$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AAA/0CA77C825C4711EEAA9FE966C4F9AE02/a1cJMpDRH2XPuR8SEsKM9zP5wrU.mft File: a1cJMpDRH2XPuR8SEsKM9zP5wrU.mft (raw, json) Hash identifier: /kZIiJcPOE3DT6Ik81ZNvvSPUf53xjrG00W2Llf99a0= Subject key identifier: B0:E2:5C:BB:5C:C9:71:72:26:4F:29:AB:23:46:3B:BA:B5:2B:7F:6F Authority key identifier: 6B:57:09:32:90:D1:1F:65:CF:B9:1F:12:12:C2:8C:F7:33:F9:C2:B5 Certificate issuer: /CN=A9120AAA/serialNumber=6B57093290D11F65CFB91F1212C28CF733F9C2B5 Certificate serial: 012A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a1cJMpDRH2XPuR8SEsKM9zP5wrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AAA/0CA77C825C4711EEAA9FE966C4F9AE02/a1cJMpDRH2XPuR8SEsKM9zP5wrU.mft Manifest number: 0128 Signing time: Fri 25 Apr 2025 03:42:39 +0000 Manifest this update: Fri 25 Apr 2025 03:42:39 +0000 Manifest next update: Fri 02 May 2025 03:42:39 +0000 Files and hashes: 1: a1cJMpDRH2XPuR8SEsKM9zP5wrU.crl (hash: XxBc7I4JfUm+Q2SmRHI/s9clhBBqYU85WZWrOM7NXHw=) 2: 8A389AC25C4811EEBE1CF06BC4F9AE02.roa (hash: 9QttLF7HMnJDx+HbQAXC0YtWXOJ+pz+cgouITeRm1GU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AAA/0CA77C825C4711EEAA9FE966C4F9AE02/a1cJMpDRH2XPuR8SEsKM9zP5wrU.crl rsync://rpki.apnic.net/member_repository/A9120AAA/0CA77C825C4711EEAA9FE966C4F9AE02/a1cJMpDRH2XPuR8SEsKM9zP5wrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a1cJMpDRH2XPuR8SEsKM9zP5wrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:42:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 298 (0x12a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AAA, serialNumber=6B57093290D11F65CFB91F1212C28CF733F9C2B5 Validity Not Before: Apr 25 03:42:39 2025 GMT Not After : May 2 03:42:39 2025 GMT Subject: CN=680b04af-e19b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:e4:2a:e3:e0:97:e5:5a:b8:d6:62:e7:53:a8: 38:85:ee:d6:e9:5a:8a:44:bc:36:bc:96:75:57:68: 9a:d8:eb:0c:9b:9e:02:ea:ff:85:12:97:79:af:be: e1:79:fe:c4:e8:66:2b:94:dd:61:f8:50:39:b5:d6: 08:40:c9:33:58:d4:4e:33:3d:20:b1:37:63:0f:53: 4d:68:af:88:81:3f:95:2b:e7:d1:cb:63:01:d9:39: 1a:3c:f4:d5:3f:98:cd:83:09:e8:1c:6c:71:ca:25: 92:2d:ab:25:f7:65:4b:20:71:5d:28:5c:83:62:67: de:17:19:8f:be:2b:e5:5d:dd:84:0f:db:5c:18:11: 7e:95:27:a8:a8:d8:16:45:13:ac:b0:e1:e8:7c:49: 1b:ee:f6:07:98:df:a2:68:33:cb:25:4a:d2:10:01: 30:7f:e2:90:22:be:29:98:1b:6c:f5:5b:32:76:f6: 4f:3c:db:46:04:03:f9:f3:32:75:32:01:ff:11:08: d0:85:a8:de:27:c3:96:e2:31:23:b4:8e:da:df:f8: f4:58:ae:8b:ed:56:10:8a:66:19:5d:65:00:b8:4d: 0c:33:91:1d:e3:f6:a5:fc:cd:d3:87:fe:d8:34:49: 3a:c9:48:c3:9e:a5:01:65:55:b4:43:35:e0:6b:03: 9d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:E2:5C:BB:5C:C9:71:72:26:4F:29:AB:23:46:3B:BA:B5:2B:7F:6F X509v3 Authority Key Identifier: keyid:6B:57:09:32:90:D1:1F:65:CF:B9:1F:12:12:C2:8C:F7:33:F9:C2:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AAA/0CA77C825C4711EEAA9FE966C4F9AE02/a1cJMpDRH2XPuR8SEsKM9zP5wrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a1cJMpDRH2XPuR8SEsKM9zP5wrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AAA/0CA77C825C4711EEAA9FE966C4F9AE02/a1cJMpDRH2XPuR8SEsKM9zP5wrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:af:00:e2:26:3f:14:8f:ae:dc:c9:fd:10:2c:eb:2e:c5:9f: b0:e4:5f:f6:74:82:bc:f5:6b:d1:7f:95:91:9f:c2:7d:ac:72: a5:82:44:d7:bd:f7:17:cf:0d:0d:2a:f2:53:a7:0f:d8:18:93: 32:d7:f0:ba:91:cb:ad:dd:60:1e:7e:8f:16:b8:3a:8a:f3:ad: 5d:3c:89:73:6e:2d:ca:29:6f:44:8c:96:e7:5a:9f:52:39:53: f6:05:19:9d:3e:3e:e3:7d:d2:bd:54:c3:00:a9:ed:43:6b:02: ff:d4:83:66:27:76:0c:5c:21:df:26:6e:9a:7a:c4:3c:3e:98: c4:b0:77:b0:1b:ec:2c:44:b4:cb:ab:b5:ae:3b:c4:de:87:36: 47:a4:a3:f4:10:c6:9b:ab:f0:fa:32:f0:b0:ea:56:b9:81:c1: cc:5c:43:f0:fb:f7:ae:53:12:55:e3:b4:a0:35:6c:ff:94:bf: b3:5c:bd:6e:2e:2c:44:06:f4:79:57:da:f9:dd:08:39:78:0d: 80:2c:0f:4d:50:da:ad:a6:b7:0b:96:8d:8a:5a:1a:83:68:5f: bc:be:11:a0:2c:3e:fb:14:9b:d3:39:87:95:af:7e:ff:13:67: 3c:93:d2:c6:cc:ff:11:25:e4:90:b1:0d:5b:b7:35:d6:a7:c1: b9:b1:83:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQUExMTAvBgNVBAUTKDZCNTcwOTMyOTBEMTFGNjVDRkI5MUYxMjEyQzI4Q0Y3 MzNGOUMyQjUwHhcNMjUwNDI1MDM0MjM5WhcNMjUwNTAyMDM0MjM5WjAYMRYwFAYD VQQDEw02ODBiMDRhZi1lMTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2+Qq4+CX5Vq41mLnU6g4he7W6VqKRLw2vJZ1V2ia2OsMm54C6v+FEpd5r77h ef7E6GYrlN1h+FA5tdYIQMkzWNROMz0gsTdjD1NNaK+IgT+VK+fRy2MB2TkaPPTV P5jNgwnoHGxxyiWSLasl92VLIHFdKFyDYmfeFxmPvivlXd2ED9tcGBF+lSeoqNgW RROssOHofEkb7vYHmN+iaDPLJUrSEAEwf+KQIr4pmBts9VsydvZPPNtGBAP58zJ1 MgH/EQjQhajeJ8OW4jEjtI7a3/j0WK6L7VYQimYZXWUAuE0MM5Ed4/al/M3Th/7Y NEk6yUjDnqUBZVW0QzXgawOdpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLDiXLtc yXFyJk8pqyNGO7q1K39vMB8GA1UdIwQYMBaAFGtXCTKQ0R9lz7kfEhLCjPcz+cK1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFBQS8wQ0E3N0M4MjVD NDcxMUVFQUE5RkU5NjZDNEY5QUUwMi9hMWNKTXBEUkgyWFB1UjhTRXNLTTl6UDV3 clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ExY0pNcERSSDJYUHVSOFNFc0tNOXpQNXdyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEFBQS8wQ0E3N0M4MjVDNDcxMUVFQUE5RkU5NjZDNEY5QUUwMi9hMWNKTXBEUkgy WFB1UjhTRXNLTTl6UDV3clUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkrwDiJj8Uj67cyf0QLOsuxZ+w5F/2dIK89WvRf5WRn8J9rHKlgkTX vfcXzw0NKvJTpw/YGJMy1/C6kcut3WAefo8WuDqK861dPIlzbi3KKW9EjJbnWp9S OVP2BRmdPj7jfdK9VMMAqe1DawL/1INmJ3YMXCHfJm6aesQ8PpjEsHewG+wsRLTL q7WuO8TehzZHpKP0EMabq/D6MvCw6la5gcHMXEPw+/euUxJV47SgNWz/lL+zXL1u LixEBvR5V9r53Qg5eA2ALA9NUNqtprcLlo2KWhqDaF+8vhGgLD77FJvTOYeVr37/ E2c8k9LGzP8RJeSQsQ1btzXWp8G5sYN7 -----END CERTIFICATE-----Generated at Sat Apr 26 16:59:46 2025 by rpki-client