$ rpki-client -vvf rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft File: 2CKi28iCNPgPcORngrLU2c0_m9w.mft (raw, json) Hash identifier: zVtQxF/Qy8raF+FpPMPv7niIlbTDP6RylB1Rscug75w= Subject key identifier: 7A:7C:95:30:DF:D0:D8:4A:CA:14:6A:E1:98:A2:B4:73:C4:0E:55:A3 Authority key identifier: D8:22:A2:DB:C8:82:34:F8:0F:70:E4:67:82:B2:D4:D9:CD:3F:9B:DC Certificate issuer: /CN=A9176B32/serialNumber=D822A2DBC88234F80F70E46782B2D4D9CD3F9BDC Certificate serial: 021B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft Manifest number: 0215 Signing time: Fri 25 Apr 2025 01:46:09 +0000 Manifest this update: Fri 25 Apr 2025 01:46:08 +0000 Manifest next update: Fri 02 May 2025 01:46:08 +0000 Files and hashes: 1: 2CKi28iCNPgPcORngrLU2c0_m9w.crl (hash: uRSq8vwZQk0T3ifZJEE1WPJoRA6RXxIuhhDq2wzXVIo=) 2: 14C5F2A62F3C11ED84084082C4F9AE02.roa (hash: tIgnOUYL9AaMF3o6uRCl3XbHRWVvM0EG7is36EBsHLE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.crl rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:46:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 539 (0x21b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176B32, serialNumber=D822A2DBC88234F80F70E46782B2D4D9CD3F9BDC Validity Not Before: Apr 25 01:46:08 2025 GMT Not After : May 2 01:46:08 2025 GMT Subject: CN=680ae961-ac7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:27:f7:08:dc:0c:2f:2e:a4:62:be:8c:2a:53: ed:20:5e:f1:20:98:35:fc:75:6f:dc:90:28:a3:fd: f2:d7:16:33:74:22:16:97:e3:c6:43:17:05:d7:a5: ed:68:ec:11:af:d4:5e:a2:fc:23:d3:5a:4b:57:ae: 6a:0b:c6:1b:0b:da:b6:a5:5a:74:4c:f8:ec:3f:aa: c9:c2:c9:74:23:d1:28:43:d7:d9:60:d9:3c:c6:ab: 07:59:ec:5c:f7:6e:3d:fa:01:2c:a2:53:65:75:d0: 73:67:07:cd:7b:52:f1:83:1e:60:44:28:44:c5:d5: f1:69:6f:47:b7:9c:1f:0e:5c:b8:ee:0b:8d:f8:16: 9f:39:e7:91:6a:bb:3b:7f:20:c6:51:6e:ae:96:db: 3b:55:dd:ed:62:a9:4d:8a:98:4a:4c:3d:f2:7b:1c: 11:30:06:ac:6e:55:ac:92:ec:59:58:a7:8e:51:f4: 4f:e2:52:f8:6c:7f:53:46:70:b1:50:a2:ab:bb:68: 0d:01:cf:49:9b:f9:8c:e2:5b:97:d2:52:3d:8a:54: 61:21:5e:ba:3c:da:06:f9:b5:a0:30:28:4b:54:4b: e2:ac:94:8b:8c:51:28:39:62:f7:3a:eb:43:1c:49: e5:e1:07:5a:c2:43:24:5c:ad:38:d3:78:81:90:96: 00:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:7C:95:30:DF:D0:D8:4A:CA:14:6A:E1:98:A2:B4:73:C4:0E:55:A3 X509v3 Authority Key Identifier: keyid:D8:22:A2:DB:C8:82:34:F8:0F:70:E4:67:82:B2:D4:D9:CD:3F:9B:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:3f:b7:f3:95:2d:be:4f:90:03:21:77:25:9e:c7:67:57:8a: 9c:4d:0f:11:b3:0f:8f:b4:df:58:2e:f5:12:5b:41:50:bb:bb: 74:7e:c3:20:a2:0c:c6:59:af:14:a7:18:5e:39:db:96:ba:73: e4:a1:fa:d3:c9:7d:4a:16:25:65:b3:24:e2:b1:cb:aa:6c:fd: 2f:da:83:1c:d2:5e:d6:3a:06:a7:52:93:af:cc:13:bd:dd:c3: f8:5c:58:0f:13:7e:a2:b1:71:3c:67:f2:3f:06:82:b6:14:2b: 1f:aa:a2:c8:31:dc:7d:ad:cd:58:f9:b1:66:dc:a3:6f:cb:a9: 3e:9b:fc:12:39:0c:90:41:a3:b2:6e:64:3b:a4:04:4c:8c:c2: 63:56:17:05:cc:34:16:d9:7a:0b:06:fc:8e:12:b2:b6:5b:0a: 06:ab:d6:c6:1b:00:ec:59:4d:a2:2f:e2:b2:3f:a4:aa:f9:e9: a3:8c:bc:f8:8f:52:28:2b:f0:b2:ac:80:28:41:a3:91:17:68: cb:8e:d4:8f:f4:56:aa:d4:58:d6:7b:62:38:02:24:04:ad:50: 2b:b2:73:6a:a7:a7:c6:db:c3:3f:60:8e:85:3e:5c:4e:d6:64: ea:9a:a4:cf:d4:7e:7a:82:66:77:39:0a:fb:9b:1b:49:ba:83: 89:62:3d:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzZCMzIxMTAvBgNVBAUTKEQ4MjJBMkRCQzg4MjM0RjgwRjcwRTQ2NzgyQjJENEQ5 Q0QzRjlCREMwHhcNMjUwNDI1MDE0NjA4WhcNMjUwNTAyMDE0NjA4WjAYMRYwFAYD VQQDEw02ODBhZTk2MS1hYzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtyf3CNwMLy6kYr6MKlPtIF7xIJg1/HVv3JAoo/3y1xYzdCIWl+PGQxcF16Xt aOwRr9Reovwj01pLV65qC8YbC9q2pVp0TPjsP6rJwsl0I9EoQ9fZYNk8xqsHWexc 9249+gEsolNlddBzZwfNe1Lxgx5gRChExdXxaW9Ht5wfDly47guN+BafOeeRars7 fyDGUW6ults7Vd3tYqlNiphKTD3yexwRMAasblWskuxZWKeOUfRP4lL4bH9TRnCx UKKru2gNAc9Jm/mM4luX0lI9ilRhIV66PNoG+bWgMChLVEvirJSLjFEoOWL3OutD HEnl4QdawkMkXK0403iBkJYA/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHp8lTDf 0NhKyhRq4ZiitHPEDlWjMB8GA1UdIwQYMBaAFNgiotvIgjT4D3DkZ4Ky1NnNP5vc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkIzMi83Mzg3OTYxODJG MzgxMUVEOUU3RTAyN0RDNEY5QUUwMi8yQ0tpMjhpQ05QZ1BjT1JuZ3JMVTJjMF9t OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJDS2kyOGlDTlBnUGNPUm5nckxVMmMwX205dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NkIzMi83Mzg3OTYxODJGMzgxMUVEOUU3RTAyN0RDNEY5QUUwMi8yQ0tpMjhpQ05Q Z1BjT1JuZ3JMVTJjMF9tOXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpP7fzlS2+T5ADIXclnsdnV4qcTQ8Rsw+PtN9YLvUSW0FQu7t0fsMg ogzGWa8UpxheOduWunPkofrTyX1KFiVlsyTiscuqbP0v2oMc0l7WOganUpOvzBO9 3cP4XFgPE36isXE8Z/I/BoK2FCsfqqLIMdx9rc1Y+bFm3KNvy6k+m/wSOQyQQaOy bmQ7pARMjMJjVhcFzDQW2XoLBvyOErK2WwoGq9bGGwDsWU2iL+KyP6Sq+emjjLz4 j1IoK/CyrIAoQaORF2jLjtSP9Faq1FjWe2I4AiQErVArsnNqp6fG28M/YI6FPlxO 1mTqmqTP1H56gmZ3OQr7mxtJuoOJYj3k -----END CERTIFICATE-----Generated at Sat Apr 26 05:06:03 2025 by rpki-client