$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft File: hA_W9-iR44BKfbMJ0EzoXBr3htE.mft (raw, json) Hash identifier: jFrvFp4bIxqCiTT8UND86dkPXomDwA8+Vg7dsWrv5jE= Subject key identifier: B5:A4:A0:AE:FB:3E:DB:80:03:08:AD:96:20:98:25:8B:D2:DE:CB:C3 Authority key identifier: 84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1 Certificate issuer: /CN=A912C8AF/serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1 Certificate serial: 49 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft Manifest number: 49 Signing time: Thu 24 Apr 2025 19:31:58 +0000 Manifest this update: Thu 24 Apr 2025 19:31:57 +0000 Manifest next update: Thu 01 May 2025 19:31:57 +0000 Files and hashes: 1: hA_W9-iR44BKfbMJ0EzoXBr3htE.crl (hash: pikqamQmdBGK9TdgnhzSXnmUUGhaxqaPTvsm+AqlaZU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:31:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73 (0x49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8AF, serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1 Validity Not Before: Apr 24 19:31:57 2025 GMT Not After : May 1 19:31:57 2025 GMT Subject: CN=680a91ad-e9ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2c:70:8d:60:f4:13:26:cf:55:a7:e8:fc:30: c7:23:f4:80:35:fb:fc:b2:3a:b9:27:0d:7f:76:e2: 07:93:b5:9e:e8:9d:67:d1:d7:0a:b9:0a:94:82:26: fe:1d:ab:bb:d2:72:c0:6d:24:fb:19:8d:fa:64:7e: 78:e4:fa:4e:2d:24:2f:aa:e2:0a:bc:6e:f9:60:57: 99:ee:6c:3c:64:c7:dc:5a:f2:40:c4:0d:91:16:a8: 60:2d:40:22:18:5a:98:29:ac:35:d3:49:1a:ae:ea: bd:d3:43:c8:99:be:85:89:d2:8b:1e:a6:7a:30:68: eb:40:22:90:00:dd:66:23:57:d2:36:80:97:8e:e3: 5e:5c:ff:73:d3:66:35:a5:fc:0c:51:f6:61:af:c5: c9:be:1c:35:35:d9:c4:59:a0:aa:ed:18:33:55:94: a8:75:d6:53:2e:0b:7c:70:7b:4a:00:90:88:69:60: ba:dc:23:58:8e:c3:3d:8f:64:ec:f4:4f:2d:2a:09: 88:88:eb:b7:cd:ad:00:3d:81:f5:65:e6:66:af:00: a6:4d:13:bd:61:8a:61:ad:e7:ee:87:c9:43:7f:82: d5:47:57:ac:79:14:74:0a:3a:8c:52:71:25:65:3b: c8:84:c5:45:e5:cd:c9:7f:b2:9e:65:25:f9:0b:a7: 0f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:A4:A0:AE:FB:3E:DB:80:03:08:AD:96:20:98:25:8B:D2:DE:CB:C3 X509v3 Authority Key Identifier: keyid:84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:7a:2a:42:77:02:d5:6f:55:e9:bb:b0:88:35:69:40:e1:cc: 64:56:e1:64:34:0b:b7:93:60:c0:88:9f:e6:a4:87:ac:c6:fc: 83:f7:b0:b3:5a:b5:2c:61:8a:66:ce:4e:0d:af:98:62:ae:21: c9:81:c0:61:88:9e:e4:9a:e4:62:dd:37:09:40:ba:35:a9:7b: 71:4f:28:76:ed:0a:37:42:ac:4f:c2:55:71:61:78:02:77:7c: f9:d6:cb:41:4f:4a:b5:55:0e:01:fd:af:4b:25:27:7a:ee:c5: d6:71:31:62:49:5b:7f:4a:e2:f5:1d:5a:12:58:1f:19:70:04: 5e:78:93:c0:3a:f8:e0:e6:66:3b:1c:9f:03:da:a1:8b:42:77: 72:a6:48:0d:96:55:e9:8d:5c:6c:e5:b4:d3:e7:96:29:c4:d4: 9b:c5:29:da:09:92:54:fe:38:2b:bb:5a:ab:05:1a:82:31:33: 76:82:1c:10:9a:f0:7c:fc:ee:c8:0b:ad:d7:d4:b4:ed:cc:05: 97:df:79:23:57:12:8d:b7:03:84:3a:20:ad:9f:df:02:c9:c2: cf:60:ca:d6:89:16:0c:49:1e:62:94:23:fc:0d:63:dd:04:4e: 22:e2:b9:9b:96:1c:67:0a:f1:04:3e:fb:36:51:bf:14:ce:fb: 5f:9b:e2:89 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QzhBRjExMC8GA1UEBRMoODQwRkQ2RjdFODkxRTM4MDRBN0RCMzA5RDA0Q0U4NUMx QUY3ODZEMTAeFw0yNTA0MjQxOTMxNTdaFw0yNTA1MDExOTMxNTdaMBgxFjAUBgNV BAMTDTY4MGE5MWFkLWU5YmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyLHCNYPQTJs9Vp+j8MMcj9IA1+/yyOrknDX924geTtZ7onWfR1wq5CpSCJv4d q7vScsBtJPsZjfpkfnjk+k4tJC+q4gq8bvlgV5nubDxkx9xa8kDEDZEWqGAtQCIY WpgprDXTSRqu6r3TQ8iZvoWJ0osepnowaOtAIpAA3WYjV9I2gJeO415c/3PTZjWl /AxR9mGvxcm+HDU12cRZoKrtGDNVlKh11lMuC3xwe0oAkIhpYLrcI1iOwz2PZOz0 Ty0qCYiI67fNrQA9gfVl5mavAKZNE71himGt5+6HyUN/gtVHV6x5FHQKOoxScSVl O8iExUXlzcl/sp5lJfkLpw/zAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtaSgrvs+ 24ADCK2WIJgli9Ley8MwHwYDVR0jBBgwFoAUhA/W9+iR44BKfbMJ0EzoXBr3htEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDOEFGLzE5N0ZGN0EyQjQw OTExRUY5NEU2NzQ1REM0RjlBRTAyL2hBX1c5LWlSNDRCS2ZiTUowRXpvWEJyM2h0 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaEFfVzktaVI0NEJLZmJNSjBFem9YQnIzaHRFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJD OEFGLzE5N0ZGN0EyQjQwOTExRUY5NEU2NzQ1REM0RjlBRTAyL2hBX1c5LWlSNDRC S2ZiTUowRXpvWEJyM2h0RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFV6KkJ3AtVvVem7sIg1aUDhzGRW4WQ0C7eTYMCIn+akh6zG/IP3sLNa tSxhimbOTg2vmGKuIcmBwGGInuSa5GLdNwlAujWpe3FPKHbtCjdCrE/CVXFheAJ3 fPnWy0FPSrVVDgH9r0slJ3ruxdZxMWJJW39K4vUdWhJYHxlwBF54k8A6+ODmZjsc nwPaoYtCd3KmSA2WVemNXGzltNPnlinE1JvFKdoJklT+OCu7WqsFGoIxM3aCHBCa 8Hz87sgLrdfUtO3MBZffeSNXEo23A4Q6IK2f3wLJws9gytaJFgxJHmKUI/wNY90E TiLiuZuWHGcK8QQ++zZRvxTO+1+b4ok= -----END CERTIFICATE-----Generated at Sat Apr 26 14:08:06 2025 by rpki-client