$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft File: dNRNlor0Y--xfAgNX60BDErAl6o.mft (raw, json) Hash identifier: IAN6FOe/wgGmW8l1UpmHQUqhcuSbKcC+J2J/PDoBojI= Subject key identifier: AD:A4:22:FE:D2:9B:56:EF:CA:EF:0E:D8:0C:AB:8F:C5:E9:AE:5B:F0 Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 0642 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft Manifest number: 0635 Signing time: Fri 02 May 2025 19:49:36 +0000 Manifest this update: Fri 02 May 2025 19:49:35 +0000 Manifest next update: Fri 09 May 2025 19:49:35 +0000 Files and hashes: 1: dNRNlor0Y--xfAgNX60BDErAl6o.crl (hash: rfMO8nYXZX7S6Vrnpr7gjtceH7LQx/jne/hNofo35/o=) 2: 11C0D5DA9B4011EB9C1BFC4EC4F9AE02.roa (hash: c7+1xl97Qj2WBa7uEaRi3C9ZQy4QYdknXZBQu0sbmag=) 3: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (hash: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 19:49:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1602 (0x642) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: May 2 19:49:35 2025 GMT Not After : May 9 19:49:35 2025 GMT Subject: CN=681521d0-c724 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:19:66:7d:fa:d6:9e:ae:1f:f0:23:4e:dd:4f: b9:cf:2f:ab:c3:22:fc:aa:63:ce:1a:25:b0:d3:4e: cd:95:ff:01:cb:88:ac:d7:2a:37:2d:17:4e:fb:e5: c0:de:2a:cc:a7:e9:90:7c:de:6f:0d:15:ef:4f:64: 08:10:c3:e8:00:ea:ee:bf:d5:fe:5f:54:93:b3:4b: bc:49:09:5b:eb:0a:cf:44:03:8c:ba:59:0b:4f:a8: 36:df:e1:bd:6b:d9:71:0a:bf:b4:cf:a4:61:ca:f9: 78:26:32:68:2d:91:9d:56:bf:03:5a:dd:0d:f2:ad: 8c:32:b6:51:4e:3e:a7:24:88:d2:d5:d7:fc:f0:07: ad:2b:b2:84:64:f3:8e:e8:8c:24:c4:ad:84:b3:64: 58:78:45:d6:d9:0b:c2:c7:c6:af:d5:6c:5f:96:19: 3f:4e:aa:7a:23:9e:5d:e6:9f:aa:a3:33:00:23:8c: 63:17:9e:af:55:57:26:ed:73:77:4c:e1:58:7c:ab: fe:ae:87:45:e6:53:9f:f1:19:28:c1:06:e8:8d:c2: 28:77:bf:fa:ca:d7:4a:5c:20:ac:25:56:0b:b7:07: ab:77:0b:2e:e0:bc:c9:5b:6a:13:48:3c:42:6b:7c: a8:65:fc:8e:c5:f9:37:ab:ab:cb:66:f6:0a:72:a1: 90:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:A4:22:FE:D2:9B:56:EF:CA:EF:0E:D8:0C:AB:8F:C5:E9:AE:5B:F0 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:07:58:34:16:03:5f:de:08:7e:a2:35:8a:0b:b9:60:cc:13: e1:6c:f7:8c:ac:a3:2e:86:d3:4d:26:1f:1a:42:01:53:65:a6: 0d:50:4e:13:ab:2b:e7:e6:81:fd:57:0c:bc:c8:00:6b:a2:05: ea:20:17:13:64:fe:61:d2:a5:e6:69:1f:bc:39:ff:d0:9f:18: 7d:fc:4b:20:bb:33:e6:a9:b0:80:ca:f7:68:1c:38:2c:eb:68: 5c:a0:d5:91:2e:ee:f6:60:71:78:59:40:45:f1:dd:bc:e2:7f: 8b:4f:88:f3:8d:3a:6c:1b:74:19:c1:d3:4d:4b:45:0d:8b:ea: 3b:63:83:79:d9:db:e2:eb:39:64:3e:22:56:3f:e1:bd:92:a1: 61:72:ba:a7:18:d0:b7:9c:56:68:eb:5b:1e:98:3f:23:d6:93: 23:02:de:bd:56:2d:a7:3a:79:6a:01:c1:03:8d:5b:70:90:3c: 4f:74:52:cc:0a:49:f4:f8:b0:2d:70:a2:19:2c:23:93:02:a0: 57:38:c1:66:b2:80:13:63:26:07:9e:80:e9:26:86:4d:d7:58: fd:c3:50:d8:43:e7:8b:a7:ce:73:68:62:ab:b2:df:3c:9c:ff: 06:c1:bb:c1:a8:99:dd:53:56:99:2f:4d:5b:56:89:ef:67:af: 51:57:49:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUwNTAyMTk0OTM1WhcNMjUwNTA5MTk0OTM1WjAYMRYwFAYD VQQDEw02ODE1MjFkMC1jNzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtxlmffrWnq4f8CNO3U+5zy+rwyL8qmPOGiWw007Nlf8By4is1yo3LRdO++XA 3irMp+mQfN5vDRXvT2QIEMPoAOruv9X+X1STs0u8SQlb6wrPRAOMulkLT6g23+G9 a9lxCr+0z6Rhyvl4JjJoLZGdVr8DWt0N8q2MMrZRTj6nJIjS1df88AetK7KEZPOO 6IwkxK2Es2RYeEXW2QvCx8av1Wxflhk/Tqp6I55d5p+qozMAI4xjF56vVVcm7XN3 TOFYfKv+rodF5lOf8RkowQbojcIod7/6ytdKXCCsJVYLtwerdwsu4LzJW2oTSDxC a3yoZfyOxfk3q6vLZvYKcqGQSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK2kIv7S m1bvyu8O2Ayrj8XprlvwMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC82RUZDMEJFRTk4NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFkt LXhmQWdOWDYwQkRFckFsNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBB1g0FgNf3gh+ojWKC7lgzBPhbPeMrKMuhtNNJh8aQgFTZaYNUE4T qyvn5oH9Vwy8yABrogXqIBcTZP5h0qXmaR+8Of/Qnxh9/EsguzPmqbCAyvdoHDgs 62hcoNWRLu72YHF4WUBF8d284n+LT4jzjTpsG3QZwdNNS0UNi+o7Y4N52dvi6zlk PiJWP+G9kqFhcrqnGNC3nFZo61semD8j1pMjAt69Vi2nOnlqAcEDjVtwkDxPdFLM Ckn0+LAtcKIZLCOTAqBXOMFmsoATYyYHnoDpJoZN11j9w1DYQ+eLp85zaGKrst88 nP8GwbvBqJndU1aZL01bVonvZ69RV0kk -----END CERTIFICATE-----Generated at Sat May 3 07:54:40 2025 by rpki-client