$ rpki-client -vvf rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft File: 2DvcT6zNnbegvEa0JE6jEHBgS5c.mft (raw, json) Hash identifier: VQoFyI0T5t+nZA72rE1Y8rKLK9sZBZrgmR43GzUDQew= Subject key identifier: 0B:A1:85:3D:89:82:DC:D1:AB:DD:4C:14:27:08:3E:FF:D5:01:A2:00 Authority key identifier: D8:3B:DC:4F:AC:CD:9D:B7:A0:BC:46:B4:24:4E:A3:10:70:60:4B:97 Certificate issuer: /CN=A914F870/serialNumber=D83BDC4FACCD9DB7A0BC46B4244EA31070604B97 Certificate serial: 32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DvcT6zNnbegvEa0JE6jEHBgS5c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft Manifest number: 32 Signing time: Fri 25 Apr 2025 06:38:25 +0000 Manifest this update: Fri 25 Apr 2025 06:38:25 +0000 Manifest next update: Fri 02 May 2025 06:38:25 +0000 Files and hashes: 1: 2DvcT6zNnbegvEa0JE6jEHBgS5c.crl (hash: 33ESnZuXU3C6P3kMrCP+wRDzckAnVKogla6VLKqv2pU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.crl rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DvcT6zNnbegvEa0JE6jEHBgS5c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:38:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F870, serialNumber=D83BDC4FACCD9DB7A0BC46B4244EA31070604B97 Validity Not Before: Apr 25 06:38:25 2025 GMT Not After : May 2 06:38:25 2025 GMT Subject: CN=680b2de1-9543 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:f0:1b:81:2d:dd:5b:4d:98:a8:df:46:25:c6: de:92:09:e0:b1:d9:a5:cc:7f:f9:ab:b5:fd:29:5a: 1c:c2:f8:01:f9:c4:5f:81:e6:3f:05:b9:04:f6:55: bf:16:fd:1f:5c:f5:4f:5f:2b:ad:64:44:fe:8d:79: a5:32:55:86:35:bb:0c:fc:5e:70:b9:7c:3a:c6:d9: c5:42:25:56:79:0c:4d:10:e0:03:7f:7d:56:5d:56: 45:d1:b6:a3:9a:e2:68:74:1e:d7:70:6a:f3:53:12: 91:ab:9d:1e:d7:a0:dd:d4:77:99:9d:ab:8d:9f:b7: 74:fc:be:be:f4:bf:cd:d8:ea:e0:e0:a5:56:7e:1f: c1:d0:1d:9c:b1:5c:78:4f:90:12:82:9a:32:1a:7b: b5:17:46:09:b2:82:19:61:26:c4:ea:88:a4:41:f0: 6e:da:fd:fa:e1:29:da:64:11:6a:59:bb:15:a5:f1: a2:0d:00:8a:d9:c4:10:18:21:40:4a:ec:7e:3b:90: 2e:5b:15:66:0c:f9:7b:fc:4a:da:d1:7b:2e:80:2e: 2d:8d:7b:50:bc:c3:42:8f:35:51:97:1c:4f:c3:c0: e2:14:ab:94:ad:d6:a2:86:60:dc:41:21:fe:eb:ba: 41:d6:42:6a:01:9d:b6:07:43:27:c6:99:f3:b9:3a: e6:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:A1:85:3D:89:82:DC:D1:AB:DD:4C:14:27:08:3E:FF:D5:01:A2:00 X509v3 Authority Key Identifier: keyid:D8:3B:DC:4F:AC:CD:9D:B7:A0:BC:46:B4:24:4E:A3:10:70:60:4B:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DvcT6zNnbegvEa0JE6jEHBgS5c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:3e:b5:e2:b9:7e:4d:51:07:c0:05:7b:d4:d9:8d:dc:d0:38: 9c:32:63:50:f6:d7:e4:2b:81:2c:c7:bf:cd:70:38:9b:42:78: 58:8f:a1:8a:cf:cb:9f:f8:97:95:c2:b3:19:98:ac:da:80:66: 02:2f:8c:20:5d:b3:27:57:0a:37:13:b8:03:42:85:a5:ac:72: a3:36:32:aa:3a:98:77:1a:2a:0d:42:04:31:c6:ee:21:89:24: a8:94:d4:c1:92:e8:7d:3b:42:1d:3e:be:32:de:62:6f:12:66: 19:13:27:4f:81:8e:fe:ed:22:6e:70:f5:12:5d:e2:55:06:02: e6:8c:a3:f4:f6:c1:99:5a:c5:ed:a0:48:92:c1:86:64:d1:2d: 66:93:7e:58:0b:40:18:fd:72:86:3e:fe:c0:7a:4c:a7:74:c2: f9:75:af:95:41:d5:f1:1c:23:8f:eb:64:9d:e1:a2:06:2b:11: d1:4c:f6:06:4f:55:05:e7:fb:dd:c2:ae:24:b5:08:fa:a0:22: 17:f2:99:64:e0:e4:d3:b7:02:cd:49:95:2e:2f:9d:f4:f2:8b: f3:c0:fc:a8:f2:ec:e0:08:e1:84:ec:95:1b:6a:25:17:33:b4: 08:3e:41:b3:b4:e7:e4:62:62:75:cc:45:bf:d6:9c:1a:2c:e0: b1:f2:ad:37 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Rjg3MDExMC8GA1UEBRMoRDgzQkRDNEZBQ0NEOURCN0EwQkM0NkI0MjQ0RUEzMTA3 MDYwNEI5NzAeFw0yNTA0MjUwNjM4MjVaFw0yNTA1MDIwNjM4MjVaMBgxFjAUBgNV BAMTDTY4MGIyZGUxLTk1NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCc8BuBLd1bTZio30Ylxt6SCeCx2aXMf/mrtf0pWhzC+AH5xF+B5j8FuQT2Vb8W /R9c9U9fK61kRP6NeaUyVYY1uwz8XnC5fDrG2cVCJVZ5DE0Q4AN/fVZdVkXRtqOa 4mh0HtdwavNTEpGrnR7XoN3Ud5mdq42ft3T8vr70v83Y6uDgpVZ+H8HQHZyxXHhP kBKCmjIae7UXRgmyghlhJsTqiKRB8G7a/frhKdpkEWpZuxWl8aINAIrZxBAYIUBK 7H47kC5bFWYM+Xv8StrRey6ALi2Ne1C8w0KPNVGXHE/DwOIUq5St1qKGYNxBIf7r ukHWQmoBnbYHQyfGmfO5OuZtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUC6GFPYmC 3NGr3UwUJwg+/9UBogAwHwYDVR0jBBgwFoAU2DvcT6zNnbegvEa0JE6jEHBgS5cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRGODcwL0QyRTI0Qzk4RDdF MjExRUZBRjBCM0I3REM0RjlBRTAyLzJEdmNUNnpObmJlZ3ZFYTBKRTZqRUhCZ1M1 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMkR2Y1Q2ek5uYmVndkVhMEpFNmpFSEJnUzVjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRG ODcwL0QyRTI0Qzk4RDdFMjExRUZBRjBCM0I3REM0RjlBRTAyLzJEdmNUNnpObmJl Z3ZFYTBKRTZqRUhCZ1M1Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEg+teK5fk1RB8AFe9TZjdzQOJwyY1D21+QrgSzHv81wOJtCeFiPoYrP y5/4l5XCsxmYrNqAZgIvjCBdsydXCjcTuANChaWscqM2Mqo6mHcaKg1CBDHG7iGJ JKiU1MGS6H07Qh0+vjLeYm8SZhkTJ0+Bjv7tIm5w9RJd4lUGAuaMo/T2wZlaxe2g SJLBhmTRLWaTflgLQBj9coY+/sB6TKd0wvl1r5VB1fEcI4/rZJ3hogYrEdFM9gZP VQXn+93CriS1CPqgIhfymWTg5NO3As1JlS4vnfTyi/PA/Kjy7OAI4YTslRtqJRcz tAg+QbO05+RiYnXMRb/WnBos4LHyrTc= -----END CERTIFICATE-----Generated at Sat Apr 26 13:33:29 2025 by rpki-client