$ rpki-client -vvf rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft File: Icv-KamU2PngPkxNRObPW2SLeOw.mft (raw, json) Hash identifier: 94+HhKC7sBlENzpCn0qT7JzYJLptEuOVdroUVVYtr0s= Subject key identifier: 07:B1:90:BB:A8:DA:BD:2A:7D:41:A5:11:70:68:64:C4:B4:66:F9:BC Authority key identifier: 21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC Certificate issuer: /CN=A91272F9/serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Certificate serial: 12B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft Manifest number: 12A1 Signing time: Thu 24 Apr 2025 17:05:48 +0000 Manifest this update: Thu 24 Apr 2025 17:05:47 +0000 Manifest next update: Thu 01 May 2025 17:05:47 +0000 Files and hashes: 1: Icv-KamU2PngPkxNRObPW2SLeOw.crl (hash: HP98fY5M6cdU+SJzWpDnu6OYzyA+ReZheKNZfcwNSDg=) 2: AA5A77C88DB811EBA0613421C4F9AE02.roa (hash: fNoRTJRcUq+MisSf8jbpZwfIe00iU+V6oUD6yiNy/5Y=) 3: A5393FF2E70911E8B4D19B84C4F9AE02.roa (hash: 9kzHJ+mrOXjrh7/imCy9YTTgW8CKx7edCdpIZZ1nyQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:05:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4787 (0x12b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91272F9, serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Validity Not Before: Apr 24 17:05:47 2025 GMT Not After : May 1 17:05:47 2025 GMT Subject: CN=680a6f6c-0f51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7e:b7:a3:c6:10:e6:10:d5:d4:46:fe:20:b2: 93:6b:9d:86:3b:5e:b5:b8:a2:d1:b3:da:2e:b1:79: da:91:e5:f4:24:af:cb:80:fd:52:a4:e0:5c:16:90: 4b:87:dc:d4:eb:dd:ae:bc:d1:ac:0c:bc:8f:f2:67: 2b:92:57:2c:ff:12:28:9f:5e:b9:24:39:f3:6b:ba: f9:e3:07:9c:cb:3d:57:b1:43:70:eb:a5:59:05:b1: eb:9e:41:b0:3d:95:6e:c4:64:1b:2b:7e:08:36:54: 43:cb:c1:86:e3:90:10:6a:e5:11:36:4d:cd:f3:57: b1:ca:95:02:6d:9d:7e:55:38:e9:6e:f2:9a:bc:c5: 28:ab:0d:4c:c4:64:04:bc:41:be:8b:54:f5:7d:da: b7:03:a6:9a:8f:7b:76:28:ee:c3:a4:28:2a:df:3a: 63:27:ce:38:77:1a:e6:25:16:66:16:c5:b3:5d:6c: b4:7f:bb:64:13:b1:d0:aa:5f:ed:f9:64:dd:01:c1: 00:81:ed:98:58:fe:a3:8c:81:e3:55:0e:50:19:93: bc:16:bf:a2:4e:96:7d:69:d7:d9:a0:bb:72:7e:85: 6a:7d:4f:81:a5:10:26:27:e6:d3:78:7c:e5:6f:22: 48:e6:02:6c:01:eb:1e:b8:6a:6a:cb:d1:89:b7:ad: 5e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:B1:90:BB:A8:DA:BD:2A:7D:41:A5:11:70:68:64:C4:B4:66:F9:BC X509v3 Authority Key Identifier: keyid:21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:32:35:53:c5:6b:7c:62:9d:36:89:b8:62:f3:f7:69:5e:8b: 33:8c:f3:af:4b:42:2f:6d:19:30:14:1a:6f:b6:9c:15:29:e8: e1:0b:47:04:42:a7:13:f2:c6:63:2a:48:30:10:f0:54:c6:c8: 07:5a:68:ca:ff:74:24:13:b6:d6:b3:82:49:43:05:73:ef:28: ad:fa:4b:da:3d:c0:3e:ab:71:29:2e:11:ae:c4:84:42:31:72: a6:e9:45:17:18:4f:9c:fc:b2:c3:98:b2:d3:0a:fd:18:71:09: 9d:0b:bf:09:72:d6:6b:71:db:ad:93:1f:0b:36:aa:ec:9f:a2: cc:67:ff:90:6e:03:7c:71:b7:0e:e3:29:f5:ce:54:d6:8f:6c: e0:8d:27:22:62:a0:43:ea:74:70:84:88:47:2b:12:af:89:8f: cd:d3:d5:60:60:80:cd:87:f0:0c:2b:3e:08:48:7e:5e:ca:98: ee:fe:0d:59:49:ac:87:3f:bc:fb:4b:68:cc:92:39:a9:0e:41: ba:59:29:1b:ac:13:eb:da:37:b6:3b:f8:51:93:78:11:ff:45: 5c:d7:76:5b:f7:9d:b4:7e:46:0f:8d:2b:41:c1:66:61:11:9d: 60:b8:26:ee:af:ae:8b:95:ea:18:03:5a:6d:04:b5:44:3a:d6: a1:dc:d9:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICErMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjcyRjkxMTAvBgNVBAUTKDIxQ0JGRTI5QTk5NEQ4RjlFMDNFNEM0RDQ0RTZDRjVC NjQ4Qjc4RUMwHhcNMjUwNDI0MTcwNTQ3WhcNMjUwNTAxMTcwNTQ3WjAYMRYwFAYD VQQDEw02ODBhNmY2Yy0wZjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnH63o8YQ5hDV1Eb+ILKTa52GO161uKLRs9ousXnakeX0JK/LgP1SpOBcFpBL h9zU692uvNGsDLyP8mcrklcs/xIon165JDnza7r54wecyz1XsUNw66VZBbHrnkGw PZVuxGQbK34INlRDy8GG45AQauURNk3N81exypUCbZ1+VTjpbvKavMUoqw1MxGQE vEG+i1T1fdq3A6aaj3t2KO7DpCgq3zpjJ844dxrmJRZmFsWzXWy0f7tkE7HQql/t +WTdAcEAge2YWP6jjIHjVQ5QGZO8Fr+iTpZ9adfZoLtyfoVqfU+BpRAmJ+bTeHzl byJI5gJsAeseuGpqy9GJt61e6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAexkLuo 2r0qfUGlEXBoZMS0Zvm8MB8GA1UdIwQYMBaAFCHL/implNj54D5MTUTmz1tki3js MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzJGOS9EMkVENDlDMkMy NkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQbmdQa3hOUk9iUFcyU0xl T3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ljdi1LYW1VMlBuZ1BreE5ST2JQVzJTTGVPdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzJGOS9EMkVENDlDMkMyNkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQ bmdQa3hOUk9iUFcyU0xlT3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/MjVTxWt8Yp02ibhi8/dpXoszjPOvS0IvbRkwFBpvtpwVKejhC0cE QqcT8sZjKkgwEPBUxsgHWmjK/3QkE7bWs4JJQwVz7yit+kvaPcA+q3EpLhGuxIRC MXKm6UUXGE+c/LLDmLLTCv0YcQmdC78JctZrcdutkx8LNqrsn6LMZ/+QbgN8cbcO 4yn1zlTWj2zgjSciYqBD6nRwhIhHKxKviY/N09VgYIDNh/AMKz4ISH5eypju/g1Z SayHP7z7S2jMkjmpDkG6WSkbrBPr2je2O/hRk3gR/0Vc13Zb9520fkYPjStBwWZh EZ1guCbur66LleoYA1ptBLVEOtah3Nlf -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:49 2025 by rpki-client