$ rpki-client -vvf rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft File: ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft (raw, json) Hash identifier: 3cPClaI7vDSDvgCr5v2gkUH/YZmBq1VpJFg4jbxE0co= Subject key identifier: E4:BC:E2:DB:1B:12:BC:2E:79:93:C7:00:1A:80:6D:72:88:54:35:68 Authority key identifier: 72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 Certificate issuer: /CN=A9161477/serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Certificate serial: 24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft Manifest number: 22 Signing time: Fri 25 Apr 2025 06:49:54 +0000 Manifest this update: Fri 25 Apr 2025 06:49:54 +0000 Manifest next update: Fri 02 May 2025 06:49:54 +0000 Files and hashes: 1: ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl (hash: UAvOstQUlYBZiyHXRcxYPC0usf0t/GFvCMGWSK6Okec=) 2: CAB73E3AF3FC11EF83B4DD30C4F9AE02.roa (hash: BR0iac6RCibng8iXx5EGv9yUT7uect2xiyJYOcbA9Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:49:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161477, serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Validity Not Before: Apr 25 06:49:54 2025 GMT Not After : May 2 06:49:54 2025 GMT Subject: CN=680b3092-5cab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7d:77:f3:d5:b0:8f:73:ab:32:67:80:55:00: eb:04:37:b5:af:69:fd:a2:fc:1c:5b:a6:c6:df:51: f8:88:21:40:c1:62:43:e0:42:99:7a:9d:02:c0:21: a0:bc:6e:7a:7b:46:a6:55:e3:53:99:2e:5d:fb:c9: f3:16:ae:7b:0d:31:ff:3b:b0:93:99:9f:e7:39:db: 37:51:78:3a:83:fe:37:3f:42:ec:7c:88:0f:16:1a: 20:c4:f1:20:61:9c:f0:57:43:46:27:72:96:03:d2: 16:7c:f2:90:31:23:1d:87:31:a7:82:be:bd:7c:38: 09:be:0c:7e:2e:97:52:6b:ad:fb:14:f6:fc:19:72: bc:f1:48:54:ca:1b:cc:0f:9f:ba:be:96:b7:3a:1a: 73:fe:7b:2f:09:df:32:d7:08:4c:82:a8:d3:f2:d5: 32:25:d3:57:fb:56:6c:a9:2b:94:8a:fc:13:d8:30: 7c:4a:49:a2:f6:bd:63:7f:b6:73:5a:f9:24:55:a7: 62:c7:72:84:08:ec:cb:55:1e:fd:5c:10:6b:93:db: 6e:98:18:01:47:aa:6f:1a:65:6a:72:78:cb:df:d2: 7f:a4:10:8f:c2:95:55:f1:b0:aa:c1:24:6a:19:78: 59:3b:18:28:51:9f:e7:37:8b:fe:54:d9:93:5d:61: ad:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:BC:E2:DB:1B:12:BC:2E:79:93:C7:00:1A:80:6D:72:88:54:35:68 X509v3 Authority Key Identifier: keyid:72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:0c:10:b2:99:80:98:5d:62:23:43:be:64:46:6d:95:a2:60: 1b:bc:88:a1:0d:a5:40:12:fd:88:f0:85:99:de:ab:d9:84:6a: 41:dd:fe:ea:49:9a:5d:92:a4:b6:e7:96:19:df:cd:1d:bd:6d: 5d:5d:51:19:9d:6e:fb:60:9a:18:54:6b:71:4f:a0:ac:05:47: bf:ed:2b:17:68:57:dc:de:03:2a:1f:83:d0:b2:f6:72:72:4d: 76:e8:b1:b8:09:34:21:8c:49:ea:b6:3a:73:8e:5e:9f:4b:ae: 0e:81:9f:76:3f:41:11:8c:2d:db:ba:75:cb:29:06:1f:98:30: 13:db:b9:16:ba:9a:94:0f:86:18:39:a1:be:c4:f2:d4:ed:4e: 36:1f:d4:13:9d:14:48:7a:ff:f9:7c:39:d3:48:5a:08:77:1a: 5a:9c:99:c9:c7:b2:95:1a:e5:ec:1a:86:17:22:33:84:4b:6f: 7c:fb:20:48:f3:09:52:0a:f4:22:cd:94:c3:63:b3:1c:3b:5b: 15:dc:8e:cb:ee:a9:2f:01:de:26:7e:82:43:72:ef:4f:38:63: 9a:47:b6:ad:4d:7f:e9:c5:dd:1b:ce:3b:06:7b:92:d0:fe:a5: d4:33:af:c3:95:1c:32:3d:79:98:3e:2f:bf:80:42:e5:5c:87: 0f:f4:22:c3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MTQ3NzExMC8GA1UEBRMoNzI0MUU4RjAzOEI5RjI1MkZCNjFDQTQxQjZBNEZDMTY3 Qjc3NTUyNjAeFw0yNTA0MjUwNjQ5NTRaFw0yNTA1MDIwNjQ5NTRaMBgxFjAUBgNV BAMTDTY4MGIzMDkyLTVjYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYfXfz1bCPc6syZ4BVAOsEN7Wvaf2i/BxbpsbfUfiIIUDBYkPgQpl6nQLAIaC8 bnp7RqZV41OZLl37yfMWrnsNMf87sJOZn+c52zdReDqD/jc/Qux8iA8WGiDE8SBh nPBXQ0YncpYD0hZ88pAxIx2HMaeCvr18OAm+DH4ul1JrrfsU9vwZcrzxSFTKG8wP n7q+lrc6GnP+ey8J3zLXCEyCqNPy1TIl01f7VmypK5SK/BPYMHxKSaL2vWN/tnNa +SRVp2LHcoQI7MtVHv1cEGuT226YGAFHqm8aZWpyeMvf0n+kEI/ClVXxsKrBJGoZ eFk7GChRn+c3i/5U2ZNdYa0dAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU5Lzi2xsS vC55k8cAGoBtcohUNWgwHwYDVR0jBBgwFoAUckHo8Di58lL7YcpBtqT8Fnt3VSYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxNDc3LzZCNzAzNUY4RjNG QzExRUY5OUQ1MzczMEM0RjlBRTAyL2NrSG84RGk1OGxMN1ljcEJ0cVQ4Rm50M1ZT WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY2tIbzhEaTU4bEw3WWNwQnRxVDhGbnQzVlNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx NDc3LzZCNzAzNUY4RjNGQzExRUY5OUQ1MzczMEM0RjlBRTAyL2NrSG84RGk1OGxM N1ljcEJ0cVQ4Rm50M1ZTWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEAMELKZgJhdYiNDvmRGbZWiYBu8iKENpUAS/YjwhZneq9mEakHd/upJ ml2SpLbnlhnfzR29bV1dURmdbvtgmhhUa3FPoKwFR7/tKxdoV9zeAyofg9Cy9nJy TXbosbgJNCGMSeq2OnOOXp9Lrg6Bn3Y/QRGMLdu6dcspBh+YMBPbuRa6mpQPhhg5 ob7E8tTtTjYf1BOdFEh6//l8OdNIWgh3GlqcmcnHspUa5ewahhciM4RLb3z7IEjz CVIK9CLNlMNjsxw7WxXcjsvuqS8B3iZ+gkNy7084Y5pHtq1Nf+nF3RvOOwZ7ktD+ pdQzr8OVHDI9eZg+L7+AQuVchw/0IsM= -----END CERTIFICATE-----Generated at Sat Apr 26 03:55:39 2025 by rpki-client