$ rpki-client -vvf rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft File: -bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft (raw, json) Hash identifier: FwFImgUMnk8a+nQNiZB94gYm5GCaKlP3OMAw9E8t5cQ= Subject key identifier: 53:87:AE:BF:1E:CF:19:DE:BC:BA:41:9A:5F:CA:0D:63:51:24:3B:C1 Authority key identifier: F9:B9:75:16:1F:E2:EA:37:E0:E4:62:AD:5F:5B:8A:74:28:01:34:E6 Certificate issuer: /CN=A9121D73/serialNumber=F9B975161FE2EA37E0E462AD5F5B8A74280134E6 Certificate serial: 0B98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft Manifest number: 0B8E Signing time: Thu 24 Apr 2025 18:56:29 +0000 Manifest this update: Thu 24 Apr 2025 18:56:29 +0000 Manifest next update: Thu 01 May 2025 18:56:29 +0000 Files and hashes: 1: -bl1Fh_i6jfg5GKtX1uKdCgBNOY.crl (hash: haenYLfuysxHY9Y+BRdjFImR6k/afVo29C7vhp3k0A4=) 2: 01A8B084262811EA8269E33EC4F9AE02.roa (hash: 3edR8k68PlyDLwSNioDrZi097Di1Z0qsLBIpivE7sS8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.crl rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2968 (0xb98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121D73, serialNumber=F9B975161FE2EA37E0E462AD5F5B8A74280134E6 Validity Not Before: Apr 24 18:56:29 2025 GMT Not After : May 1 18:56:29 2025 GMT Subject: CN=680a895d-1cc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:df:75:16:ae:f2:b1:7d:9c:5a:5f:e7:82:64: a0:6b:63:8a:aa:ba:88:d3:4a:ca:93:1b:b1:ea:6b: b7:9a:4c:68:06:90:06:8b:69:b6:1b:9e:1c:80:35: 05:d8:48:bc:87:a8:28:a6:48:db:5e:32:de:76:ef: 53:cc:84:06:69:d6:50:90:ef:9f:37:fa:bc:41:dc: 5b:78:88:af:0f:c9:19:b2:5f:da:ee:26:32:08:ed: 84:16:d7:bf:25:8f:f9:90:d2:4f:64:13:2c:5a:71: 86:74:1c:d1:69:33:fd:f9:3b:4c:36:f7:9d:36:40: 77:b2:1d:aa:3e:ae:14:77:6c:91:bd:ab:a6:ee:8c: 73:8b:2a:b4:a9:a8:4e:89:61:f6:10:e5:1f:a9:f4: d5:4e:14:3e:5d:ff:38:9a:d3:9e:bd:e4:19:eb:8f: f9:c2:3f:37:b4:ca:10:02:14:e2:3d:3b:4a:a2:be: 23:4e:d1:77:59:fa:69:8b:64:b7:f5:9a:a9:8c:ed: b9:1f:d0:0b:b8:d5:98:67:2e:1e:ae:0f:5e:63:4f: 90:c4:ac:f5:a0:2f:60:83:f1:c2:54:ae:28:13:3c: 5e:90:d3:11:80:5d:23:25:1b:1c:c3:20:d8:69:38: f2:ae:00:0a:5f:a4:ff:45:e4:f9:62:f2:2c:26:f4: 06:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:87:AE:BF:1E:CF:19:DE:BC:BA:41:9A:5F:CA:0D:63:51:24:3B:C1 X509v3 Authority Key Identifier: keyid:F9:B9:75:16:1F:E2:EA:37:E0:E4:62:AD:5F:5B:8A:74:28:01:34:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:cf:02:7c:04:6c:4f:07:11:3e:5b:9c:14:24:36:85:7f:a1: c5:9c:c4:50:66:08:63:4b:db:48:c3:b0:23:8b:56:0c:3d:c0: e8:5f:6d:0a:46:7c:e3:3c:57:26:e0:8b:47:81:49:67:b7:71: 19:d1:c2:7c:36:df:6d:b7:d7:34:0f:e4:97:df:c6:cb:05:f0: f0:43:f0:8e:3c:2f:e0:98:17:b8:00:4b:fd:34:3a:77:1a:f2: 34:cb:36:34:a9:aa:58:74:2d:52:fd:63:46:8d:a7:bd:a9:89: 68:65:9f:2e:07:44:65:3b:68:0e:38:c0:b7:47:de:d4:51:25: 79:32:43:25:af:e4:b1:6e:d9:0c:ba:c2:45:b2:2f:24:bd:37: c6:b2:98:a9:5d:ab:99:6b:2e:d3:85:e8:6b:14:1b:9d:f7:05: e4:1d:46:ac:56:c7:e3:3e:dd:5b:13:83:23:86:9d:d0:90:5b: 8e:30:17:ae:91:18:92:23:8d:17:3e:80:03:01:ff:5d:33:53: 68:df:3a:db:80:ae:b8:97:f6:59:40:5d:ee:ef:26:96:a3:c0: 23:48:fa:31:64:8a:5d:16:e1:00:d4:d8:09:59:ed:b3:65:39: 25:14:e1:0e:47:a1:6a:f1:76:25:73:99:5b:eb:cc:88:18:11: 45:db:a0:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFENzMxMTAvBgNVBAUTKEY5Qjk3NTE2MUZFMkVBMzdFMEU0NjJBRDVGNUI4QTc0 MjgwMTM0RTYwHhcNMjUwNDI0MTg1NjI5WhcNMjUwNTAxMTg1NjI5WjAYMRYwFAYD VQQDEw02ODBhODk1ZC0xY2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApt91Fq7ysX2cWl/ngmSga2OKqrqI00rKkxux6mu3mkxoBpAGi2m2G54cgDUF 2Ei8h6gopkjbXjLedu9TzIQGadZQkO+fN/q8QdxbeIivD8kZsl/a7iYyCO2EFte/ JY/5kNJPZBMsWnGGdBzRaTP9+TtMNvedNkB3sh2qPq4Ud2yRvaum7oxziyq0qahO iWH2EOUfqfTVThQ+Xf84mtOeveQZ64/5wj83tMoQAhTiPTtKor4jTtF3Wfppi2S3 9ZqpjO25H9ALuNWYZy4erg9eY0+QxKz1oC9gg/HCVK4oEzxekNMRgF0jJRscwyDY aTjyrgAKX6T/ReT5YvIsJvQGAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFOHrr8e zxnevLpBml/KDWNRJDvBMB8GA1UdIwQYMBaAFPm5dRYf4uo34ORirV9binQoATTm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUQ3My81Q0M2NkJENDI2 MjYxMUVBODUyNEU4M0JDNEY5QUUwMi8tYmwxRmhfaTZqZmc1R0t0WDF1S2RDZ0JO T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1ibDFGaF9pNmpmZzVHS3RYMXVLZENnQk5PWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUQ3My81Q0M2NkJENDI2MjYxMUVBODUyNEU4M0JDNEY5QUUwMi8tYmwxRmhfaTZq Zmc1R0t0WDF1S2RDZ0JOT1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkzwJ8BGxPBxE+W5wUJDaFf6HFnMRQZghjS9tIw7Aji1YMPcDoX20K RnzjPFcm4ItHgUlnt3EZ0cJ8Nt9tt9c0D+SX38bLBfDwQ/COPC/gmBe4AEv9NDp3 GvI0yzY0qapYdC1S/WNGjae9qYloZZ8uB0RlO2gOOMC3R97UUSV5MkMlr+SxbtkM usJFsi8kvTfGspipXauZay7ThehrFBud9wXkHUasVsfjPt1bE4Mjhp3QkFuOMBeu kRiSI40XPoADAf9dM1No3zrbgK64l/ZZQF3u7yaWo8AjSPoxZIpdFuEA1NgJWe2z ZTklFOEOR6Fq8XYlc5lb68yIGBFF26D4 -----END CERTIFICATE-----Generated at Sat Apr 26 04:37:27 2025 by rpki-client