$ rpki-client -vvf rpki.apnic.net/member_repository/A916E5FB/C156DF8E09DE11EA9E4E7D32C4F9AE02/sHoKQBnouCACE78tzPxocPheBGY.mft File: sHoKQBnouCACE78tzPxocPheBGY.mft (raw, json) Hash identifier: jGztzwSuJxIpwnRcOGvsvi6TMXHYfArXsExI3RArTKs= Subject key identifier: BD:99:EA:B5:96:E1:15:98:BE:3A:B1:D4:DB:7A:15:B3:12:B8:07:F9 Authority key identifier: B0:7A:0A:40:19:E8:B8:20:02:13:BF:2D:CC:FC:68:70:F8:5E:04:66 Certificate issuer: /CN=A916E5FB/serialNumber=B07A0A4019E8B8200213BF2DCCFC6870F85E0466 Certificate serial: 0C25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sHoKQBnouCACE78tzPxocPheBGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916E5FB/C156DF8E09DE11EA9E4E7D32C4F9AE02/sHoKQBnouCACE78tzPxocPheBGY.mft Manifest number: 0C1A Signing time: Thu 24 Apr 2025 18:32:08 +0000 Manifest this update: Thu 24 Apr 2025 18:32:08 +0000 Manifest next update: Thu 01 May 2025 18:32:08 +0000 Files and hashes: 1: sHoKQBnouCACE78tzPxocPheBGY.crl (hash: rHTYb2yqcJqxZiGGZizOYVHjXybgPXmQ879ALR1J6YU=) 2: 6ED5481209DF11EAA6052433C4F9AE02.roa (hash: m+JE5pCglgWFiHYLAbZNmBupgcN+FxTJD3mSp1g3gfo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916E5FB/C156DF8E09DE11EA9E4E7D32C4F9AE02/sHoKQBnouCACE78tzPxocPheBGY.crl rsync://rpki.apnic.net/member_repository/A916E5FB/C156DF8E09DE11EA9E4E7D32C4F9AE02/sHoKQBnouCACE78tzPxocPheBGY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sHoKQBnouCACE78tzPxocPheBGY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:32:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3109 (0xc25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916E5FB, serialNumber=B07A0A4019E8B8200213BF2DCCFC6870F85E0466 Validity Not Before: Apr 24 18:32:08 2025 GMT Not After : May 1 18:32:08 2025 GMT Subject: CN=680a83a8-fee2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:77:b0:fe:b8:71:b9:8d:8b:1a:82:80:f6:ff: 10:1a:0b:8d:f1:f1:90:f0:d2:b9:03:e5:b5:1f:c5: 2f:0b:b2:90:47:8c:1c:41:8b:c6:c1:c5:24:74:e6: 48:fd:07:75:a8:73:9b:8e:ce:01:ee:3e:f2:87:74: 76:6d:fe:84:da:f6:4b:6f:20:c0:3b:42:dd:c1:97: 47:6d:99:93:48:bc:82:b2:4d:c9:46:6c:6f:e9:3f: 27:c7:06:c7:96:5d:3b:f5:a1:81:73:e4:11:cc:14: 02:3e:d1:f1:05:d6:72:2c:ff:ee:6e:ad:12:f6:8f: bf:ee:d5:51:6c:ba:c3:da:fc:19:b9:a4:d6:df:f0: c7:fa:e2:05:61:11:30:82:13:8b:05:d3:44:41:76: eb:e0:80:42:a6:93:d5:1a:7c:be:83:ce:d4:3d:84: c2:cd:c8:f2:54:41:f6:73:bc:af:84:8b:d9:ae:94: e7:f2:f9:8c:60:36:5c:f9:e8:39:fc:3b:5f:2b:64: 63:81:be:e4:c2:9b:71:7e:ff:2a:8c:43:00:5b:7f: f2:13:b0:39:53:7d:82:04:12:95:a6:f3:5e:d9:38: 6d:65:87:a8:b8:78:f2:56:15:c2:f7:9d:93:4c:19: 6f:34:74:93:d4:4b:3c:e8:89:0a:b0:c8:9e:c4:a3: 49:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:99:EA:B5:96:E1:15:98:BE:3A:B1:D4:DB:7A:15:B3:12:B8:07:F9 X509v3 Authority Key Identifier: keyid:B0:7A:0A:40:19:E8:B8:20:02:13:BF:2D:CC:FC:68:70:F8:5E:04:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916E5FB/C156DF8E09DE11EA9E4E7D32C4F9AE02/sHoKQBnouCACE78tzPxocPheBGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sHoKQBnouCACE78tzPxocPheBGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916E5FB/C156DF8E09DE11EA9E4E7D32C4F9AE02/sHoKQBnouCACE78tzPxocPheBGY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:18:27:70:3b:e4:20:ff:04:6a:18:d1:24:7b:1c:8a:90:16: af:88:40:e1:b5:0b:11:b3:10:ca:f7:f5:5a:54:1b:e6:b4:5f: 6b:62:fd:c2:67:8c:9f:e4:92:d8:27:64:3c:db:c6:72:6d:5a: 0a:af:4d:57:9e:90:ac:3d:4c:c0:a6:53:74:45:f5:5c:7b:27: f3:90:72:4c:96:e8:68:a0:57:3b:b8:ec:be:91:a1:4f:25:01: 8f:ed:f1:d2:37:a7:71:ca:ca:25:e2:3c:90:d7:ab:a3:83:82: 7e:8b:be:3b:d9:5e:0b:4f:23:a4:cb:31:3b:44:e6:0c:b9:a0: cd:06:73:e2:e8:19:6a:38:76:75:db:a1:f2:36:d3:2b:5f:98: fb:58:e5:f8:88:c9:a1:6a:34:a7:c2:fc:cf:a4:2f:0b:39:2a: ae:8a:fa:17:70:49:dc:77:2b:33:c3:c6:c5:01:cd:fc:97:b6: 94:32:ab:1c:38:0d:73:a8:1f:19:d6:ad:54:9c:c4:6d:d1:69: 7b:b7:d1:d6:d0:1e:e1:97:90:be:05:88:20:7d:c0:56:1c:21: d3:44:cf:03:f9:9d:ba:62:1d:41:e9:65:df:d7:ed:e5:ce:84: 2f:50:13:ec:73:9c:e2:10:30:3f:20:bd:ed:8f:82:67:a9:b5: 84:b1:9e:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkU1RkIxMTAvBgNVBAUTKEIwN0EwQTQwMTlFOEI4MjAwMjEzQkYyRENDRkM2ODcw Rjg1RTA0NjYwHhcNMjUwNDI0MTgzMjA4WhcNMjUwNTAxMTgzMjA4WjAYMRYwFAYD VQQDEw02ODBhODNhOC1mZWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs3ew/rhxuY2LGoKA9v8QGguN8fGQ8NK5A+W1H8UvC7KQR4wcQYvGwcUkdOZI /Qd1qHObjs4B7j7yh3R2bf6E2vZLbyDAO0LdwZdHbZmTSLyCsk3JRmxv6T8nxwbH ll079aGBc+QRzBQCPtHxBdZyLP/ubq0S9o+/7tVRbLrD2vwZuaTW3/DH+uIFYREw ghOLBdNEQXbr4IBCppPVGny+g87UPYTCzcjyVEH2c7yvhIvZrpTn8vmMYDZc+eg5 /DtfK2Rjgb7kwptxfv8qjEMAW3/yE7A5U32CBBKVpvNe2ThtZYeouHjyVhXC952T TBlvNHST1Es86IkKsMiexKNJ+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2Z6rWW 4RWYvjqx1Nt6FbMSuAf5MB8GA1UdIwQYMBaAFLB6CkAZ6LggAhO/Lcz8aHD4XgRm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RTVGQi9DMTU2REY4RTA5 REUxMUVBOUU0RTdEMzJDNEY5QUUwMi9zSG9LUUJub3VDQUNFNzh0elB4b2NQaGVC R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NIb0tRQm5vdUNBQ0U3OHR6UHhvY1BoZUJHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RTVGQi9DMTU2REY4RTA5REUxMUVBOUU0RTdEMzJDNEY5QUUwMi9zSG9LUUJub3VD QUNFNzh0elB4b2NQaGVCR1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfGCdwO+Qg/wRqGNEkexyKkBaviEDhtQsRsxDK9/VaVBvmtF9rYv3C Z4yf5JLYJ2Q828ZybVoKr01XnpCsPUzAplN0RfVceyfzkHJMluhooFc7uOy+kaFP JQGP7fHSN6dxysol4jyQ16ujg4J+i7472V4LTyOkyzE7ROYMuaDNBnPi6BlqOHZ1 26HyNtMrX5j7WOX4iMmhajSnwvzPpC8LOSquivoXcEncdyszw8bFAc38l7aUMqsc OA1zqB8Z1q1UnMRt0Wl7t9HW0B7hl5C+BYggfcBWHCHTRM8D+Z26Yh1B6WXf1+3l zoQvUBPsc5ziEDA/IL3tj4JnqbWEsZ43 -----END CERTIFICATE-----Generated at Sat Apr 26 15:03:03 2025 by rpki-client