$ rpki-client -vvf rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.mft File: f83sMfr6flJ9p6lwOTIED4RVgVk.mft (raw, json) Hash identifier: 40CWyO2wbsm7p7lkKNKmsRgvlVXw3WRvHeuUVZgo3xg= Subject key identifier: 40:0B:CF:4D:71:6D:7E:35:3E:F3:59:53:02:E8:23:B6:EC:0C:0D:25 Authority key identifier: 7F:CD:EC:31:FA:FA:7E:52:7D:A7:A9:70:39:32:04:0F:84:55:81:59 Certificate issuer: /CN=A9179BF7/serialNumber=7FCDEC31FAFA7E527DA7A9703932040F84558159 Certificate serial: 02F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.mft Manifest number: 02D7 Signing time: Fri 25 Apr 2025 01:15:04 +0000 Manifest this update: Fri 25 Apr 2025 01:15:03 +0000 Manifest next update: Fri 02 May 2025 01:15:03 +0000 Files and hashes: 1: f83sMfr6flJ9p6lwOTIED4RVgVk.crl (hash: RxziZFay/a9a08SYKC4M95HN0kZoK+l/VBIIEl1sHk0=) 2: 81EEF49E801711EF8566D481C4F9AE02.roa (hash: WMqw6puvAMI/KOIEmj7+KVGtQT9V3R2V9xclcYWsYsg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.crl rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:15:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 759 (0x2f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9179BF7, serialNumber=7FCDEC31FAFA7E527DA7A9703932040F84558159 Validity Not Before: Apr 25 01:15:03 2025 GMT Not After : May 2 01:15:03 2025 GMT Subject: CN=680ae217-1c1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:6d:bd:c1:be:17:5c:18:4e:84:24:04:7f:86: 4d:56:33:51:6b:4b:6c:02:1f:fb:1b:c0:49:97:d5: 9c:02:56:f4:57:21:72:68:ec:e0:00:98:3a:ad:9b: 2b:4c:af:76:fd:ce:57:cc:92:6c:c7:c1:43:f4:42: 69:ae:dc:6a:9d:d7:61:79:20:64:2e:42:f5:ba:06: c1:63:79:fb:5a:9f:41:ef:8c:0c:bd:91:a7:61:b5: 7a:29:cd:f6:93:d6:c5:f6:2c:3a:ea:57:c2:70:84: cc:d4:d2:c6:cc:d3:ee:ee:01:d0:d3:f5:89:f5:34: 78:1b:f4:25:1d:ce:0e:40:1b:dd:18:6f:4e:29:89: 23:ea:98:20:42:6a:01:21:6a:f3:2a:69:a7:05:0e: ee:78:b9:39:77:0d:33:30:24:61:cc:b5:c9:bf:df: ee:5c:3c:61:bd:e6:59:29:c4:4c:1d:eb:c8:b9:94: 54:7e:0d:2b:17:1a:e0:d6:c7:63:0a:cd:9c:fa:ec: 68:6e:2f:53:a5:20:ff:26:5f:42:3a:9a:bf:f1:07: ad:6b:48:9f:b1:3d:ec:40:42:09:d2:22:84:b9:ab: d4:7c:7f:83:32:5d:31:88:e7:81:a3:53:6e:f4:73: e4:ac:6f:35:95:e0:94:ee:76:8d:54:54:0d:bc:2c: 93:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:0B:CF:4D:71:6D:7E:35:3E:F3:59:53:02:E8:23:B6:EC:0C:0D:25 X509v3 Authority Key Identifier: keyid:7F:CD:EC:31:FA:FA:7E:52:7D:A7:A9:70:39:32:04:0F:84:55:81:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:72:af:05:d2:db:e7:24:61:13:d2:e8:a9:b7:a0:53:66:f9: 2d:9f:b5:1c:78:fe:93:9f:a5:0d:c4:2d:8f:0a:d3:8f:b7:b2: 3d:03:7a:79:d0:50:4c:6b:6a:c1:0e:26:d1:a0:1a:28:5e:8e: bb:6c:ce:6a:73:63:65:ba:1c:e2:d3:d6:c9:86:30:1b:d7:5f: d8:99:2c:a5:3f:3d:35:80:53:c6:d6:9d:b9:bd:48:0e:5a:24: 6f:26:de:c2:dd:7e:8d:bf:ad:09:cf:8a:c7:09:ab:dd:70:c6: 57:e6:b8:a1:a9:55:65:4d:1a:83:43:5a:0d:21:d8:d3:3b:25: fa:a2:e8:4c:5e:0c:e9:3c:18:de:c6:0d:c8:62:a8:f3:e4:6b: 5e:bd:39:be:5a:49:14:f1:12:a9:7e:db:5a:82:c0:c7:42:02: e2:16:c5:c4:5c:90:8f:a1:bc:82:1f:71:34:2d:e4:6c:b1:bb: aa:40:34:54:05:bb:97:87:a7:26:74:8d:95:09:c4:c7:5a:d0: eb:7c:e7:60:ad:f4:fe:4b:34:ad:26:78:3f:ec:06:e3:10:56: aa:23:b5:3b:8f:19:eb:31:be:d7:01:3e:00:ab:e2:e9:c7:27: ba:a0:7f:95:ff:4d:00:db:1a:b0:af:9a:88:49:d4:69:ea:01: d6:0a:c8:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAvcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzlCRjcxMTAvBgNVBAUTKDdGQ0RFQzMxRkFGQTdFNTI3REE3QTk3MDM5MzIwNDBG ODQ1NTgxNTkwHhcNMjUwNDI1MDExNTAzWhcNMjUwNTAyMDExNTAzWjAYMRYwFAYD VQQDEw02ODBhZTIxNy0xYzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAum29wb4XXBhOhCQEf4ZNVjNRa0tsAh/7G8BJl9WcAlb0VyFyaOzgAJg6rZsr TK92/c5XzJJsx8FD9EJprtxqnddheSBkLkL1ugbBY3n7Wp9B74wMvZGnYbV6Kc32 k9bF9iw66lfCcITM1NLGzNPu7gHQ0/WJ9TR4G/QlHc4OQBvdGG9OKYkj6pggQmoB IWrzKmmnBQ7ueLk5dw0zMCRhzLXJv9/uXDxhveZZKcRMHevIuZRUfg0rFxrg1sdj Cs2c+uxobi9TpSD/Jl9COpq/8Qeta0ifsT3sQEIJ0iKEuavUfH+DMl0xiOeBo1Nu 9HPkrG81leCU7naNVFQNvCyTawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEALz01x bX41PvNZUwLoI7bsDA0lMB8GA1UdIwQYMBaAFH/N7DH6+n5SfaepcDkyBA+EVYFZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OUJGNy80QjY2RjEyQ0Yy QzcxMUVDOEI4MTk2ODdDNEY5QUUwMi9mODNzTWZyNmZsSjlwNmx3T1RJRUQ0UlZn VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Y4M3NNZnI2ZmxKOXA2bHdPVElFRDRSVmdWay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OUJGNy80QjY2RjEyQ0YyQzcxMUVDOEI4MTk2ODdDNEY5QUUwMi9mODNzTWZyNmZs SjlwNmx3T1RJRUQ0UlZnVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGcq8F0tvnJGET0uipt6BTZvktn7UceP6Tn6UNxC2PCtOPt7I9A3p5 0FBMa2rBDibRoBooXo67bM5qc2Nluhzi09bJhjAb11/YmSylPz01gFPG1p25vUgO WiRvJt7C3X6Nv60Jz4rHCavdcMZX5rihqVVlTRqDQ1oNIdjTOyX6ouhMXgzpPBje xg3IYqjz5GtevTm+WkkU8RKpfttagsDHQgLiFsXEXJCPobyCH3E0LeRssbuqQDRU BbuXh6cmdI2VCcTHWtDrfOdgrfT+SzStJng/7AbjEFaqI7U7jxnrMb7XAT4Aq+Lp xye6oH+V/00A2xqwr5qISdRp6gHWCshJ -----END CERTIFICATE-----Generated at Sat Apr 26 17:11:52 2025 by rpki-client