$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft File: _whTCVKXG6BlIktSH1ZWO20hJO0.mft (raw, json) Hash identifier: BPtnYFynsca1F0o1fQIvIiPtw7/0Hf4/cPP51dTa3Os= Subject key identifier: F9:75:CF:11:45:B6:1E:90:2C:7B:B2:9E:13:AB:FD:13:1F:D5:CF:18 Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0CDC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft Manifest number: 0CD6 Signing time: Thu 24 Apr 2025 18:05:23 +0000 Manifest this update: Thu 24 Apr 2025 18:05:22 +0000 Manifest next update: Thu 01 May 2025 18:05:22 +0000 Files and hashes: 1: _whTCVKXG6BlIktSH1ZWO20hJO0.crl (hash: j6ct4Luw8IluHV51txqoS+gA2OzxXZDVcyiguStdIc8=) 2: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (hash: 7Dst7szyPWooV+5WFj8vI4oANvEvXDCaESLYXfhjMk0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:05:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3292 (0xcdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475, serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: Apr 24 18:05:22 2025 GMT Not After : May 1 18:05:22 2025 GMT Subject: CN=680a7d62-5647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:46:d2:03:6f:67:b0:96:37:7d:d5:a5:1f:2b: a2:2a:4c:5c:d2:49:12:96:48:07:7e:57:71:fb:22: 14:48:35:81:53:8b:b7:c1:92:59:27:2e:08:99:5c: 11:ea:41:95:4e:87:dc:fe:87:1d:7d:08:b2:6a:c6: df:ad:c9:07:06:fb:d0:98:4e:27:34:ca:fe:e0:1c: 75:02:04:d2:5b:66:c6:3c:49:aa:99:d6:ac:2d:68: 78:31:62:d5:dc:83:df:27:bd:13:3d:ae:a6:0c:bf: be:16:d9:39:cb:9b:f8:1e:23:57:5c:6f:da:f0:2c: 12:c7:3c:97:02:13:b9:26:d7:a6:1f:92:eb:ea:27: 9c:04:08:3d:58:e2:22:10:f4:1a:fb:cc:14:70:b8: e1:6c:b5:62:04:84:64:94:1b:75:ac:de:41:8e:89: 90:94:90:cf:f3:4b:6e:33:8a:b9:25:9c:5c:4a:99: 77:56:ce:8c:21:d1:65:7e:78:d1:cd:d3:cf:78:27: f3:10:4f:0b:61:7c:9d:5f:e0:a8:be:e3:32:20:d6: a2:fd:d2:44:80:3b:ca:d1:7c:b4:48:d1:99:3f:b2: 26:21:8a:b2:57:d6:53:f5:28:ff:b1:e3:98:e0:54: 28:f8:43:a2:3d:4e:25:a1:30:ef:1c:ed:32:c9:aa: d9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:75:CF:11:45:B6:1E:90:2C:7B:B2:9E:13:AB:FD:13:1F:D5:CF:18 X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:97:7e:5c:32:3d:c8:f2:44:ff:45:c8:70:ca:c6:2f:a4:ff: 09:19:f2:c3:c5:18:0a:59:eb:22:46:32:45:87:ae:d8:70:45: 03:1f:ba:04:b1:f2:43:f1:68:1e:45:91:87:70:9e:87:73:c1: 81:fb:b7:14:12:a2:20:ab:79:84:fc:f5:94:c3:28:61:bc:ea: b2:7e:aa:cb:40:76:e6:52:ed:f5:de:52:8c:d6:db:94:5d:a2: d6:82:91:a1:e4:ee:0f:23:68:f1:74:84:50:80:f1:f4:b6:96: 6b:2c:19:e6:d1:d0:3c:b4:99:98:9b:89:d4:43:ff:50:f1:d9: 02:93:b4:b7:fe:01:b8:63:db:58:5a:bf:c0:12:7d:e4:18:70: b6:75:68:8a:c6:5f:2c:83:9c:b0:26:0e:40:40:8f:98:23:3b: c2:a0:99:90:d1:0b:66:fb:75:aa:be:86:26:5b:a2:29:73:13: 9d:91:37:6b:ca:d6:9b:7c:8d:ca:25:9d:79:d7:d4:bc:5c:59: b8:3e:59:d9:65:e2:11:d3:58:83:69:d1:8e:f3:d3:ef:a1:5f: 73:de:0f:84:67:aa:ff:fc:d9:c4:76:d1:ad:ce:1f:c1:f4:de: 6b:d8:c7:4c:07:fc:2e:89:14:16:a6:5b:77:ae:63:ec:cf:90: f1:cc:3a:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjUwNDI0MTgwNTIyWhcNMjUwNTAxMTgwNTIyWjAYMRYwFAYD VQQDEw02ODBhN2Q2Mi01NjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA80bSA29nsJY3fdWlHyuiKkxc0kkSlkgHfldx+yIUSDWBU4u3wZJZJy4ImVwR 6kGVTofc/ocdfQiyasbfrckHBvvQmE4nNMr+4Bx1AgTSW2bGPEmqmdasLWh4MWLV 3IPfJ70TPa6mDL++Ftk5y5v4HiNXXG/a8CwSxzyXAhO5JtemH5Lr6iecBAg9WOIi EPQa+8wUcLjhbLViBIRklBt1rN5BjomQlJDP80tuM4q5JZxcSpl3Vs6MIdFlfnjR zdPPeCfzEE8LYXydX+CovuMyINai/dJEgDvK0Xy0SNGZP7ImIYqyV9ZT9Sj/seOY 4FQo+EOiPU4loTDvHO0yyarZ1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPl1zxFF th6QLHuynhOr/RMf1c8YMB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTQ3NS9EQkZCM0VCNEU0MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2 QmxJa3RTSDFaV08yMGhKTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYl35cMj3I8kT/RchwysYvpP8JGfLDxRgKWesiRjJFh67YcEUDH7oE sfJD8WgeRZGHcJ6Hc8GB+7cUEqIgq3mE/PWUwyhhvOqyfqrLQHbmUu313lKM1tuU XaLWgpGh5O4PI2jxdIRQgPH0tpZrLBnm0dA8tJmYm4nUQ/9Q8dkCk7S3/gG4Y9tY Wr/AEn3kGHC2dWiKxl8sg5ywJg5AQI+YIzvCoJmQ0Qtm+3WqvoYmW6IpcxOdkTdr ytabfI3KJZ1519S8XFm4PlnZZeIR01iDadGO89PvoV9z3g+EZ6r//NnEdtGtzh/B 9N5r2MdMB/wuiRQWplt3rmPsz5DxzDrC -----END CERTIFICATE-----Generated at Sat Apr 26 05:01:19 2025 by rpki-client