$ rpki-client -vvf rpki.apnic.net/member_repository/A9122041/2E72E0AEDC3511EE8FF1A433C4F9AE02/fSf9xw_NGLbdWwQmla_djBc1wTA.mft File: fSf9xw_NGLbdWwQmla_djBc1wTA.mft (raw, json) Hash identifier: mfORZ2ImW3tv/fGYhRsqSK7r6JPHxIyR5eihqidDesQ= Subject key identifier: B5:75:47:66:D6:29:8F:A1:48:A6:EA:4E:DC:6B:B8:61:69:65:AD:45 Authority key identifier: 7D:27:FD:C7:0F:CD:18:B6:DD:5B:04:26:95:AF:DD:8C:17:35:C1:30 Certificate issuer: /CN=A9122041/serialNumber=7D27FDC70FCD18B6DD5B042695AFDD8C1735C130 Certificate serial: D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSf9xw_NGLbdWwQmla_djBc1wTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122041/2E72E0AEDC3511EE8FF1A433C4F9AE02/fSf9xw_NGLbdWwQmla_djBc1wTA.mft Manifest number: D2 Signing time: Fri 25 Apr 2025 04:39:01 +0000 Manifest this update: Fri 25 Apr 2025 04:39:00 +0000 Manifest next update: Fri 02 May 2025 04:39:00 +0000 Files and hashes: 1: fSf9xw_NGLbdWwQmla_djBc1wTA.crl (hash: x/qsDfTYlVoIDV/KTCPcJhB/3zlergrUs7V9WAi3QOE=) 2: E46B7DACDC3611EEBE5CDD37C4F9AE02.roa (hash: EUS1TcmCLEChYsSUsTW2xirwCeaCm7aIPgo/Dh+GRoU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122041/2E72E0AEDC3511EE8FF1A433C4F9AE02/fSf9xw_NGLbdWwQmla_djBc1wTA.crl rsync://rpki.apnic.net/member_repository/A9122041/2E72E0AEDC3511EE8FF1A433C4F9AE02/fSf9xw_NGLbdWwQmla_djBc1wTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSf9xw_NGLbdWwQmla_djBc1wTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:39:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 211 (0xd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122041, serialNumber=7D27FDC70FCD18B6DD5B042695AFDD8C1735C130 Validity Not Before: Apr 25 04:39:00 2025 GMT Not After : May 2 04:39:00 2025 GMT Subject: CN=680b11e5-fa79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:9c:32:d6:00:13:7a:9b:e8:c1:cb:ef:23:ec: 20:b5:de:48:66:4a:c0:4f:26:a5:5e:a5:ec:fb:10: b8:e1:fb:e6:66:a3:57:ab:0e:ba:eb:22:4c:c4:3c: f0:03:15:aa:ba:00:d2:44:96:a5:7c:3b:1d:2a:f9: 12:c5:bc:07:10:5d:06:7e:db:51:c9:13:78:81:89: f4:35:07:40:00:11:45:8c:d1:5c:66:72:b6:34:a1: ec:f4:6d:1b:ad:c6:db:cc:bc:26:6e:f7:e1:5b:fa: e9:5c:8d:da:71:65:7f:32:24:5d:b0:b7:91:b1:ea: fd:3d:98:14:db:87:71:3b:9b:ba:36:ae:0d:57:e0: 36:35:63:35:69:49:3f:5c:06:87:cb:dc:7c:aa:cc: 0f:0d:fb:43:51:fc:67:e9:a8:2e:b6:7b:17:78:79: f6:eb:67:b7:fd:2a:6a:e3:db:be:6a:4a:c0:9d:91: 43:66:4a:3f:0a:aa:88:f7:f2:e2:cc:d7:6f:7b:d7: 60:6b:3e:20:2a:fa:26:7e:e0:57:6d:0d:e8:e0:01: 83:d8:44:b4:5d:de:64:20:21:c5:ec:26:71:6c:2d: 19:8e:e0:f2:e1:12:dc:d4:d8:82:48:b2:8b:18:14: 2a:02:e8:9f:6b:25:ee:c3:95:fc:4d:a2:39:18:24: 79:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:75:47:66:D6:29:8F:A1:48:A6:EA:4E:DC:6B:B8:61:69:65:AD:45 X509v3 Authority Key Identifier: keyid:7D:27:FD:C7:0F:CD:18:B6:DD:5B:04:26:95:AF:DD:8C:17:35:C1:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122041/2E72E0AEDC3511EE8FF1A433C4F9AE02/fSf9xw_NGLbdWwQmla_djBc1wTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSf9xw_NGLbdWwQmla_djBc1wTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122041/2E72E0AEDC3511EE8FF1A433C4F9AE02/fSf9xw_NGLbdWwQmla_djBc1wTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:dd:e0:71:87:59:45:ed:f7:24:30:33:30:d9:37:14:15:b5: b7:48:88:24:4d:58:39:41:91:bb:f1:50:38:c2:46:a2:06:92: 7f:be:14:92:ef:05:91:69:3b:90:13:c7:99:65:ce:85:a7:52: 07:a0:ae:35:66:af:09:50:13:eb:d9:32:0c:2c:61:d6:88:2c: 61:56:fe:14:c1:9a:1d:20:3c:1a:e5:41:b5:3b:08:07:a2:91: 71:bd:1a:37:4f:dc:29:73:b0:3f:eb:59:16:4d:33:24:02:8b: 98:a3:77:67:ad:9f:55:c5:57:83:ac:85:b2:ff:01:26:b8:db: 16:5c:e1:72:cb:28:07:83:1a:c2:23:d8:68:ed:a2:62:28:89: 99:2e:9e:4c:83:9a:62:a5:ad:c3:71:74:5e:56:d4:34:b6:cc: c3:49:70:8c:d5:b3:56:aa:cb:e7:a1:0a:82:f5:5e:5a:bf:c7: 6f:68:38:6c:f5:f2:4c:e6:4f:d1:b6:be:5c:ca:94:8c:f1:36: 61:aa:85:16:f6:ec:69:a6:50:d5:83:de:df:43:27:16:ab:37: a5:01:00:7a:d7:59:d9:06:28:d1:83:8c:89:43:85:ee:12:c2: 1f:61:8b:78:1e:bc:94:ff:fb:5a:ad:ca:22:dc:a1:04:99:b6: f3:e9:8d:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjIwNDExMTAvBgNVBAUTKDdEMjdGREM3MEZDRDE4QjZERDVCMDQyNjk1QUZERDhD MTczNUMxMzAwHhcNMjUwNDI1MDQzOTAwWhcNMjUwNTAyMDQzOTAwWjAYMRYwFAYD VQQDEw02ODBiMTFlNS1mYTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAupwy1gATepvowcvvI+wgtd5IZkrATyalXqXs+xC44fvmZqNXqw666yJMxDzw AxWqugDSRJalfDsdKvkSxbwHEF0GfttRyRN4gYn0NQdAABFFjNFcZnK2NKHs9G0b rcbbzLwmbvfhW/rpXI3acWV/MiRdsLeRser9PZgU24dxO5u6Nq4NV+A2NWM1aUk/ XAaHy9x8qswPDftDUfxn6agutnsXeHn262e3/Spq49u+akrAnZFDZko/CqqI9/Li zNdve9dgaz4gKvomfuBXbQ3o4AGD2ES0Xd5kICHF7CZxbC0ZjuDy4RLc1NiCSLKL GBQqAuifayXuw5X8TaI5GCR5QwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLV1R2bW KY+hSKbqTtxruGFpZa1FMB8GA1UdIwQYMBaAFH0n/ccPzRi23VsEJpWv3YwXNcEw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjA0MS8yRTcyRTBBRURD MzUxMUVFOEZGMUE0MzNDNEY5QUUwMi9mU2Y5eHdfTkdMYmRXd1FtbGFfZGpCYzF3 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZTZjl4d19OR0xiZFd3UW1sYV9kakJjMXdUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MjA0MS8yRTcyRTBBRURDMzUxMUVFOEZGMUE0MzNDNEY5QUUwMi9mU2Y5eHdfTkdM YmRXd1FtbGFfZGpCYzF3VEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA63eBxh1lF7fckMDMw2TcUFbW3SIgkTVg5QZG78VA4wkaiBpJ/vhSS 7wWRaTuQE8eZZc6Fp1IHoK41Zq8JUBPr2TIMLGHWiCxhVv4UwZodIDwa5UG1OwgH opFxvRo3T9wpc7A/61kWTTMkAouYo3dnrZ9VxVeDrIWy/wEmuNsWXOFyyygHgxrC I9ho7aJiKImZLp5Mg5pipa3DcXReVtQ0tszDSXCM1bNWqsvnoQqC9V5av8dvaDhs 9fJM5k/Rtr5cypSM8TZhqoUW9uxpplDVg97fQycWqzelAQB611nZBijRg4yJQ4Xu EsIfYYt4HryU//tarcoi3KEEmbbz6Y2t -----END CERTIFICATE-----Generated at Sat Apr 26 04:30:44 2025 by rpki-client