$ rpki-client -vvf rpki.apnic.net/member_repository/A914C1AE/58D992DEB67611EC8F537847C4F9AE02/52j8yLln1vHIgeDUmgxCCN8H-zc.mft File: 52j8yLln1vHIgeDUmgxCCN8H-zc.mft (raw, json) Hash identifier: +q6A/T/1zgD4ZN52O49UpQip5vJtzPB1Y88bbL90NQY= Subject key identifier: 2A:15:C7:4E:5E:21:FA:3C:4D:51:C6:72:BE:B6:64:79:9D:09:00:F6 Authority key identifier: E7:68:FC:C8:B9:67:D6:F1:C8:81:E0:D4:9A:0C:42:08:DF:07:FB:37 Certificate issuer: /CN=A914C1AE/serialNumber=E768FCC8B967D6F1C881E0D49A0C4208DF07FB37 Certificate serial: 034A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/52j8yLln1vHIgeDUmgxCCN8H-zc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914C1AE/58D992DEB67611EC8F537847C4F9AE02/52j8yLln1vHIgeDUmgxCCN8H-zc.mft Manifest number: 0345 Signing time: Fri 25 Apr 2025 00:48:23 +0000 Manifest this update: Fri 25 Apr 2025 00:48:22 +0000 Manifest next update: Fri 02 May 2025 00:48:22 +0000 Files and hashes: 1: 52j8yLln1vHIgeDUmgxCCN8H-zc.crl (hash: ndplZ7zOrd8tlGsCBNVoqBA6Ggx5dW8jxHQty8ge8oY=) 2: 1D3CD16AB67A11ECB02F1D5FC4F9AE02.roa (hash: 3vF76S8iWJW8vHG1MAht+7FYZNQsdje1uuqCEx57cyI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914C1AE/58D992DEB67611EC8F537847C4F9AE02/52j8yLln1vHIgeDUmgxCCN8H-zc.crl rsync://rpki.apnic.net/member_repository/A914C1AE/58D992DEB67611EC8F537847C4F9AE02/52j8yLln1vHIgeDUmgxCCN8H-zc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/52j8yLln1vHIgeDUmgxCCN8H-zc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:48:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 842 (0x34a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914C1AE, serialNumber=E768FCC8B967D6F1C881E0D49A0C4208DF07FB37 Validity Not Before: Apr 25 00:48:22 2025 GMT Not After : May 2 00:48:22 2025 GMT Subject: CN=680adbd7-e72a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:c0:51:8e:59:6a:ac:ae:9f:40:d5:1f:67:07: c4:61:80:79:5c:d2:0f:0e:de:79:38:2e:09:80:e7: c7:5a:b6:42:62:fc:30:5d:09:2d:80:88:2e:68:4d: a7:a2:c2:49:11:5f:ff:cc:36:41:2f:9c:47:e0:bc: 68:07:a5:14:71:81:c1:2b:12:d2:47:ef:8a:65:6b: d3:8c:1c:df:fe:fe:82:49:af:26:49:bf:fa:c9:5d: 3b:b3:a6:5d:17:3f:81:21:19:60:6d:e2:6d:a6:e9: a7:0c:0c:50:7b:5e:ce:e0:6e:48:75:7b:3d:0a:cd: 55:6b:f9:09:0e:f7:39:53:06:ef:98:55:90:d5:21: ca:3b:94:12:79:2b:c6:4e:9a:44:46:f0:e7:a3:0e: ef:36:68:e0:0f:3f:c0:75:1f:b0:81:a5:b9:55:49: 6b:1b:35:70:cd:56:2a:c0:83:c4:45:a9:57:fa:63: 92:b5:44:c2:8a:60:e2:e0:81:d2:2d:fe:aa:92:86: 0f:d3:80:2f:5b:43:f7:e1:76:65:42:45:7e:38:2e: a8:a7:ef:b2:02:cc:4e:15:0b:c1:b7:07:bb:93:d1: d3:2a:e0:d3:f3:13:e6:9a:7a:f9:4f:ef:ce:b2:e5: 70:37:f9:9a:33:d9:c2:78:12:51:20:a7:48:f3:8c: a2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:15:C7:4E:5E:21:FA:3C:4D:51:C6:72:BE:B6:64:79:9D:09:00:F6 X509v3 Authority Key Identifier: keyid:E7:68:FC:C8:B9:67:D6:F1:C8:81:E0:D4:9A:0C:42:08:DF:07:FB:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914C1AE/58D992DEB67611EC8F537847C4F9AE02/52j8yLln1vHIgeDUmgxCCN8H-zc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/52j8yLln1vHIgeDUmgxCCN8H-zc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C1AE/58D992DEB67611EC8F537847C4F9AE02/52j8yLln1vHIgeDUmgxCCN8H-zc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:12:bf:33:bb:15:74:81:ec:fb:79:c0:da:aa:5d:72:46:17: 07:18:8f:9f:f2:90:c8:72:9a:5b:dc:01:5a:d0:cd:b6:b0:e1: f1:9c:aa:80:c8:ff:3e:f7:02:fd:bb:23:ff:4b:be:70:58:f3: 52:69:56:cc:8c:86:88:3c:09:00:e1:21:40:6e:fc:96:bd:1d: 4b:42:69:53:0f:75:b6:dd:47:b3:f9:27:7c:93:17:0a:53:1f: 5d:8d:3d:04:c5:11:c1:d5:fd:ee:a5:9a:02:5d:a4:a9:39:5e: 42:4a:bb:26:01:67:cb:43:0d:d0:1e:cf:94:4b:24:5f:a8:ef: 8c:fb:ec:d2:8b:99:43:9e:3f:39:11:42:44:05:22:56:52:01: 98:b2:28:24:11:73:6c:72:ff:6c:76:16:f5:2d:0e:2b:da:11: b1:f5:19:5e:d8:45:f5:a3:54:d1:5c:ea:8e:a2:c7:5c:3c:bb: 01:3e:75:78:1e:f4:5e:00:a0:76:5b:6f:a5:da:38:1d:2c:77: 33:36:83:39:26:2d:23:ef:8d:26:b5:ba:30:18:53:f4:53:9d: 3e:13:7d:ec:3c:21:11:46:24:76:24:ab:cc:3d:f6:26:cd:a3: e5:c6:2c:15:39:ef:b0:e4:22:17:55:b0:48:e4:d4:37:80:b0: 6d:fc:ad:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEMxQUUxMTAvBgNVBAUTKEU3NjhGQ0M4Qjk2N0Q2RjFDODgxRTBENDlBMEM0MjA4 REYwN0ZCMzcwHhcNMjUwNDI1MDA0ODIyWhcNMjUwNTAyMDA0ODIyWjAYMRYwFAYD VQQDEw02ODBhZGJkNy1lNzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzsBRjllqrK6fQNUfZwfEYYB5XNIPDt55OC4JgOfHWrZCYvwwXQktgIguaE2n osJJEV//zDZBL5xH4LxoB6UUcYHBKxLSR++KZWvTjBzf/v6CSa8mSb/6yV07s6Zd Fz+BIRlgbeJtpumnDAxQe17O4G5IdXs9Cs1Va/kJDvc5UwbvmFWQ1SHKO5QSeSvG TppERvDnow7vNmjgDz/AdR+wgaW5VUlrGzVwzVYqwIPERalX+mOStUTCimDi4IHS Lf6qkoYP04AvW0P34XZlQkV+OC6op++yAsxOFQvBtwe7k9HTKuDT8xPmmnr5T+/O suVwN/maM9nCeBJRIKdI84yi0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCoVx05e Ifo8TVHGcr62ZHmdCQD2MB8GA1UdIwQYMBaAFOdo/Mi5Z9bxyIHg1JoMQgjfB/s3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzFBRS81OEQ5OTJERUI2 NzYxMUVDOEY1Mzc4NDdDNEY5QUUwMi81Mmo4eUxsbjF2SElnZURVbWd4Q0NOOEgt emMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzUyajh5TGxuMXZISWdlRFVtZ3hDQ044SC16Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QzFBRS81OEQ5OTJERUI2NzYxMUVDOEY1Mzc4NDdDNEY5QUUwMi81Mmo4eUxsbjF2 SElnZURVbWd4Q0NOOEgtemMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPEr8zuxV0gez7ecDaql1yRhcHGI+f8pDIcppb3AFa0M22sOHxnKqA yP8+9wL9uyP/S75wWPNSaVbMjIaIPAkA4SFAbvyWvR1LQmlTD3W23Uez+Sd8kxcK Ux9djT0ExRHB1f3upZoCXaSpOV5CSrsmAWfLQw3QHs+USyRfqO+M++zSi5lDnj85 EUJEBSJWUgGYsigkEXNscv9sdhb1LQ4r2hGx9Rle2EX1o1TRXOqOosdcPLsBPnV4 HvReAKB2W2+l2jgdLHczNoM5Ji0j740mtbowGFP0U50+E33sPCERRiR2JKvMPfYm zaPlxiwVOe+w5CIXVbBI5NQ3gLBt/K2S -----END CERTIFICATE-----Generated at Sat Apr 26 17:00:09 2025 by rpki-client