$ rpki-client -vvf rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft File: d2KqgncCDQu1x1mX3l99ilFC3xQ.mft (raw, json) Hash identifier: vn3Dr15BgDdQ9iZJ/ZnM/tu20R9vbAhAk+o42E2UdCs= Subject key identifier: 5D:51:2C:22:D0:EC:99:AC:22:25:33:CF:E9:CF:64:1D:63:6B:E3:D6 Authority key identifier: 77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 Certificate issuer: /CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Certificate serial: 1382 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft Manifest number: 136C Signing time: Thu 24 Apr 2025 17:00:56 +0000 Manifest this update: Thu 24 Apr 2025 17:00:55 +0000 Manifest next update: Thu 01 May 2025 17:00:55 +0000 Files and hashes: 1: d2KqgncCDQu1x1mX3l99ilFC3xQ.crl (hash: ForcsIcv8pQ0V//SqolG5IkCCI8tnAox4AR/nr5/LoI=) 2: 4338FC5CFB5611EBB7032080C4F9AE02.roa (hash: jXq2yfYI+6Vq13ZwndDj/+d34MA8vN7mKixhRF47lwg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4994 (0x1382) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911FAC3, serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Validity Not Before: Apr 24 17:00:55 2025 GMT Not After : May 1 17:00:55 2025 GMT Subject: CN=680a6e47-8ee0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4f:4c:42:15:69:13:50:0f:9c:64:e9:95:fd: a4:36:79:1c:88:4f:af:34:4a:2e:21:9d:60:01:4f: bd:64:be:b6:f3:f2:2e:79:b6:62:43:a8:0b:27:8f: 81:b0:07:53:bc:69:57:8c:a6:29:23:c3:36:9d:05: 86:64:d1:51:6c:04:92:4f:53:9b:2c:d8:93:f4:94: 82:71:fb:40:4f:a6:ac:2e:4e:c8:1b:df:63:16:e0: af:90:33:83:38:17:cc:ad:68:b2:02:bc:9f:70:a7: c2:b5:3c:af:ab:21:d0:b9:28:e9:46:3f:36:31:59: 09:32:fa:b3:3b:a0:25:10:7a:21:96:0d:c8:08:7a: 17:20:02:4d:a8:4a:46:9a:06:ce:4c:a0:65:07:ea: f9:f8:5f:1f:ee:47:5d:50:ec:ed:a2:09:f4:d3:85: e9:91:65:eb:0c:b7:27:60:f8:0c:d8:4a:36:5b:66: 6e:3c:32:63:e7:cc:60:91:06:1f:f8:f2:de:22:4b: 09:6c:b4:d9:4b:9f:bb:5c:eb:6e:23:0f:77:d9:47: f9:d6:5e:e2:6a:0f:1c:3f:ac:6f:63:89:f7:fc:90: ed:99:0c:6c:5a:45:d6:cf:ca:6e:db:9c:e0:99:07: 11:6f:0f:f8:94:92:b1:de:9e:88:f6:ee:f4:19:c3: e2:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:51:2C:22:D0:EC:99:AC:22:25:33:CF:E9:CF:64:1D:63:6B:E3:D6 X509v3 Authority Key Identifier: keyid:77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:e6:da:a8:8a:f6:cd:d0:91:3b:1d:6b:78:8f:f8:00:c8:20: 63:c6:10:a9:a3:17:29:a3:d6:53:d1:ce:24:34:19:9c:48:1e: 78:86:ab:8a:01:99:b7:16:83:49:17:89:b0:6e:66:5f:c6:97: 6a:2e:c5:fe:7a:e5:2b:61:62:4c:3f:e1:54:40:0a:de:d4:44: b1:ea:56:21:cd:dd:e2:83:dc:11:b6:5f:9b:a9:b6:b2:21:02: bf:eb:c5:86:22:e1:00:a6:cb:73:2c:ff:4e:e9:77:b0:80:84: 20:c6:49:57:f3:2e:2a:03:8c:0b:d4:47:a7:d5:21:9d:49:98: 8a:5e:e4:97:ec:11:e1:71:6d:58:f2:1d:b1:24:93:98:b2:07: a6:a0:ae:10:4c:c8:0a:3d:48:24:4e:7a:8d:89:28:a0:be:2a: ef:2a:9d:f6:5c:7e:95:08:bf:01:8f:03:26:7e:3b:5a:04:1c: 3e:c8:b4:f4:09:d0:98:e7:9b:f4:e4:20:45:e6:d3:10:ba:bf: 7a:be:fc:e5:62:c3:0f:e8:de:e6:a7:45:ea:d5:d2:6e:39:ca: d8:cd:aa:ab:92:46:c7:78:69:b5:d6:29:bd:48:00:c8:28:f2: f8:70:d0:9e:d3:36:74:02:ab:27:02:60:f9:4b:c1:cb:b9:25: 5e:19:61:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE4IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUZBQzMxMTAvBgNVBAUTKDc3NjJBQTgyNzcwMjBEMEJCNUM3NTk5N0RFNUY3RDhB NTE0MkRGMTQwHhcNMjUwNDI0MTcwMDU1WhcNMjUwNTAxMTcwMDU1WjAYMRYwFAYD VQQDEw02ODBhNmU0Ny04ZWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA209MQhVpE1APnGTplf2kNnkciE+vNEouIZ1gAU+9ZL628/IuebZiQ6gLJ4+B sAdTvGlXjKYpI8M2nQWGZNFRbASST1ObLNiT9JSCcftAT6asLk7IG99jFuCvkDOD OBfMrWiyAryfcKfCtTyvqyHQuSjpRj82MVkJMvqzO6AlEHohlg3ICHoXIAJNqEpG mgbOTKBlB+r5+F8f7kddUOztogn004XpkWXrDLcnYPgM2Eo2W2ZuPDJj58xgkQYf +PLeIksJbLTZS5+7XOtuIw932Uf51l7iag8cP6xvY4n3/JDtmQxsWkXWz8pu25zg mQcRbw/4lJKx3p6I9u70GcPinwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF1RLCLQ 7JmsIiUzz+nPZB1ja+PWMB8GA1UdIwQYMBaAFHdiqoJ3Ag0LtcdZl95ffYpRQt8U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkFDMy83Qjg2OEMwODlE RjUxMUU4OTU3QUI0MTZDNEY5QUUwMi9kMktxZ25jQ0RRdTF4MW1YM2w5OWlsRkMz eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QyS3FnbmNDRFF1MXgxbVgzbDk5aWxGQzN4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RkFDMy83Qjg2OEMwODlERjUxMUU4OTU3QUI0MTZDNEY5QUUwMi9kMktxZ25jQ0RR dTF4MW1YM2w5OWlsRkMzeFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAl5tqoivbN0JE7HWt4j/gAyCBjxhCpoxcpo9ZT0c4kNBmcSB54hquK AZm3FoNJF4mwbmZfxpdqLsX+euUrYWJMP+FUQAre1ESx6lYhzd3ig9wRtl+bqbay IQK/68WGIuEApstzLP9O6XewgIQgxklX8y4qA4wL1Een1SGdSZiKXuSX7BHhcW1Y 8h2xJJOYsgemoK4QTMgKPUgkTnqNiSigvirvKp32XH6VCL8BjwMmfjtaBBw+yLT0 CdCY55v05CBF5tMQur96vvzlYsMP6N7mp0Xq1dJuOcrYzaqrkkbHeGm11im9SADI KPL4cNCe0zZ0AqsnAmD5S8HLuSVeGWGv -----END CERTIFICATE-----Generated at Sat Apr 26 13:36:25 2025 by rpki-client