$ rpki-client -vvf rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft File: CDWHSXi6MJ7X2kZz53OdkyLyYps.mft (raw, json) Hash identifier: SY0hLBa5pEXJizHZpFHkE8+36xo5le0g9wpmRejDDao= Subject key identifier: 3A:6F:42:C8:5D:21:D2:2E:1B:FE:71:D0:08:1B:24:77:D6:D7:8D:A1 Authority key identifier: 08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B Certificate issuer: /CN=A917E00F/serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B Certificate serial: 36 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft Manifest number: 35 Signing time: Mon 28 Apr 2025 23:59:34 +0000 Manifest this update: Mon 28 Apr 2025 23:59:34 +0000 Manifest next update: Mon 05 May 2025 23:59:33 +0000 Files and hashes: 1: CDWHSXi6MJ7X2kZz53OdkyLyYps.crl (hash: jMr/+frJ8ilGvgj0lgO1fwlaYyomaXU9WNC986xvaPk=) 2: 2DA549EAE23E11EFB267422EC4F9AE02.roa (hash: MAjR+6vV6kQAbBvReYR67qji2ZeC3+thGK+jJVjSbNk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 23:59:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54 (0x36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E00F, serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B Validity Not Before: Apr 28 23:59:34 2025 GMT Not After : May 5 23:59:33 2025 GMT Subject: CN=68101666-8e82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:bd:70:18:6b:e4:e7:e8:84:d8:f7:31:e7:52: b4:f6:96:c2:0d:02:b8:e7:98:f1:a6:96:72:54:52: 8b:ec:09:3d:a4:07:2a:8d:a3:17:7c:2a:d6:2f:d3: 37:95:7f:04:55:31:57:3b:87:0d:b5:f8:f8:57:75: 30:44:3e:82:16:29:4a:7d:3c:1c:eb:83:d7:be:c2: 9a:b9:b6:bc:6f:8b:50:f8:81:dd:4d:fa:60:95:20: 5d:a1:30:5f:f2:03:e3:9c:c2:ac:bc:d2:50:c1:c7: a6:d7:b9:1c:fe:2e:49:f5:4c:58:c8:bb:8e:2b:9f: c7:a1:ef:66:6b:65:40:65:7a:ca:33:ab:5e:7d:d9: 05:ef:61:9d:54:04:09:3d:6d:46:8c:4d:df:fc:fb: b9:f8:92:a6:47:d1:8b:5c:fe:3e:f1:3f:6c:3d:c3: ab:70:f6:d6:c2:71:ba:d5:e4:dd:15:95:7f:12:34: f0:09:73:cb:96:e7:2c:3c:67:81:c9:da:2e:02:8c: 55:1d:0c:c0:d7:8e:57:4e:fe:76:18:01:3f:b7:c7: 0f:7f:a3:df:e3:45:c6:6d:27:42:41:c8:fd:bf:91: 23:c4:83:b7:58:4e:99:e3:64:2d:31:73:23:12:8f: 48:2b:c1:08:13:8a:d8:e8:17:ef:06:6e:93:a0:a6: b5:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:6F:42:C8:5D:21:D2:2E:1B:FE:71:D0:08:1B:24:77:D6:D7:8D:A1 X509v3 Authority Key Identifier: keyid:08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:81:16:8b:e3:cb:ce:94:46:28:91:fc:7e:47:53:b9:f2:fe: 2f:e8:f5:95:88:52:6c:0c:72:9a:a1:3b:d9:ec:00:ae:25:d6: b2:dd:5e:31:e6:3f:f8:db:9c:82:7a:fd:e0:4a:ae:6f:89:5a: a7:a8:5c:d6:87:1d:16:95:39:c8:5a:fa:43:11:48:a8:16:f2: d1:0c:93:f4:b1:62:bd:66:22:13:1f:72:16:52:eb:35:b7:7e: 7a:0e:47:7c:c6:b4:01:6c:a6:c0:9c:a7:44:07:43:f8:77:8f: 89:2d:a4:fe:47:42:b5:29:42:9b:26:ed:a2:d9:af:78:c5:19: 37:08:13:64:1d:66:4e:b8:2b:da:cc:10:a7:88:15:d7:3d:1f: 12:02:22:e4:ce:6e:1b:98:f9:ed:fd:3b:b8:f5:c7:e8:d8:ce: 56:e2:11:6e:af:e1:c3:79:f2:3e:73:74:0d:a4:4b:bd:4b:f8: 21:87:f4:ff:f9:8f:94:46:7e:f5:2e:7c:c7:93:75:91:06:5a: bf:65:7f:57:09:61:26:d2:f7:e2:16:54:a1:12:7e:d5:30:05: 42:08:eb:8f:b6:ab:99:e5:04:ac:f2:9c:38:b8:85:9f:be:12: 37:a6:23:81:bd:88:f6:95:55:87:d3:8a:d4:ed:c0:61:3f:ca: 18:3e:59:49 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RTAwRjExMC8GA1UEBRMoMDgzNTg3NDk3OEJBMzA5RUQ3REE0NjczRTc3MzlEOTMy MkYyNjI5QjAeFw0yNTA0MjgyMzU5MzRaFw0yNTA1MDUyMzU5MzNaMBgxFjAUBgNV BAMTDTY4MTAxNjY2LThlODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDXvXAYa+Tn6ITY9zHnUrT2lsINArjnmPGmlnJUUovsCT2kByqNoxd8KtYv0zeV fwRVMVc7hw21+PhXdTBEPoIWKUp9PBzrg9e+wpq5trxvi1D4gd1N+mCVIF2hMF/y A+Ocwqy80lDBx6bXuRz+Lkn1TFjIu44rn8eh72ZrZUBlesozq1592QXvYZ1UBAk9 bUaMTd/8+7n4kqZH0Ytc/j7xP2w9w6tw9tbCcbrV5N0VlX8SNPAJc8uW5yw8Z4HJ 2i4CjFUdDMDXjldO/nYYAT+3xw9/o9/jRcZtJ0JByP2/kSPEg7dYTpnjZC0xcyMS j0grwQgTitjoF+8GbpOgprXBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOm9CyF0h 0i4b/nHQCBskd9bXjaEwHwYDVR0jBBgwFoAUCDWHSXi6MJ7X2kZz53OdkyLyYpsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMDBGLzdEMkIxREYwRDdE MDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3WDJrWno1M09ka3lMeVlw cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0RXSFNYaTZNSjdYMmtaejUzT2RreUx5WXBzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF MDBGLzdEMkIxREYwRDdEMDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3 WDJrWno1M09ka3lMeVlwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACKBFovjy86URiiR/H5HU7ny/i/o9ZWIUmwMcpqhO9nsAK4l1rLdXjHm P/jbnIJ6/eBKrm+JWqeoXNaHHRaVOcha+kMRSKgW8tEMk/SxYr1mIhMfchZS6zW3 fnoOR3zGtAFspsCcp0QHQ/h3j4ktpP5HQrUpQpsm7aLZr3jFGTcIE2QdZk64K9rM EKeIFdc9HxICIuTObhuY+e39O7j1x+jYzlbiEW6v4cN58j5zdA2kS71L+CGH9P/5 j5RGfvUufMeTdZEGWr9lf1cJYSbS9+IWVKESftUwBUII64+2q5nlBKzynDi4hZ++ EjemI4G9iPaVVYfTitTtwGE/yhg+WUk= -----END CERTIFICATE-----Generated at Tue Apr 29 02:47:08 2025 by rpki-client