$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft File: GxesPclsojRSUCPv02J-ks2IR0g.mft (raw, json) Hash identifier: KDZoDa5s2T4dAipg0Oc1Skx5OpHYCOwXhaHh29iaP3k= Subject key identifier: 1E:57:DF:D3:21:CA:4B:E9:B3:90:94:AD:FC:73:30:D6:98:48:BC:C6 Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Certificate serial: 1D25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft Manifest number: 1CE6 Signing time: Thu 24 Apr 2025 16:11:01 +0000 Manifest this update: Thu 24 Apr 2025 16:11:00 +0000 Manifest next update: Thu 01 May 2025 16:11:00 +0000 Files and hashes: 1: GxesPclsojRSUCPv02J-ks2IR0g.crl (hash: SvHYEZSN1iN/9tIP9fOYrV56LaeDsPSgfOx0yjCT7es=) 2: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (hash: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=) 3: C154DA14E85C11EBA2171A25C4F9AE02.roa (hash: ZoYRtsKN6J+JTMHnmtPtNWovLxxrXzjOLNI6FTTDrJk=) 4: 907B9B20E8AD11EBAA895D0AC4F9AE02.roa (hash: Yy12wxP/cM0LLNtHiB2aLkhSaVEMx94WCa7jMCYf9WM=) 5: 89654CDAB83B11EFAA80DD09C4F9AE02.roa (hash: wZqrfI6axJ6OhiwV+iuxvLbJgC05OEzm0nCXJ1L7s34=) 6: 4D609E86FF3B11EB910E8847C4F9AE02.roa (hash: IlNlaUUrIO5psWG9zVe/2cJLa9A72orRKr8ki0wRJ+c=) 7: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (hash: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=) 8: 4E2669F4FF3B11EB910E8847C4F9AE02.roa (hash: RxEjxFNvI0DOGeP3888S1tn030BuNHUdNfLt3di15l4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:11:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7461 (0x1d25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DBF2, serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Validity Not Before: Apr 24 16:11:00 2025 GMT Not After : May 1 16:11:00 2025 GMT Subject: CN=680a6295-0294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ba:29:09:5e:64:e5:43:61:6e:c6:20:d1:b6: 0e:50:d5:a7:a1:76:a4:ee:19:6b:91:43:b8:b7:3f: af:7e:e4:e1:a6:23:1d:11:88:f9:b8:d0:5d:69:6a: a1:96:4b:83:87:26:7a:92:df:1a:18:9e:bc:05:62: fb:08:7b:7d:1b:5a:89:d8:c5:aa:d9:ce:6b:20:ba: 6c:b0:89:95:52:ef:06:87:b6:99:ac:1c:40:85:5c: 42:22:a6:ad:8e:25:ff:0e:10:87:19:d1:89:bc:bc: 85:51:19:98:8a:d8:cf:cf:19:17:67:55:04:48:b5: a5:1d:34:e1:25:fc:a6:bd:54:c8:62:49:a8:e7:4b: fe:83:b0:17:99:b5:d6:73:ef:6d:e8:ca:39:c8:1c: 04:4c:c8:36:ca:21:ef:5e:40:cc:cd:3f:4f:c8:b3: 09:dd:c1:2b:f9:80:6c:b0:34:cc:56:c4:e7:4b:4f: 67:24:bf:97:c5:57:98:71:9d:8c:da:a2:6a:38:b3: d2:ca:d0:02:30:14:be:ed:c5:e2:24:b6:49:c6:9b: ae:f4:90:ad:9f:58:5d:00:fb:82:78:30:13:41:59: 3c:cd:ac:95:ba:b5:15:55:90:5b:f7:4f:f1:97:3a: f4:94:de:8d:07:57:b8:03:0a:ba:1e:b1:93:2b:ff: a3:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:57:DF:D3:21:CA:4B:E9:B3:90:94:AD:FC:73:30:D6:98:48:BC:C6 X509v3 Authority Key Identifier: keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:ea:bd:2d:a6:f5:e1:4b:38:87:18:03:7a:18:fe:10:1f:d2: e3:c2:34:0f:b4:da:26:c6:f0:81:ef:9c:e5:db:ae:3e:fe:f7: 45:78:c9:80:e6:c1:6e:55:60:40:33:df:bd:3b:d4:b4:a9:17: 28:1b:20:75:62:2a:92:47:4a:fc:80:3d:c6:92:01:d5:4e:49: 00:ce:19:ee:83:28:1b:36:6d:de:33:1b:87:77:c0:7f:6e:80: d7:29:0e:70:10:69:ee:da:56:5e:e2:bf:53:aa:4f:06:0b:ba: 5a:f2:25:61:67:48:54:ce:b0:56:b0:c6:59:62:f9:9c:6d:35: 17:cd:40:b7:cd:f2:97:7f:18:ac:d1:62:f9:2d:0a:b6:78:49: c4:23:53:67:91:c4:51:b7:9a:7c:fe:b9:3f:78:87:d7:e1:30: ae:8b:3e:3f:71:d4:ad:94:4e:19:17:5b:ac:48:43:1d:08:ef: a8:9f:f3:b8:93:e0:7d:32:17:e0:b6:94:50:62:f2:4e:c9:1e: 3b:09:47:a5:c3:5c:1b:2a:f4:0c:33:a7:e4:9c:8a:b3:12:34: 3b:df:32:76:de:e3:5d:3e:af:00:a0:3a:53:3f:b7:ae:5f:ac: 3c:23:52:50:b4:f0:06:2c:bb:86:18:ac:99:21:30:0f:2c:9e: ee:42:78:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky Q0Q4ODQ3NDgwHhcNMjUwNDI0MTYxMTAwWhcNMjUwNTAxMTYxMTAwWjAYMRYwFAYD VQQDEw02ODBhNjI5NS0wMjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAobopCV5k5UNhbsYg0bYOUNWnoXak7hlrkUO4tz+vfuThpiMdEYj5uNBdaWqh lkuDhyZ6kt8aGJ68BWL7CHt9G1qJ2MWq2c5rILpssImVUu8Gh7aZrBxAhVxCIqat jiX/DhCHGdGJvLyFURmYitjPzxkXZ1UESLWlHTThJfymvVTIYkmo50v+g7AXmbXW c+9t6Mo5yBwETMg2yiHvXkDMzT9PyLMJ3cEr+YBssDTMVsTnS09nJL+XxVeYcZ2M 2qJqOLPSytACMBS+7cXiJLZJxpuu9JCtn1hdAPuCeDATQVk8zayVurUVVZBb90/x lzr0lN6NB1e4Awq6HrGTK/+jyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB5X39Mh ykvps5CUrfxzMNaYSLzGMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REJGMi9FMzQ0NTAxNkMyRjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29q UlNVQ1B2MDJKLWtzMklSMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB86r0tpvXhSziHGAN6GP4QH9LjwjQPtNomxvCB75zl264+/vdFeMmA 5sFuVWBAM9+9O9S0qRcoGyB1YiqSR0r8gD3GkgHVTkkAzhnugygbNm3eMxuHd8B/ boDXKQ5wEGnu2lZe4r9Tqk8GC7pa8iVhZ0hUzrBWsMZZYvmcbTUXzUC3zfKXfxis 0WL5LQq2eEnEI1NnkcRRt5p8/rk/eIfX4TCuiz4/cdStlE4ZF1usSEMdCO+on/O4 k+B9MhfgtpRQYvJOyR47CUelw1wbKvQMM6fknIqzEjQ73zJ23uNdPq8AoDpTP7eu X6w8I1JQtPAGLLuGGKyZITAPLJ7uQngL -----END CERTIFICATE-----Generated at Sat Apr 26 03:31:47 2025 by rpki-client