$ rpki-client -vvf rpki.apnic.net/member_repository/A9122905/11EB086A335511ED943FA53BC4F9AE02/BkbFIpHVzU30oP94Z4T89Sg0YyQ.mft File: BkbFIpHVzU30oP94Z4T89Sg0YyQ.mft (raw, json) Hash identifier: x25h7tevoqjAcRpmsaXek4f/O70HQJ07RaEczU+O2yg= Subject key identifier: FD:96:04:2A:4F:9F:05:7D:54:8E:77:D8:DC:67:32:74:8F:8E:3E:75 Authority key identifier: 06:46:C5:22:91:D5:CD:4D:F4:A0:FF:78:67:84:FC:F5:28:34:63:24 Certificate issuer: /CN=A9122905/serialNumber=0646C52291D5CD4DF4A0FF786784FCF528346324 Certificate serial: 0209 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BkbFIpHVzU30oP94Z4T89Sg0YyQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122905/11EB086A335511ED943FA53BC4F9AE02/BkbFIpHVzU30oP94Z4T89Sg0YyQ.mft Manifest number: 0206 Signing time: Fri 25 Apr 2025 01:47:21 +0000 Manifest this update: Fri 25 Apr 2025 01:47:20 +0000 Manifest next update: Fri 02 May 2025 01:47:20 +0000 Files and hashes: 1: BkbFIpHVzU30oP94Z4T89Sg0YyQ.crl (hash: TMAk2x52pbdZs3P8Ze3KkiWaAW8SqzODgsoTtUh59x4=) 2: 8BFE9EA6335911EDBC60AC44C4F9AE02.roa (hash: PkaRAOyxeuH2U7UkwpCaJHtr/yLJ/iuQhH7B44HKa84=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122905/11EB086A335511ED943FA53BC4F9AE02/BkbFIpHVzU30oP94Z4T89Sg0YyQ.crl rsync://rpki.apnic.net/member_repository/A9122905/11EB086A335511ED943FA53BC4F9AE02/BkbFIpHVzU30oP94Z4T89Sg0YyQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BkbFIpHVzU30oP94Z4T89Sg0YyQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:47:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122905, serialNumber=0646C52291D5CD4DF4A0FF786784FCF528346324 Validity Not Before: Apr 25 01:47:20 2025 GMT Not After : May 2 01:47:20 2025 GMT Subject: CN=680ae9a9-9e3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5e:49:f6:7b:7c:d7:eb:b9:56:b5:24:58:4e: e2:de:c2:96:c1:73:40:7f:7e:8d:3a:73:49:c8:d3: 79:42:24:51:e6:29:75:b7:be:f1:4f:f0:89:5d:5d: a9:e8:fe:c0:f6:1e:f8:12:d9:4e:9a:a0:a0:4d:3f: d4:79:80:e9:ad:dd:8b:43:c0:c5:cc:aa:da:ac:84: 17:49:09:80:29:95:e1:ba:4b:b1:75:27:05:ac:d1: 5b:01:74:f3:63:38:bd:ab:ad:59:ad:78:b0:3f:9e: 29:f1:a7:eb:b7:88:06:e6:4a:de:ae:70:45:e5:05: e0:83:05:4f:65:75:14:f3:7a:b6:2d:fe:88:a4:19: 61:49:46:0f:5f:0c:da:11:8c:a4:01:9e:29:43:5e: 5f:64:b7:ba:98:97:ff:42:a8:cb:fc:00:96:de:e7: 38:0f:a8:6b:5a:bc:d9:06:c3:f8:90:9f:0b:f2:20: 39:7d:8e:11:51:13:97:60:18:f9:7d:d0:f2:80:7e: ad:5a:d7:7f:14:40:bd:39:0a:c9:6c:71:82:bf:4b: 63:6e:b7:c7:62:58:ee:73:a7:d5:54:79:20:68:e2: f5:5e:d7:e8:b5:d8:52:50:6b:71:a4:12:21:fd:49: f5:91:ec:00:c4:e5:13:5f:ca:33:86:0d:a4:db:d0: 96:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:96:04:2A:4F:9F:05:7D:54:8E:77:D8:DC:67:32:74:8F:8E:3E:75 X509v3 Authority Key Identifier: keyid:06:46:C5:22:91:D5:CD:4D:F4:A0:FF:78:67:84:FC:F5:28:34:63:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122905/11EB086A335511ED943FA53BC4F9AE02/BkbFIpHVzU30oP94Z4T89Sg0YyQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BkbFIpHVzU30oP94Z4T89Sg0YyQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122905/11EB086A335511ED943FA53BC4F9AE02/BkbFIpHVzU30oP94Z4T89Sg0YyQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cf:a1:4e:4a:36:9b:ec:58:4b:fd:67:f5:06:b4:b0:18:58:c4: 59:a7:a0:40:60:8d:2f:9a:47:3d:b7:e8:db:d6:90:51:f5:ef: e8:3c:6a:fa:91:89:49:22:c5:ab:50:ff:7b:f6:4a:6d:fe:fb: b4:d2:52:1f:2d:55:22:3c:2a:e0:dd:7e:22:3e:94:3e:c6:c7: d8:40:af:e9:43:5f:9f:98:af:05:97:9e:be:f2:a6:d7:94:21: 5a:c4:48:aa:4e:77:08:b1:72:db:b0:19:36:ea:9d:39:d1:0a: 38:73:46:03:cb:22:fc:bd:ae:47:6e:de:04:32:b2:a0:ef:eb: ce:0a:40:65:2c:f6:6a:a8:d2:e7:00:c6:d8:8f:d1:23:1d:73: de:80:42:f2:17:e2:c7:44:17:44:d4:8b:5f:56:1c:47:65:a4: c1:81:a2:11:a6:1f:0a:76:69:10:3f:65:b5:5a:28:aa:2a:bc: 9d:e9:21:af:2c:ee:35:37:c2:96:af:fc:bc:1f:b7:da:8e:d1: 08:5a:ba:b3:0c:8f:b3:39:e7:b8:1d:92:3d:70:ef:43:1c:4a: c6:60:69:6e:7b:51:a1:54:c9:4a:56:68:f9:75:cb:e0:6c:40: f9:f6:dd:43:c5:d5:b5:8b:3a:85:07:9e:83:db:70:56:ee:d8: 52:df:c0:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjI5MDUxMTAvBgNVBAUTKDA2NDZDNTIyOTFENUNENERGNEEwRkY3ODY3ODRGQ0Y1 MjgzNDYzMjQwHhcNMjUwNDI1MDE0NzIwWhcNMjUwNTAyMDE0NzIwWjAYMRYwFAYD VQQDEw02ODBhZTlhOS05ZTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyV5J9nt81+u5VrUkWE7i3sKWwXNAf36NOnNJyNN5QiRR5il1t77xT/CJXV2p 6P7A9h74EtlOmqCgTT/UeYDprd2LQ8DFzKrarIQXSQmAKZXhukuxdScFrNFbAXTz Yzi9q61ZrXiwP54p8afrt4gG5krernBF5QXggwVPZXUU83q2Lf6IpBlhSUYPXwza EYykAZ4pQ15fZLe6mJf/QqjL/ACW3uc4D6hrWrzZBsP4kJ8L8iA5fY4RUROXYBj5 fdDygH6tWtd/FEC9OQrJbHGCv0tjbrfHYljuc6fVVHkgaOL1XtfotdhSUGtxpBIh /Un1kewAxOUTX8ozhg2k29CWnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP2WBCpP nwV9VI532NxnMnSPjj51MB8GA1UdIwQYMBaAFAZGxSKR1c1N9KD/eGeE/PUoNGMk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjkwNS8xMUVCMDg2QTMz NTUxMUVEOTQzRkE1M0JDNEY5QUUwMi9Ca2JGSXBIVnpVMzBvUDk0WjRUODlTZzBZ eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JrYkZJcEhWelUzMG9QOTRaNFQ4OVNnMFl5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MjkwNS8xMUVCMDg2QTMzNTUxMUVEOTQzRkE1M0JDNEY5QUUwMi9Ca2JGSXBIVnpV MzBvUDk0WjRUODlTZzBZeVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDPoU5KNpvsWEv9Z/UGtLAYWMRZp6BAYI0vmkc9t+jb1pBR9e/oPGr6 kYlJIsWrUP979kpt/vu00lIfLVUiPCrg3X4iPpQ+xsfYQK/pQ1+fmK8Fl56+8qbX lCFaxEiqTncIsXLbsBk26p050Qo4c0YDyyL8va5Hbt4EMrKg7+vOCkBlLPZqqNLn AMbYj9EjHXPegELyF+LHRBdE1ItfVhxHZaTBgaIRph8KdmkQP2W1WiiqKryd6SGv LO41N8KWr/y8H7fajtEIWrqzDI+zOee4HZI9cO9DHErGYGlue1GhVMlKVmj5dcvg bED59t1DxdW1izqFB56D23BW7thS38B+ -----END CERTIFICATE-----Generated at Sat Apr 26 16:54:34 2025 by rpki-client