$ rpki-client -vvf rpki.apnic.net/member_repository/A917B413/B8FCA7BA516E11EA980A287EC4F9AE02/Ic_hSZujbpQWt_68gTw8LqkWvEY.mft File: Ic_hSZujbpQWt_68gTw8LqkWvEY.mft (raw, json) Hash identifier: TQCJkcqzNMpydL+WoAHy0xz5ez6Qjr8HfjaYAkMqChE= Subject key identifier: A8:A9:67:4F:04:98:EA:57:2E:97:A4:8E:D4:D1:92:18:40:9C:D5:EB Authority key identifier: 21:CF:E1:49:9B:A3:6E:94:16:B7:FE:BC:81:3C:3C:2E:A9:16:BC:46 Certificate issuer: /CN=A917B413/serialNumber=21CFE1499BA36E9416B7FEBC813C3C2EA916BC46 Certificate serial: 0AB3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ic_hSZujbpQWt_68gTw8LqkWvEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B413/B8FCA7BA516E11EA980A287EC4F9AE02/Ic_hSZujbpQWt_68gTw8LqkWvEY.mft Manifest number: 0AAA Signing time: Thu 24 Apr 2025 19:23:51 +0000 Manifest this update: Thu 24 Apr 2025 19:23:50 +0000 Manifest next update: Thu 01 May 2025 19:23:50 +0000 Files and hashes: 1: Ic_hSZujbpQWt_68gTw8LqkWvEY.crl (hash: G5NJbMgfMpqam7a6MfQOyk/hRdn+gYEGx3dOjIr9COw=) 2: 498B6EFE942411EA816FC855C4F9AE02.roa (hash: AU3Frw6p1SnNaYVLPNPNSlHZdunuBupMTCIgXK+Ojng=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B413/B8FCA7BA516E11EA980A287EC4F9AE02/Ic_hSZujbpQWt_68gTw8LqkWvEY.crl rsync://rpki.apnic.net/member_repository/A917B413/B8FCA7BA516E11EA980A287EC4F9AE02/Ic_hSZujbpQWt_68gTw8LqkWvEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ic_hSZujbpQWt_68gTw8LqkWvEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:23:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2739 (0xab3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B413, serialNumber=21CFE1499BA36E9416B7FEBC813C3C2EA916BC46 Validity Not Before: Apr 24 19:23:50 2025 GMT Not After : May 1 19:23:50 2025 GMT Subject: CN=680a8fc6-7628 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d8:14:b6:d3:1e:5f:dc:0a:50:5c:69:96:04: bd:46:d0:49:d4:e7:b0:d4:ee:79:2c:d3:0e:17:05: 29:e6:45:da:3a:2d:f9:b3:e1:2b:1d:3b:91:f7:81: 80:2f:57:87:ba:29:82:97:f2:4b:cf:2f:34:75:dd: d6:b9:74:20:3e:d3:b3:4f:17:ea:11:17:f5:c9:44: d1:6a:d6:c8:b2:20:70:f4:44:2a:c6:a7:b2:07:76: 4b:5e:34:16:e6:3c:79:6c:72:5f:75:cc:84:f8:d4: dd:33:9a:04:af:39:6f:78:58:98:a8:4c:b8:64:15: bd:57:a2:6f:b0:86:98:c0:1c:80:6d:42:9f:e0:20: d6:e1:84:18:1e:6b:0a:55:d7:05:32:7f:72:1d:86: 28:38:7c:a8:ae:47:5c:b0:ee:64:d3:6a:f2:80:c4: e5:0c:04:03:18:76:7e:79:a6:27:89:b1:16:a9:f7: 45:65:f2:69:5e:64:b3:f4:8a:bc:ff:07:5b:22:e5: 96:ec:f6:d4:f4:52:70:9e:b3:2d:ba:e6:2a:af:c4: ff:e5:e9:ec:3e:83:c8:ec:07:0e:b0:4e:83:a3:5c: e4:82:ec:65:ca:43:cf:29:86:9f:92:d6:49:95:e1: 7d:13:bf:4d:72:5a:28:2f:76:5a:0d:05:ec:11:91: 5b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:A9:67:4F:04:98:EA:57:2E:97:A4:8E:D4:D1:92:18:40:9C:D5:EB X509v3 Authority Key Identifier: keyid:21:CF:E1:49:9B:A3:6E:94:16:B7:FE:BC:81:3C:3C:2E:A9:16:BC:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B413/B8FCA7BA516E11EA980A287EC4F9AE02/Ic_hSZujbpQWt_68gTw8LqkWvEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ic_hSZujbpQWt_68gTw8LqkWvEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B413/B8FCA7BA516E11EA980A287EC4F9AE02/Ic_hSZujbpQWt_68gTw8LqkWvEY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:54:a5:5e:79:0a:13:e7:db:02:d5:3f:ab:29:df:ff:de:fb: 5c:71:c4:8b:b0:f7:c0:bc:d5:98:f5:c6:0b:e9:d4:0a:92:41: ab:53:f9:9b:ed:59:24:d4:d0:bf:10:e6:8f:6c:c9:63:4b:38: 6c:45:82:51:12:91:3d:94:3a:3c:2f:68:65:84:c0:49:80:50: b3:52:c3:52:29:91:88:e7:72:53:9c:5e:48:ce:fa:75:11:1d: a0:c6:d1:1b:a9:36:73:76:e4:00:38:b0:bf:95:8d:ce:1b:09: 8d:e6:d3:bf:c5:55:a4:6d:76:d0:58:c3:12:48:cb:e5:d4:66: c1:97:e1:1a:bc:59:16:b0:27:3f:7b:22:b7:b8:2f:99:08:5b: 17:96:e0:b5:1e:c7:2c:c4:aa:f6:2e:bb:90:fb:53:ca:00:02: 7f:e2:3d:42:ca:20:84:6c:8a:e7:47:b1:0c:db:a0:6e:61:b7: e8:44:13:09:db:4e:59:2f:0a:24:4d:4b:22:86:bb:64:d8:ea: b8:da:a4:0c:f4:64:0f:5e:01:27:1e:11:c6:c1:b4:17:c8:9d: 72:c6:e7:30:df:d9:68:53:c0:44:30:ee:59:54:2f:53:b7:25: 36:81:cf:fa:eb:93:f8:ab:36:fa:4e:d7:03:f6:e4:b2:75:29: 06:c4:2a:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I0MTMxMTAvBgNVBAUTKDIxQ0ZFMTQ5OUJBMzZFOTQxNkI3RkVCQzgxM0MzQzJF QTkxNkJDNDYwHhcNMjUwNDI0MTkyMzUwWhcNMjUwNTAxMTkyMzUwWjAYMRYwFAYD VQQDEw02ODBhOGZjNi03NjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAttgUttMeX9wKUFxplgS9RtBJ1Oew1O55LNMOFwUp5kXaOi35s+ErHTuR94GA L1eHuimCl/JLzy80dd3WuXQgPtOzTxfqERf1yUTRatbIsiBw9EQqxqeyB3ZLXjQW 5jx5bHJfdcyE+NTdM5oErzlveFiYqEy4ZBW9V6JvsIaYwByAbUKf4CDW4YQYHmsK VdcFMn9yHYYoOHyorkdcsO5k02rygMTlDAQDGHZ+eaYnibEWqfdFZfJpXmSz9Iq8 /wdbIuWW7PbU9FJwnrMtuuYqr8T/5ensPoPI7AcOsE6Do1zkguxlykPPKYafktZJ leF9E79NclooL3ZaDQXsEZFb2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKipZ08E mOpXLpekjtTRkhhAnNXrMB8GA1UdIwQYMBaAFCHP4Umbo26UFrf+vIE8PC6pFrxG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjQxMy9COEZDQTdCQTUx NkUxMUVBOTgwQTI4N0VDNEY5QUUwMi9JY19oU1p1amJwUVd0XzY4Z1R3OExxa1d2 RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ljX2hTWnVqYnBRV3RfNjhnVHc4THFrV3ZFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjQxMy9COEZDQTdCQTUxNkUxMUVBOTgwQTI4N0VDNEY5QUUwMi9JY19oU1p1amJw UVd0XzY4Z1R3OExxa1d2RVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEVKVeeQoT59sC1T+rKd//3vtcccSLsPfAvNWY9cYL6dQKkkGrU/mb 7Vkk1NC/EOaPbMljSzhsRYJREpE9lDo8L2hlhMBJgFCzUsNSKZGI53JTnF5Izvp1 ER2gxtEbqTZzduQAOLC/lY3OGwmN5tO/xVWkbXbQWMMSSMvl1GbBl+EavFkWsCc/ eyK3uC+ZCFsXluC1HscsxKr2LruQ+1PKAAJ/4j1CyiCEbIrnR7EM26BuYbfoRBMJ 205ZLwokTUsihrtk2Oq42qQM9GQPXgEnHhHGwbQXyJ1yxucw39loU8BEMO5ZVC9T tyU2gc/665P4qzb6TtcD9uSydSkGxCql -----END CERTIFICATE-----Generated at Sat Apr 26 04:29:01 2025 by rpki-client