$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft File: CIaR8feL2c7-2A021lDWd2emvbA.mft (raw, json) Hash identifier: S/jKA9noWDOarr4Or55O/zranT+EpZCDSHMcXRvRSHo= Subject key identifier: 84:18:72:AC:12:1F:B8:AB:83:E2:B7:23:A1:66:0D:4B:42:FC:6B:81 Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Certificate serial: 077D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft Manifest number: 0778 Signing time: Sat 26 Apr 2025 21:07:45 +0000 Manifest this update: Sat 26 Apr 2025 21:07:45 +0000 Manifest next update: Sat 03 May 2025 21:07:45 +0000 Files and hashes: 1: CIaR8feL2c7-2A021lDWd2emvbA.crl (hash: fQZOsNvXRINClHdefR8adt6ARA16iIZQNG3VDeJTB0M=) 2: F126F04A11A911EBB5A4DD83C4F9AE02.roa (hash: 0rr8K1LQ/thtLtkFZc4kC3SiEr3iL8XaKJgB3Bca1+4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 21:07:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1917 (0x77d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DA4A, serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Validity Not Before: Apr 26 21:07:45 2025 GMT Not After : May 3 21:07:45 2025 GMT Subject: CN=680d4b21-cee6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:2d:aa:27:f4:9b:8f:f0:7e:f4:19:ca:0c:bc: ef:b3:da:8d:7d:fb:fa:ac:94:db:10:32:ce:1b:a1: 9d:34:17:e4:0c:9b:bc:5e:c5:dd:73:5b:3a:d1:3b: b1:85:03:02:ae:a6:5e:09:f2:3e:23:5f:ce:1e:91: 91:d2:a0:e9:86:de:9c:7e:a0:a5:fa:49:0e:98:e3: ce:01:69:8e:47:66:3b:d0:c0:2c:cb:20:1f:68:07: 4c:d4:40:98:db:52:7a:d7:18:08:fc:a7:66:47:26: 68:46:6e:f0:5d:42:de:0f:42:cd:7d:ba:08:53:ec: 7c:01:6e:54:90:f0:58:bd:22:3d:c7:7b:f3:9e:2f: e7:8c:ef:df:11:cd:f0:e5:67:cd:34:c9:94:68:f4: ab:5e:17:cd:21:e2:02:53:9a:34:b9:5c:37:77:84: e5:8e:d7:d7:ad:e7:92:e6:aa:a5:ef:20:d3:f4:eb: 34:b6:fb:1b:ea:45:88:07:4d:d3:0b:b1:79:55:dd: 56:51:18:8a:33:36:eb:03:fd:a5:5d:bf:e0:11:e6: e9:66:59:f4:f3:76:be:f8:2a:43:fe:ca:a9:6a:bb: 9a:cb:dc:40:42:db:9a:17:96:e9:05:6e:4d:b2:05: 7e:11:80:b5:51:0f:b9:d9:4e:f2:27:7b:6e:42:10: d0:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:18:72:AC:12:1F:B8:AB:83:E2:B7:23:A1:66:0D:4B:42:FC:6B:81 X509v3 Authority Key Identifier: keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:1d:5c:aa:7d:4a:e7:f9:74:16:52:89:52:a2:be:6b:e9:73: 9f:bc:43:f7:e3:95:bb:be:83:7d:48:89:05:57:a4:31:12:af: a3:bf:c0:dd:f8:dd:dd:6d:59:d1:36:b0:b5:0b:da:b6:b4:ba: 65:83:c4:47:0f:7d:31:4d:be:22:46:4f:41:27:e1:13:90:73: de:29:4a:6e:19:b2:fc:43:71:a6:2d:eb:31:c1:67:28:fa:77: e7:b7:1d:86:8f:60:30:3c:ea:8e:a9:38:f1:fb:d6:0d:2e:6c: 75:49:a8:91:83:49:54:66:99:16:1e:cb:c3:4d:ee:32:12:ce: e8:00:a6:81:11:6e:13:9f:66:82:c7:50:a5:c9:48:87:f1:8a: 6b:0b:ee:77:31:37:92:db:3f:fa:8f:fa:7e:59:2c:85:e1:6b: 8a:31:05:4d:e3:12:32:04:16:3b:b9:fe:7b:f5:4c:5f:bb:8e: 96:b9:53:f4:ad:34:88:69:f3:60:72:52:cf:f2:19:28:78:ea: cd:68:cc:b8:56:27:41:f6:86:46:c7:5b:be:ab:0a:c7:de:c6: 38:a0:7d:5a:5c:d5:21:cc:83:48:d7:ac:97:c6:6c:36:00:0d: 90:d6:b2:fd:c6:5b:fd:a6:39:85:ea:2d:f3:61:39:c7:05:2d: 47:dd:4d:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3 NjdBNkJEQjAwHhcNMjUwNDI2MjEwNzQ1WhcNMjUwNTAzMjEwNzQ1WjAYMRYwFAYD VQQDEw02ODBkNGIyMS1jZWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwC2qJ/Sbj/B+9BnKDLzvs9qNffv6rJTbEDLOG6GdNBfkDJu8XsXdc1s60Tux hQMCrqZeCfI+I1/OHpGR0qDpht6cfqCl+kkOmOPOAWmOR2Y70MAsyyAfaAdM1ECY 21J61xgI/KdmRyZoRm7wXULeD0LNfboIU+x8AW5UkPBYvSI9x3vzni/njO/fEc3w 5WfNNMmUaPSrXhfNIeICU5o0uVw3d4TljtfXreeS5qql7yDT9Os0tvsb6kWIB03T C7F5Vd1WURiKMzbrA/2lXb/gEebpZln083a++CpD/sqparuay9xAQtuaF5bpBW5N sgV+EYC1UQ+52U7yJ3tuQhDQZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIQYcqwS H7irg+K3I6FmDUtC/GuBMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12 YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REE0QS8wNTFEQUY1QTBEQzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJj Ny0yQTAyMWxEV2QyZW12YkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZHVyqfUrn+XQWUolSor5r6XOfvEP345W7voN9SIkFV6QxEq+jv8Dd +N3dbVnRNrC1C9q2tLplg8RHD30xTb4iRk9BJ+ETkHPeKUpuGbL8Q3GmLesxwWco +nfntx2Gj2AwPOqOqTjx+9YNLmx1SaiRg0lUZpkWHsvDTe4yEs7oAKaBEW4Tn2aC x1ClyUiH8YprC+53MTeS2z/6j/p+WSyF4WuKMQVN4xIyBBY7uf579Uxfu46WuVP0 rTSIafNgclLP8hkoeOrNaMy4VidB9oZGx1u+qwrH3sY4oH1aXNUhzINI16yXxmw2 AA2Q1rL9xlv9pjmF6i3zYTnHBS1H3U1K -----END CERTIFICATE-----Generated at Mon Apr 28 09:17:28 2025 by rpki-client