$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft File: R2lFsh8liffnEnUf50f6IUOlI1s.mft (raw, json) Hash identifier: VFEvlQrLG4tm1Pbf8YTk2RXzu5YHYuyKOpWnmSgzniE= Subject key identifier: A1:DE:8F:02:13:B7:DA:CC:C6:D4:37:83:DB:8E:4B:4D:0D:48:E5:23 Authority key identifier: 47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B Certificate issuer: /CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Certificate serial: 0252 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft Manifest number: 024E Signing time: Fri 25 Apr 2025 01:37:28 +0000 Manifest this update: Fri 25 Apr 2025 01:37:28 +0000 Manifest next update: Fri 02 May 2025 01:37:28 +0000 Files and hashes: 1: R2lFsh8liffnEnUf50f6IUOlI1s.crl (hash: jxx6I9J38/Aoh9G80FV56+43hZSi6p3I5s9do6+M9qk=) 2: A917D87217A711ED8D17FC7CC4F9AE02.roa (hash: Zl1OdprsSbZO6kJ93156dFn5LZrbdumG7KQVdLYJ1W0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:37:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 594 (0x252) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B1D, serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Validity Not Before: Apr 25 01:37:28 2025 GMT Not After : May 2 01:37:28 2025 GMT Subject: CN=680ae758-c442 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:3e:61:7e:35:c8:9a:7f:d9:3a:c1:1d:20:8e: 1c:ed:36:be:4e:94:5b:47:a6:27:23:d4:b5:64:92: 04:ec:e0:87:38:a4:ad:9e:1a:f0:cd:69:90:08:6b: 21:9d:22:42:21:63:de:dc:7b:4c:c8:25:78:4f:54: 5e:7d:95:65:08:ab:e7:3d:e2:f0:db:d8:89:d1:ca: 86:c7:a2:c8:77:f0:eb:82:83:0a:ae:c2:0b:fd:4c: 4f:13:30:f2:cf:a2:cb:03:1c:d1:09:4d:fc:b1:37: bf:1d:28:c6:25:f0:ba:75:52:df:d7:1b:8e:52:07: 79:67:51:a2:95:50:6d:02:7c:79:21:3e:86:f1:4f: f6:67:ed:52:b5:6f:f2:07:78:36:22:01:fb:91:5d: a8:22:44:90:16:e0:33:48:c8:95:f7:72:44:c1:ee: ff:4c:0d:be:e2:81:a1:b6:48:d0:a8:99:cf:ef:95: b5:bd:57:99:a0:f7:7f:46:3d:fd:c8:3c:67:e9:e8: ee:7e:71:bd:55:de:11:2c:73:f4:ce:51:a4:d2:4e: d0:cc:70:cb:0a:2a:a0:e8:17:cf:dc:a0:2d:d2:a5: c2:29:c9:c1:5e:7a:0c:1b:e9:2f:8b:33:a1:19:01: 61:bc:69:fb:ab:07:e5:bf:4e:5c:b9:92:1a:60:dd: de:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:DE:8F:02:13:B7:DA:CC:C6:D4:37:83:DB:8E:4B:4D:0D:48:E5:23 X509v3 Authority Key Identifier: keyid:47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:56:45:6b:f6:2d:45:b9:3c:40:8e:71:a2:f8:57:5a:55:12: b5:46:14:84:99:ee:46:00:fe:ba:88:c2:8f:ee:37:2b:6d:de: 6c:79:9c:94:20:4e:1a:82:bf:af:c0:ac:83:d3:75:92:31:79: f2:e6:fd:e3:6d:c1:54:f5:72:08:49:e3:4e:b2:5e:f6:73:84: 66:43:13:03:44:3e:2b:82:f7:09:91:47:53:64:95:69:a7:de: 3b:6f:7f:dc:af:c3:e4:70:e7:d9:c8:cf:fa:04:58:0a:db:89: 42:32:43:a9:8f:91:dc:36:af:3f:87:67:99:af:5b:cf:76:42: 1c:a9:5b:7c:36:5e:7b:83:21:b5:f3:3f:76:2e:f7:3b:da:39: 23:57:be:05:67:70:86:cd:2a:ec:1d:1e:c2:c4:23:91:0d:5a: a1:9b:7d:ea:28:99:12:0c:9b:86:63:1a:dd:9c:ae:54:e4:39: d4:c0:4a:59:5b:a0:da:b5:3c:11:8d:ee:6d:ef:56:e0:85:f1: 8e:4e:8b:f3:2a:c0:58:39:68:92:04:c2:f1:3e:b4:b9:9e:bf: 09:53:ad:58:76:89:7b:bb:f4:81:69:36:70:ed:5d:0e:45:8c: d8:e9:c1:fd:ee:3f:f7:16:d3:62:5e:d5:3f:09:b5:e9:2c:66: d2:0c:fa:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCMUQxMTAvBgNVBAUTKDQ3Njk0NUIyMUYyNTg5RjdFNzEyNzUxRkU3NDdGQTIx NDNBNTIzNUIwHhcNMjUwNDI1MDEzNzI4WhcNMjUwNTAyMDEzNzI4WjAYMRYwFAYD VQQDEw02ODBhZTc1OC1jNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0T5hfjXImn/ZOsEdII4c7Ta+TpRbR6YnI9S1ZJIE7OCHOKStnhrwzWmQCGsh nSJCIWPe3HtMyCV4T1RefZVlCKvnPeLw29iJ0cqGx6LId/DrgoMKrsIL/UxPEzDy z6LLAxzRCU38sTe/HSjGJfC6dVLf1xuOUgd5Z1GilVBtAnx5IT6G8U/2Z+1StW/y B3g2IgH7kV2oIkSQFuAzSMiV93JEwe7/TA2+4oGhtkjQqJnP75W1vVeZoPd/Rj39 yDxn6ejufnG9Vd4RLHP0zlGk0k7QzHDLCiqg6BfP3KAt0qXCKcnBXnoMG+kvizOh GQFhvGn7qwflv05cuZIaYN3eIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKHejwIT t9rMxtQ3g9uOS00NSOUjMB8GA1UdIwQYMBaAFEdpRbIfJYn35xJ1H+dH+iFDpSNb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRC8zMDIwM0VEMDE3 QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlmZm5FblVmNTBmNklVT2xJ MXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IybEZzaDhsaWZmbkVuVWY1MGY2SVVPbEkxcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkIxRC8zMDIwM0VEMDE3QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlm Zm5FblVmNTBmNklVT2xJMXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeVkVr9i1FuTxAjnGi+FdaVRK1RhSEme5GAP66iMKP7jcrbd5seZyU IE4agr+vwKyD03WSMXny5v3jbcFU9XIISeNOsl72c4RmQxMDRD4rgvcJkUdTZJVp p947b3/cr8PkcOfZyM/6BFgK24lCMkOpj5HcNq8/h2eZr1vPdkIcqVt8Nl57gyG1 8z92Lvc72jkjV74FZ3CGzSrsHR7CxCORDVqhm33qKJkSDJuGYxrdnK5U5DnUwEpZ W6DatTwRje5t71bghfGOTovzKsBYOWiSBMLxPrS5nr8JU61Ydol7u/SBaTZw7V0O RYzY6cH97j/3FtNiXtU/CbXpLGbSDPoG -----END CERTIFICATE-----Generated at Sat Apr 26 14:24:45 2025 by rpki-client