$ rpki-client -vvf rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft File: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft (raw, json) Hash identifier: sIhYISHPowuV9Mr8zUL4tIQRM9xTEr0e+TOmvTkGWvI= Subject key identifier: 76:0E:1F:F5:71:01:04:C5:5D:D6:F9:23:F2:AC:F0:0C:0D:D5:B9:24 Authority key identifier: AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08 Certificate issuer: /CN=A9172CE3/serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08 Certificate serial: 047E Authority info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft Manifest number: 0478 Signing time: Thu 24 Apr 2025 23:51:56 +0000 Manifest this update: Thu 24 Apr 2025 23:51:56 +0000 Manifest next update: Thu 01 May 2025 23:51:56 +0000 Files and hashes: 1: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl (hash: tXDSOH956OJtXPzYue1/xf+88T1a1fOS2TtTmdQtYNE=) 2: 887BE0D0405D11ECA642D813C4F9AE02.roa (hash: qxVcUGlCZn4SUG82SOAXq9RSMSYslC+bAGjT3ytadTQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:51:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1150 (0x47e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172CE3, serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08 Validity Not Before: Apr 24 23:51:56 2025 GMT Not After : May 1 23:51:56 2025 GMT Subject: CN=680ace9c-cf51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5b:3e:b6:4e:e4:77:61:f6:80:f6:c7:8b:15: 14:4d:0a:94:a4:62:87:ef:21:a9:ad:db:b4:07:ad: c7:97:2f:8f:55:f6:17:a2:bc:07:52:bc:cd:c8:86: b0:84:d7:f0:80:94:44:b1:85:ae:e3:ed:d0:cc:9d: 7c:55:af:a5:1e:68:fc:be:4e:a2:13:76:e4:c9:16: 12:e6:57:9e:80:60:81:b9:b5:90:db:53:3d:52:79: 4d:11:b3:4c:95:2d:80:cd:06:f6:66:21:7d:b6:11: 90:15:91:2b:39:0c:97:14:58:a4:b0:42:df:55:ef: 40:01:16:21:3e:e2:06:04:36:ec:57:4f:42:99:89: c4:9e:53:54:42:a9:be:61:fa:e6:63:d0:44:8c:99: 84:52:b2:51:20:14:b9:62:9b:94:65:24:72:0c:ed: b8:58:cf:78:85:31:3a:d1:8c:81:2b:69:aa:c6:b4: 8e:e7:f7:16:01:37:47:d1:4d:80:70:6b:57:0b:ca: aa:2e:6b:a8:62:e7:c7:ac:53:a9:7a:46:a0:44:19: 0b:7a:dc:e2:39:44:96:10:ad:cc:63:1f:2a:d4:25: bd:b7:33:0a:b5:9e:76:3b:98:e8:67:a0:59:ce:a9: be:98:4e:b5:cf:9f:6c:31:36:6a:35:83:9e:a1:b3: 6f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:0E:1F:F5:71:01:04:C5:5D:D6:F9:23:F2:AC:F0:0C:0D:D5:B9:24 X509v3 Authority Key Identifier: keyid:AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:9a:33:8a:f5:12:de:37:b1:f1:8b:fd:58:5f:b3:23:5e:55: c5:9f:32:0e:ce:87:9c:65:24:bb:34:ef:e8:27:af:e3:a5:ce: 25:2e:93:b7:9a:dd:96:98:4c:90:8f:86:70:e1:ed:09:18:fe: f2:aa:6f:a0:af:68:65:10:3f:d5:ab:7e:c0:aa:48:75:90:99: cd:a8:3f:c8:a7:ec:a7:bb:6b:fe:cc:fc:57:ea:f7:95:4b:c0: 6f:a5:93:2c:31:ef:6c:ef:1f:5b:db:eb:43:98:a2:e1:7c:d2: dd:c9:f7:60:c7:ae:f6:83:fd:e8:a8:80:aa:93:8c:d6:bc:0f: e6:ab:5b:0a:30:a6:86:c3:db:60:27:eb:79:e5:ff:ef:2f:24: 1d:06:63:74:7c:94:4d:d2:50:71:a0:02:b1:0f:d9:6e:d8:2d: 0e:30:8c:04:09:53:b5:a2:e1:08:83:8f:1b:2b:2a:0c:8e:94: 7a:ad:38:f4:80:51:79:4b:a1:0c:85:08:7e:5f:76:21:43:32: cf:bc:0e:e7:63:be:3b:4d:d4:fa:99:4d:9b:2b:ea:73:29:a3: 4e:aa:92:18:15:00:28:cf:33:ab:51:fb:bd:85:55:50:18:d5: 74:c1:7d:3b:3a:ed:74:df:ec:b6:86:b0:80:62:87:ee:45:40: a6:78:b4:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJDRTMxMTAvBgNVBAUTKEFCQzZGQkE0Qjc4NDI4Mzg3OTE5MERDNzE3RTM0QjRD RDg4MkRBMDgwHhcNMjUwNDI0MjM1MTU2WhcNMjUwNTAxMjM1MTU2WjAYMRYwFAYD VQQDEw02ODBhY2U5Yy1jZjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArFs+tk7kd2H2gPbHixUUTQqUpGKH7yGprdu0B63Hly+PVfYXorwHUrzNyIaw hNfwgJREsYWu4+3QzJ18Va+lHmj8vk6iE3bkyRYS5leegGCBubWQ21M9UnlNEbNM lS2AzQb2ZiF9thGQFZErOQyXFFiksELfVe9AARYhPuIGBDbsV09CmYnEnlNUQqm+ YfrmY9BEjJmEUrJRIBS5YpuUZSRyDO24WM94hTE60YyBK2mqxrSO5/cWATdH0U2A cGtXC8qqLmuoYufHrFOpekagRBkLetziOUSWEK3MYx8q1CW9tzMKtZ52O5joZ6BZ zqm+mE61z59sMTZqNYOeobNvPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHYOH/Vx AQTFXdb5I/Ks8AwN1bkkMB8GA1UdIwQYMBaAFKvG+6S3hCg4eRkNxxfjS0zYgtoI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkNFMy81RDc4OTlGNDQw NTkxMUVDQTBBRkFBNERDNEY5QUUwMi9xOGI3cExlRUtEaDVHUTNIRi1OTFROaUMy Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0MUZFNjEwMUQ2NjExRTJBNjJGODc3Qzcy RkQxRkYyL3E4YjdwTGVFS0RoNUdRM0hGLU5MVE5pQzJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkNFMy81RDc4OTlGNDQwNTkxMUVDQTBBRkFBNERDNEY5QUUwMi9xOGI3cExlRUtE aDVHUTNIRi1OTFROaUMyZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClmjOK9RLeN7Hxi/1YX7MjXlXFnzIOzoecZSS7NO/oJ6/jpc4lLpO3 mt2WmEyQj4Zw4e0JGP7yqm+gr2hlED/Vq37Aqkh1kJnNqD/Ip+ynu2v+zPxX6veV S8BvpZMsMe9s7x9b2+tDmKLhfNLdyfdgx672g/3oqICqk4zWvA/mq1sKMKaGw9tg J+t55f/vLyQdBmN0fJRN0lBxoAKxD9lu2C0OMIwECVO1ouEIg48bKyoMjpR6rTj0 gFF5S6EMhQh+X3YhQzLPvA7nY747TdT6mU2bK+pzKaNOqpIYFQAozzOrUfu9hVVQ GNV0wX07Ou103+y2hrCAYofuRUCmeLQ+ -----END CERTIFICATE-----Generated at Sat Apr 26 17:02:53 2025 by rpki-client