$ rpki-client -vvf rpki.apnic.net/member_repository/A9128576/2DE94A9AD7A411EF964D6D7CC4F9AE02/GJHVTO9qkMIy_KiR45n5eDhnEe4.mft File: GJHVTO9qkMIy_KiR45n5eDhnEe4.mft (raw, json) Hash identifier: XcEDKpXeL9YGLHNr0Z9/iPbT4ol+iBKjcKVqxz9XBZA= Subject key identifier: C8:FE:BE:25:1E:A9:A4:BD:B6:4B:17:AB:00:6D:4D:10:BB:FF:B0:82 Authority key identifier: 18:91:D5:4C:EF:6A:90:C2:32:FC:A8:91:E3:99:F9:78:38:67:11:EE Certificate issuer: /CN=A9128576/serialNumber=1891D54CEF6A90C232FCA891E399F978386711EE Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GJHVTO9qkMIy_KiR45n5eDhnEe4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128576/2DE94A9AD7A411EF964D6D7CC4F9AE02/GJHVTO9qkMIy_KiR45n5eDhnEe4.mft Manifest number: 32 Signing time: Fri 25 Apr 2025 06:37:55 +0000 Manifest this update: Fri 25 Apr 2025 06:37:54 +0000 Manifest next update: Fri 02 May 2025 06:37:54 +0000 Files and hashes: 1: GJHVTO9qkMIy_KiR45n5eDhnEe4.crl (hash: O2ZDGhhFES9Zw6Ivfwb+CwSXpAb0oMajaNDAmQorWr4=) 2: C8BFCD96D7A411EF9AB81933C4F9AE02.roa (hash: Fo5VkT431J+zLy9igbQ3SFfIsb+FgMetIU9BycrAICA=) 3: C9B06ECCD7A411EF9AB81933C4F9AE02.roa (hash: ftkSUsDxtIg6s2jX13CXTFZ0keaCV5YjPDUyQbqNBxE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128576/2DE94A9AD7A411EF964D6D7CC4F9AE02/GJHVTO9qkMIy_KiR45n5eDhnEe4.crl rsync://rpki.apnic.net/member_repository/A9128576/2DE94A9AD7A411EF964D6D7CC4F9AE02/GJHVTO9qkMIy_KiR45n5eDhnEe4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GJHVTO9qkMIy_KiR45n5eDhnEe4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:37:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128576, serialNumber=1891D54CEF6A90C232FCA891E399F978386711EE Validity Not Before: Apr 25 06:37:54 2025 GMT Not After : May 2 06:37:54 2025 GMT Subject: CN=680b2dc2-2f21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:bd:83:d1:67:65:a2:87:c9:c1:bc:8d:fa:0f: ad:e0:cd:ea:f7:03:5a:d3:54:8b:92:07:50:08:0e: 76:4d:5b:64:08:4e:09:8c:fd:5f:f6:67:8b:db:da: c7:8d:99:1c:6d:28:2b:5e:56:00:ab:c9:b2:ce:03: 31:dc:00:1b:e2:64:9f:6f:80:72:72:e6:57:c5:be: 88:e2:88:7b:58:e9:e0:d5:6a:d8:5d:1b:a8:34:89: 32:e2:7d:66:c0:27:7c:3d:72:6d:aa:20:5f:ef:a2: fa:e8:db:fd:fe:11:ff:a1:e3:f9:d0:5d:29:e5:a3: 02:45:8d:4f:20:89:81:e2:4e:0a:43:ec:72:e0:06: da:27:b9:f6:0e:0d:9d:ae:88:06:31:60:f0:26:22: 03:b5:dd:a4:dc:a4:8d:10:2e:02:29:44:ed:9c:26: 63:a7:09:4a:1e:85:d4:01:55:44:d6:22:a4:83:bc: e4:6d:2a:bd:a5:42:1a:67:da:69:26:5e:31:83:30: 4f:e1:4a:d5:45:08:19:e5:b5:41:4f:6e:13:90:3f: 6b:96:a2:3c:bb:15:af:9b:ec:2d:28:bb:8f:f1:da: 11:61:51:bf:64:e1:1b:1c:71:e5:a7:63:e6:f1:28: b4:55:3b:a1:55:c3:d3:d8:83:3f:ce:5f:a8:1b:da: af:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:FE:BE:25:1E:A9:A4:BD:B6:4B:17:AB:00:6D:4D:10:BB:FF:B0:82 X509v3 Authority Key Identifier: keyid:18:91:D5:4C:EF:6A:90:C2:32:FC:A8:91:E3:99:F9:78:38:67:11:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128576/2DE94A9AD7A411EF964D6D7CC4F9AE02/GJHVTO9qkMIy_KiR45n5eDhnEe4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GJHVTO9qkMIy_KiR45n5eDhnEe4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128576/2DE94A9AD7A411EF964D6D7CC4F9AE02/GJHVTO9qkMIy_KiR45n5eDhnEe4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:35:f6:12:c8:6b:eb:a7:cf:b1:9c:f8:fb:f0:f6:42:f5:21: df:43:37:cb:f7:6d:96:cf:b8:2d:ab:20:70:45:0b:a1:18:f3: 9f:49:0c:d0:13:e7:f5:7a:d3:84:98:94:ac:92:c8:74:d3:f7: ab:14:f2:46:a9:22:96:a7:70:8a:0a:28:70:41:61:00:01:83: 79:d9:c4:24:66:c1:ee:10:20:18:70:38:e5:76:80:d6:46:55: 45:b7:bd:03:79:2d:d5:15:ce:64:38:48:65:21:ac:3d:f3:38: 46:87:da:46:6a:cc:6c:c3:33:ba:3e:b1:9c:46:e2:ef:ad:9b: c5:4f:d4:3d:a3:cf:95:c7:3b:31:de:dd:56:cc:41:52:fb:e1: d9:b1:f1:e0:13:85:9e:0a:b1:78:41:e0:dc:4c:6e:ad:a8:84: 57:30:fa:17:f3:7d:55:6b:a9:54:29:82:b9:fd:90:d4:fe:8d: 28:24:c2:f7:79:0e:42:a5:5c:13:34:78:95:97:f4:19:40:51: 74:fe:8c:b8:43:e8:9d:da:47:82:66:8e:ed:21:94:ca:da:dc: ab:df:52:7d:1e:73:dc:94:61:f6:57:46:86:f7:df:43:3d:9e: 75:48:76:ae:e3:02:e8:cd:98:79:72:fd:38:3c:a6:95:51:14: 1a:09:cf:aa -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy ODU3NjExMC8GA1UEBRMoMTg5MUQ1NENFRjZBOTBDMjMyRkNBODkxRTM5OUY5Nzgz ODY3MTFFRTAeFw0yNTA0MjUwNjM3NTRaFw0yNTA1MDIwNjM3NTRaMBgxFjAUBgNV BAMTDTY4MGIyZGMyLTJmMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxvYPRZ2Wih8nBvI36D63gzer3A1rTVIuSB1AIDnZNW2QITgmM/V/2Z4vb2seN mRxtKCteVgCrybLOAzHcABviZJ9vgHJy5lfFvojiiHtY6eDVathdG6g0iTLifWbA J3w9cm2qIF/vovro2/3+Ef+h4/nQXSnlowJFjU8giYHiTgpD7HLgBtonufYODZ2u iAYxYPAmIgO13aTcpI0QLgIpRO2cJmOnCUoehdQBVUTWIqSDvORtKr2lQhpn2mkm XjGDME/hStVFCBnltUFPbhOQP2uWojy7Fa+b7C0ou4/x2hFhUb9k4RscceWnY+bx KLRVO6FVw9PYgz/OX6gb2q+ZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUyP6+JR6p pL22SxerAG1NELv/sIIwHwYDVR0jBBgwFoAUGJHVTO9qkMIy/KiR45n5eDhnEe4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4NTc2LzJERTk0QTlBRDdB NDExRUY5NjRENkQ3Q0M0RjlBRTAyL0dKSFZUTzlxa01JeV9LaVI0NW41ZURobkVl NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvR0pIVlRPOXFrTUl5X0tpUjQ1bjVlRGhuRWU0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4 NTc2LzJERTk0QTlBRDdBNDExRUY5NjRENkQ3Q0M0RjlBRTAyL0dKSFZUTzlxa01J eV9LaVI0NW41ZURobkVlNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAI19hLIa+unz7Gc+Pvw9kL1Id9DN8v3bZbPuC2rIHBFC6EY859JDNAT 5/V604SYlKySyHTT96sU8kapIpancIoKKHBBYQABg3nZxCRmwe4QIBhwOOV2gNZG VUW3vQN5LdUVzmQ4SGUhrD3zOEaH2kZqzGzDM7o+sZxG4u+tm8VP1D2jz5XHOzHe 3VbMQVL74dmx8eAThZ4KsXhB4NxMbq2ohFcw+hfzfVVrqVQpgrn9kNT+jSgkwvd5 DkKlXBM0eJWX9BlAUXT+jLhD6J3aR4Jmju0hlMra3KvfUn0ec9yUYfZXRob330M9 nnVIdq7jAujNmHly/Tg8ppVRFBoJz6o= -----END CERTIFICATE-----Generated at Sat Apr 26 04:38:35 2025 by rpki-client