$ rpki-client -vvf rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.mft File: gacVGxd1kvhoI7afQ3Yk6cAC3kE.mft (raw, json) Hash identifier: eagTFATF6CwuViyJrZkwQv+EUttvr5IucE8d+j6EGvw= Subject key identifier: 0A:97:70:20:1A:C3:CE:9A:40:4F:D2:6B:09:4D:42:1E:AA:CD:C6:D9 Authority key identifier: 81:A7:15:1B:17:75:92:F8:68:23:B6:9F:43:76:24:E9:C0:02:DE:41 Certificate issuer: /CN=A9175299/serialNumber=81A7151B177592F86823B69F437624E9C002DE41 Certificate serial: 0B11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.mft Manifest number: 0B02 Signing time: Thu 24 Apr 2025 19:14:13 +0000 Manifest this update: Thu 24 Apr 2025 19:14:13 +0000 Manifest next update: Thu 01 May 2025 19:14:13 +0000 Files and hashes: 1: gacVGxd1kvhoI7afQ3Yk6cAC3kE.crl (hash: eI1h8EJpaNdH0vCwh+T7bqH9R2EtvbB4frjphOHHjbM=) 2: 89340B10B5E011EE91DD4D53C4F9AE02.roa (hash: zFt+0w+kAFNr7NicRmzvofA0omlHEP7AqJhUpc/xR5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.crl rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:14:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2833 (0xb11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9175299, serialNumber=81A7151B177592F86823B69F437624E9C002DE41 Validity Not Before: Apr 24 19:14:13 2025 GMT Not After : May 1 19:14:13 2025 GMT Subject: CN=680a8d85-a1a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:fe:5f:b9:b0:e0:15:25:ad:fa:45:b0:d9:f9: 53:81:d4:55:11:82:8c:7a:11:81:d3:35:85:28:88: df:77:aa:75:64:3b:28:6a:da:c6:98:a8:88:b4:5c: 88:a4:15:a3:ab:64:86:94:a2:2c:2e:12:c9:5c:a1: b2:9e:a5:f1:86:01:86:f9:d0:4a:bb:e6:39:2b:00: 86:ed:31:4f:96:fb:0c:80:0b:9c:25:c6:da:0f:12: 0c:24:76:bb:2d:d4:62:88:7e:95:a9:3a:7c:a8:d8: df:c9:4e:82:10:c7:69:77:77:a0:be:ec:67:cc:41: 9d:04:8d:a3:20:e9:55:b1:fc:03:fc:24:0e:07:a8: c4:aa:ed:bb:2f:a2:33:12:da:a2:c8:9d:a7:cf:ac: fc:e8:9e:2e:c1:25:13:fa:0c:3a:81:e1:4b:6a:50: 6a:69:74:ee:62:0e:3f:14:fb:26:52:4f:90:fa:61: ce:53:98:91:2d:eb:aa:c7:51:c4:4c:31:bd:50:c5: 28:5e:82:7e:43:9e:38:7a:43:63:e7:5a:d4:69:d5: fd:44:af:4c:d8:6f:8e:5e:3e:b2:67:0f:71:d4:34: a3:bb:38:51:10:89:20:7f:88:72:72:94:4b:f6:4a: 22:fd:99:0b:5f:86:78:1f:4e:87:eb:79:e3:00:02: 2b:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:97:70:20:1A:C3:CE:9A:40:4F:D2:6B:09:4D:42:1E:AA:CD:C6:D9 X509v3 Authority Key Identifier: keyid:81:A7:15:1B:17:75:92:F8:68:23:B6:9F:43:76:24:E9:C0:02:DE:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:5b:93:e6:dc:83:48:94:1a:80:aa:63:ce:bb:f9:69:71:8c: 9d:33:3f:bb:d7:9a:26:3e:2f:c2:ec:4a:a4:5f:c7:78:83:5b: f1:ec:ba:8a:59:52:e7:2a:a6:0e:01:b8:c3:78:ba:96:90:79: a3:28:6b:81:59:0b:85:4d:45:e1:4d:ac:9a:e1:bd:d4:e8:43: 5f:9c:2c:2c:7a:01:78:44:96:e3:25:2d:b2:c0:47:d8:05:e0: af:5c:21:48:99:3c:a6:06:de:51:d3:fa:32:a0:fd:2c:4c:dd: 5c:ad:67:83:6d:b7:85:b4:57:83:8a:17:a4:e8:9b:69:1e:91: c2:a2:fa:60:4d:a7:cd:2a:fc:5a:31:2a:a6:1b:b2:c3:22:03: 5c:99:fb:db:8e:0b:6a:11:71:f6:6d:8d:c4:87:62:51:e9:e4: fe:ce:ab:04:0b:45:12:9b:c2:4f:1f:80:93:80:97:63:ef:ac: a9:38:0b:68:dc:a2:9c:9a:fe:fa:bb:e8:9c:93:65:f0:02:f0: 81:4c:15:0c:c5:cc:71:84:bf:39:cb:5b:3e:71:d8:8f:c9:4b: d1:49:19:72:d5:f4:8d:56:76:33:b3:92:7f:25:52:36:c3:31: 80:bf:30:5e:d3:ef:fd:e2:c1:85:04:03:e5:cc:51:91:44:f2: 8f:7b:6f:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzUyOTkxMTAvBgNVBAUTKDgxQTcxNTFCMTc3NTkyRjg2ODIzQjY5RjQzNzYyNEU5 QzAwMkRFNDEwHhcNMjUwNDI0MTkxNDEzWhcNMjUwNTAxMTkxNDEzWjAYMRYwFAYD VQQDEw02ODBhOGQ4NS1hMWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyv5fubDgFSWt+kWw2flTgdRVEYKMehGB0zWFKIjfd6p1ZDsoatrGmKiItFyI pBWjq2SGlKIsLhLJXKGynqXxhgGG+dBKu+Y5KwCG7TFPlvsMgAucJcbaDxIMJHa7 LdRiiH6VqTp8qNjfyU6CEMdpd3egvuxnzEGdBI2jIOlVsfwD/CQOB6jEqu27L6Iz EtqiyJ2nz6z86J4uwSUT+gw6geFLalBqaXTuYg4/FPsmUk+Q+mHOU5iRLeuqx1HE TDG9UMUoXoJ+Q544ekNj51rUadX9RK9M2G+OXj6yZw9x1DSjuzhREIkgf4hycpRL 9koi/ZkLX4Z4H06H63njAAIr9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAqXcCAa w86aQE/SawlNQh6qzcbZMB8GA1UdIwQYMBaAFIGnFRsXdZL4aCO2n0N2JOnAAt5B MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTI5OS8yNjg5MEVEQTQy QzUxMUVBQjI2Q0ZEMUJDNEY5QUUwMi9nYWNWR3hkMWt2aG9JN2FmUTNZazZjQUMz a0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dhY1ZHeGQxa3Zob0k3YWZRM1lrNmNBQzNrRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NTI5OS8yNjg5MEVEQTQyQzUxMUVBQjI2Q0ZEMUJDNEY5QUUwMi9nYWNWR3hkMWt2 aG9JN2FmUTNZazZjQUMza0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaW5Pm3INIlBqAqmPOu/lpcYydMz+715omPi/C7EqkX8d4g1vx7LqK WVLnKqYOAbjDeLqWkHmjKGuBWQuFTUXhTaya4b3U6ENfnCwsegF4RJbjJS2ywEfY BeCvXCFImTymBt5R0/oyoP0sTN1crWeDbbeFtFeDihek6JtpHpHCovpgTafNKvxa MSqmG7LDIgNcmfvbjgtqEXH2bY3Eh2JR6eT+zqsEC0USm8JPH4CTgJdj76ypOAto 3KKcmv76u+ick2XwAvCBTBUMxcxxhL85y1s+cdiPyUvRSRly1fSNVnYzs5J/JVI2 wzGAvzBe0+/94sGFBAPlzFGRRPKPe2/4 -----END CERTIFICATE-----Generated at Sat Apr 26 15:17:56 2025 by rpki-client