$ rpki-client -vvf rpki.apnic.net/member_repository/A914711C/A8AC7250BBA711EC8FCD4422C4F9AE02/-ibzSoM5sd823JwRkSBXw6WD9nM.mft File: -ibzSoM5sd823JwRkSBXw6WD9nM.mft (raw, json) Hash identifier: W/R9+oSiUuz6OKiTKrxUPYBX8ssTCHOBl9DfUetsNQY= Subject key identifier: 8B:91:D9:7B:CD:73:B2:11:5D:1C:EC:A0:99:AF:0E:C1:83:7A:7B:A4 Authority key identifier: FA:26:F3:4A:83:39:B1:DF:36:DC:9C:11:91:20:57:C3:A5:83:F6:73 Certificate issuer: /CN=A914711C/serialNumber=FA26F34A8339B1DF36DC9C11912057C3A583F673 Certificate serial: 0337 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ibzSoM5sd823JwRkSBXw6WD9nM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914711C/A8AC7250BBA711EC8FCD4422C4F9AE02/-ibzSoM5sd823JwRkSBXw6WD9nM.mft Manifest number: 0334 Signing time: Fri 25 Apr 2025 00:51:11 +0000 Manifest this update: Fri 25 Apr 2025 00:51:10 +0000 Manifest next update: Fri 02 May 2025 00:51:10 +0000 Files and hashes: 1: -ibzSoM5sd823JwRkSBXw6WD9nM.crl (hash: qW3GbjSjhHDXYPAibNdg9T/8rcHXZBSn9ckk9FT2FyM=) 2: 1AF42E76BBAC11EC8A07FE72C4F9AE02.roa (hash: M8EeCK4wseDGRAVaayv2SdcAD2UENUp0dQWvk3BdYlg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914711C/A8AC7250BBA711EC8FCD4422C4F9AE02/-ibzSoM5sd823JwRkSBXw6WD9nM.crl rsync://rpki.apnic.net/member_repository/A914711C/A8AC7250BBA711EC8FCD4422C4F9AE02/-ibzSoM5sd823JwRkSBXw6WD9nM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ibzSoM5sd823JwRkSBXw6WD9nM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:51:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 823 (0x337) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914711C, serialNumber=FA26F34A8339B1DF36DC9C11912057C3A583F673 Validity Not Before: Apr 25 00:51:10 2025 GMT Not After : May 2 00:51:10 2025 GMT Subject: CN=680adc7f-fe93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:64:1d:e4:3c:35:00:29:3b:8e:4f:d0:bc:69: 66:a7:15:d7:53:a7:b3:1c:5e:f9:13:01:57:a7:e0: c0:52:2a:3b:65:49:a6:c0:15:79:75:4b:c7:c4:02: 30:3a:f9:af:92:d3:82:88:1e:d2:3b:fc:85:03:f0: 0f:27:40:53:fa:89:39:c5:99:7d:a6:e0:7a:f8:9c: 33:15:9e:36:a7:00:36:ba:d7:99:56:81:86:10:f7: a2:98:5f:9f:c5:18:a5:4a:cd:66:e2:ed:41:2f:21: 0e:1e:3d:7a:61:6d:ed:5d:a8:89:d3:1f:29:95:28: bc:f4:81:f0:1a:d3:97:43:40:b9:2f:0b:55:96:ce: 50:9e:d6:bc:ee:27:69:8e:ab:bb:19:d9:ac:6f:ae: 36:94:26:55:98:a2:1e:14:9c:fc:f7:49:0b:99:9c: de:54:a3:90:e5:41:64:4a:aa:4e:a3:ae:86:c9:38: 9b:a4:51:16:33:76:97:49:fc:9b:c5:68:4a:4c:87: 8f:c8:a2:a2:aa:da:18:02:a8:ef:ae:ec:31:5e:ab: dd:6f:81:ab:e3:10:31:29:2d:2b:2c:ab:fd:17:4d: 59:36:b9:cd:00:6d:1c:69:d9:0d:68:27:83:c6:c9: 31:3a:b2:b1:77:48:fa:b5:b1:99:e1:ee:e0:17:ed: 16:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:91:D9:7B:CD:73:B2:11:5D:1C:EC:A0:99:AF:0E:C1:83:7A:7B:A4 X509v3 Authority Key Identifier: keyid:FA:26:F3:4A:83:39:B1:DF:36:DC:9C:11:91:20:57:C3:A5:83:F6:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914711C/A8AC7250BBA711EC8FCD4422C4F9AE02/-ibzSoM5sd823JwRkSBXw6WD9nM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ibzSoM5sd823JwRkSBXw6WD9nM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914711C/A8AC7250BBA711EC8FCD4422C4F9AE02/-ibzSoM5sd823JwRkSBXw6WD9nM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:5e:0c:08:81:d2:e3:de:89:97:df:6d:4d:59:9b:91:55:c9: b0:2a:12:82:ea:f6:57:98:b0:45:2f:f1:63:80:aa:52:0e:62: 44:5a:38:e3:67:a9:31:31:db:6c:69:10:d6:d1:69:d3:9f:62: f6:5d:db:cb:9d:82:89:f6:52:16:40:b8:53:de:08:13:ea:d4: 5c:6c:d9:e4:d0:bd:b7:79:34:59:fe:28:21:a8:04:91:7d:6d: 6e:bf:7d:5b:02:e8:ed:2e:45:8d:2d:fb:8f:34:e1:97:5c:44: 53:43:64:56:3c:f7:16:c6:8d:16:05:44:87:f2:9c:92:20:b1: 08:5d:60:58:cd:7a:d8:3d:ab:c6:67:d8:6f:cf:33:33:40:5d: 47:b7:e1:cb:c4:70:1c:4b:73:c3:68:1d:75:5f:93:a6:8b:77: c0:a5:a3:aa:c3:f5:65:c5:b6:65:56:04:ec:d3:cb:54:2c:55: 3a:c0:74:54:83:6d:f0:4a:bf:33:d7:40:7b:ed:11:e6:a6:c3: b1:90:a7:02:05:ab:d7:fb:a6:f7:da:a9:ed:8d:03:22:30:21: 46:88:d6:94:11:4e:23:f2:81:39:0f:46:9d:c1:a0:f6:52:49: f6:4b:67:46:4c:7c:3b:a1:3e:66:60:87:49:35:27:b9:ae:90: d6:e5:3e:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDcxMUMxMTAvBgNVBAUTKEZBMjZGMzRBODMzOUIxREYzNkRDOUMxMTkxMjA1N0Mz QTU4M0Y2NzMwHhcNMjUwNDI1MDA1MTEwWhcNMjUwNTAyMDA1MTEwWjAYMRYwFAYD VQQDEw02ODBhZGM3Zi1mZTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq2Qd5Dw1ACk7jk/QvGlmpxXXU6ezHF75EwFXp+DAUio7ZUmmwBV5dUvHxAIw OvmvktOCiB7SO/yFA/APJ0BT+ok5xZl9puB6+JwzFZ42pwA2uteZVoGGEPeimF+f xRilSs1m4u1BLyEOHj16YW3tXaiJ0x8plSi89IHwGtOXQ0C5LwtVls5Qnta87idp jqu7Gdmsb642lCZVmKIeFJz890kLmZzeVKOQ5UFkSqpOo66GyTibpFEWM3aXSfyb xWhKTIePyKKiqtoYAqjvruwxXqvdb4Gr4xAxKS0rLKv9F01ZNrnNAG0cadkNaCeD xskxOrKxd0j6tbGZ4e7gF+0WUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIuR2XvN c7IRXRzsoJmvDsGDenukMB8GA1UdIwQYMBaAFPom80qDObHfNtycEZEgV8Olg/Zz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzExQy9BOEFDNzI1MEJC QTcxMUVDOEZDRDQ0MjJDNEY5QUUwMi8taWJ6U29NNXNkODIzSndSa1NCWHc2V0Q5 bk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1pYnpTb001c2Q4MjNKd1JrU0JYdzZXRDluTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzExQy9BOEFDNzI1MEJCQTcxMUVDOEZDRDQ0MjJDNEY5QUUwMi8taWJ6U29NNXNk ODIzSndSa1NCWHc2V0Q5bk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC4XgwIgdLj3omX321NWZuRVcmwKhKC6vZXmLBFL/FjgKpSDmJEWjjj Z6kxMdtsaRDW0WnTn2L2XdvLnYKJ9lIWQLhT3ggT6tRcbNnk0L23eTRZ/ighqASR fW1uv31bAujtLkWNLfuPNOGXXERTQ2RWPPcWxo0WBUSH8pySILEIXWBYzXrYPavG Z9hvzzMzQF1Ht+HLxHAcS3PDaB11X5Omi3fApaOqw/VlxbZlVgTs08tULFU6wHRU g23wSr8z10B77RHmpsOxkKcCBavX+6b32qntjQMiMCFGiNaUEU4j8oE5D0adwaD2 Ukn2S2dGTHw7oT5mYIdJNSe5rpDW5T4M -----END CERTIFICATE-----Generated at Sat Apr 26 12:59:39 2025 by rpki-client