$ rpki-client -vvf rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft File: 2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft (raw, json) Hash identifier: x7nzgPpqr3L8e+MTWkW9fx10vMyAH8T8wpGepMvJ4TY= Subject key identifier: 91:5A:D3:E6:F2:7E:6C:A1:33:09:27:F1:19:71:80:EF:7E:EF:28:85 Authority key identifier: DA:60:4C:FD:B2:73:0A:8D:E7:25:FC:74:AB:0F:C6:3E:05:58:E5:DC Certificate issuer: /CN=A9127A9B/serialNumber=DA604CFDB2730A8DE725FC74AB0FC63E0558E5DC Certificate serial: 3472 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft Manifest number: 3472 Signing time: Sat 26 Apr 2025 14:49:30 +0000 Manifest this update: Sat 26 Apr 2025 14:49:29 +0000 Manifest next update: Sat 03 May 2025 14:49:29 +0000 Files and hashes: 1: 2mBM_bJzCo3nJfx0qw_GPgVY5dw.crl (hash: 2ZwLsVklb9pNkjFB2ggL1yGjn6L2YW5ocZJ4QY34WbA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.crl rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:49:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13426 (0x3472) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127A9B, serialNumber=DA604CFDB2730A8DE725FC74AB0FC63E0558E5DC Validity Not Before: Apr 26 14:49:29 2025 GMT Not After : May 3 14:49:29 2025 GMT Subject: CN=680cf27a-b561 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:41:e1:b5:d2:83:9a:66:a9:38:2b:54:64:10: 40:72:ba:03:96:66:11:ef:2e:da:92:c0:3d:a3:c9: 60:7a:be:4d:66:59:0d:dd:e9:35:c3:ac:78:fc:34: cf:38:8c:22:87:e6:2d:58:35:ba:ba:6e:a1:fb:bc: 51:67:60:83:32:1b:c6:bb:9d:53:f9:c4:83:7a:20: 10:dc:86:18:a4:41:8d:b9:b7:e4:9b:1b:9b:96:17: f7:55:fe:d8:0b:13:e8:ab:bf:91:e1:cb:71:06:50: bc:f3:97:6e:e3:a1:ea:1c:ff:ca:ea:bf:39:24:5b: 8e:8a:ab:63:3f:8e:cc:ae:af:40:81:6e:f2:4e:0f: 1c:13:37:dd:d0:9b:ef:c4:6c:57:49:d8:25:73:1a: 95:af:c6:92:ac:d8:d6:ec:75:d7:6e:d4:04:d9:59: d2:02:7f:97:b1:55:c9:f5:5a:22:b1:69:7a:36:12: a2:90:e1:97:7d:8b:ff:80:38:f5:93:dc:d5:33:6d: b2:68:48:50:7e:4c:12:bd:ae:e8:86:31:d6:50:ff: 57:f6:6b:25:8c:d6:a9:f4:2a:e6:ac:22:fe:55:f3: 7f:a5:4c:45:e2:a9:fc:c9:37:29:b1:3c:00:f0:54: 33:64:24:aa:29:c0:d1:e8:90:db:d4:f4:a9:c0:94: 2d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:5A:D3:E6:F2:7E:6C:A1:33:09:27:F1:19:71:80:EF:7E:EF:28:85 X509v3 Authority Key Identifier: keyid:DA:60:4C:FD:B2:73:0A:8D:E7:25:FC:74:AB:0F:C6:3E:05:58:E5:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:05:a0:fe:2a:59:7b:e8:e1:b2:95:0d:6a:3c:73:68:03:d3: 2c:8c:f1:34:b6:a8:c4:db:84:b9:39:7c:52:9e:96:02:8b:c7: d6:70:df:9e:38:d4:eb:70:0c:83:b2:5d:a3:5b:93:1c:8f:4e: c8:91:f6:00:89:53:71:ca:de:50:9e:fb:04:6f:c6:ad:ed:f1: 4f:cb:0e:9f:40:4a:65:a3:62:d9:95:63:7c:34:61:cd:ca:55: a2:e0:34:3d:77:e9:12:17:23:37:af:2d:c8:84:e9:aa:c7:ff: 9a:ba:10:53:a3:57:e7:3d:4d:97:57:30:77:b8:53:aa:ad:b8: ee:a5:60:03:58:71:0b:88:f8:db:7a:c6:dc:c3:0f:dc:73:f0: 4c:2e:1e:c7:8b:d7:36:45:c6:f4:92:f3:8c:32:fc:58:a9:34: c3:42:1e:12:78:8f:e7:4f:ee:bc:06:00:4b:8f:c1:c4:0c:d1: 37:42:89:68:7b:f7:e2:e3:8a:a1:bf:50:d4:6b:50:2f:5d:d4: 58:12:f3:1d:e0:45:91:5d:19:3e:6f:c0:86:72:a7:04:6b:10: 12:12:f6:ba:9d:ba:cb:2b:79:c2:82:0d:78:b5:38:54:45:c0: af:c1:57:86:01:cc:f9:7c:76:04:04:f6:01:f6:de:6f:42:d6: 22:7c:c2:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjdBOUIxMTAvBgNVBAUTKERBNjA0Q0ZEQjI3MzBBOERFNzI1RkM3NEFCMEZDNjNF MDU1OEU1REMwHhcNMjUwNDI2MTQ0OTI5WhcNMjUwNTAzMTQ0OTI5WjAYMRYwFAYD VQQDEw02ODBjZjI3YS1iNTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkHhtdKDmmapOCtUZBBAcroDlmYR7y7aksA9o8lger5NZlkN3ek1w6x4/DTP OIwih+YtWDW6um6h+7xRZ2CDMhvGu51T+cSDeiAQ3IYYpEGNubfkmxublhf3Vf7Y CxPoq7+R4ctxBlC885du46HqHP/K6r85JFuOiqtjP47Mrq9AgW7yTg8cEzfd0Jvv xGxXSdglcxqVr8aSrNjW7HXXbtQE2VnSAn+XsVXJ9VoisWl6NhKikOGXfYv/gDj1 k9zVM22yaEhQfkwSva7ohjHWUP9X9msljNap9CrmrCL+VfN/pUxF4qn8yTcpsTwA 8FQzZCSqKcDR6JDb1PSpwJQtjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJFa0+by fmyhMwkn8RlxgO9+7yiFMB8GA1UdIwQYMBaAFNpgTP2ycwqN5yX8dKsPxj4FWOXc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyN0E5Qi9GQzA1OEU1NjFE OTUxMUUyQjFBMDQ2N0UwOEIwMkNEMi8ybUJNX2JKekNvM25KZngwcXdfR1BnVlk1 ZHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJtQk1fYkp6Q28zbkpmeDBxd19HUGdWWTVkdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy N0E5Qi9GQzA1OEU1NjFEOTUxMUUyQjFBMDQ2N0UwOEIwMkNEMi8ybUJNX2JKekNv M25KZngwcXdfR1BnVlk1ZHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPBaD+Kll76OGylQ1qPHNoA9MsjPE0tqjE24S5OXxSnpYCi8fWcN+e ONTrcAyDsl2jW5Mcj07IkfYAiVNxyt5QnvsEb8at7fFPyw6fQEplo2LZlWN8NGHN ylWi4DQ9d+kSFyM3ry3IhOmqx/+auhBTo1fnPU2XVzB3uFOqrbjupWADWHELiPjb esbcww/cc/BMLh7Hi9c2Rcb0kvOMMvxYqTTDQh4SeI/nT+68BgBLj8HEDNE3Qolo e/fi44qhv1DUa1AvXdRYEvMd4EWRXRk+b8CGcqcEaxASEva6nbrLK3nCgg14tThU RcCvwVeGAcz5fHYEBPYB9t5vQtYifMIP -----END CERTIFICATE-----Generated at Sat Apr 26 16:57:59 2025 by rpki-client