$ rpki-client -vvf rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft File: 2zfNKCxsfbw6kLEDt6I53NFY_2A.mft (raw, json) Hash identifier: 9ARWUN4CVyW+rxYltSBIDraYOQeIoH7z7FoLrcSUoVs= Subject key identifier: 62:E6:37:94:BB:A0:EF:20:25:9A:2E:EE:7F:99:F1:36:83:9E:48:2F Authority key identifier: DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 Certificate issuer: /CN=A913E652/serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Certificate serial: 08BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft Manifest number: 08B5 Signing time: Thu 24 Apr 2025 20:22:41 +0000 Manifest this update: Thu 24 Apr 2025 20:22:41 +0000 Manifest next update: Thu 01 May 2025 20:22:41 +0000 Files and hashes: 1: 2zfNKCxsfbw6kLEDt6I53NFY_2A.crl (hash: YEKu8HYSotTMNajJm/PNe+22bjOpeHU525ShjvxrjuQ=) 2: 6154A3B0B2B611EAA5884016C4F9AE02.roa (hash: v6eXZmLrZttsFYphww5DwQSaxSYNhoXZnZd8akGhwqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:22:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2235 (0x8bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E652, serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Validity Not Before: Apr 24 20:22:41 2025 GMT Not After : May 1 20:22:41 2025 GMT Subject: CN=680a9d91-9a61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:cb:75:62:f2:67:34:b0:47:e3:17:2a:6a:ad: fe:91:06:d7:83:8e:61:4a:50:b5:3b:9f:a9:ef:09: b0:77:fe:32:c5:18:d9:2a:a5:49:2c:41:f4:40:04: 8f:b6:61:b3:fe:10:31:05:72:53:2a:bb:17:e1:a6: 19:af:ce:33:0a:fc:f4:ee:0e:cb:d4:6f:1d:f4:98: 85:d8:ac:60:d2:a7:f6:38:cd:4c:c5:fb:78:49:03: 8d:ff:4d:c7:38:f6:c7:dc:2c:90:d8:57:7e:26:bf: 47:de:fe:fd:52:d8:3b:a1:d3:dc:f3:ec:af:93:a1: 08:89:be:c2:a7:4c:c1:62:e3:94:5d:54:09:c7:97: c9:2f:fa:87:15:a3:89:f2:39:47:02:5f:c3:1b:dc: de:f5:89:bc:aa:80:90:33:d0:67:01:81:26:98:29: e1:0a:45:65:11:5b:d9:bb:36:b7:f9:6a:c9:63:b7: 08:7b:0d:cb:3e:6b:e5:b1:ac:a3:2f:52:eb:48:b5: 8b:5d:3e:02:c9:f3:c8:83:cf:5e:02:ac:6c:bb:64: 78:74:3c:0c:1f:b2:08:59:9d:f6:6d:b9:f3:68:52: 2f:21:a4:b9:ae:7f:4c:d7:72:e8:a3:0b:a8:85:d0: 50:67:24:ec:f1:a5:8e:8a:5b:83:95:63:3c:b2:24: be:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:E6:37:94:BB:A0:EF:20:25:9A:2E:EE:7F:99:F1:36:83:9E:48:2F X509v3 Authority Key Identifier: keyid:DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:7f:17:a5:9d:f5:61:d1:db:a7:39:7f:22:b9:18:0a:38:fd: 7b:07:1e:92:ae:2f:48:b2:43:6c:65:b5:7f:cf:8e:50:77:77: eb:ee:ac:6e:51:47:3e:94:e0:d7:ce:e8:42:3f:9f:01:c5:9c: b9:4f:46:26:7b:cb:49:cf:7a:0c:79:e0:72:46:ee:21:ee:cd: aa:18:9d:49:88:ce:b1:63:27:37:e3:6c:ba:e7:78:44:1d:da: c7:db:f2:5d:c2:9d:3e:7b:c4:f3:02:b5:49:f6:8f:b7:b7:8e: 33:55:05:6d:2c:b3:38:73:d2:25:09:00:20:f4:7b:4e:4e:8e: 13:b4:4a:b2:07:23:c7:b4:11:62:c3:8e:17:2a:45:4f:b5:cb: e7:9b:e1:fb:a0:20:3d:d2:d9:19:24:61:52:9d:53:11:26:a1: c5:49:7e:ae:b5:a8:33:71:4d:17:d2:83:f4:85:13:79:d5:d6: 3f:d6:89:35:70:75:46:3d:0b:38:55:6f:3c:e1:5b:7a:a6:ad: dd:34:75:e2:65:43:ae:35:21:53:c5:43:0a:da:da:88:0c:c1: e6:04:e9:1d:aa:c3:c5:62:04:b9:63:68:6c:c9:3a:3c:83:e7: bc:98:01:e1:b1:30:ba:31:00:73:27:b5:f7:5b:9e:d7:c2:1e: 99:78:83:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U2NTIxMTAvBgNVBAUTKERCMzdDRDI4MkM2QzdEQkMzQTkwQjEwM0I3QTIzOURD RDE1OEZGNjAwHhcNMjUwNDI0MjAyMjQxWhcNMjUwNTAxMjAyMjQxWjAYMRYwFAYD VQQDEw02ODBhOWQ5MS05YTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0ct1YvJnNLBH4xcqaq3+kQbXg45hSlC1O5+p7wmwd/4yxRjZKqVJLEH0QASP tmGz/hAxBXJTKrsX4aYZr84zCvz07g7L1G8d9JiF2Kxg0qf2OM1Mxft4SQON/03H OPbH3CyQ2Fd+Jr9H3v79Utg7odPc8+yvk6EIib7Cp0zBYuOUXVQJx5fJL/qHFaOJ 8jlHAl/DG9ze9Ym8qoCQM9BnAYEmmCnhCkVlEVvZuza3+WrJY7cIew3LPmvlsayj L1LrSLWLXT4CyfPIg89eAqxsu2R4dDwMH7IIWZ32bbnzaFIvIaS5rn9M13Loowuo hdBQZyTs8aWOiluDlWM8siS+nwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGLmN5S7 oO8gJZou7n+Z8TaDnkgvMB8GA1UdIwQYMBaAFNs3zSgsbH28OpCxA7eiOdzRWP9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTY1Mi82MDBBQjQ2NEIy QjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2ZidzZrTEVEdDZJNTNORllf MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ6Zk5LQ3hzZmJ3NmtMRUR0Nkk1M05GWV8yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTY1Mi82MDBBQjQ2NEIyQjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2Zi dzZrTEVEdDZJNTNORllfMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6fxelnfVh0dunOX8iuRgKOP17Bx6Sri9IskNsZbV/z45Qd3fr7qxu UUc+lODXzuhCP58BxZy5T0Yme8tJz3oMeeByRu4h7s2qGJ1JiM6xYyc342y653hE HdrH2/Jdwp0+e8TzArVJ9o+3t44zVQVtLLM4c9IlCQAg9HtOTo4TtEqyByPHtBFi w44XKkVPtcvnm+H7oCA90tkZJGFSnVMRJqHFSX6utagzcU0X0oP0hRN51dY/1ok1 cHVGPQs4VW884Vt6pq3dNHXiZUOuNSFTxUMK2tqIDMHmBOkdqsPFYgS5Y2hsyTo8 g+e8mAHhsTC6MQBzJ7X3W57Xwh6ZeIPG -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:46 2025 by rpki-client