f:8f: 47:ae:84:4d:d1:64:aa:dd:71:a7:ba:d3:56:35:25: c3:c4:eb:b9:65:45:f6:7c:96:75:1b:30:3a:a8:98: 4b:81:87:53:4c:1a:8d:64:6c:96:2a:39:68:d8:e6: d4:1c:39:5b:a8:42:a1:90:b9:8e:26:b9:42:14:d4: a6:7f:7b:c4:17:98:5c:56:f1:36:bf:59:93:76:ef: 1c:41:e4:bb:a3:65:34:d6:f1:5e:2f:45:10:9f:9c: 28:c2:4d:f5:07:a0:52:8f:c2:13:03:89:9e:77:37: 0e:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:DE:3B:E2:73:E1:B2:75:44:DB:B5:EE:1E:AA:47:D3:EC:F4:04:44 X509v3 Authority Key Identifier: keyid:6A:8D:3D:6B:F6:DB:0F:5D:E3:24:E4:20:C5:73:B0:A9:18:43:C7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911A108/F958FC4A6C0011EEB98B430EC4F9AE02/ao09a_bbD13jJOQgxXOwqRhDx5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ao09a_bbD13jJOQgxXOwqRhDx5Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A108/F958FC4A6C0011EEB98B430EC4F9AE02/ao09a_bbD13jJOQgxXOwqRhDx5Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:2e:f1:7e:59:4f:8f:7b:3f:e5:4d:50:19:57:94:aa:84:ba: f4:e7:36:cf:31:a2:c8:a2:8c:4f:4b:18:d2:75:b2:d7:6a:02: cc:e3:5b:ec:ea:6c:b8:85:3b:b9:d0:fb:b4:c7:53:b2:91:e4: 52:72:e7:94:6e:41:d0:b8:1d:c6:3f:9a:b5:f7:01:d3:d3:6f: 41:1c:de:a0:a3:bd:f3:81:66:9c:b9:b6:96:70:6a:4e:b0:63: 7c:f3:2b:3b:d5:3f:6c:b1:d7:fa:51:95:14:13:46:21:92:18: 9c:fb:52:89:a8:2c:9e:aa:8d:4e:c5:0c:f3:0f:c7:4a:df:74: 35:13:19:11:36:aa:07:7b:45:5e:f5:87:f4:35:17:c8:24:16: c9:19:43:87:bc:7a:3c:1f:11:fc:3f:eb:4d:f0:e0:5a:2f:94: ff:7c:90:93:b7:6b:23:c4:87:c8:10:dc:b6:d3:d6:82:51:6d: 18:40:c4:10:85:81:1f:fb:c4:0b:21:49:c0:f2:d3:70:21:ae: cc:ed:ae:5e:1a:af:ce:0a:7e:f1:15:eb:6e:d1:8e:5b:02:58: 1c:a7:e7:2a:65:b8:03:56:ef:58:c3:9e:33:f7:0a:5d:1d:b2: 1a:97:80:86:42:d4:ef:96:a4:de:14:30:df:e5:a5:3a:af:92: 2d:24:b3:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUExMDgxMTAvBgNVBAUTKDZBOEQzRDZCRjZEQjBGNURFMzI0RTQyMEM1NzNCMEE5 MTg0M0M3OTQwHhcNMjUwNDI1MDM0OTAyWhcNMjUwNTAyMDM0OTAyWjAYMRYwFAYD VQQDEw02ODBiMDYyZS1jZGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArnO5kdZVX2F/chHHldaUQB6LNHdGgEVBvyAg7PA1+TeIhD4q0x9kOzJddCxF bZRZeBOGMpGnCZCaCGxSsDc+wKZpGbycDjuxSjaMLCOPPqKlSqx62VQtMfXNyUAr RvVpSK2RfdbgYM5MarcZQ593ltFNYMl9C73xtSlAXVqzX8qpKJMnDfHzqmVIH0Ho R3Klf2gxT49HroRN0WSq3XGnutNWNSXDxOu5ZUX2fJZ1GzA6qJhLgYdTTBqNZGyW Kjlo2ObUHDlbqEKhkLmOJrlCFNSmf3vEF5hcVvE2v1mTdu8cQeS7o2U01vFeL0UQ n5wowk31B6BSj8ITA4medzcOQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL7eO+Jz 4bJ1RNu17h6qR9Ps9AREMB8GA1UdIwQYMBaAFGqNPWv22w9d4yTkIMVzsKkYQ8eU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQTEwOC9GOTU4RkM0QTZD MDAxMUVFQjk4QjQzMEVDNEY5QUUwMi9hbzA5YV9iYkQxM2pKT1FneFhPd3FSaER4 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FvMDlhX2JiRDEzakpPUWd4WE93cVJoRHg1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QTEwOC9GOTU4RkM0QTZDMDAxMUVFQjk4QjQzMEVDNEY5QUUwMi9hbzA5YV9iYkQx M2pKT1FneFhPd3FSaER4NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhLvF+WU+Pez/lTVAZV5SqhLr05zbPMaLIooxPSxjSdbLXagLM41vs 6my4hTu50Pu0x1OykeRScueUbkHQuB3GP5q19wHT029BHN6go73zgWacubaWcGpO sGN88ys71T9ssdf6UZUUE0Yhkhic+1KJqCyeqo1OxQzzD8dK33Q1ExkRNqoHe0Ve 9Yf0NRfIJBbJGUOHvHo8HxH8P+tN8OBaL5T/fJCTt2sjxIfIENy209aCUW0YQMQQ hYEf+8QLIUnA8tNwIa7M7a5eGq/OCn7xFetu0Y5bAlgcp+cqZbgDVu9Yw54z9wpd HbIal4CGQtTvlqTeFDDf5aU6r5ItJLOm -----END CERTIFICATE-----Generated at Sat Apr 26 12:24:23 2025 by rpki-client