$ rpki-client -vvf rpki.apnic.net/member_repository/A9155D1E/A8D883EA10E311EDADAFD909C4F9AE02/gKS4_K7NAR6Cqk4tchc8pj6cTlE.mft File: gKS4_K7NAR6Cqk4tchc8pj6cTlE.mft (raw, json) Hash identifier: jWOLeUZ50wWjy4G4Jyf4PVoKTazMNAwjRMQDKB6hkL8= Subject key identifier: 5A:13:DA:90:DB:AF:8B:1E:09:0F:7D:00:D7:4F:72:9D:DC:C4:7A:E3 Authority key identifier: 80:A4:B8:FC:AE:CD:01:1E:82:AA:4E:2D:72:17:3C:A6:3E:9C:4E:51 Certificate issuer: /CN=A9155D1E/serialNumber=80A4B8FCAECD011E82AA4E2D72173CA63E9C4E51 Certificate serial: 025E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gKS4_K7NAR6Cqk4tchc8pj6cTlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9155D1E/A8D883EA10E311EDADAFD909C4F9AE02/gKS4_K7NAR6Cqk4tchc8pj6cTlE.mft Manifest number: 025B Signing time: Fri 25 Apr 2025 01:33:36 +0000 Manifest this update: Fri 25 Apr 2025 01:33:35 +0000 Manifest next update: Fri 02 May 2025 01:33:35 +0000 Files and hashes: 1: gKS4_K7NAR6Cqk4tchc8pj6cTlE.crl (hash: Mj04AWTK4wwFSDK4LD+G4gPQjA/JLLqAWbnp3HqC6sM=) 2: C003531C10EB11ED9C882A38C4F9AE02.roa (hash: /RoBHSg+ngqFh2UJ3g0lpB7Yit0McfV7uuriZB6CNaA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9155D1E/A8D883EA10E311EDADAFD909C4F9AE02/gKS4_K7NAR6Cqk4tchc8pj6cTlE.crl rsync://rpki.apnic.net/member_repository/A9155D1E/A8D883EA10E311EDADAFD909C4F9AE02/gKS4_K7NAR6Cqk4tchc8pj6cTlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gKS4_K7NAR6Cqk4tchc8pj6cTlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:33:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 606 (0x25e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9155D1E, serialNumber=80A4B8FCAECD011E82AA4E2D72173CA63E9C4E51 Validity Not Before: Apr 25 01:33:35 2025 GMT Not After : May 2 01:33:35 2025 GMT Subject: CN=680ae670-1d1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9b:2c:2f:42:f1:ae:96:9b:ba:43:a7:b1:28: 68:8c:0a:5b:49:53:fe:fc:c8:73:aa:53:4a:39:6a: 3b:7c:ab:cb:eb:7e:3f:ef:17:d3:a2:8c:56:ce:e8: ad:50:65:a7:a1:84:e9:38:30:33:d0:4b:6c:87:d2: 23:5b:24:4b:b3:5f:18:c0:ee:c7:b0:ab:58:11:0f: cd:76:85:ca:ed:fe:2a:2d:8c:3a:1d:3c:5e:c0:9a: 9f:51:32:00:2f:f8:3a:92:8c:f4:06:ef:63:b0:d4: 97:7e:23:79:05:81:62:7f:d5:20:c0:9d:17:75:e0: 65:7e:d9:12:55:bf:c9:d7:0b:d0:d4:79:5c:22:57: cf:cb:6e:b2:b3:cb:e5:19:67:59:97:f8:0a:bb:18: c0:7b:fa:00:d2:95:14:2c:2d:77:79:0e:2e:6b:ce: 70:9f:ed:53:dc:9b:58:b6:6e:45:5b:a5:1c:a8:09: ed:3a:c5:23:1e:b5:57:79:27:e3:75:1b:9a:90:43: db:d5:0a:3c:64:2d:58:ea:81:07:4f:b6:2d:af:82: c1:4f:86:e5:f4:2d:03:c5:f1:13:c5:d3:bb:3d:8c: 8c:82:38:23:51:91:3c:6f:9b:9f:d0:e7:56:29:0f: 01:8b:1f:86:9d:83:a2:86:d6:b7:4f:2c:71:48:b7: 1f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:13:DA:90:DB:AF:8B:1E:09:0F:7D:00:D7:4F:72:9D:DC:C4:7A:E3 X509v3 Authority Key Identifier: keyid:80:A4:B8:FC:AE:CD:01:1E:82:AA:4E:2D:72:17:3C:A6:3E:9C:4E:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9155D1E/A8D883EA10E311EDADAFD909C4F9AE02/gKS4_K7NAR6Cqk4tchc8pj6cTlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gKS4_K7NAR6Cqk4tchc8pj6cTlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155D1E/A8D883EA10E311EDADAFD909C4F9AE02/gKS4_K7NAR6Cqk4tchc8pj6cTlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:63:39:82:cd:e7:ae:a2:be:57:d2:37:13:96:f2:03:01:87: 96:49:b9:e1:fc:2b:4a:2f:d1:5e:6d:1c:51:c7:8f:e5:ad:58: f9:91:5b:f2:79:c5:0f:1e:6f:4e:8f:d7:87:3c:b8:53:a9:a3: d9:b7:04:1e:a5:a2:62:28:28:64:41:22:e1:d4:cf:e1:5f:02: 2e:27:c2:1b:27:76:dc:b5:d2:87:b5:59:80:49:b4:2a:3f:99: d3:e2:c5:3a:5d:12:14:b2:e1:59:89:62:79:7b:5b:79:03:83: 1f:08:bb:4f:b7:98:14:42:d1:d2:77:b5:dd:9e:38:2d:cb:24: 43:6c:ee:ed:46:a8:0a:30:46:cf:96:ad:07:8d:b9:fe:e9:d5: 51:e2:d1:18:a8:bb:5c:fb:f1:da:99:b7:df:e3:7e:3d:ce:0c: 97:2a:3a:57:c0:66:bf:d4:8a:1d:c8:cb:9a:78:f8:5a:29:23: 67:3d:ff:99:5e:1d:6b:b7:39:21:da:54:44:df:9f:3f:41:8c: ef:1a:fd:89:9c:37:ed:b9:7d:93:7a:b6:38:49:aa:10:17:7e: a9:23:5b:46:45:b3:1a:1a:8b:d5:bd:2d:74:3d:71:7d:6d:dc: 3d:6b:a7:8c:73:a1:dc:f4:44:5d:36:c3:9b:0d:5c:49:e6:b1: 22:e2:d5:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTVEMUUxMTAvBgNVBAUTKDgwQTRCOEZDQUVDRDAxMUU4MkFBNEUyRDcyMTczQ0E2 M0U5QzRFNTEwHhcNMjUwNDI1MDEzMzM1WhcNMjUwNTAyMDEzMzM1WjAYMRYwFAYD VQQDEw02ODBhZTY3MC0xZDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZssL0LxrpabukOnsShojApbSVP+/MhzqlNKOWo7fKvL634/7xfTooxWzuit UGWnoYTpODAz0Etsh9IjWyRLs18YwO7HsKtYEQ/NdoXK7f4qLYw6HTxewJqfUTIA L/g6koz0Bu9jsNSXfiN5BYFif9UgwJ0XdeBlftkSVb/J1wvQ1HlcIlfPy26ys8vl GWdZl/gKuxjAe/oA0pUULC13eQ4ua85wn+1T3JtYtm5FW6UcqAntOsUjHrVXeSfj dRuakEPb1Qo8ZC1Y6oEHT7Ytr4LBT4bl9C0DxfETxdO7PYyMgjgjUZE8b5uf0OdW KQ8Bix+GnYOihta3TyxxSLcfAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFoT2pDb r4seCQ99ANdPcp3cxHrjMB8GA1UdIwQYMBaAFICkuPyuzQEegqpOLXIXPKY+nE5R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUQxRS9BOEQ4ODNFQTEw RTMxMUVEQURBRkQ5MDlDNEY5QUUwMi9nS1M0X0s3TkFSNkNxazR0Y2hjOHBqNmNU bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dLUzRfSzdOQVI2Q3FrNHRjaGM4cGo2Y1RsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NUQxRS9BOEQ4ODNFQTEwRTMxMUVEQURBRkQ5MDlDNEY5QUUwMi9nS1M0X0s3TkFS NkNxazR0Y2hjOHBqNmNUbEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsYzmCzeeuor5X0jcTlvIDAYeWSbnh/CtKL9FebRxRx4/lrVj5kVvy ecUPHm9Oj9eHPLhTqaPZtwQepaJiKChkQSLh1M/hXwIuJ8IbJ3bctdKHtVmASbQq P5nT4sU6XRIUsuFZiWJ5e1t5A4MfCLtPt5gUQtHSd7XdnjgtyyRDbO7tRqgKMEbP lq0Hjbn+6dVR4tEYqLtc+/Hambff4349zgyXKjpXwGa/1IodyMuaePhaKSNnPf+Z Xh1rtzkh2lRE358/QYzvGv2JnDftuX2TerY4SaoQF36pI1tGRbMaGovVvS10PXF9 bdw9a6eMc6Hc9ERdNsObDVxJ5rEi4tU1 -----END CERTIFICATE-----Generated at Sat Apr 26 04:30:01 2025 by rpki-client