$ rpki-client -vvf rpki.apnic.net/member_repository/A912978E/D5AE7FAC53CA11EE8049935EC4F9AE02/bfCTVmC1JNKoCAZDaLCvxWU4ppo.mft File: bfCTVmC1JNKoCAZDaLCvxWU4ppo.mft (raw, json) Hash identifier: 4OS4DIZ7uwOHFbuMi0yyzIjO3VnSNOkNLWh+u3NNSmA= Subject key identifier: 0B:C5:44:CB:63:14:94:78:3A:37:54:E7:47:3F:9D:E5:33:FE:95:33 Authority key identifier: 6D:F0:93:56:60:B5:24:D2:A8:08:06:43:68:B0:AF:C5:65:38:A6:9A Certificate issuer: /CN=A912978E/serialNumber=6DF0935660B524D2A808064368B0AFC56538A69A Certificate serial: 0138 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bfCTVmC1JNKoCAZDaLCvxWU4ppo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912978E/D5AE7FAC53CA11EE8049935EC4F9AE02/bfCTVmC1JNKoCAZDaLCvxWU4ppo.mft Manifest number: 0133 Signing time: Fri 25 Apr 2025 03:38:57 +0000 Manifest this update: Fri 25 Apr 2025 03:38:56 +0000 Manifest next update: Fri 02 May 2025 03:38:56 +0000 Files and hashes: 1: bfCTVmC1JNKoCAZDaLCvxWU4ppo.crl (hash: aVYxv86qRyQ/CVNjG08aY2RAvNWE1YgrpwocDfDxnPo=) 2: 59923F2CA72011EEA63ABF4AC4F9AE02.roa (hash: jVn5ZxyveGa/F3Z17pqMoq5Bfa+WnZz2iNW6T6RgwPs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912978E/D5AE7FAC53CA11EE8049935EC4F9AE02/bfCTVmC1JNKoCAZDaLCvxWU4ppo.crl rsync://rpki.apnic.net/member_repository/A912978E/D5AE7FAC53CA11EE8049935EC4F9AE02/bfCTVmC1JNKoCAZDaLCvxWU4ppo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bfCTVmC1JNKoCAZDaLCvxWU4ppo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:38:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 312 (0x138) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912978E, serialNumber=6DF0935660B524D2A808064368B0AFC56538A69A Validity Not Before: Apr 25 03:38:56 2025 GMT Not After : May 2 03:38:56 2025 GMT Subject: CN=680b03d0-c91c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:30:f3:d5:9e:c5:fa:09:ac:48:11:4a:96:c3: 44:97:5d:75:fc:34:4f:67:86:ea:c9:2b:90:a6:51: 62:a7:b5:65:1d:a3:c5:72:f9:19:dd:8c:f8:37:76: 56:dc:de:69:ec:0a:d1:8a:3a:80:9f:62:ec:d1:e7: fd:69:11:00:07:9f:2e:f0:89:3a:0e:4a:f6:32:25: 92:a0:24:c1:3f:51:92:bc:19:db:a1:ad:79:64:4b: 83:1a:9a:38:d0:8b:46:ca:8f:e5:c9:8a:f7:71:d2: 90:d7:dd:84:30:9b:5b:44:56:95:9f:a9:f5:47:1e: b8:53:fd:b1:d9:6b:dc:a1:4f:fb:31:cc:bd:19:0d: a3:b6:c3:c8:26:ee:a4:6d:47:58:b0:33:78:c2:56: 6d:80:9e:66:2d:85:8a:d0:75:4d:39:87:95:cf:f6: d2:bb:0a:f2:ec:16:61:2f:6a:17:fd:41:f2:db:25: 63:38:ad:9c:4d:d4:ce:c0:c8:f6:34:df:eb:e8:76: 08:3e:16:32:66:7b:96:07:59:cf:98:aa:c3:90:fb: 93:b5:95:06:3a:a9:a9:bb:4b:78:e1:4b:85:b1:eb: d3:96:c1:67:25:62:1a:2f:1a:fe:d1:cc:12:e2:d5: e7:98:40:e1:54:e1:ec:39:7f:62:95:dc:fd:ef:0b: b6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:C5:44:CB:63:14:94:78:3A:37:54:E7:47:3F:9D:E5:33:FE:95:33 X509v3 Authority Key Identifier: keyid:6D:F0:93:56:60:B5:24:D2:A8:08:06:43:68:B0:AF:C5:65:38:A6:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912978E/D5AE7FAC53CA11EE8049935EC4F9AE02/bfCTVmC1JNKoCAZDaLCvxWU4ppo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bfCTVmC1JNKoCAZDaLCvxWU4ppo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912978E/D5AE7FAC53CA11EE8049935EC4F9AE02/bfCTVmC1JNKoCAZDaLCvxWU4ppo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:6d:d5:32:19:af:0b:7a:1c:15:d8:d4:b5:2d:1e:78:f1:91: a8:97:b9:75:47:02:79:24:3b:b6:58:d7:11:20:14:02:a1:f7: e8:e0:e4:b7:d4:49:e4:e5:3d:97:e5:8f:84:c9:93:02:36:42: 0d:56:6e:72:82:37:b4:15:57:5a:d5:08:c9:a3:43:20:19:c9: 76:80:26:0b:04:97:f6:fd:c7:f0:71:a6:fd:76:53:e9:48:70: 90:5d:d7:f9:8f:45:f3:5d:ae:9f:76:62:50:ab:dc:78:f5:06: 11:87:da:61:4f:5c:72:e8:71:88:ba:f3:f1:ba:a3:10:34:e6: 6a:1c:ef:a8:ab:3b:80:42:eb:93:7e:05:6b:b8:59:c6:46:20: 17:98:1c:04:f8:f9:69:e8:77:ae:fa:66:e2:4c:5e:dd:93:0b: e3:ee:de:b2:27:a9:a9:c7:45:71:27:d9:fd:bd:f6:42:c5:a2: 9f:a2:f9:cc:49:75:18:e5:b8:5d:26:10:7d:2b:8d:49:c2:72: ba:95:2a:1b:1d:3f:d1:34:b5:35:25:55:d0:c7:b8:13:ba:ab: 59:ce:86:93:0e:65:c5:af:38:16:ad:de:25:30:9c:5b:17:aa: c9:a9:f5:65:1a:60:72:7e:c9:ef:cc:11:b2:ae:82:5d:49:2b: d8:82:83:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjk3OEUxMTAvBgNVBAUTKDZERjA5MzU2NjBCNTI0RDJBODA4MDY0MzY4QjBBRkM1 NjUzOEE2OUEwHhcNMjUwNDI1MDMzODU2WhcNMjUwNTAyMDMzODU2WjAYMRYwFAYD VQQDEw02ODBiMDNkMC1jOTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuDDz1Z7F+gmsSBFKlsNEl111/DRPZ4bqySuQplFip7VlHaPFcvkZ3Yz4N3ZW 3N5p7ArRijqAn2Ls0ef9aREAB58u8Ik6Dkr2MiWSoCTBP1GSvBnboa15ZEuDGpo4 0ItGyo/lyYr3cdKQ192EMJtbRFaVn6n1Rx64U/2x2WvcoU/7Mcy9GQ2jtsPIJu6k bUdYsDN4wlZtgJ5mLYWK0HVNOYeVz/bSuwry7BZhL2oX/UHy2yVjOK2cTdTOwMj2 NN/r6HYIPhYyZnuWB1nPmKrDkPuTtZUGOqmpu0t44UuFsevTlsFnJWIaLxr+0cwS 4tXnmEDhVOHsOX9ildz97wu26wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAvFRMtj FJR4OjdU50c/neUz/pUzMB8GA1UdIwQYMBaAFG3wk1ZgtSTSqAgGQ2iwr8VlOKaa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTc4RS9ENUFFN0ZBQzUz Q0ExMUVFODA0OTkzNUVDNEY5QUUwMi9iZkNUVm1DMUpOS29DQVpEYUxDdnhXVTRw cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JmQ1RWbUMxSk5Lb0NBWkRhTEN2eFdVNHBwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OTc4RS9ENUFFN0ZBQzUzQ0ExMUVFODA0OTkzNUVDNEY5QUUwMi9iZkNUVm1DMUpO S29DQVpEYUxDdnhXVTRwcG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9bdUyGa8LehwV2NS1LR548ZGol7l1RwJ5JDu2WNcRIBQCoffo4OS3 1Enk5T2X5Y+EyZMCNkINVm5ygje0FVda1QjJo0MgGcl2gCYLBJf2/cfwcab9dlPp SHCQXdf5j0XzXa6fdmJQq9x49QYRh9phT1xy6HGIuvPxuqMQNOZqHO+oqzuAQuuT fgVruFnGRiAXmBwE+Plp6Heu+mbiTF7dkwvj7t6yJ6mpx0VxJ9n9vfZCxaKfovnM SXUY5bhdJhB9K41JwnK6lSobHT/RNLU1JVXQx7gTuqtZzoaTDmXFrzgWrd4lMJxb F6rJqfVlGmByfsnvzBGyroJdSSvYgoPr -----END CERTIFICATE-----Generated at Sat Apr 26 13:00:40 2025 by rpki-client