$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: l8tAH5Di75GgSghCebb3t0Kd5njJWk+o+lDSgeqmTyQ= Subject key identifier: A0:B7:35:15:91:59:47:62:62:C6:11:EA:95:F6:31:D7:D5:F3:EF:28 Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D0A Signing time: Thu 24 Apr 2025 18:02:22 +0000 Manifest this update: Thu 24 Apr 2025 18:02:22 +0000 Manifest next update: Thu 01 May 2025 18:02:22 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: vAELrHTTuIc12HAgGbeKQItQZjd2WfZj6lnGIKTFOqA=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3347 (0xd13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: Apr 24 18:02:22 2025 GMT Not After : May 1 18:02:22 2025 GMT Subject: CN=680a7cae-92a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:96:89:a5:fe:a8:16:69:41:db:38:5b:81:0c: 59:28:2c:be:7d:1f:05:63:a8:88:8c:b7:42:da:97: 22:08:7d:2b:43:82:a9:17:a3:24:08:cf:50:6d:71: 60:6b:2e:a2:f3:c7:98:87:08:24:3c:2b:df:f8:c9: 22:16:54:6a:24:1a:bc:c3:4b:fe:fe:e0:4a:f4:2d: 2a:7e:4c:39:e2:49:57:cc:ed:62:84:a7:43:53:c2: 5e:a4:e3:d0:54:5b:a6:d6:ed:4d:99:cb:35:7f:a3: d9:1a:c9:ff:0c:6b:92:f0:0b:90:63:e8:b2:dc:87: 30:21:6a:cf:51:88:cf:db:f1:17:cf:fa:67:58:30: ed:cd:cf:a3:60:04:35:6b:0a:e8:ad:8e:bd:b3:6b: a6:27:24:6e:f7:fc:b6:a7:84:bf:3b:2a:d3:ad:fa: f1:7e:7c:1d:10:c8:fa:00:9e:cb:fa:b9:36:81:c0: 19:57:8e:3a:58:44:09:87:e6:18:05:16:b0:81:c8: 57:bc:22:9f:36:55:cc:74:71:81:18:fe:1d:e9:41: 01:88:b4:ab:11:b8:0d:2d:6e:19:c8:b1:7c:10:ed: c5:bc:8a:c8:b1:96:da:cf:37:85:88:5a:f6:3c:29: 9d:91:7f:2b:a1:62:7a:f2:54:02:26:3f:a5:b6:d4: 7b:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:B7:35:15:91:59:47:62:62:C6:11:EA:95:F6:31:D7:D5:F3:EF:28 X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:26:2f:70:79:4d:d7:3f:d5:be:f2:25:50:41:b9:23:3e:e5: dc:32:46:cb:bc:91:41:c0:c2:7e:05:18:83:c9:87:e1:39:05: 40:89:10:5c:ce:93:75:b4:28:73:15:46:df:46:ce:cb:cd:37: ed:ff:95:a7:3f:13:e0:4f:a2:80:eb:41:ef:55:33:5d:86:1e: be:2e:3c:8a:4b:fb:6b:e6:a4:4a:58:18:f7:d1:3d:76:5f:a6: 6b:a5:78:a0:c0:0d:cf:28:bc:d5:48:cc:9a:db:9f:1b:25:56: b7:3a:34:10:55:d0:26:73:fa:ad:00:ba:11:64:58:65:a6:ee: fa:f1:31:ca:d7:ae:97:13:8f:4e:88:bb:89:42:89:f8:b5:21: 77:f5:9e:c0:9c:ca:12:63:3d:e2:f4:f9:31:c1:c9:e3:0c:a1: 36:0e:63:cb:e9:06:44:1e:a0:fd:32:eb:10:29:72:c0:08:8e: 8b:14:39:e1:9f:d6:04:35:f7:4c:86:ca:c3:cd:31:ed:ca:b9: 2c:dd:9a:ed:91:05:a7:5f:be:a6:07:d6:5b:99:7e:09:8d:59: b1:83:e1:1c:9b:ff:b3:cb:11:4d:b2:1f:1d:f6:0b:88:8a:94: 2b:44:d4:19:22:ff:87:a5:1c:05:22:7c:56:1e:4d:99:e4:6a: 24:ac:d0:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDRMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUwNDI0MTgwMjIyWhcNMjUwNTAxMTgwMjIyWjAYMRYwFAYD VQQDEw02ODBhN2NhZS05MmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx5aJpf6oFmlB2zhbgQxZKCy+fR8FY6iIjLdC2pciCH0rQ4KpF6MkCM9QbXFg ay6i88eYhwgkPCvf+MkiFlRqJBq8w0v+/uBK9C0qfkw54klXzO1ihKdDU8JepOPQ VFum1u1Nmcs1f6PZGsn/DGuS8AuQY+iy3IcwIWrPUYjP2/EXz/pnWDDtzc+jYAQ1 awrorY69s2umJyRu9/y2p4S/OyrTrfrxfnwdEMj6AJ7L+rk2gcAZV446WEQJh+YY BRawgchXvCKfNlXMdHGBGP4d6UEBiLSrEbgNLW4ZyLF8EO3FvIrIsZbazzeFiFr2 PCmdkX8roWJ68lQCJj+lttR7lQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKC3NRWR WUdiYsYR6pX2MdfV8+8oMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmJi9weU3XP9W+8iVQQbkjPuXcMkbLvJFBwMJ+BRiDyYfhOQVAiRBc zpN1tChzFUbfRs7LzTft/5WnPxPgT6KA60HvVTNdhh6+LjyKS/tr5qRKWBj30T12 X6ZrpXigwA3PKLzVSMya258bJVa3OjQQVdAmc/qtALoRZFhlpu768THK166XE49O iLuJQon4tSF39Z7AnMoSYz3i9PkxwcnjDKE2DmPL6QZEHqD9MusQKXLACI6LFDnh n9YENfdMhsrDzTHtyrks3ZrtkQWnX76mB9ZbmX4JjVmxg+Ecm/+zyxFNsh8d9guI ipQrRNQZIv+HpRwFInxWHk2Z5GokrNAz -----END CERTIFICATE-----Generated at Sat Apr 26 04:32:30 2025 by rpki-client