$ rpki-client -vvf rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/ng7u9_yIBOBDfomd7TGYizxgLQI.mft File: ng7u9_yIBOBDfomd7TGYizxgLQI.mft (raw, json) Hash identifier: idetm//ns2wrOlyjNPcGkxBwCvCVGX+Ko8H7jibi1Xg= Subject key identifier: 9E:0D:C6:47:56:82:77:AB:F5:C5:46:84:D8:31:C8:CC:98:35:D3:78 Authority key identifier: 9E:0E:EE:F7:FC:88:04:E0:43:7E:89:9D:ED:31:98:8B:3C:60:2D:02 Certificate issuer: /CN=A914FA25/serialNumber=9E0EEEF7FC8804E0437E899DED31988B3C602D02 Certificate serial: 0BDB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ng7u9_yIBOBDfomd7TGYizxgLQI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/ng7u9_yIBOBDfomd7TGYizxgLQI.mft Manifest number: 0DA1 Signing time: Mon 28 Apr 2025 19:17:36 +0000 Manifest this update: Mon 28 Apr 2025 19:17:35 +0000 Manifest next update: Mon 05 May 2025 19:17:35 +0000 Files and hashes: 1: ng7u9_yIBOBDfomd7TGYizxgLQI.crl (hash: 9dS3isKtfqYOdxaw41Y6lXfEQTG666p7/uZq9otBE0Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/ng7u9_yIBOBDfomd7TGYizxgLQI.crl rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/ng7u9_yIBOBDfomd7TGYizxgLQI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ng7u9_yIBOBDfomd7TGYizxgLQI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 19:17:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3035 (0xbdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914FA25, serialNumber=9E0EEEF7FC8804E0437E899DED31988B3C602D02 Validity Not Before: Apr 28 19:17:35 2025 GMT Not After : May 5 19:17:35 2025 GMT Subject: CN=680fd450-2dd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:fd:06:5e:10:63:d0:65:d3:21:42:01:0f:73: a5:b3:ca:7c:76:d4:32:4b:a5:50:d7:60:c5:d1:80: ef:d4:3b:4c:00:41:2a:bc:d4:ff:7e:ff:01:85:cf: 85:c4:fb:10:52:ba:2e:d9:f7:16:3f:09:4b:8e:4d: ab:b8:ee:eb:c3:a2:17:e0:2e:05:b6:75:6e:a1:37: 47:fa:cf:75:f6:6b:7e:9b:0c:d0:fe:71:25:b8:8e: bd:d1:0a:1a:74:80:9e:e2:12:75:7b:1a:28:35:cf: 51:1a:08:51:58:67:72:8b:13:aa:f7:c9:44:8d:7a: 60:ea:07:f1:07:0a:16:19:92:9a:50:52:77:37:b9: 36:64:15:4b:de:09:63:08:5c:81:28:ab:91:bb:8a: 4f:c0:8f:22:f0:2c:51:30:15:a4:fa:c9:3a:f9:e1: ab:60:45:86:eb:57:70:52:cf:60:a0:de:2d:d7:d5: 3c:74:d1:d9:39:ad:07:a2:fa:66:6c:01:f8:3f:ff: e6:64:17:55:3c:9c:5e:d2:88:66:28:5d:53:9f:96: 2c:8c:07:34:86:25:41:8f:11:31:a2:3d:92:da:43: 15:46:26:ab:27:47:e3:4e:e5:ac:10:89:e6:b0:d1: 45:c8:bf:cd:1d:2b:c4:28:bc:b3:b3:0f:7a:46:8d: 0c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:0D:C6:47:56:82:77:AB:F5:C5:46:84:D8:31:C8:CC:98:35:D3:78 X509v3 Authority Key Identifier: keyid:9E:0E:EE:F7:FC:88:04:E0:43:7E:89:9D:ED:31:98:8B:3C:60:2D:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/ng7u9_yIBOBDfomd7TGYizxgLQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ng7u9_yIBOBDfomd7TGYizxgLQI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/ng7u9_yIBOBDfomd7TGYizxgLQI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:06:2a:b6:03:4a:51:9e:5a:00:dd:86:2b:3a:d8:76:04:cf: ee:3d:49:99:ba:bc:41:07:06:33:92:cc:d1:d5:ba:1c:23:3a: 3a:ba:54:c1:cc:a1:4e:13:62:eb:99:66:69:62:e4:45:d4:d4: 24:73:c3:54:48:5c:ec:fe:39:6d:35:33:a2:1b:21:fa:43:3a: a2:7f:42:51:e8:e4:78:e6:39:89:ff:da:02:8b:40:96:91:62: 4e:83:ae:18:cf:60:42:0e:bf:d9:13:7f:83:e4:00:34:ed:e9: 68:7e:a5:cb:16:14:58:e3:ba:93:f6:6e:2d:74:34:a0:19:26: 32:ea:91:ba:90:7f:e5:26:aa:67:0b:7d:57:59:98:97:8f:53: 78:d4:0c:03:11:2a:22:c4:ed:cb:f0:16:fb:56:1e:8b:7f:1c: 44:69:8d:13:32:21:ac:9e:47:33:8d:88:23:5e:71:43:6c:3a: 06:e8:54:59:49:cd:ac:c4:a0:6f:fe:e2:68:4b:da:57:b3:2e: aa:c5:3e:fc:b9:c2:57:33:6b:b7:0f:cf:10:82:07:f2:0f:fd: 8c:b6:66:6d:23:00:40:b4:e6:11:c4:df:11:92:7e:d4:f0:5a: 21:89:73:55:50:c2:ee:82:ed:10:ee:8e:16:48:00:b3:3b:ed: f5:f6:e6:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEZBMjUxMTAvBgNVBAUTKDlFMEVFRUY3RkM4ODA0RTA0MzdFODk5REVEMzE5ODhC M0M2MDJEMDIwHhcNMjUwNDI4MTkxNzM1WhcNMjUwNTA1MTkxNzM1WjAYMRYwFAYD VQQDEw02ODBmZDQ1MC0yZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzP0GXhBj0GXTIUIBD3Ols8p8dtQyS6VQ12DF0YDv1DtMAEEqvNT/fv8Bhc+F xPsQUrou2fcWPwlLjk2ruO7rw6IX4C4FtnVuoTdH+s919mt+mwzQ/nEluI690Qoa dICe4hJ1exooNc9RGghRWGdyixOq98lEjXpg6gfxBwoWGZKaUFJ3N7k2ZBVL3glj CFyBKKuRu4pPwI8i8CxRMBWk+sk6+eGrYEWG61dwUs9goN4t19U8dNHZOa0Hovpm bAH4P//mZBdVPJxe0ohmKF1Tn5YsjAc0hiVBjxExoj2S2kMVRiarJ0fjTuWsEInm sNFFyL/NHSvEKLyzsw96Ro0M0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ4NxkdW gner9cVGhNgxyMyYNdN4MB8GA1UdIwQYMBaAFJ4O7vf8iATgQ36Jne0xmIs8YC0C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RkEyNS8yQkJDQkNBQTFE QUMxMUVBQUY0QTM3NjNDNEY5QUUwMi9uZzd1OV95SUJPQkRmb21kN1RHWWl6eGdM UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25nN3U5X3lJQk9CRGZvbWQ3VEdZaXp4Z0xRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RkEyNS8yQkJDQkNBQTFEQUMxMUVBQUY0QTM3NjNDNEY5QUUwMi9uZzd1OV95SUJP QkRmb21kN1RHWWl6eGdMUUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATBiq2A0pRnloA3YYrOth2BM/uPUmZurxBBwYzkszR1bocIzo6ulTB zKFOE2LrmWZpYuRF1NQkc8NUSFzs/jltNTOiGyH6Qzqif0JR6OR45jmJ/9oCi0CW kWJOg64Yz2BCDr/ZE3+D5AA07elofqXLFhRY47qT9m4tdDSgGSYy6pG6kH/lJqpn C31XWZiXj1N41AwDESoixO3L8Bb7Vh6LfxxEaY0TMiGsnkczjYgjXnFDbDoG6FRZ Sc2sxKBv/uJoS9pXsy6qxT78ucJXM2u3D88QggfyD/2MtmZtIwBAtOYRxN8Rkn7U 8FohiXNVUMLugu0Q7o4WSACzO+319uZ9 -----END CERTIFICATE-----Generated at Tue Apr 29 05:22:17 2025 by rpki-client