$ rpki-client -vvf rpki.apnic.net/member_repository/A912527F/BCFDAFCC10DD11ED80AA2485C4F9AE02/N5vU53MvGo0cOyItt3c8HBVBn0I.mft File: N5vU53MvGo0cOyItt3c8HBVBn0I.mft (raw, json) Hash identifier: 1t+tp//1RhPlMskasbZHDoTrz4w0xUE0jBbBPJd5+nw= Subject key identifier: DC:F2:01:5F:86:83:6D:23:73:E1:96:29:26:4E:C2:34:22:24:E1:C2 Authority key identifier: 37:9B:D4:E7:73:2F:1A:8D:1C:3B:22:2D:B7:77:3C:1C:15:41:9F:42 Certificate issuer: /CN=A912527F/serialNumber=379BD4E7732F1A8D1C3B222DB7773C1C15419F42 Certificate serial: 0261 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5vU53MvGo0cOyItt3c8HBVBn0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912527F/BCFDAFCC10DD11ED80AA2485C4F9AE02/N5vU53MvGo0cOyItt3c8HBVBn0I.mft Manifest number: 025D Signing time: Fri 25 Apr 2025 01:33:29 +0000 Manifest this update: Fri 25 Apr 2025 01:33:29 +0000 Manifest next update: Fri 02 May 2025 01:33:29 +0000 Files and hashes: 1: N5vU53MvGo0cOyItt3c8HBVBn0I.crl (hash: 6FDfEUcFQFXZU6As+WS+SCCyZ6SjQiznSMbswfxqI/k=) 2: BE0481A4EFA111ED87AD1F0BC4F9AE02.roa (hash: NQf56Uj9m/23kHcMdcevpS6JxvdYxcKJxC0qqxSbed4=) 3: 2C257150DBCA11EF920CC12BC4F9AE02.roa (hash: bsnKJQWxF5UUZ+STFoaUleWe8G1krXm9q3cPKIQEWa4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912527F/BCFDAFCC10DD11ED80AA2485C4F9AE02/N5vU53MvGo0cOyItt3c8HBVBn0I.crl rsync://rpki.apnic.net/member_repository/A912527F/BCFDAFCC10DD11ED80AA2485C4F9AE02/N5vU53MvGo0cOyItt3c8HBVBn0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5vU53MvGo0cOyItt3c8HBVBn0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:33:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 609 (0x261) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912527F, serialNumber=379BD4E7732F1A8D1C3B222DB7773C1C15419F42 Validity Not Before: Apr 25 01:33:29 2025 GMT Not After : May 2 01:33:29 2025 GMT Subject: CN=680ae669-89d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:35:d6:d8:d9:9b:91:6c:cc:e0:14:39:e4:65: a7:bf:34:15:7a:56:0f:69:f2:7a:2a:ac:98:65:e9: 7a:ce:8b:fc:4e:9f:2a:2a:c4:0f:07:a6:b2:93:6b: b6:cb:8b:99:e0:5d:af:b3:45:6e:be:19:57:74:e9: 84:61:52:a4:14:9a:bf:95:fd:64:20:1b:c4:29:09: 84:57:17:68:92:22:de:59:66:c0:7a:d0:66:f3:a6: f1:9c:60:94:19:51:8a:71:23:40:9d:dd:22:fe:92: ef:5f:b2:f9:56:05:70:fe:cc:22:35:26:1c:3e:74: a2:bb:f8:97:26:34:91:bf:42:17:f9:51:9a:96:1b: 38:58:63:12:bc:fc:2c:9a:67:0c:0f:5d:ca:c3:46: 03:62:bf:a9:43:b2:32:39:f4:16:d8:c5:cb:58:54: 90:3a:d1:fb:a7:ab:07:c6:6b:b8:6b:11:7c:1e:5d: 90:be:7b:e1:4c:e8:45:0c:46:eb:21:fd:6a:ac:a4: cf:3a:3e:14:7c:00:e6:dc:4f:80:32:06:30:f9:de: 7f:97:b2:a0:2c:60:7c:ea:6e:ef:09:9f:c7:02:7c: 5c:ab:7b:3d:e5:26:16:d9:31:49:33:f5:dd:eb:28: 28:11:9a:fb:59:55:f2:97:7a:09:78:a5:be:1a:a2: 87:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:F2:01:5F:86:83:6D:23:73:E1:96:29:26:4E:C2:34:22:24:E1:C2 X509v3 Authority Key Identifier: keyid:37:9B:D4:E7:73:2F:1A:8D:1C:3B:22:2D:B7:77:3C:1C:15:41:9F:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912527F/BCFDAFCC10DD11ED80AA2485C4F9AE02/N5vU53MvGo0cOyItt3c8HBVBn0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5vU53MvGo0cOyItt3c8HBVBn0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912527F/BCFDAFCC10DD11ED80AA2485C4F9AE02/N5vU53MvGo0cOyItt3c8HBVBn0I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d3:9e:9e:57:15:25:59:8c:b8:b3:09:bc:ba:30:ce:aa:80:95: 72:5b:5f:7c:ba:7a:73:b4:a1:89:8b:28:eb:ef:41:2e:04:03: 3e:67:ff:18:52:11:f3:9e:0a:31:8e:b4:f5:1d:fa:3f:b0:6b: f8:5c:1f:36:49:13:ea:c1:00:3d:ca:3d:dc:b4:b2:6e:12:b4: 1e:45:b6:05:20:e4:95:6c:3d:13:d3:a9:56:c5:10:8b:84:58: a5:fb:b1:07:21:b6:34:ef:d3:37:60:bd:34:ec:88:c9:fd:22: 6a:cc:d7:14:fb:5f:c0:fe:ce:f2:fb:5c:3b:f7:89:4d:ee:79: ac:84:ba:a1:c0:ea:dc:20:c5:9b:f1:66:16:0f:6d:9f:a5:a1: d5:12:68:a0:56:3a:ae:27:4a:b0:24:95:53:04:ab:89:b0:c2: 2c:44:69:da:fd:6e:5e:91:23:4f:4b:b6:89:fc:d7:a3:8f:b2: c3:cf:e1:db:cf:f5:28:54:53:c7:7b:98:21:6c:cd:97:55:32: b1:fa:ef:29:78:d7:23:39:f2:b4:17:d5:e0:6b:a1:0e:0c:fd: 8d:f1:b7:84:8e:cd:91:33:a8:24:9b:a0:ee:b2:89:0f:53:36: 99:7f:4c:a1:09:53:15:78:40:ff:52:b0:52:8e:da:f6:1d:93: 5c:a6:54:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjUyN0YxMTAvBgNVBAUTKDM3OUJENEU3NzMyRjFBOEQxQzNCMjIyREI3NzczQzFD MTU0MTlGNDIwHhcNMjUwNDI1MDEzMzI5WhcNMjUwNTAyMDEzMzI5WjAYMRYwFAYD VQQDEw02ODBhZTY2OS04OWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvzXW2NmbkWzM4BQ55GWnvzQVelYPafJ6KqyYZel6zov8Tp8qKsQPB6ayk2u2 y4uZ4F2vs0VuvhlXdOmEYVKkFJq/lf1kIBvEKQmEVxdokiLeWWbAetBm86bxnGCU GVGKcSNAnd0i/pLvX7L5VgVw/swiNSYcPnSiu/iXJjSRv0IX+VGalhs4WGMSvPws mmcMD13Kw0YDYr+pQ7IyOfQW2MXLWFSQOtH7p6sHxmu4axF8Hl2QvnvhTOhFDEbr If1qrKTPOj4UfADm3E+AMgYw+d5/l7KgLGB86m7vCZ/HAnxcq3s95SYW2TFJM/Xd 6ygoEZr7WVXyl3oJeKW+GqKHkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNzyAV+G g20jc+GWKSZOwjQiJOHCMB8GA1UdIwQYMBaAFDeb1OdzLxqNHDsiLbd3PBwVQZ9C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTI3Ri9CQ0ZEQUZDQzEw REQxMUVEODBBQTI0ODVDNEY5QUUwMi9ONXZVNTNNdkdvMGNPeUl0dDNjOEhCVkJu MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL041dlU1M012R28wY095SXR0M2M4SEJWQm4wSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NTI3Ri9CQ0ZEQUZDQzEwREQxMUVEODBBQTI0ODVDNEY5QUUwMi9ONXZVNTNNdkdv MGNPeUl0dDNjOEhCVkJuMEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDTnp5XFSVZjLizCby6MM6qgJVyW198unpztKGJiyjr70EuBAM+Z/8Y UhHzngoxjrT1Hfo/sGv4XB82SRPqwQA9yj3ctLJuErQeRbYFIOSVbD0T06lWxRCL hFil+7EHIbY079M3YL007IjJ/SJqzNcU+1/A/s7y+1w794lN7nmshLqhwOrcIMWb 8WYWD22fpaHVEmigVjquJ0qwJJVTBKuJsMIsRGna/W5ekSNPS7aJ/Nejj7LDz+Hb z/UoVFPHe5ghbM2XVTKx+u8peNcjOfK0F9Xga6EODP2N8beEjs2RM6gkm6DusokP UzaZf0yhCVMVeED/UrBSjtr2HZNcplR2 -----END CERTIFICATE-----Generated at Sat Apr 26 15:01:09 2025 by rpki-client