$ rpki-client -vvf rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft File: nOkX3Drgxboud8t3WjrZnGhcQGs.mft (raw, json) Hash identifier: S5L0hTdPsyql8mvokkY6BQNtOmg1gbLEmnYTB/yT9bU= Subject key identifier: 39:E2:7D:51:DA:D4:5E:48:54:A3:6F:54:60:F2:BF:BE:E0:65:03:18 Authority key identifier: 9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B Certificate issuer: /CN=A9161F3E/serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Certificate serial: 10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft Manifest number: 0E Signing time: Fri 25 Apr 2025 07:05:54 +0000 Manifest this update: Fri 25 Apr 2025 07:05:54 +0000 Manifest next update: Fri 02 May 2025 07:05:54 +0000 Files and hashes: 1: nOkX3Drgxboud8t3WjrZnGhcQGs.crl (hash: rxNLl2KeiGeq0Xejn1PmbZzIPcUGtPV1B74LwSfH+z0=) 2: 49DEAEDC12A711F099020A73C4F9AE02.roa (hash: ZDuunhoBLIFxkgffUJp6fhz6W2Ysr7yM0HyGKDGLaSU=) 3: 4A3C802012A711F099020A73C4F9AE02.roa (hash: EvMFCkIZLxU/4T9yDv4rTrnplB41rjMOAziWwMgP5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:05:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16 (0x10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161F3E, serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Validity Not Before: Apr 25 07:05:54 2025 GMT Not After : May 2 07:05:54 2025 GMT Subject: CN=680b3452-368b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:9e:7c:aa:5d:36:a4:4e:1b:8b:cf:f3:fb:13: 4b:4d:dc:b2:da:2d:50:3d:db:3f:48:1e:0b:ad:c1: a5:a9:18:21:fc:75:ee:24:a6:c1:23:0e:dc:0c:51: b7:e4:9e:94:98:cc:c3:42:fc:8c:29:4a:16:97:9e: 8a:88:c5:80:34:a2:78:94:da:1c:aa:92:12:5f:a6: ca:2e:29:b4:25:71:79:6e:30:9f:3f:35:6a:6e:a0: 14:ef:6b:13:07:b9:3d:70:c8:ba:30:65:da:8f:56: 59:5c:6a:1b:6b:6b:0a:48:92:b1:c1:1b:e9:23:fa: 8b:30:fc:7e:42:2a:0d:22:18:5d:d2:3e:8d:7f:20: 5e:64:60:d0:ad:14:02:b2:ec:49:99:fe:d8:2a:31: d4:c5:5e:ff:1b:5e:54:2b:16:eb:95:77:3e:9e:06: 72:44:c9:30:1f:82:48:79:7c:f7:38:b1:36:ed:f8: ee:bb:e6:c8:8f:36:7a:5f:65:5b:e3:de:51:0e:e0: a1:3a:36:e9:e2:ab:83:fc:50:d6:0b:32:e9:6b:eb: 1e:76:4f:ba:e0:2f:38:cf:45:b1:e3:57:38:8e:5b: 7f:5d:22:a5:e1:79:07:97:d7:8a:31:bd:c2:d2:02: 1c:0a:5d:09:a5:b3:55:f6:8e:45:42:d9:14:91:d3: 50:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:E2:7D:51:DA:D4:5E:48:54:A3:6F:54:60:F2:BF:BE:E0:65:03:18 X509v3 Authority Key Identifier: keyid:9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:74:36:66:c9:80:95:30:b9:4f:54:5b:19:30:16:cd:45:21: 89:59:31:76:ae:f5:5d:85:63:e5:55:56:a1:d3:fd:44:39:5c: b8:05:c3:21:f5:43:f1:4b:88:40:74:f7:82:33:2b:b1:84:a5: ea:ad:93:14:3e:f1:52:ca:d0:cf:88:8a:dc:bb:5f:0c:8e:0a: 47:7f:9d:c8:44:5b:37:c4:92:8c:1f:40:90:87:5e:b5:86:4f: 7a:53:13:0e:e1:86:9a:6c:ce:f3:df:c4:a6:82:29:c2:82:84: 0d:bf:6e:49:22:0a:18:37:40:ef:76:b9:73:3b:65:2d:f8:47: 3c:08:e2:de:85:f4:96:63:8c:12:b1:31:a0:b3:10:bd:bf:61: 71:f5:42:17:49:e9:fb:39:78:7c:5d:b5:8a:59:99:d3:6a:8b: aa:89:72:2a:b2:b7:6d:db:37:bf:5b:10:74:db:93:e6:39:73: 1c:e5:17:79:67:80:27:7c:62:e3:bf:a9:63:e3:c4:61:40:dc: 95:fc:9d:21:62:a9:af:0b:7a:e0:c7:5e:4f:7d:1b:35:30:1a: 37:75:fe:7a:ac:1e:a6:ea:60:c9:22:41:59:be:e4:34:ea:78: ea:82:74:dd:bd:80:a7:3b:00:bc:75:f0:16:56:3f:c5:12:71: af:df:fc:03 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MUYzRTExMC8GA1UEBRMoOUNFOTE3REMzQUUwQzVCQTJFNzdDQjc3NUEzQUQ5OUM2 ODVDNDA2QjAeFw0yNTA0MjUwNzA1NTRaFw0yNTA1MDIwNzA1NTRaMBgxFjAUBgNV BAMTDTY4MGIzNDUyLTM2OGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGnnyqXTakThuLz/P7E0tN3LLaLVA92z9IHgutwaWpGCH8de4kpsEjDtwMUbfk npSYzMNC/IwpShaXnoqIxYA0oniU2hyqkhJfpsouKbQlcXluMJ8/NWpuoBTvaxMH uT1wyLowZdqPVllcahtrawpIkrHBG+kj+osw/H5CKg0iGF3SPo1/IF5kYNCtFAKy 7EmZ/tgqMdTFXv8bXlQrFuuVdz6eBnJEyTAfgkh5fPc4sTbt+O675siPNnpfZVvj 3lEO4KE6Nuniq4P8UNYLMulr6x52T7rgLzjPRbHjVziOW39dIqXheQeX14oxvcLS AhwKXQmls1X2jkVC2RSR01DvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOeJ9UdrU XkhUo29UYPK/vuBlAxgwHwYDVR0jBBgwFoAUnOkX3Drgxboud8t3WjrZnGhcQGsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxRjNFLzMzOUVERTY4MTBF NDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJvdWQ4dDNXanJabkdoY1FH cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbk9rWDNEcmd4Ym91ZDh0M1dqclpuR2hjUUdzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx RjNFLzMzOUVERTY4MTBFNDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJv dWQ4dDNXanJabkdoY1FHcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALx0NmbJgJUwuU9UWxkwFs1FIYlZMXau9V2FY+VVVqHT/UQ5XLgFwyH1 Q/FLiEB094IzK7GEpeqtkxQ+8VLK0M+Iity7XwyOCkd/nchEWzfEkowfQJCHXrWG T3pTEw7hhppszvPfxKaCKcKChA2/bkkiChg3QO92uXM7ZS34RzwI4t6F9JZjjBKx MaCzEL2/YXH1QhdJ6fs5eHxdtYpZmdNqi6qJciqyt23bN79bEHTbk+Y5cxzlF3ln gCd8YuO/qWPjxGFA3JX8nSFiqa8LeuDHXk99GzUwGjd1/nqsHqbqYMkiQVm+5DTq eOqCdN29gKc7ALx18BZWP8USca/f/AM= -----END CERTIFICATE-----Generated at Sat Apr 26 17:16:04 2025 by rpki-client