$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft File: 0aHv0iQTWusJg56ovbjNxZnOZX8.mft (raw, json) Hash identifier: DRqeaDYmbdJYZiIsIq+CudKQb3TOgC+G1w3zKQr7FcA= Subject key identifier: 0E:A9:6C:33:A0:4B:7C:71:52:11:B9:77:7A:BB:8D:9A:77:92:3E:1B Authority key identifier: D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F Certificate issuer: /CN=A917D9FC/serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Certificate serial: 0479 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft Manifest number: 0475 Signing time: Thu 24 Apr 2025 16:34:31 +0000 Manifest this update: Thu 24 Apr 2025 16:34:30 +0000 Manifest next update: Thu 01 May 2025 16:34:30 +0000 Files and hashes: 1: 0aHv0iQTWusJg56ovbjNxZnOZX8.crl (hash: +MEV+rCEEFFC7EEi+EjZ0LaIsOVGb207z5TyG5e+mXo=) 2: AD94C92242BA11ECB1E8FF11C4F9AE02.roa (hash: pu6dJPh07UcYd+mIMy5+Y6mbrncfU/s+tKgupfIo1HM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:34:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1145 (0x479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Validity Not Before: Apr 24 16:34:30 2025 GMT Not After : May 1 16:34:30 2025 GMT Subject: CN=680a6816-439a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:ca:a4:75:12:3a:2d:3a:8e:73:c7:a4:6d:e7: f3:d0:cf:cc:d2:81:77:a8:7c:93:34:c0:75:00:ad: 9e:a9:fa:cd:78:5f:6f:e6:b3:dd:bd:84:3d:49:9c: 58:3a:42:31:25:4f:7d:b4:58:f8:ee:5a:fd:a4:05: 4a:93:00:d8:72:bd:ef:3b:5d:8a:a1:b9:63:5a:ae: 5a:f0:15:79:c3:4e:67:06:6d:d0:c3:c0:3a:22:c1: 27:73:a2:f5:70:b4:18:db:1b:d3:d0:06:a5:86:d3: 05:5b:1b:59:58:ba:2d:51:1c:d9:27:a2:15:f7:2b: e8:c5:b2:8e:0d:96:ed:4a:08:da:49:8c:78:4d:01: 54:99:bd:26:37:ae:15:de:43:c1:a9:b9:d2:dc:48: 3c:4f:8a:b4:c3:71:01:0e:99:33:2c:25:7e:a6:26: 4a:b1:69:c9:86:d5:e6:d6:b8:28:a3:7c:a2:ed:4c: 88:1f:15:7e:51:c9:96:f5:f3:87:fb:6a:36:02:f6: e9:95:93:ad:9d:d2:22:29:54:4b:38:0a:a1:ca:24: d2:10:59:52:39:9f:c4:72:20:e9:a0:90:f7:cb:a0: 21:6b:f1:08:5e:02:62:74:fc:d5:97:e3:e5:65:ce: 8a:ff:e1:dd:52:ef:70:b6:2f:2f:20:1f:47:db:86: 0f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:A9:6C:33:A0:4B:7C:71:52:11:B9:77:7A:BB:8D:9A:77:92:3E:1B X509v3 Authority Key Identifier: keyid:D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:46:07:0a:74:ba:b1:7c:f5:3d:47:a4:07:8a:c7:20:77:99: 0f:24:e2:5e:09:ad:1d:5f:ca:cf:37:6b:ae:be:c1:05:54:e2: 08:cf:58:13:80:80:19:87:02:b8:80:c3:53:56:32:a1:71:17: d6:17:81:fb:af:53:85:6d:0e:09:46:0b:f9:dc:c2:8d:6b:da: 43:3e:2a:10:be:19:b3:8c:75:2f:99:b8:7b:9d:42:d2:df:11: 04:81:5f:67:85:ef:c1:84:60:a6:ba:ff:88:72:65:ff:81:ab: 44:0e:fc:8b:78:9a:be:6d:6a:9d:2c:89:5f:ca:62:ca:93:f8: f8:f4:e5:47:3d:9a:ac:3b:8e:e9:02:07:50:da:f8:76:16:6e: 95:ef:17:e2:01:b0:c0:1f:ec:d1:09:ff:f4:b6:e4:81:64:22: 16:9c:66:1f:a2:16:dc:8b:9d:2b:3a:87:79:57:87:da:de:3e: 9d:57:9b:02:ae:d1:a8:c8:5b:a4:c5:5b:05:ee:fa:82:fb:9f: 9e:9a:9a:05:fb:ee:81:c5:c2:06:bd:82:61:6a:76:d8:5c:03: 10:f5:9c:a5:2f:aa:01:11:0c:3d:6c:bb:e1:b5:5f:12:14:3e: 69:36:ff:42:25:f3:ba:99:3b:a1:4b:c5:90:6d:de:b3:32:d1: 9e:93:ad:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKEQxQTFFRkQyMjQxMzVBRUIwOTgzOUVBOEJEQjhDREM1 OTlDRTY1N0YwHhcNMjUwNDI0MTYzNDMwWhcNMjUwNTAxMTYzNDMwWjAYMRYwFAYD VQQDEw02ODBhNjgxNi00MzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmsqkdRI6LTqOc8ekbefz0M/M0oF3qHyTNMB1AK2eqfrNeF9v5rPdvYQ9SZxY OkIxJU99tFj47lr9pAVKkwDYcr3vO12KobljWq5a8BV5w05nBm3Qw8A6IsEnc6L1 cLQY2xvT0AalhtMFWxtZWLotURzZJ6IV9yvoxbKODZbtSgjaSYx4TQFUmb0mN64V 3kPBqbnS3Eg8T4q0w3EBDpkzLCV+piZKsWnJhtXm1rgoo3yi7UyIHxV+UcmW9fOH +2o2AvbplZOtndIiKVRLOAqhyiTSEFlSOZ/EciDpoJD3y6Aha/EIXgJidPzVl+Pl Zc6K/+HdUu9wti8vIB9H24YP9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA6pbDOg S3xxUhG5d3q7jZp3kj4bMB8GA1UdIwQYMBaAFNGh79IkE1rrCYOeqL24zcWZzmV/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy83QTMwMkQwMDQy QjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1c0pnNTZvdmJqTnhabk9a WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBhSHYwaVFUV3VzSmc1Nm92YmpOeFpuT1pYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlGQy83QTMwMkQwMDQyQjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1 c0pnNTZvdmJqTnhabk9aWDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJRgcKdLqxfPU9R6QHiscgd5kPJOJeCa0dX8rPN2uuvsEFVOIIz1gT gIAZhwK4gMNTVjKhcRfWF4H7r1OFbQ4JRgv53MKNa9pDPioQvhmzjHUvmbh7nULS 3xEEgV9nhe/BhGCmuv+IcmX/gatEDvyLeJq+bWqdLIlfymLKk/j49OVHPZqsO47p AgdQ2vh2Fm6V7xfiAbDAH+zRCf/0tuSBZCIWnGYfohbci50rOod5V4fa3j6dV5sC rtGoyFukxVsF7vqC+5+empoF++6BxcIGvYJhanbYXAMQ9ZylL6oBEQw9bLvhtV8S FD5pNv9CJfO6mTuhS8WQbd6zMtGek63E -----END CERTIFICATE-----Generated at Sat Apr 26 14:57:30 2025 by rpki-client