$ rpki-client -vvf rpki.apnic.net/member_repository/A9170AE9/09120380108611EC81E7703FC4F9AE02/G395gdniwsMPbyw0hxophthfiQ4.mft File: G395gdniwsMPbyw0hxophthfiQ4.mft (raw, json) Hash identifier: /tXXsBEPdtINSw0chpBpizfjv7ZKTFI40/k6hWj2Sdk= Subject key identifier: 12:A5:A1:5B:F1:48:E8:07:E7:E9:C0:BA:BE:B5:C3:5C:C5:A1:42:1D Authority key identifier: 1B:7F:79:81:D9:E2:C2:C3:0F:6F:2C:34:87:1A:29:86:D8:5F:89:0E Certificate issuer: /CN=A9170AE9/serialNumber=1B7F7981D9E2C2C30F6F2C34871A2986D85F890E Certificate serial: 04EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G395gdniwsMPbyw0hxophthfiQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170AE9/09120380108611EC81E7703FC4F9AE02/G395gdniwsMPbyw0hxophthfiQ4.mft Manifest number: 04E7 Signing time: Thu 24 Apr 2025 23:30:56 +0000 Manifest this update: Thu 24 Apr 2025 23:30:55 +0000 Manifest next update: Thu 01 May 2025 23:30:55 +0000 Files and hashes: 1: G395gdniwsMPbyw0hxophthfiQ4.crl (hash: EI4drVof+itSrYR9hE9iu+lU0dFqaiG5UETSjo27Qgs=) 2: 5D7779A6108A11EC9E1F3D49C4F9AE02.roa (hash: PZxJfjzjdyZlmOEk3GHkckfVyABUkJWbSsSKrjPn2qY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170AE9/09120380108611EC81E7703FC4F9AE02/G395gdniwsMPbyw0hxophthfiQ4.crl rsync://rpki.apnic.net/member_repository/A9170AE9/09120380108611EC81E7703FC4F9AE02/G395gdniwsMPbyw0hxophthfiQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G395gdniwsMPbyw0hxophthfiQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:30:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1259 (0x4eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170AE9, serialNumber=1B7F7981D9E2C2C30F6F2C34871A2986D85F890E Validity Not Before: Apr 24 23:30:55 2025 GMT Not After : May 1 23:30:55 2025 GMT Subject: CN=680ac9b0-56c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:84:17:3a:fa:06:9a:0e:0e:21:ad:74:04:69: 84:20:f3:f5:15:f9:6b:c7:60:37:71:eb:b4:e1:b9: 7d:5c:9d:48:75:e8:a4:b4:f8:64:31:3c:e6:ff:f0: 0b:66:28:52:d3:e4:b4:05:78:4d:9a:85:8b:7e:fc: 9d:d1:df:36:0a:b3:9d:9f:cd:ce:92:ff:0f:64:c9: 85:91:83:0a:33:7a:db:34:7b:c5:7a:ae:cb:80:da: f8:96:c3:bf:e1:21:ee:59:5f:48:3c:15:6c:4c:53: f6:8d:ce:00:a0:7d:a6:71:c4:51:99:7c:f6:92:18: fc:ba:3b:55:eb:dc:43:80:af:65:f4:53:8f:f6:c7: 53:57:4c:25:4b:b0:b7:b4:a8:59:b1:12:c3:a5:a0: 62:92:fe:2a:bf:ad:ba:f5:d9:44:5d:73:8c:f9:48: 88:d3:f6:70:c1:08:34:f4:2f:9f:5f:bc:29:3f:fa: ed:a2:c5:af:61:ee:e5:0a:e3:2d:3e:a3:d8:f8:b2: 50:d2:01:d4:79:af:a0:10:9e:f9:a3:f0:3d:fb:b8: 58:fb:bf:54:9b:b8:96:19:b5:63:22:43:f2:fd:95: 53:de:0d:c4:85:d7:db:49:1d:ea:ec:c0:c2:10:09: 64:18:be:da:2b:2b:06:0f:52:f0:a9:20:48:50:dc: 6e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:A5:A1:5B:F1:48:E8:07:E7:E9:C0:BA:BE:B5:C3:5C:C5:A1:42:1D X509v3 Authority Key Identifier: keyid:1B:7F:79:81:D9:E2:C2:C3:0F:6F:2C:34:87:1A:29:86:D8:5F:89:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170AE9/09120380108611EC81E7703FC4F9AE02/G395gdniwsMPbyw0hxophthfiQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G395gdniwsMPbyw0hxophthfiQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170AE9/09120380108611EC81E7703FC4F9AE02/G395gdniwsMPbyw0hxophthfiQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:08:11:c0:04:8a:1d:62:c0:40:5c:50:27:2f:2d:41:f6:45: 14:2b:fc:ed:d8:27:1a:89:82:71:5b:5d:d7:c9:34:e1:9b:73: b5:64:d8:5a:cf:d8:78:7c:c9:24:06:28:3d:e8:33:6e:d1:e1: e0:d1:4d:30:ae:f0:2c:74:33:fc:6f:73:80:18:ad:67:2d:e1: e2:67:fb:8d:0e:31:85:5c:e4:d6:6e:7b:8c:ea:d1:f9:76:ef: 69:7d:5e:7d:2c:3b:4d:ae:6e:85:d5:c9:38:48:db:2c:e7:9a: 5d:70:b2:65:32:7d:93:ec:6b:8d:8c:68:54:33:6e:90:0c:f2: 5f:69:2b:5f:b3:b6:c9:11:58:75:e2:f1:17:9e:ad:18:5f:58: 2d:3c:e9:f2:77:ce:65:db:8d:be:3d:eb:62:00:b7:ab:36:48: 46:1b:bd:35:90:ba:8b:ed:e7:0c:05:54:71:2a:3e:ab:a8:0f: 38:50:35:e2:66:45:03:ff:10:fe:af:ff:1d:f8:03:d8:96:4b: 06:88:81:88:96:2a:90:5e:b8:e3:2e:b0:b2:a1:5e:67:6d:18: e0:5c:52:54:fc:52:73:7d:d7:e3:1f:7e:a5:bc:50:aa:f3:5a: bb:54:26:ea:4c:87:7d:5b:f8:b4:cc:6e:df:da:ce:04:41:d2: cb:77:d9:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBBRTkxMTAvBgNVBAUTKDFCN0Y3OTgxRDlFMkMyQzMwRjZGMkMzNDg3MUEyOTg2 RDg1Rjg5MEUwHhcNMjUwNDI0MjMzMDU1WhcNMjUwNTAxMjMzMDU1WjAYMRYwFAYD VQQDEw02ODBhYzliMC01NmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuYQXOvoGmg4OIa10BGmEIPP1Fflrx2A3ceu04bl9XJ1IdeiktPhkMTzm//AL ZihS0+S0BXhNmoWLfvyd0d82CrOdn83Okv8PZMmFkYMKM3rbNHvFeq7LgNr4lsO/ 4SHuWV9IPBVsTFP2jc4AoH2mccRRmXz2khj8ujtV69xDgK9l9FOP9sdTV0wlS7C3 tKhZsRLDpaBikv4qv6269dlEXXOM+UiI0/ZwwQg09C+fX7wpP/rtosWvYe7lCuMt PqPY+LJQ0gHUea+gEJ75o/A9+7hY+79Um7iWGbVjIkPy/ZVT3g3EhdfbSR3q7MDC EAlkGL7aKysGD1LwqSBIUNxuFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBKloVvx SOgH5+nAur61w1zFoUIdMB8GA1UdIwQYMBaAFBt/eYHZ4sLDD28sNIcaKYbYX4kO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEFFOS8wOTEyMDM4MDEw ODYxMUVDODFFNzcwM0ZDNEY5QUUwMi9HMzk1Z2RuaXdzTVBieXcwaHhvcGh0aGZp UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0czOTVnZG5pd3NNUGJ5dzBoeG9waHRoZmlRNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEFFOS8wOTEyMDM4MDEwODYxMUVDODFFNzcwM0ZDNEY5QUUwMi9HMzk1Z2RuaXdz TVBieXcwaHhvcGh0aGZpUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgCBHABIodYsBAXFAnLy1B9kUUK/zt2CcaiYJxW13XyTThm3O1ZNha z9h4fMkkBig96DNu0eHg0U0wrvAsdDP8b3OAGK1nLeHiZ/uNDjGFXOTWbnuM6tH5 du9pfV59LDtNrm6F1ck4SNss55pdcLJlMn2T7GuNjGhUM26QDPJfaStfs7bJEVh1 4vEXnq0YX1gtPOnyd85l242+PetiALerNkhGG701kLqL7ecMBVRxKj6rqA84UDXi ZkUD/xD+r/8d+APYlksGiIGIliqQXrjjLrCyoV5nbRjgXFJU/FJzfdfjH36lvFCq 81q7VCbqTId9W/i0zG7f2s4EQdLLd9ka -----END CERTIFICATE-----Generated at Sat Apr 26 15:25:12 2025 by rpki-client