$ rpki-client -vvf rpki.apnic.net/member_repository/A916C7B6/43F6A57831EE11EAAB01E767C4F9AE02/ST0-r-BAVyhB6fqyVtDGBEy4WMg.mft File: ST0-r-BAVyhB6fqyVtDGBEy4WMg.mft (raw, json) Hash identifier: l5Fz8agyDm5TFSnXqIQ0+nOxPPGhN4Zco7EzxioaMkA= Subject key identifier: FF:A2:38:63:10:18:B0:F9:F9:D7:78:8B:C6:6D:EB:82:BD:04:DD:F8 Authority key identifier: 49:3D:3E:AF:E0:40:57:28:41:E9:FA:B2:56:D0:C6:04:4C:B8:58:C8 Certificate issuer: /CN=A916C7B6/serialNumber=493D3EAFE040572841E9FAB256D0C6044CB858C8 Certificate serial: 0B52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ST0-r-BAVyhB6fqyVtDGBEy4WMg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C7B6/43F6A57831EE11EAAB01E767C4F9AE02/ST0-r-BAVyhB6fqyVtDGBEy4WMg.mft Manifest number: 0B4B Signing time: Thu 24 Apr 2025 19:02:04 +0000 Manifest this update: Thu 24 Apr 2025 19:02:03 +0000 Manifest next update: Thu 01 May 2025 19:02:03 +0000 Files and hashes: 1: ST0-r-BAVyhB6fqyVtDGBEy4WMg.crl (hash: sy/aAfpyMezXA5t+ucs6g5XfG7bY8RMliqb899qKVTQ=) 2: 1A8553B831F011EAA18AC76AC4F9AE02.roa (hash: 2QDvhbtMSuUMKkHjiP/BzPb8Yd8fGPxfNmWlpQE2e54=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C7B6/43F6A57831EE11EAAB01E767C4F9AE02/ST0-r-BAVyhB6fqyVtDGBEy4WMg.crl rsync://rpki.apnic.net/member_repository/A916C7B6/43F6A57831EE11EAAB01E767C4F9AE02/ST0-r-BAVyhB6fqyVtDGBEy4WMg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ST0-r-BAVyhB6fqyVtDGBEy4WMg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2898 (0xb52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C7B6, serialNumber=493D3EAFE040572841E9FAB256D0C6044CB858C8 Validity Not Before: Apr 24 19:02:03 2025 GMT Not After : May 1 19:02:03 2025 GMT Subject: CN=680a8aab-376a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:cc:f7:b6:99:83:da:b0:ff:f1:9a:e0:d7:a4: f8:18:ed:9b:e7:5e:91:90:6c:23:f1:af:27:ce:4f: 31:70:4d:55:5b:28:d7:40:18:a8:d4:6e:cf:90:b7: 6d:ee:01:1c:0d:2f:6b:93:e4:09:34:42:f0:76:20: 38:2b:c0:e4:f1:67:07:82:53:41:d6:0f:6b:d7:ba: cc:2e:9b:87:22:ae:30:60:16:29:ff:b3:d2:de:3b: f0:e0:53:e7:70:fa:06:61:1d:87:c6:ff:55:c4:3f: e5:bf:65:80:03:e0:7c:c9:f8:45:dd:95:ff:07:64: 87:44:17:1f:9b:d5:a7:85:1a:fa:01:fb:ae:57:74: e9:63:fe:de:55:75:fd:e7:67:9a:2f:f2:da:aa:bc: 2e:4f:55:1f:ab:09:e1:a8:69:19:bd:c3:59:6b:a3: a1:62:4e:c0:31:60:46:93:b6:5f:9a:b5:23:de:42: c5:49:e1:f4:df:da:15:67:cb:32:0f:1e:3a:5d:2b: 2f:71:d1:6f:a3:db:26:ab:e5:16:8a:4b:ce:51:0f: ab:83:7a:4f:4a:01:27:78:05:cc:8d:0d:10:c0:52: a2:04:93:e0:94:4e:c3:24:7f:74:20:43:28:5d:67: de:19:9b:3c:3e:51:54:cd:3a:8f:c2:6f:40:f7:a7: 5c:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:A2:38:63:10:18:B0:F9:F9:D7:78:8B:C6:6D:EB:82:BD:04:DD:F8 X509v3 Authority Key Identifier: keyid:49:3D:3E:AF:E0:40:57:28:41:E9:FA:B2:56:D0:C6:04:4C:B8:58:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C7B6/43F6A57831EE11EAAB01E767C4F9AE02/ST0-r-BAVyhB6fqyVtDGBEy4WMg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ST0-r-BAVyhB6fqyVtDGBEy4WMg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C7B6/43F6A57831EE11EAAB01E767C4F9AE02/ST0-r-BAVyhB6fqyVtDGBEy4WMg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:24:34:c0:e9:81:1b:ce:5d:7d:d9:c0:99:1e:02:17:4b:73: 21:94:6c:2a:cc:40:88:cc:33:cf:0e:d6:f3:68:32:7c:b0:1d: e0:d1:1b:5c:45:06:7f:97:31:b3:d4:91:1f:27:cb:9b:57:ae: 55:9d:f3:62:07:e2:5e:9c:ae:82:dd:e0:9c:5d:e5:53:65:37: 9f:44:2d:7a:ad:aa:8d:a0:62:f9:d4:de:2a:90:f0:73:a7:21: bf:39:e1:16:f9:ee:82:55:2c:9d:29:f7:17:af:61:07:98:62: b3:a5:be:fc:14:9b:fc:54:0f:97:19:95:fa:9b:1f:aa:b5:fa: ae:69:65:5e:35:62:75:90:76:4a:e9:92:de:c0:2e:bb:45:bc: ab:dd:76:31:be:2d:d3:02:6b:62:5f:33:26:ef:87:d8:ba:30: 82:66:77:12:8e:ed:a7:af:86:b3:0a:b1:4c:1b:ea:0b:33:7b: 3d:5c:79:80:43:43:9e:e5:92:9d:11:65:a0:7d:9d:57:5b:b5: d2:c1:ac:01:34:00:1e:14:cd:79:fc:8f:63:72:52:99:25:07: d3:bd:22:e6:96:30:5e:d5:35:2d:7a:49:5e:41:55:17:d2:1a: 91:ac:10:7d:33:56:ea:24:4a:90:f7:c1:38:24:a6:84:62:c3: 57:e2:e4:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkM3QjYxMTAvBgNVBAUTKDQ5M0QzRUFGRTA0MDU3Mjg0MUU5RkFCMjU2RDBDNjA0 NENCODU4QzgwHhcNMjUwNDI0MTkwMjAzWhcNMjUwNTAxMTkwMjAzWjAYMRYwFAYD VQQDEw02ODBhOGFhYi0zNzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvMz3tpmD2rD/8Zrg16T4GO2b516RkGwj8a8nzk8xcE1VWyjXQBio1G7PkLdt 7gEcDS9rk+QJNELwdiA4K8Dk8WcHglNB1g9r17rMLpuHIq4wYBYp/7PS3jvw4FPn cPoGYR2Hxv9VxD/lv2WAA+B8yfhF3ZX/B2SHRBcfm9WnhRr6AfuuV3TpY/7eVXX9 52eaL/LaqrwuT1UfqwnhqGkZvcNZa6OhYk7AMWBGk7ZfmrUj3kLFSeH039oVZ8sy Dx46XSsvcdFvo9smq+UWikvOUQ+rg3pPSgEneAXMjQ0QwFKiBJPglE7DJH90IEMo XWfeGZs8PlFUzTqPwm9A96dc4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP+iOGMQ GLD5+dd4i8Zt64K9BN34MB8GA1UdIwQYMBaAFEk9Pq/gQFcoQen6slbQxgRMuFjI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzdCNi80M0Y2QTU3ODMx RUUxMUVBQUIwMUU3NjdDNEY5QUUwMi9TVDAtci1CQVZ5aEI2ZnF5VnRER0JFeTRX TWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NUMC1yLUJBVnloQjZmcXlWdERHQkV5NFdNZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QzdCNi80M0Y2QTU3ODMxRUUxMUVBQUIwMUU3NjdDNEY5QUUwMi9TVDAtci1CQVZ5 aEI2ZnF5VnRER0JFeTRXTWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvJDTA6YEbzl192cCZHgIXS3MhlGwqzECIzDPPDtbzaDJ8sB3g0Rtc RQZ/lzGz1JEfJ8ubV65VnfNiB+JenK6C3eCcXeVTZTefRC16raqNoGL51N4qkPBz pyG/OeEW+e6CVSydKfcXr2EHmGKzpb78FJv8VA+XGZX6mx+qtfquaWVeNWJ1kHZK 6ZLewC67Rbyr3XYxvi3TAmtiXzMm74fYujCCZncSju2nr4azCrFMG+oLM3s9XHmA Q0Oe5ZKdEWWgfZ1XW7XSwawBNAAeFM15/I9jclKZJQfTvSLmljBe1TUtekleQVUX 0hqRrBB9M1bqJEqQ98E4JKaEYsNX4uTR -----END CERTIFICATE-----Generated at Sat Apr 26 04:22:50 2025 by rpki-client