$ rpki-client -vvf rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft File: X48BYbesuyVfE88IG2ZTYZtOLAI.mft (raw, json) Hash identifier: BgChn73S5DT2ml20qcRTqFzLJAeW2q85Kr7BBegiZoU= Subject key identifier: C4:77:8C:23:84:50:AE:73:87:8E:BC:F6:4A:8D:79:F8:33:B5:91:50 Authority key identifier: 5F:8F:01:61:B7:AC:BB:25:5F:13:CF:08:1B:66:53:61:9B:4E:2C:02 Certificate issuer: /CN=A9149A0D/serialNumber=5F8F0161B7ACBB255F13CF081B6653619B4E2C02 Certificate serial: 07A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft Manifest number: 07A6 Signing time: Thu 24 Apr 2025 21:01:28 +0000 Manifest this update: Thu 24 Apr 2025 21:01:28 +0000 Manifest next update: Thu 01 May 2025 21:01:28 +0000 Files and hashes: 1: X48BYbesuyVfE88IG2ZTYZtOLAI.crl (hash: aRt6IOeFCqZCOJAj+QhV+l30hSEpWppjg/Fx9ccXxiY=) 2: 799C6AD8149711EFB0CB9E0AC4F9AE02.roa (hash: Z6c5AlKVKf/klPMN7KddRfh49KHTtioUb3aQg5mvfg0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.crl rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1960 (0x7a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149A0D, serialNumber=5F8F0161B7ACBB255F13CF081B6653619B4E2C02 Validity Not Before: Apr 24 21:01:28 2025 GMT Not After : May 1 21:01:28 2025 GMT Subject: CN=680aa6a8-e2e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d1:fe:68:71:9c:a6:6a:8a:6c:f0:4d:39:f7: 7a:0f:28:df:a6:f4:b6:90:61:53:f8:ff:87:ea:a0: 64:a5:53:5d:de:d8:24:8b:73:71:bc:5e:08:9a:68: 24:24:fb:35:40:f1:dd:a1:5f:68:b9:fe:1f:58:f5: 29:6c:51:76:5a:c3:48:15:34:c4:b6:fe:4b:0a:45: 45:37:31:cb:3b:4e:49:74:b5:0c:f1:d3:77:06:57: b5:5d:7f:d2:c5:a4:85:ea:21:61:5b:e2:75:34:6e: c8:e4:69:31:3e:e6:1d:90:9e:66:dd:de:f8:62:b4: c9:b9:4e:3a:ea:ad:e7:1b:81:4c:c7:01:33:71:d7: 16:3b:c6:7f:fe:b3:67:7d:a0:7b:c4:ad:19:61:c2: 36:5d:1d:4a:2c:60:39:9f:77:95:23:86:4b:a4:09: 23:9b:71:f4:3c:ad:17:30:68:4d:5d:c7:3d:58:ea: 01:66:54:b1:d3:91:a2:7d:cb:a0:1f:0a:24:1d:6f: 37:32:32:31:5d:d6:f1:4f:d9:52:88:ed:d9:ed:67: d8:3e:99:be:55:e9:10:38:d1:75:8c:b3:ac:91:56: 96:2b:ba:f9:84:b7:99:eb:f2:a1:45:28:54:80:43: 15:f5:8a:e7:cb:35:ab:0d:1a:25:79:0e:b4:8b:17: 9f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:77:8C:23:84:50:AE:73:87:8E:BC:F6:4A:8D:79:F8:33:B5:91:50 X509v3 Authority Key Identifier: keyid:5F:8F:01:61:B7:AC:BB:25:5F:13:CF:08:1B:66:53:61:9B:4E:2C:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:93:05:36:0f:a0:c1:7e:f3:e1:0c:bd:b0:0f:d2:99:c7:af: ae:86:c4:47:d6:a0:c7:8f:3a:f9:5c:52:d1:a4:54:35:3f:4a: dc:26:c5:e3:cf:68:82:f6:fa:e4:9e:74:f6:e6:c0:08:63:e7: ee:7c:db:41:e5:0d:23:15:7b:45:d7:13:ee:9d:8e:db:9c:3c: aa:9b:97:16:89:f3:89:a4:b4:af:f5:31:cf:2d:d0:ea:90:da: 71:05:b2:28:fe:98:8b:24:4f:c1:69:8e:03:36:79:0e:89:1f: fb:55:6c:54:26:0a:6b:35:4f:64:bd:1f:e9:36:f3:62:3c:a3: 27:e8:4d:32:15:ca:df:dc:53:f9:2a:55:03:c1:d2:3f:8e:73: 19:7d:e3:dd:fc:fd:96:d9:6b:fe:4a:bf:90:68:cc:a6:d9:53: f0:5c:97:29:c8:af:fe:10:c5:a8:7a:fe:69:4e:79:03:1e:51: 49:12:42:6d:c0:99:e5:91:99:10:1d:a2:ef:08:58:8b:b5:6d: d1:11:a9:94:6b:17:34:e0:41:51:66:a5:f8:86:ba:f4:f5:2f: 89:8b:13:94:dc:82:ef:1c:71:4e:a3:e0:de:83:78:5c:10:d2: 6e:99:78:9a:d4:21:3c:49:02:3e:47:f3:51:8f:94:08:c4:75: 16:9d:fe:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlBMEQxMTAvBgNVBAUTKDVGOEYwMTYxQjdBQ0JCMjU1RjEzQ0YwODFCNjY1MzYx OUI0RTJDMDIwHhcNMjUwNDI0MjEwMTI4WhcNMjUwNTAxMjEwMTI4WjAYMRYwFAYD VQQDEw02ODBhYTZhOC1lMmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtH+aHGcpmqKbPBNOfd6DyjfpvS2kGFT+P+H6qBkpVNd3tgki3NxvF4Immgk JPs1QPHdoV9ouf4fWPUpbFF2WsNIFTTEtv5LCkVFNzHLO05JdLUM8dN3Ble1XX/S xaSF6iFhW+J1NG7I5GkxPuYdkJ5m3d74YrTJuU466q3nG4FMxwEzcdcWO8Z//rNn faB7xK0ZYcI2XR1KLGA5n3eVI4ZLpAkjm3H0PK0XMGhNXcc9WOoBZlSx05Gifcug HwokHW83MjIxXdbxT9lSiO3Z7WfYPpm+VekQONF1jLOskVaWK7r5hLeZ6/KhRShU gEMV9YrnyzWrDRoleQ60ixefqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMR3jCOE UK5zh4689kqNefgztZFQMB8GA1UdIwQYMBaAFF+PAWG3rLslXxPPCBtmU2GbTiwC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUEwRC8wRkI3OTE2NEZC MTUxMUVBQjAxMUVDNkVDNEY5QUUwMi9YNDhCWWJlc3V5VmZFODhJRzJaVFladE9M QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0OEJZYmVzdXlWZkU4OElHMlpUWVp0T0xBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OUEwRC8wRkI3OTE2NEZCMTUxMUVBQjAxMUVDNkVDNEY5QUUwMi9YNDhCWWJlc3V5 VmZFODhJRzJaVFladE9MQUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBukwU2D6DBfvPhDL2wD9KZx6+uhsRH1qDHjzr5XFLRpFQ1P0rcJsXj z2iC9vrknnT25sAIY+fufNtB5Q0jFXtF1xPunY7bnDyqm5cWifOJpLSv9THPLdDq kNpxBbIo/piLJE/BaY4DNnkOiR/7VWxUJgprNU9kvR/pNvNiPKMn6E0yFcrf3FP5 KlUDwdI/jnMZfePd/P2W2Wv+Sr+QaMym2VPwXJcpyK/+EMWoev5pTnkDHlFJEkJt wJnlkZkQHaLvCFiLtW3REamUaxc04EFRZqX4hrr09S+JixOU3ILvHHFOo+Deg3hc ENJumXia1CE8SQI+R/NRj5QIxHUWnf5r -----END CERTIFICATE-----Generated at Sat Apr 26 12:29:29 2025 by rpki-client