$ rpki-client -vvf rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft File: 2QhrDfk0LcKwkbrobLd5_GJZvXs.mft (raw, json) Hash identifier: 752qCfRiju/oXF4aP6MOr16+B6ybAOyHv04fNd7cUTU= Subject key identifier: 87:74:26:03:34:1F:04:D2:98:F4:EB:5C:53:A6:51:EA:B3:32:9B:CC Authority key identifier: D9:08:6B:0D:F9:34:2D:C2:B0:91:BA:E8:6C:B7:79:FC:62:59:BD:7B Certificate issuer: /CN=A914F2EC/serialNumber=D9086B0DF9342DC2B091BAE86CB779FC6259BD7B Certificate serial: 3484 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft Manifest number: 347B Signing time: Thu 24 Apr 2025 14:59:07 +0000 Manifest this update: Thu 24 Apr 2025 14:59:07 +0000 Manifest next update: Thu 01 May 2025 14:59:07 +0000 Files and hashes: 1: 2QhrDfk0LcKwkbrobLd5_GJZvXs.crl (hash: JjM2lPegTBD+GzhHCq/rR0dpaGLEiYqHxCk2GshlOnA=) 2: 588BD7269A1211E8B97A623AC4F9AE02.roa (hash: KKbAooYir9kiM+kQeIhamjhStk+gbSQk/A73xTUucXs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.crl rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:59:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13444 (0x3484) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F2EC, serialNumber=D9086B0DF9342DC2B091BAE86CB779FC6259BD7B Validity Not Before: Apr 24 14:59:07 2025 GMT Not After : May 1 14:59:07 2025 GMT Subject: CN=680a51bb-cb2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d1:21:28:88:a9:11:6c:51:18:73:28:4e:8a: 8f:55:6c:20:8a:3c:45:05:70:27:59:f5:91:e1:23: d1:db:8a:ac:aa:1e:0d:bc:3f:6e:2c:a6:2f:7c:fd: a3:f2:cb:c8:77:5a:ef:5d:f9:6e:c1:ea:42:07:62: 65:77:6f:aa:5b:b7:18:36:45:4a:26:1a:46:d1:c6: 5f:3e:11:2d:25:9d:91:2c:72:67:3f:b9:b7:8a:09: 00:3e:60:eb:4f:c2:da:5f:78:46:43:c4:14:05:b6: c7:3e:60:df:2d:43:56:ea:9c:8b:cd:3a:6b:60:a1: 2d:dc:28:93:58:5b:7e:cc:0f:5f:46:ea:7e:ac:df: 0a:14:49:43:f0:dd:ea:5a:00:44:0e:f9:7a:a9:0f: be:93:90:5f:7b:35:9b:41:30:eb:58:9e:f5:d1:c2: e4:a9:49:67:1d:9e:e2:b0:d7:26:bc:6c:38:68:18: 1e:ec:28:39:26:d5:2f:2e:ff:8e:32:dc:93:b7:58: 18:f1:07:be:ff:3a:66:43:76:a5:16:28:86:27:ff: 1c:fd:85:f9:69:79:c9:00:b7:7b:99:d7:3f:57:7a: 03:2b:7f:1b:70:8d:79:44:e8:b1:2b:b3:22:bd:51: 7b:f1:ec:da:15:7f:d0:40:4e:3c:03:e9:c5:64:a1: a1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:74:26:03:34:1F:04:D2:98:F4:EB:5C:53:A6:51:EA:B3:32:9B:CC X509v3 Authority Key Identifier: keyid:D9:08:6B:0D:F9:34:2D:C2:B0:91:BA:E8:6C:B7:79:FC:62:59:BD:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:fc:2a:78:42:76:2f:b7:43:24:c6:ad:eb:75:c1:c0:45:ac: 0c:a6:07:53:06:0e:03:cb:af:fc:65:8c:27:db:f9:98:79:1c: 5e:c0:7c:47:cc:9a:30:be:1f:3a:0d:fc:5f:43:d4:ce:fe:18: dd:1a:ce:90:6e:c0:93:aa:f8:15:3c:57:ce:92:e6:7d:bb:fd: 7e:36:90:34:2a:0b:0d:2e:99:f1:b8:d2:a7:e4:ef:0a:ba:b0: 69:69:75:f7:3d:64:8e:44:4b:5c:bf:cd:c9:13:d7:28:ca:40: f2:60:5b:ab:58:64:2d:3b:7a:95:5f:4d:ab:b3:84:74:93:44: a8:c9:73:7c:dd:9a:d0:26:4e:63:b7:64:46:ce:30:97:88:8d: 85:4c:b7:b2:8d:e7:ac:f6:6d:66:ec:d4:b6:88:37:77:6c:9c: 67:c4:39:bf:91:47:12:fc:ae:0d:b6:aa:7a:63:13:f7:3f:9c: 94:57:69:af:11:6d:b5:16:4d:ba:86:4d:26:af:81:f7:af:4e: ec:ea:4d:cd:8a:45:18:72:67:fb:95:46:17:f9:c2:d8:b9:07: 7d:0f:bd:7d:0e:5e:0b:b3:2b:c8:e9:03:47:2b:a2:44:9c:c6: 80:88:5d:f7:24:bb:fb:3c:ef:49:a0:62:60:6b:7f:5f:85:6b: aa:fd:42:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEYyRUMxMTAvBgNVBAUTKEQ5MDg2QjBERjkzNDJEQzJCMDkxQkFFODZDQjc3OUZD NjI1OUJEN0IwHhcNMjUwNDI0MTQ1OTA3WhcNMjUwNTAxMTQ1OTA3WjAYMRYwFAYD VQQDEw02ODBhNTFiYi1jYjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn9EhKIipEWxRGHMoToqPVWwgijxFBXAnWfWR4SPR24qsqh4NvD9uLKYvfP2j 8svId1rvXfluwepCB2Jld2+qW7cYNkVKJhpG0cZfPhEtJZ2RLHJnP7m3igkAPmDr T8LaX3hGQ8QUBbbHPmDfLUNW6pyLzTprYKEt3CiTWFt+zA9fRup+rN8KFElD8N3q WgBEDvl6qQ++k5BfezWbQTDrWJ710cLkqUlnHZ7isNcmvGw4aBge7Cg5JtUvLv+O MtyTt1gY8Qe+/zpmQ3alFiiGJ/8c/YX5aXnJALd7mdc/V3oDK38bcI15ROixK7Mi vVF78ezaFX/QQE48A+nFZKGhEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFId0JgM0 HwTSmPTrXFOmUeqzMpvMMB8GA1UdIwQYMBaAFNkIaw35NC3CsJG66Gy3efxiWb17 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjJFQy9ENThBMjI2QzFE OUMxMUUyOUJDM0IyOEIwOEIwMkNEMi8yUWhyRGZrMExjS3drYnJvYkxkNV9HSlp2 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRaHJEZmswTGNLd2ticm9iTGQ1X0dKWnZYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjJFQy9ENThBMjI2QzFEOUMxMUUyOUJDM0IyOEIwOEIwMkNEMi8yUWhyRGZrMExj S3drYnJvYkxkNV9HSlp2WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4/Cp4QnYvt0Mkxq3rdcHARawMpgdTBg4Dy6/8ZYwn2/mYeRxewHxH zJowvh86DfxfQ9TO/hjdGs6QbsCTqvgVPFfOkuZ9u/1+NpA0KgsNLpnxuNKn5O8K urBpaXX3PWSOREtcv83JE9coykDyYFurWGQtO3qVX02rs4R0k0SoyXN83ZrQJk5j t2RGzjCXiI2FTLeyjees9m1m7NS2iDd3bJxnxDm/kUcS/K4Ntqp6YxP3P5yUV2mv EW21Fk26hk0mr4H3r07s6k3NikUYcmf7lUYX+cLYuQd9D719Dl4LsyvI6QNHK6JE nMaAiF33JLv7PO9JoGJga39fhWuq/ULY -----END CERTIFICATE-----Generated at Sat Apr 26 14:10:54 2025 by rpki-client