$ rpki-client -vvf rpki.apnic.net/member_repository/A9165FF3/CEABB4E61D9D11E28EAF4D8D08B02CD2/emYQUZRc4uj7SubeY7KEeLDO014.mft File: emYQUZRc4uj7SubeY7KEeLDO014.mft (raw, json) Hash identifier: 97OWYcihzLa28zgTkmtH4YjwEfB3DV7yw3UNp9peNXM= Subject key identifier: 81:27:4D:82:C6:35:0B:EF:72:3A:0C:A8:41:16:9B:B6:E7:5D:82:1C Authority key identifier: 7A:66:10:51:94:5C:E2:E8:FB:4A:E6:DE:63:B2:84:78:B0:CE:D3:5E Certificate issuer: /CN=A9165FF3/serialNumber=7A661051945CE2E8FB4AE6DE63B28478B0CED35E Certificate serial: 3479 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/emYQUZRc4uj7SubeY7KEeLDO014.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165FF3/CEABB4E61D9D11E28EAF4D8D08B02CD2/emYQUZRc4uj7SubeY7KEeLDO014.mft Manifest number: 3475 Signing time: Thu 24 Apr 2025 15:00:28 +0000 Manifest this update: Thu 24 Apr 2025 15:00:28 +0000 Manifest next update: Thu 01 May 2025 15:00:28 +0000 Files and hashes: 1: emYQUZRc4uj7SubeY7KEeLDO014.crl (hash: EaZHComFdB898o1RAtjYmWHjhI1Yi6Fvdqez0TsPi/g=) 2: 5FBB084EAE6A11ECAA9D756AC4F9AE02.roa (hash: K595oFRb/eWrNFeoUywkMOiaWQkDdWUG4us/t6+Lff0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165FF3/CEABB4E61D9D11E28EAF4D8D08B02CD2/emYQUZRc4uj7SubeY7KEeLDO014.crl rsync://rpki.apnic.net/member_repository/A9165FF3/CEABB4E61D9D11E28EAF4D8D08B02CD2/emYQUZRc4uj7SubeY7KEeLDO014.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/emYQUZRc4uj7SubeY7KEeLDO014.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13433 (0x3479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165FF3, serialNumber=7A661051945CE2E8FB4AE6DE63B28478B0CED35E Validity Not Before: Apr 24 15:00:28 2025 GMT Not After : May 1 15:00:28 2025 GMT Subject: CN=680a520c-65f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:36:63:77:3f:86:28:2f:d9:b4:f2:5d:7f:72: d8:eb:83:ba:7a:b8:33:27:c5:f7:23:f0:95:32:9d: cc:c5:34:d2:ad:3d:e6:29:e0:a1:c9:9e:99:c3:05: 3e:8f:49:66:bf:7a:48:3e:06:e1:d2:36:73:aa:3f: 53:a7:7f:89:2f:dd:ea:ef:04:17:78:e2:d7:aa:09: 85:ce:c9:19:1c:56:e4:52:ed:a2:b9:68:8f:31:fd: 52:92:3b:0e:2e:6b:77:4f:6d:87:cc:90:d7:73:40: 96:2e:58:6c:34:fd:0d:d4:25:0f:6f:c0:72:87:26: 3f:65:a3:06:c5:e1:b9:c5:a8:76:12:98:14:9f:d9: d1:08:1a:b6:ce:79:df:e5:de:c2:b5:40:a9:66:41: cf:4f:98:eb:a4:d9:af:0c:59:d4:d8:9b:a7:3f:d1: 2f:a7:5b:a4:b4:a8:2f:26:0b:6a:7a:82:50:fc:ca: 08:ab:c7:e2:ef:23:b8:d3:da:be:db:a3:88:e6:30: ff:f8:52:22:dc:2c:2a:79:37:cf:4a:15:1f:aa:40: f2:f6:6a:4d:a4:29:3e:1d:6f:45:05:c1:ce:dd:42: 63:a8:79:6d:34:31:77:dd:67:b1:d6:5e:75:7a:e5: a4:40:e7:18:ad:5c:36:a6:20:e9:ac:e4:a8:8d:c5: 45:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:27:4D:82:C6:35:0B:EF:72:3A:0C:A8:41:16:9B:B6:E7:5D:82:1C X509v3 Authority Key Identifier: keyid:7A:66:10:51:94:5C:E2:E8:FB:4A:E6:DE:63:B2:84:78:B0:CE:D3:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165FF3/CEABB4E61D9D11E28EAF4D8D08B02CD2/emYQUZRc4uj7SubeY7KEeLDO014.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/emYQUZRc4uj7SubeY7KEeLDO014.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165FF3/CEABB4E61D9D11E28EAF4D8D08B02CD2/emYQUZRc4uj7SubeY7KEeLDO014.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:49:5d:c4:1f:c5:6f:2f:c0:02:e7:52:91:85:5f:9c:6f:4c: 38:98:a5:1e:bb:6b:35:69:5e:93:47:0f:2c:fc:3d:8f:ba:7b: 98:72:bf:0d:7b:b1:09:5c:6f:1c:c1:e2:75:fa:26:f7:58:56: 4e:56:53:ff:c2:d3:e7:52:50:c5:09:54:5c:d8:6d:89:a8:31: 0c:a9:55:df:cb:ad:68:8a:6c:8f:15:14:26:89:f4:fc:46:da: 79:97:de:1d:f5:3a:29:83:c0:9b:95:1d:01:b3:1e:5c:50:1c: c3:6b:5e:a8:cf:4f:be:a3:06:83:f2:7f:fc:1b:f7:73:3b:c3: fa:71:87:81:ab:24:dd:3e:1d:6c:fe:d0:5e:42:33:8b:f4:90: 1b:3c:f0:8f:78:12:50:3f:4d:2a:1f:50:b5:9a:ac:f2:9c:64: 4b:58:48:7f:b6:2b:96:9a:cf:2a:00:5d:46:ff:2a:c4:3a:67: 44:f7:9b:4c:68:24:b5:42:5e:39:a1:7c:c3:02:6b:c0:a7:02: 76:f7:a0:f0:9d:89:f4:d6:31:78:a4:ed:42:07:b0:c7:ea:1a: d0:dd:9c:40:8b:8f:df:f8:f7:d3:f2:21:ab:ea:c3:44:cb:9d: d8:ad:8d:78:f4:8d:1e:28:93:15:2f:b9:6c:41:42:af:b9:e1: fa:e9:80:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjVGRjMxMTAvBgNVBAUTKDdBNjYxMDUxOTQ1Q0UyRThGQjRBRTZERTYzQjI4NDc4 QjBDRUQzNUUwHhcNMjUwNDI0MTUwMDI4WhcNMjUwNTAxMTUwMDI4WjAYMRYwFAYD VQQDEw02ODBhNTIwYy02NWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuzZjdz+GKC/ZtPJdf3LY64O6ergzJ8X3I/CVMp3MxTTSrT3mKeChyZ6ZwwU+ j0lmv3pIPgbh0jZzqj9Tp3+JL93q7wQXeOLXqgmFzskZHFbkUu2iuWiPMf1SkjsO Lmt3T22HzJDXc0CWLlhsNP0N1CUPb8ByhyY/ZaMGxeG5xah2EpgUn9nRCBq2znnf 5d7CtUCpZkHPT5jrpNmvDFnU2JunP9Evp1uktKgvJgtqeoJQ/MoIq8fi7yO409q+ 26OI5jD/+FIi3CwqeTfPShUfqkDy9mpNpCk+HW9FBcHO3UJjqHltNDF33Wex1l51 euWkQOcYrVw2piDprOSojcVFSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIEnTYLG NQvvcjoMqEEWm7bnXYIcMB8GA1UdIwQYMBaAFHpmEFGUXOLo+0rm3mOyhHiwztNe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUZGMy9DRUFCQjRFNjFE OUQxMUUyOEVBRjREOEQwOEIwMkNEMi9lbVlRVVpSYzR1ajdTdWJlWTdLRWVMRE8w MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VtWVFVWlJjNHVqN1N1YmVZN0tFZUxETzAxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NUZGMy9DRUFCQjRFNjFEOUQxMUUyOEVBRjREOEQwOEIwMkNEMi9lbVlRVVpSYzR1 ajdTdWJlWTdLRWVMRE8wMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBSV3EH8VvL8AC51KRhV+cb0w4mKUeu2s1aV6TRw8s/D2PunuYcr8N e7EJXG8cweJ1+ib3WFZOVlP/wtPnUlDFCVRc2G2JqDEMqVXfy61oimyPFRQmifT8 Rtp5l94d9Topg8CblR0Bsx5cUBzDa16oz0++owaD8n/8G/dzO8P6cYeBqyTdPh1s /tBeQjOL9JAbPPCPeBJQP00qH1C1mqzynGRLWEh/tiuWms8qAF1G/yrEOmdE95tM aCS1Ql45oXzDAmvApwJ296DwnYn01jF4pO1CB7DH6hrQ3ZxAi4/f+PfT8iGr6sNE y53YrY149I0eKJMVL7lsQUKvueH66YCw -----END CERTIFICATE-----Generated at Sat Apr 26 12:24:21 2025 by rpki-client