$ rpki-client -vvf rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.mft File: FCD4Bwnd09_D9RFWVQPO9ERL7cM.mft (raw, json) Hash identifier: B+QaKhBWL9SwbycNCKqRzY4Nr2RfN/b59zn/bOjP6Kc= Subject key identifier: DC:5E:97:10:EE:02:73:8F:C2:30:9A:82:39:D1:E6:AB:24:83:FB:C2 Authority key identifier: 14:20:F8:07:09:DD:D3:DF:C3:F5:11:56:55:03:CE:F4:44:4B:ED:C3 Certificate issuer: /CN=A914F5BA/serialNumber=1420F80709DDD3DFC3F511565503CEF4444BEDC3 Certificate serial: 08D8 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/FCD4Bwnd09_D9RFWVQPO9ERL7cM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.mft Manifest number: 08D2 Signing time: Thu 24 Apr 2025 20:19:23 +0000 Manifest this update: Thu 24 Apr 2025 20:19:22 +0000 Manifest next update: Thu 01 May 2025 20:19:22 +0000 Files and hashes: 1: FCD4Bwnd09_D9RFWVQPO9ERL7cM.crl (hash: l+pp/a9WblBubZXy91TlKwGTkahV7o41QrQAMiq7Zys=) 2: E9E80356AD6211EABEDF046AC4F9AE02.roa (hash: 7BeIC/3MCE4ltdZdNYUXGP6p5TOokjZ4G97ql300lNY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.crl rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/FCD4Bwnd09_D9RFWVQPO9ERL7cM.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:19:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2264 (0x8d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F5BA, serialNumber=1420F80709DDD3DFC3F511565503CEF4444BEDC3 Validity Not Before: Apr 24 20:19:22 2025 GMT Not After : May 1 20:19:22 2025 GMT Subject: CN=680a9ccb-3787 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:db:67:9f:5d:95:67:45:d5:2e:15:37:8f:6d: 39:18:6a:a4:9c:2b:0c:0e:30:51:cb:56:bf:a0:d8: 78:4e:b2:f4:2e:50:1b:df:52:80:95:c8:6c:4e:9a: f6:14:46:07:be:09:cf:ca:96:2e:46:0c:8b:c6:78: 78:be:d8:65:ec:b0:a5:a7:7e:9a:30:4b:c7:22:fc: 79:1e:ac:4b:ff:a8:fe:57:91:2e:f5:c4:02:ec:6f: 2d:5c:8b:e6:b1:88:a4:6c:65:db:35:ca:ce:a4:14: 3b:4f:0c:c2:ac:8e:6a:4a:37:70:33:06:ff:96:43: 3a:70:70:03:12:85:4a:c2:4d:9a:c9:b1:d2:69:e4: 5b:7a:a3:e5:5a:ee:45:0a:32:62:40:7d:d1:e0:c3: 99:c7:a2:eb:50:67:be:25:6d:c5:54:fe:1d:a4:c6: 54:9f:37:ec:a5:c4:22:1a:bf:0a:83:72:29:00:75: d3:af:cb:a9:5d:3e:7b:cc:91:78:af:7b:0a:59:ee: a1:df:92:ab:27:84:1b:b2:82:c4:be:81:44:e9:bb: 8c:4c:12:2c:ec:b1:9b:18:21:e9:5d:c4:10:2e:63: 38:80:e8:5c:7e:10:cc:c9:c3:07:83:56:75:59:2a: 28:67:0e:3f:ff:62:d3:2d:42:0f:2c:f8:ec:21:c6: 64:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:5E:97:10:EE:02:73:8F:C2:30:9A:82:39:D1:E6:AB:24:83:FB:C2 X509v3 Authority Key Identifier: keyid:14:20:F8:07:09:DD:D3:DF:C3:F5:11:56:55:03:CE:F4:44:4B:ED:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/FCD4Bwnd09_D9RFWVQPO9ERL7cM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:9a:04:72:0a:21:37:88:f9:c2:2e:95:7b:3a:2c:62:74:c0: 28:69:d3:70:f3:29:48:bc:3a:34:2e:16:61:e5:d2:73:72:d3: d1:33:4d:7c:3f:88:29:76:81:29:04:96:95:3c:6f:2c:42:8a: 5b:2f:c4:43:d2:fc:42:f9:48:00:3b:93:26:47:d6:3b:91:da: de:5c:a9:64:58:7b:82:f6:69:fe:e7:33:6a:48:9c:b1:3d:9a: 15:dc:e3:86:47:24:fe:b3:60:91:19:0a:48:08:e9:ac:7a:0e: 90:de:25:7f:ca:bf:d6:7a:51:9f:4b:5f:43:6f:3d:ac:29:70: fd:32:12:da:20:6b:7b:04:61:f9:3b:2f:4d:74:8d:de:5e:41: 2d:9b:d5:90:db:8c:f0:64:9c:4f:ea:8b:74:8f:50:5e:00:eb: cd:8e:6c:fc:3e:07:b2:5b:8a:11:da:ff:26:12:fa:da:29:26: a7:83:9a:3d:85:9b:8f:9a:f4:d1:b8:31:4e:ca:18:75:25:93: c5:c0:c9:79:3c:0d:c1:e9:d8:62:3e:4a:7c:47:f4:b2:5e:65: f3:6c:09:0b:0e:3b:52:b4:7d:58:80:7a:25:af:3f:c0:98:af: 70:52:20:b5:53:a5:0a:16:0f:d8:87:36:57:22:c2:d5:3f:5b: d1:70:5e:1f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1QkExMTAvBgNVBAUTKDE0MjBGODA3MDlEREQzREZDM0Y1MTE1NjU1MDNDRUY0 NDQ0QkVEQzMwHhcNMjUwNDI0MjAxOTIyWhcNMjUwNTAxMjAxOTIyWjAYMRYwFAYD VQQDEw02ODBhOWNjYi0zNzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzNtnn12VZ0XVLhU3j205GGqknCsMDjBRy1a/oNh4TrL0LlAb31KAlchsTpr2 FEYHvgnPypYuRgyLxnh4vthl7LClp36aMEvHIvx5HqxL/6j+V5Eu9cQC7G8tXIvm sYikbGXbNcrOpBQ7TwzCrI5qSjdwMwb/lkM6cHADEoVKwk2aybHSaeRbeqPlWu5F CjJiQH3R4MOZx6LrUGe+JW3FVP4dpMZUnzfspcQiGr8Kg3IpAHXTr8upXT57zJF4 r3sKWe6h35KrJ4QbsoLEvoFE6buMTBIs7LGbGCHpXcQQLmM4gOhcfhDMycMHg1Z1 WSooZw4//2LTLUIPLPjsIcZkHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNxelxDu AnOPwjCagjnR5qskg/vCMB8GA1UdIwQYMBaAFBQg+AcJ3dPfw/URVlUDzvRES+3D MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjVCQS8wNDlEQ0QyMkFE NjExMUVBOEYxQThENjNDNEY5QUUwMi9GQ0Q0QnduZDA5X0Q5UkZXVlFQTzlFUkw3 Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL0ZDRDRCd25kMDlfRDlSRldWUVBPOUVSTDdjTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjVCQS8wNDlEQ0QyMkFENjExMUVBOEYxQThENjNDNEY5QUUwMi9GQ0Q0QnduZDA5 X0Q5UkZXVlFQTzlFUkw3Y00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtmgRyCiE3iPnCLpV7OixidMAoadNw8ylIvDo0LhZh5dJzctPRM018 P4gpdoEpBJaVPG8sQopbL8RD0vxC+UgAO5MmR9Y7kdreXKlkWHuC9mn+5zNqSJyx PZoV3OOGRyT+s2CRGQpICOmseg6Q3iV/yr/WelGfS19Dbz2sKXD9MhLaIGt7BGH5 Oy9NdI3eXkEtm9WQ24zwZJxP6ot0j1BeAOvNjmz8PgeyW4oR2v8mEvraKSang5o9 hZuPmvTRuDFOyhh1JZPFwMl5PA3B6dhiPkp8R/SyXmXzbAkLDjtStH1YgHolrz/A mK9wUiC1U6UKFg/YhzZXIsLVP1vRcF4f -----END CERTIFICATE-----Generated at Sat Apr 26 14:54:33 2025 by rpki-client