$ rpki-client -vvf rpki.apnic.net/member_repository/A9125852/E954FD781BA211F08B29E92CC4F9AE02/h1thdAzTcL1LSk9q6gqGCDiNuoo.mft File: h1thdAzTcL1LSk9q6gqGCDiNuoo.mft (raw, json) Hash identifier: uiaOQS4I8QJ3t/3SIR8UWXnxVZLwmCmtyR68FS6t3fM= Subject key identifier: AA:7F:A5:84:B5:D9:4F:E8:B0:B0:A2:4C:5A:08:DC:D6:F4:D3:40:44 Authority key identifier: 87:5B:61:74:0C:D3:70:BD:4B:4A:4F:6A:EA:0A:86:08:38:8D:BA:8A Certificate issuer: /CN=A9125852/serialNumber=875B61740CD370BD4B4A4F6AEA0A8608388DBA8A Certificate serial: 0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h1thdAzTcL1LSk9q6gqGCDiNuoo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125852/E954FD781BA211F08B29E92CC4F9AE02/h1thdAzTcL1LSk9q6gqGCDiNuoo.mft Manifest number: 08 Signing time: Fri 25 Apr 2025 07:10:14 +0000 Manifest this update: Fri 25 Apr 2025 07:10:13 +0000 Manifest next update: Fri 02 May 2025 07:10:13 +0000 Files and hashes: 1: h1thdAzTcL1LSk9q6gqGCDiNuoo.crl (hash: Prcj/TdVpOmDci7Vda4Gm2Vry0zJM6PdKarxgMkYooA=) 2: 36E3783A1BA311F0985A7C2DC4F9AE02.roa (hash: sfbcZk8SAWuxMbwQPAGFt07XT5Nj4mSWLUAB6k9yQMw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125852/E954FD781BA211F08B29E92CC4F9AE02/h1thdAzTcL1LSk9q6gqGCDiNuoo.crl rsync://rpki.apnic.net/member_repository/A9125852/E954FD781BA211F08B29E92CC4F9AE02/h1thdAzTcL1LSk9q6gqGCDiNuoo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h1thdAzTcL1LSk9q6gqGCDiNuoo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125852, serialNumber=875B61740CD370BD4B4A4F6AEA0A8608388DBA8A Validity Not Before: Apr 25 07:10:13 2025 GMT Not After : May 2 07:10:13 2025 GMT Subject: CN=680b3555-b2ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:23:3e:a6:b5:5d:17:c9:17:e2:58:bf:a5:dd: 7f:67:0e:a3:53:b0:85:15:b1:52:02:35:ad:07:40: 68:28:7b:18:7f:c4:2f:60:63:24:96:da:50:22:54: dc:36:1a:a0:76:7b:ff:8a:41:5c:4a:71:1c:59:55: 19:cb:ab:d8:3a:8b:b7:27:fd:69:9f:e7:40:28:fc: ff:6e:1e:a9:24:1c:08:29:d5:1e:36:20:dd:e8:48: 64:e2:eb:33:68:27:cc:ef:33:39:bb:eb:25:09:6c: 00:d8:5c:a2:48:b1:b9:37:8d:4e:33:6d:53:96:80: 47:31:32:7a:a4:74:0a:73:ec:e6:a5:f7:5f:71:77: d4:10:b4:46:7b:a1:c8:84:0f:03:02:13:00:67:ab: 54:c5:09:d0:e3:a9:bc:f2:64:1c:6f:d3:78:dc:44: 0b:82:bd:5f:b4:6d:18:e5:f6:7b:45:2d:bb:15:ca: 91:80:11:f5:6f:f7:67:1e:60:08:0e:d0:d6:70:bb: bc:8e:70:88:4c:cf:92:d2:e5:da:b8:68:b0:e1:df: de:03:40:ad:56:03:a8:96:75:11:d2:ad:ef:66:a9: 46:6d:e4:d5:88:d3:fd:9a:55:1b:c1:59:12:91:9d: c4:1a:fb:7c:64:63:65:7d:33:81:f0:85:d9:22:f9: 80:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:7F:A5:84:B5:D9:4F:E8:B0:B0:A2:4C:5A:08:DC:D6:F4:D3:40:44 X509v3 Authority Key Identifier: keyid:87:5B:61:74:0C:D3:70:BD:4B:4A:4F:6A:EA:0A:86:08:38:8D:BA:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125852/E954FD781BA211F08B29E92CC4F9AE02/h1thdAzTcL1LSk9q6gqGCDiNuoo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h1thdAzTcL1LSk9q6gqGCDiNuoo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125852/E954FD781BA211F08B29E92CC4F9AE02/h1thdAzTcL1LSk9q6gqGCDiNuoo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:a7:ae:f9:87:29:4b:6c:7e:d9:3e:d3:aa:36:ad:6a:1f:0f: b4:98:5a:c6:c6:03:ac:ba:98:f7:d0:e1:9a:52:d0:5b:c5:80: 3a:3a:38:b2:44:c4:a0:71:61:bd:78:ca:1a:84:40:0f:54:f3: 39:9e:b1:de:0d:94:e1:0d:4e:76:24:e1:64:d4:68:07:10:c6: 11:38:c3:2c:7b:19:e6:a0:cc:b4:2c:d1:45:e7:57:b8:e1:90: bb:61:d9:fe:29:13:0a:f3:d9:b6:7f:c1:6b:3d:8c:50:e4:f1: 41:27:b2:58:3f:08:a4:7b:a8:7c:8a:8c:96:45:3a:6b:4e:ea: 69:e7:1d:49:3b:31:02:53:97:db:0d:47:40:3b:dd:d6:d2:2b: dc:06:0f:e3:bd:67:87:2f:f0:31:af:b1:bf:c1:c7:d4:a5:26: ff:06:33:54:0b:9b:d3:56:f0:11:56:dd:e6:f4:97:d2:96:c4: e4:d6:dd:0e:2e:92:bb:87:52:29:77:47:28:48:43:4c:36:65: 9d:72:4e:bf:9b:47:cd:b2:d6:e9:e8:c5:d1:92:83:ee:4c:8e: d2:e7:c4:30:51:18:e1:34:be:ff:46:17:62:a2:ff:86:ff:8f: a9:ea:2b:da:de:e8:64:aa:3a:13:da:fd:77:9e:0c:b6:17:cb: 52:c1:d4:af -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NTg1MjExMC8GA1UEBRMoODc1QjYxNzQwQ0QzNzBCRDRCNEE0RjZBRUEwQTg2MDgz ODhEQkE4QTAeFw0yNTA0MjUwNzEwMTNaFw0yNTA1MDIwNzEwMTNaMBgxFjAUBgNV BAMTDTY4MGIzNTU1LWIyY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDNIz6mtV0XyRfiWL+l3X9nDqNTsIUVsVICNa0HQGgoexh/xC9gYySW2lAiVNw2 GqB2e/+KQVxKcRxZVRnLq9g6i7cn/Wmf50Ao/P9uHqkkHAgp1R42IN3oSGTi6zNo J8zvMzm76yUJbADYXKJIsbk3jU4zbVOWgEcxMnqkdApz7Oal919xd9QQtEZ7ociE DwMCEwBnq1TFCdDjqbzyZBxv03jcRAuCvV+0bRjl9ntFLbsVypGAEfVv92ceYAgO 0NZwu7yOcIhMz5LS5dq4aLDh394DQK1WA6iWdRHSre9mqUZt5NWI0/2aVRvBWRKR ncQa+3xkY2V9M4Hwhdki+YAzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUqn+lhLXZ T+iwsKJMWgjc1vTTQEQwHwYDVR0jBBgwFoAUh1thdAzTcL1LSk9q6gqGCDiNuoow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1ODUyL0U5NTRGRDc4MUJB MjExRjA4QjI5RTkyQ0M0RjlBRTAyL2gxdGhkQXpUY0wxTFNrOXE2Z3FHQ0RpTnVv by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDF0aGRBelRjTDFMU2s5cTZncUdDRGlOdW9vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1 ODUyL0U5NTRGRDc4MUJBMjExRjA4QjI5RTkyQ0M0RjlBRTAyL2gxdGhkQXpUY0wx TFNrOXE2Z3FHQ0RpTnVvby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHmnrvmHKUtsftk+06o2rWofD7SYWsbGA6y6mPfQ4ZpS0FvFgDo6OLJE xKBxYb14yhqEQA9U8zmesd4NlOENTnYk4WTUaAcQxhE4wyx7GeagzLQs0UXnV7jh kLth2f4pEwrz2bZ/wWs9jFDk8UEnslg/CKR7qHyKjJZFOmtO6mnnHUk7MQJTl9sN R0A73dbSK9wGD+O9Z4cv8DGvsb/Bx9SlJv8GM1QLm9NW8BFW3eb0l9KWxOTW3Q4u kruHUil3RyhIQ0w2ZZ1yTr+bR82y1unoxdGSg+5MjtLnxDBRGOE0vv9GF2Ki/4b/ j6nqK9re6GSqOhPa/XeeDLYXy1LB1K8= -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:45 2025 by rpki-client