$ rpki-client -vvf rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft File: CDWHSXi6MJ7X2kZz53OdkyLyYps.mft (raw, json) Hash identifier: MTUYQ/yYFJMSYODJfwx1xD5mUiYeIHzkIXXlkfa0wS8= Subject key identifier: 8B:1A:23:4E:7A:31:65:95:0C:92:08:69:2F:8D:62:C9:84:1D:9F:4A Authority key identifier: 08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B Certificate issuer: /CN=A917E00F/serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft Manifest number: 33 Signing time: Thu 24 Apr 2025 23:14:18 +0000 Manifest this update: Thu 24 Apr 2025 23:14:18 +0000 Manifest next update: Thu 01 May 2025 23:14:18 +0000 Files and hashes: 1: CDWHSXi6MJ7X2kZz53OdkyLyYps.crl (hash: qZmVXuucDqQS0tQ0MxnRk7F1JIGY8hUHOeGzOm/rkoU=) 2: 2DA549EAE23E11EFB267422EC4F9AE02.roa (hash: MAjR+6vV6kQAbBvReYR67qji2ZeC3+thGK+jJVjSbNk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:14:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E00F, serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B Validity Not Before: Apr 24 23:14:18 2025 GMT Not After : May 1 23:14:18 2025 GMT Subject: CN=680ac5ca-8e4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ec:28:b5:d4:aa:ba:a6:e0:10:9a:84:cf:cd: 98:aa:b0:1c:37:18:7d:2f:5a:1d:5d:8a:a4:00:b9: d2:12:07:fc:07:ba:50:00:c3:37:4c:2a:0b:35:e1: 27:55:6e:da:83:93:71:bd:b8:de:4a:8d:06:9e:25: bd:bd:c1:4b:0c:07:4e:39:d8:a9:d2:52:50:88:15: ae:c5:e3:34:ea:b3:bd:79:cd:34:75:7b:e8:f0:a2: 14:01:8e:b2:99:1f:81:11:d1:62:cd:6f:c3:9f:4a: 94:a6:1f:6d:fd:b7:42:61:7e:da:fc:c9:17:42:09: ef:27:e2:c9:ac:98:dc:ae:df:9a:4d:51:9b:50:ff: 01:2b:65:83:11:43:6e:8c:d1:ba:1f:f3:5b:49:60: a3:b8:be:24:2c:96:78:cd:47:b8:8b:77:b5:5b:a7: fe:b3:61:bf:4f:1e:c8:b5:1c:0d:1b:68:6d:f1:ee: 86:c8:91:32:0c:82:86:62:6e:3c:4c:af:a7:85:7f: 9d:3e:62:1f:ed:08:8a:0c:40:ea:44:96:ed:e7:53: c5:f2:c2:c5:68:f0:fd:11:70:25:1f:ba:25:90:b4: 8e:df:c9:69:0f:f6:14:eb:cd:77:dd:85:2c:f7:1d: 3b:51:67:b9:21:77:96:84:a0:78:2c:10:30:98:09: d2:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:1A:23:4E:7A:31:65:95:0C:92:08:69:2F:8D:62:C9:84:1D:9F:4A X509v3 Authority Key Identifier: keyid:08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:88:2d:63:57:6b:70:96:5a:a9:f4:c5:7c:f8:1a:ff:43:a0: 5f:ac:24:76:19:3e:9e:a2:36:37:c9:87:71:b5:62:93:34:b3: b1:97:bb:a8:2c:b6:21:df:32:51:5d:37:84:5c:6b:cd:9a:0a: 42:d9:8f:81:a7:b5:62:b1:68:e5:a4:1b:71:50:4b:cb:fa:0b: 49:80:04:2f:40:4d:96:6b:d0:f1:4e:81:bb:01:cf:33:8c:f0: 4a:a3:ae:42:f1:ff:ed:ed:b6:56:6e:18:ab:b0:44:2f:0a:6c: 81:4c:81:f6:1d:c5:71:5f:35:e8:10:92:81:d5:b4:12:e6:2a: 53:8a:f7:31:33:c7:45:86:90:f5:fe:41:9d:7a:3b:27:e0:6c: da:2a:96:7c:2e:01:a5:f3:5c:5b:69:19:bc:5f:7f:69:20:10: ef:d2:a6:d0:32:e9:81:0d:dc:95:3c:4c:fa:31:73:a5:1d:e5: 79:12:f7:91:c3:ba:d7:2b:94:0f:0a:d6:76:56:da:77:7a:93: ef:89:4b:1c:23:be:c7:ec:77:ec:e0:f8:25:fb:83:dd:9a:36: 58:7c:7c:c9:3e:95:be:38:f4:cb:7a:7f:f6:46:17:d0:db:e3: 49:2a:b9:0f:d5:75:8b:fd:94:b0:66:af:e6:93:af:eb:ea:14: e0:80:cc:06 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RTAwRjExMC8GA1UEBRMoMDgzNTg3NDk3OEJBMzA5RUQ3REE0NjczRTc3MzlEOTMy MkYyNjI5QjAeFw0yNTA0MjQyMzE0MThaFw0yNTA1MDEyMzE0MThaMBgxFjAUBgNV BAMTDTY4MGFjNWNhLThlNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC37Ci11Kq6puAQmoTPzZiqsBw3GH0vWh1diqQAudISB/wHulAAwzdMKgs14SdV btqDk3G9uN5KjQaeJb29wUsMB0452KnSUlCIFa7F4zTqs715zTR1e+jwohQBjrKZ H4ER0WLNb8OfSpSmH239t0Jhftr8yRdCCe8n4smsmNyu35pNUZtQ/wErZYMRQ26M 0bof81tJYKO4viQslnjNR7iLd7Vbp/6zYb9PHsi1HA0baG3x7obIkTIMgoZibjxM r6eFf50+Yh/tCIoMQOpElu3nU8XywsVo8P0RcCUfuiWQtI7fyWkP9hTrzXfdhSz3 HTtRZ7khd5aEoHgsEDCYCdK1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUixojTnox ZZUMkghpL41iyYQdn0owHwYDVR0jBBgwFoAUCDWHSXi6MJ7X2kZz53OdkyLyYpsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMDBGLzdEMkIxREYwRDdE MDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3WDJrWno1M09ka3lMeVlw cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0RXSFNYaTZNSjdYMmtaejUzT2RreUx5WXBzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF MDBGLzdEMkIxREYwRDdEMDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3 WDJrWno1M09ka3lMeVlwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGaILWNXa3CWWqn0xXz4Gv9DoF+sJHYZPp6iNjfJh3G1YpM0s7GXu6gs tiHfMlFdN4Rca82aCkLZj4GntWKxaOWkG3FQS8v6C0mABC9ATZZr0PFOgbsBzzOM 8EqjrkLx/+3ttlZuGKuwRC8KbIFMgfYdxXFfNegQkoHVtBLmKlOK9zEzx0WGkPX+ QZ16OyfgbNoqlnwuAaXzXFtpGbxff2kgEO/SptAy6YEN3JU8TPoxc6Ud5XkS95HD utcrlA8K1nZW2nd6k++JSxwjvsfsd+zg+CX7g92aNlh8fMk+lb449Mt6f/ZGF9Db 40kquQ/VdYv9lLBmr+aTr+vqFOCAzAY= -----END CERTIFICATE-----Generated at Sat Apr 26 16:33:00 2025 by rpki-client