$ rpki-client -vvf rpki.apnic.net/member_repository/A914E5AE/46D422F007D211ECAA82B611C4F9AE02/Ad9hVyR3ojDnn48oz91tKDd_Iis.mft File: Ad9hVyR3ojDnn48oz91tKDd_Iis.mft (raw, json) Hash identifier: tT9olsudagQVL54nnypSmbk+H8m+xGg+mIFDFvJyANM= Subject key identifier: B6:8D:20:5F:D6:4F:65:F8:5A:BB:F1:C4:7C:3C:05:70:1C:D9:1A:36 Authority key identifier: 01:DF:61:57:24:77:A2:30:E7:9F:8F:28:CF:DD:6D:28:37:7F:22:2B Certificate issuer: /CN=A914E5AE/serialNumber=01DF61572477A230E79F8F28CFDD6D28377F222B Certificate serial: 0508 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ad9hVyR3ojDnn48oz91tKDd_Iis.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E5AE/46D422F007D211ECAA82B611C4F9AE02/Ad9hVyR3ojDnn48oz91tKDd_Iis.mft Manifest number: 0501 Signing time: Thu 24 Apr 2025 23:27:27 +0000 Manifest this update: Thu 24 Apr 2025 23:27:27 +0000 Manifest next update: Thu 01 May 2025 23:27:27 +0000 Files and hashes: 1: Ad9hVyR3ojDnn48oz91tKDd_Iis.crl (hash: qXOihrMIrhw/n4/JW5uTBmlIhESN+XKD4K/YoRYXeZo=) 2: C847114C07D411ECBF875117C4F9AE02.roa (hash: MMhekj2SFZKQhejre+/ZuSr0R5tKH64F+RFediiHsYQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E5AE/46D422F007D211ECAA82B611C4F9AE02/Ad9hVyR3ojDnn48oz91tKDd_Iis.crl rsync://rpki.apnic.net/member_repository/A914E5AE/46D422F007D211ECAA82B611C4F9AE02/Ad9hVyR3ojDnn48oz91tKDd_Iis.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ad9hVyR3ojDnn48oz91tKDd_Iis.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:27:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1288 (0x508) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E5AE, serialNumber=01DF61572477A230E79F8F28CFDD6D28377F222B Validity Not Before: Apr 24 23:27:27 2025 GMT Not After : May 1 23:27:27 2025 GMT Subject: CN=680ac8df-e7d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d6:10:ff:84:96:59:2a:ce:21:73:c2:eb:ee: 65:d2:15:2e:a8:7d:bd:d2:b8:9b:0c:97:b0:2b:eb: 7c:89:78:7e:a7:9c:5d:15:77:2a:52:de:30:15:25: c2:2a:10:fb:a8:35:e9:a2:26:96:d9:4c:20:7b:72: 82:48:27:91:06:90:01:5e:01:16:5d:83:bb:c1:6b: 81:85:7a:6e:79:1f:29:47:9e:11:7d:a4:0d:5a:cc: 85:59:44:57:d9:a0:39:43:e3:14:b2:1e:c9:23:4e: 1b:47:0e:28:b1:eb:6e:f8:d9:3f:dd:b1:03:34:34: 37:45:1e:07:df:81:e1:8e:07:b5:24:fe:2f:e4:f6: 68:e2:83:c2:4f:23:81:ac:02:8e:1d:08:ba:91:64: ff:4a:ec:11:ad:63:e4:4b:ae:4f:37:19:f0:fc:f6: 37:ce:b6:6a:8a:02:df:69:b4:ef:02:6a:5b:54:da: eb:4e:d0:16:0d:03:0a:33:bd:da:19:12:cf:7a:88: 18:1f:6b:03:dd:32:af:f2:09:8a:40:91:45:fc:5e: db:67:0a:91:d5:c7:71:fd:13:52:08:35:1b:51:95: 9d:95:39:3a:1b:93:e3:fa:c0:bb:44:49:c4:eb:d0: 91:0f:25:ca:70:29:87:ba:ae:3c:f8:79:92:f1:28: b1:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:8D:20:5F:D6:4F:65:F8:5A:BB:F1:C4:7C:3C:05:70:1C:D9:1A:36 X509v3 Authority Key Identifier: keyid:01:DF:61:57:24:77:A2:30:E7:9F:8F:28:CF:DD:6D:28:37:7F:22:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E5AE/46D422F007D211ECAA82B611C4F9AE02/Ad9hVyR3ojDnn48oz91tKDd_Iis.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ad9hVyR3ojDnn48oz91tKDd_Iis.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E5AE/46D422F007D211ECAA82B611C4F9AE02/Ad9hVyR3ojDnn48oz91tKDd_Iis.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:68:9c:48:6c:c3:2e:1b:db:f2:a9:ae:b2:10:04:31:05:df: 66:5e:18:bb:5f:4f:05:7b:fb:40:8d:96:54:83:3c:7a:33:c5: f5:37:64:6c:d9:92:68:13:23:b1:f1:6b:b4:79:7d:d0:5c:1a: 3c:88:99:de:ae:d7:6a:f4:d5:3c:4a:f5:dc:7a:9e:32:6a:a2: bb:56:3f:ab:53:1b:09:e6:8b:42:c2:ba:3c:73:40:ed:98:a2: fd:60:d4:36:f3:0f:e2:d9:da:37:b2:56:85:cd:04:00:25:24: 7c:83:d8:22:30:3b:25:e2:68:4b:61:2e:77:24:fb:28:4b:b6: a8:62:4f:f1:7b:f9:4b:db:e1:2b:8f:b0:8d:fc:3b:ea:77:ef: 41:bb:4e:f0:b0:79:52:72:94:a9:ac:b4:b8:bb:22:8f:e9:5e: 69:11:51:e1:2e:4d:10:c2:6f:29:06:78:3e:3d:7d:cc:8c:71: bf:ac:ad:4b:33:f2:69:a7:57:22:14:1e:ca:71:7b:e4:98:4c: 59:79:12:65:3f:c2:ea:7a:d1:79:a8:61:17:71:68:7d:5f:72: 28:21:59:a6:a4:2f:db:37:b6:0f:32:dd:86:b2:dd:d8:e8:73: d2:91:c4:ac:71:11:5e:a4:db:2a:e2:c9:3f:e2:0f:c2:d9:41: 00:4c:c5:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEU1QUUxMTAvBgNVBAUTKDAxREY2MTU3MjQ3N0EyMzBFNzlGOEYyOENGREQ2RDI4 Mzc3RjIyMkIwHhcNMjUwNDI0MjMyNzI3WhcNMjUwNTAxMjMyNzI3WjAYMRYwFAYD VQQDEw02ODBhYzhkZi1lN2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq9YQ/4SWWSrOIXPC6+5l0hUuqH290ribDJewK+t8iXh+p5xdFXcqUt4wFSXC KhD7qDXpoiaW2Uwge3KCSCeRBpABXgEWXYO7wWuBhXpueR8pR54RfaQNWsyFWURX 2aA5Q+MUsh7JI04bRw4osetu+Nk/3bEDNDQ3RR4H34Hhjge1JP4v5PZo4oPCTyOB rAKOHQi6kWT/SuwRrWPkS65PNxnw/PY3zrZqigLfabTvAmpbVNrrTtAWDQMKM73a GRLPeogYH2sD3TKv8gmKQJFF/F7bZwqR1cdx/RNSCDUbUZWdlTk6G5Pj+sC7REnE 69CRDyXKcCmHuq48+HmS8SixZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLaNIF/W T2X4WrvxxHw8BXAc2Ro2MB8GA1UdIwQYMBaAFAHfYVckd6Iw55+PKM/dbSg3fyIr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTVBRS80NkQ0MjJGMDA3 RDIxMUVDQUE4MkI2MTFDNEY5QUUwMi9BZDloVnlSM29qRG5uNDhvejkxdEtEZF9J aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FkOWhWeVIzb2pEbm40OG96OTF0S0RkX0lpcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTVBRS80NkQ0MjJGMDA3RDIxMUVDQUE4MkI2MTFDNEY5QUUwMi9BZDloVnlSM29q RG5uNDhvejkxdEtEZF9JaXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApaJxIbMMuG9vyqa6yEAQxBd9mXhi7X08Fe/tAjZZUgzx6M8X1N2Rs 2ZJoEyOx8Wu0eX3QXBo8iJnertdq9NU8SvXcep4yaqK7Vj+rUxsJ5otCwro8c0Dt mKL9YNQ28w/i2do3slaFzQQAJSR8g9giMDsl4mhLYS53JPsoS7aoYk/xe/lL2+Er j7CN/Dvqd+9Bu07wsHlScpSprLS4uyKP6V5pEVHhLk0Qwm8pBng+PX3MjHG/rK1L M/Jpp1ciFB7KcXvkmExZeRJlP8LqetF5qGEXcWh9X3IoIVmmpC/bN7YPMt2Gst3Y 6HPSkcSscRFepNsq4sk/4g/C2UEATMX3 -----END CERTIFICATE-----Generated at Sat Apr 26 04:21:50 2025 by rpki-client