$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: lKegtOz56jQMfdjP438SfudR74Mu0yXnfqmHAV2slGE= Subject key identifier: F2:F0:05:97:9D:E1:C4:07:F2:87:C1:9A:FE:0B:0A:E2:C5:8F:AF:02 Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 0200 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 01F3 Signing time: Fri 25 Apr 2025 01:51:57 +0000 Manifest this update: Fri 25 Apr 2025 01:51:56 +0000 Manifest next update: Fri 02 May 2025 01:51:56 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: +KHeE7SN0wjSMFxk6kGDAsxb3zWLglIUdDi/5eWUJTw=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: RN89+S1mBA7UPdGt6AqckCvGseRU/f6VRbIgO417GXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:51:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 512 (0x200) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Apr 25 01:51:56 2025 GMT Not After : May 2 01:51:56 2025 GMT Subject: CN=680aeabc-5d33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:1d:d1:c0:c0:b0:84:05:a6:58:92:f9:7d:cc: f0:29:77:01:05:90:72:45:b9:36:49:98:f2:58:3f: 59:76:71:28:a9:4f:70:db:a1:8f:04:70:83:b3:3c: de:86:55:62:e6:dc:d4:25:65:38:20:00:1a:06:ff: 58:76:49:e6:30:19:d6:ae:7c:b1:da:99:31:f5:a3: 16:75:b6:31:60:b8:3d:18:35:26:eb:0e:ca:e0:00: 6d:df:18:0d:07:ba:99:7f:45:28:a9:83:32:97:e1: 07:2a:d1:ae:b8:ea:69:04:c5:6f:73:88:85:c3:dd: 91:dc:69:35:68:3e:2e:1d:ed:d3:fc:56:d2:58:36: 32:03:ca:32:27:ce:05:fc:9a:5b:6c:bb:a2:a9:4f: 66:ad:e0:f5:95:e7:f5:05:f6:f2:34:46:d2:aa:cb: 4a:cb:4b:8f:66:06:62:96:ba:90:23:cf:6e:b0:d6: 81:d7:8b:32:08:0c:bf:86:3b:15:37:2b:dd:3c:14: bc:f8:02:a2:94:8c:23:59:25:1a:b8:b1:3d:91:9d: bc:30:a7:13:c7:d3:18:b6:c7:20:35:b7:93:54:db: 21:1d:0e:56:47:6f:fc:54:78:5b:5d:bd:bf:27:dc: 8c:98:4e:d3:52:07:5c:65:e0:cd:cf:95:35:ae:eb: 39:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:F0:05:97:9D:E1:C4:07:F2:87:C1:9A:FE:0B:0A:E2:C5:8F:AF:02 X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:0b:94:ba:96:68:67:1a:13:9a:c2:09:17:52:d8:31:64:05: 71:e7:39:9b:4d:d0:49:81:58:e1:1d:73:3b:b4:ed:1d:6c:53: e0:28:a1:77:d3:7e:18:b7:75:54:76:d1:a2:9c:3a:f2:07:17: d0:64:d4:35:c3:1d:6b:04:a3:cf:e9:49:37:5c:22:6c:73:6f: 63:d9:c0:3a:10:6e:e9:e9:54:42:dc:69:07:58:c0:7b:e2:75: 73:6b:65:da:7f:c7:9e:a1:a3:c4:16:5b:bf:60:75:cb:8c:91: 30:0c:3e:52:bb:ef:dc:b7:a0:9c:f6:57:8d:69:47:91:63:2d: 2c:8c:96:d0:2a:0c:29:de:ad:f9:24:57:77:57:a1:a5:a5:0f: d7:12:32:e0:f1:f9:a3:0e:81:97:75:84:62:d5:6f:9a:88:bf: a7:36:51:4e:16:d5:3d:cb:67:53:f4:34:a5:27:20:09:57:0d: f8:95:af:6b:03:60:76:3c:79:4b:ad:22:30:02:f2:dd:6d:e5: ee:ee:ef:b0:3f:f1:59:d3:22:b6:50:7c:2e:04:7e:f8:b8:6c: fa:f0:8e:6b:b9:96:83:4f:b3:77:a7:99:fb:b0:22:ed:8f:a7: ff:fd:8c:b8:0b:7b:99:de:a4:e2:24:29:06:bc:a0:45:ab:eb: 2e:af:47:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjUwNDI1MDE1MTU2WhcNMjUwNTAyMDE1MTU2WjAYMRYwFAYD VQQDEw02ODBhZWFiYy01ZDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9B3RwMCwhAWmWJL5fczwKXcBBZByRbk2SZjyWD9ZdnEoqU9w26GPBHCDszze hlVi5tzUJWU4IAAaBv9YdknmMBnWrnyx2pkx9aMWdbYxYLg9GDUm6w7K4ABt3xgN B7qZf0UoqYMyl+EHKtGuuOppBMVvc4iFw92R3Gk1aD4uHe3T/FbSWDYyA8oyJ84F /JpbbLuiqU9mreD1lef1BfbyNEbSqstKy0uPZgZilrqQI89usNaB14syCAy/hjsV NyvdPBS8+AKilIwjWSUauLE9kZ28MKcTx9MYtscgNbeTVNshHQ5WR2/8VHhbXb2/ J9yMmE7TUgdcZeDNz5U1rus5hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPLwBZed 4cQH8ofBmv4LCuLFj68CMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArC5S6lmhnGhOawgkXUtgxZAVx5zmbTdBJgVjhHXM7tO0dbFPgKKF3 034Yt3VUdtGinDryBxfQZNQ1wx1rBKPP6Uk3XCJsc29j2cA6EG7p6VRC3GkHWMB7 4nVza2Xaf8eeoaPEFlu/YHXLjJEwDD5Su+/ct6Cc9leNaUeRYy0sjJbQKgwp3q35 JFd3V6GlpQ/XEjLg8fmjDoGXdYRi1W+aiL+nNlFOFtU9y2dT9DSlJyAJVw34la9r A2B2PHlLrSIwAvLdbeXu7u+wP/FZ0yK2UHwuBH74uGz68I5ruZaDT7N3p5n7sCLt j6f//Yy4C3uZ3qTiJCkGvKBFq+sur0cB -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:03 2025 by rpki-client