$ rpki-client -vvf rpki.apnic.net/member_repository/A9136C5E/3EA6A250B97011ED8918467CC4F9AE02/znA-TvnfLr44ZQpwSkoBnCpmQ1A.mft File: znA-TvnfLr44ZQpwSkoBnCpmQ1A.mft (raw, json) Hash identifier: 7bD9E/tx+uef9b3YkCZ2fI/afm2V+0jnWQ6pfaqWLjE= Subject key identifier: 90:6F:D8:8C:41:2C:BA:21:94:EA:10:C0:95:D8:54:61:7B:6E:22:DD Authority key identifier: CE:70:3E:4E:F9:DF:2E:BE:38:65:0A:70:4A:4A:01:9C:2A:66:43:50 Certificate issuer: /CN=A9136C5E/serialNumber=CE703E4EF9DF2EBE38650A704A4A019C2A664350 Certificate serial: 0199 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/znA-TvnfLr44ZQpwSkoBnCpmQ1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136C5E/3EA6A250B97011ED8918467CC4F9AE02/znA-TvnfLr44ZQpwSkoBnCpmQ1A.mft Manifest number: 0195 Signing time: Fri 25 Apr 2025 02:59:14 +0000 Manifest this update: Fri 25 Apr 2025 02:59:14 +0000 Manifest next update: Fri 02 May 2025 02:59:14 +0000 Files and hashes: 1: znA-TvnfLr44ZQpwSkoBnCpmQ1A.crl (hash: CyAXzmqDXlFq/fKxJnXTlD0GN3cytfb1koFbysQJmcs=) 2: 9BCEEFF4BC6911ED9B0FC554C4F9AE02.roa (hash: vkUKnag58zCpuCP8+f6HBj43+NKzxFLQMFl2RAEd1t8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136C5E/3EA6A250B97011ED8918467CC4F9AE02/znA-TvnfLr44ZQpwSkoBnCpmQ1A.crl rsync://rpki.apnic.net/member_repository/A9136C5E/3EA6A250B97011ED8918467CC4F9AE02/znA-TvnfLr44ZQpwSkoBnCpmQ1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/znA-TvnfLr44ZQpwSkoBnCpmQ1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:59:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 409 (0x199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136C5E, serialNumber=CE703E4EF9DF2EBE38650A704A4A019C2A664350 Validity Not Before: Apr 25 02:59:14 2025 GMT Not After : May 2 02:59:14 2025 GMT Subject: CN=680afa82-574a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:48:f5:f3:6e:8d:56:5a:8c:13:46:82:4f:d2: 4b:d8:18:e8:92:c3:f0:ab:38:17:fe:06:15:54:59: bf:77:4a:fe:6d:29:53:74:03:1e:66:56:f6:c8:f6: 26:cc:f5:6c:84:1e:bc:5e:0e:9a:e5:52:01:f0:d6: 4c:24:5e:90:47:78:14:72:91:94:37:16:ef:90:5a: 39:c7:da:f7:bc:54:b8:57:73:86:9f:1c:b3:cc:b1: c5:1d:8b:2c:23:6f:8d:38:b9:fc:06:47:74:fc:fc: f1:27:b9:96:51:9a:ad:b9:08:f2:85:d5:1c:44:11: 22:5f:dd:36:81:2f:b8:d8:66:40:cb:97:45:86:52: ed:b7:ab:e9:75:86:b7:66:23:39:07:9a:c2:9d:eb: c8:8b:cc:88:56:ad:08:93:c8:83:7f:28:a4:82:41: 9e:74:3c:1c:91:10:7c:48:55:28:79:d0:77:5a:91: 78:d8:c7:73:e8:18:02:00:2f:de:10:29:09:0e:8a: a6:ad:65:e5:fb:09:93:49:8b:3e:09:94:1f:3d:96: 50:be:e8:39:43:df:87:02:c1:5a:cd:2c:e5:58:a8: 0d:47:81:1d:cc:7f:b6:ca:30:70:9f:69:e9:2f:38: 1d:16:c0:2d:d9:ed:eb:6b:8d:7b:40:d7:30:ae:0d: 6f:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:6F:D8:8C:41:2C:BA:21:94:EA:10:C0:95:D8:54:61:7B:6E:22:DD X509v3 Authority Key Identifier: keyid:CE:70:3E:4E:F9:DF:2E:BE:38:65:0A:70:4A:4A:01:9C:2A:66:43:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136C5E/3EA6A250B97011ED8918467CC4F9AE02/znA-TvnfLr44ZQpwSkoBnCpmQ1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/znA-TvnfLr44ZQpwSkoBnCpmQ1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136C5E/3EA6A250B97011ED8918467CC4F9AE02/znA-TvnfLr44ZQpwSkoBnCpmQ1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:a3:d8:c6:58:35:5c:56:33:67:e4:c4:fe:47:d6:a3:e3:82: ff:fc:7a:8f:36:99:7c:61:7d:a7:50:92:67:9e:cf:91:95:eb: cf:c9:ba:5c:5b:83:67:3b:08:28:a7:2a:8c:ed:3c:d3:2d:e4: b6:e6:16:19:17:86:b6:86:c6:42:a1:70:75:b8:d4:44:1a:e5: 4b:09:02:e4:a3:b8:a7:e7:0d:21:52:b5:d6:ed:18:50:52:a4: 69:33:a5:9a:62:f3:e5:46:79:9b:15:8a:e8:dc:0b:9d:5f:b3: 14:98:81:d4:f5:9f:50:14:18:71:39:e2:bf:87:bd:af:15:c9: ac:53:68:14:68:b0:18:f2:df:5c:73:5b:8d:52:a1:38:1c:5b: f9:19:5a:99:d0:f8:76:5f:a4:19:95:9f:fe:76:77:6f:76:66: df:92:ab:74:53:54:89:dc:0a:4e:96:67:83:52:69:a0:6a:f3: 8d:46:61:4b:6a:bf:84:8e:4b:24:f9:70:f0:60:ed:e2:b2:0b: 75:aa:6b:a8:61:bd:37:d6:ea:d6:b8:43:49:dc:5d:db:f4:8f: 6c:8b:72:d0:d2:dc:fb:70:9b:84:0c:b2:4e:cd:da:2b:d3:63: cb:04:e7:1f:84:22:b4:e7:2e:a7:66:e3:a6:fe:7c:98:96:73: 29:27:10:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZDNUUxMTAvBgNVBAUTKENFNzAzRTRFRjlERjJFQkUzODY1MEE3MDRBNEEwMTlD MkE2NjQzNTAwHhcNMjUwNDI1MDI1OTE0WhcNMjUwNTAyMDI1OTE0WjAYMRYwFAYD VQQDEw02ODBhZmE4Mi01NzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA10j1826NVlqME0aCT9JL2BjoksPwqzgX/gYVVFm/d0r+bSlTdAMeZlb2yPYm zPVshB68Xg6a5VIB8NZMJF6QR3gUcpGUNxbvkFo5x9r3vFS4V3OGnxyzzLHFHYss I2+NOLn8Bkd0/PzxJ7mWUZqtuQjyhdUcRBEiX902gS+42GZAy5dFhlLtt6vpdYa3 ZiM5B5rCnevIi8yIVq0Ik8iDfyikgkGedDwckRB8SFUoedB3WpF42Mdz6BgCAC/e ECkJDoqmrWXl+wmTSYs+CZQfPZZQvug5Q9+HAsFazSzlWKgNR4EdzH+2yjBwn2np LzgdFsAt2e3ra417QNcwrg1v2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJBv2IxB LLohlOoQwJXYVGF7biLdMB8GA1UdIwQYMBaAFM5wPk753y6+OGUKcEpKAZwqZkNQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkM1RS8zRUE2QTI1MEI5 NzAxMUVEODkxODQ2N0NDNEY5QUUwMi96bkEtVHZuZkxyNDRaUXB3U2tvQm5DcG1R MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3puQS1Udm5mTHI0NFpRcHdTa29CbkNwbVExQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NkM1RS8zRUE2QTI1MEI5NzAxMUVEODkxODQ2N0NDNEY5QUUwMi96bkEtVHZuZkxy NDRaUXB3U2tvQm5DcG1RMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0o9jGWDVcVjNn5MT+R9aj44L//HqPNpl8YX2nUJJnns+RlevPybpc W4NnOwgopyqM7TzTLeS25hYZF4a2hsZCoXB1uNREGuVLCQLko7in5w0hUrXW7RhQ UqRpM6WaYvPlRnmbFYro3AudX7MUmIHU9Z9QFBhxOeK/h72vFcmsU2gUaLAY8t9c c1uNUqE4HFv5GVqZ0Ph2X6QZlZ/+dndvdmbfkqt0U1SJ3ApOlmeDUmmgavONRmFL ar+Ejksk+XDwYO3isgt1qmuoYb031urWuENJ3F3b9I9si3LQ0tz7cJuEDLJOzdor 02PLBOcfhCK05y6nZuOm/nyYlnMpJxDK -----END CERTIFICATE-----Generated at Sat Apr 26 04:32:27 2025 by rpki-client