$ rpki-client -vvf rpki.apnic.net/member_repository/A9195AA2/1FE357D406C511EA888ED919C4F9AE02/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.mft File: VFg8Kbv7UAnbnMBWFPY9Yry3fDk.mft (raw, json) Hash identifier: TdRg38/Wm/qm5M+ppz5Rq8jxK2914BgVsjmVpvNmkgA= Subject key identifier: 4E:7D:C9:62:CF:F7:D2:BD:80:E3:DB:51:B6:ED:AF:99:F6:54:50:67 Authority key identifier: 54:58:3C:29:BB:FB:50:09:DB:9C:C0:56:14:F6:3D:62:BC:B7:7C:39 Certificate issuer: /CN=A9195AA2/serialNumber=54583C29BBFB5009DB9CC05614F63D62BCB77C39 Certificate serial: 0C27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195AA2/1FE357D406C511EA888ED919C4F9AE02/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.mft Manifest number: 13E8 Signing time: Thu 24 Apr 2025 18:27:09 +0000 Manifest this update: Thu 24 Apr 2025 18:27:09 +0000 Manifest next update: Thu 01 May 2025 18:27:09 +0000 Files and hashes: 1: VFg8Kbv7UAnbnMBWFPY9Yry3fDk.crl (hash: /dCDefmID9J3O4Vhxsdqs9Kx3ihuas0A9rZuLcjDc+c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195AA2/1FE357D406C511EA888ED919C4F9AE02/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.crl rsync://rpki.apnic.net/member_repository/A9195AA2/1FE357D406C511EA888ED919C4F9AE02/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:27:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3111 (0xc27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195AA2, serialNumber=54583C29BBFB5009DB9CC05614F63D62BCB77C39 Validity Not Before: Apr 24 18:27:09 2025 GMT Not After : May 1 18:27:09 2025 GMT Subject: CN=680a827d-fd24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e5:fa:16:8f:fc:bf:14:00:cd:ee:18:23:6b: 95:f1:90:8a:99:84:92:ba:67:5a:c0:0c:68:f0:fd: fa:63:52:ae:d1:dc:ee:0f:e8:f2:7b:31:58:ae:5a: 7e:f0:16:bb:81:e3:53:46:0f:61:2f:2e:18:40:a5: c5:b3:af:48:ac:e7:b9:77:e2:23:45:2d:de:d9:5a: ad:61:77:0f:f2:75:0c:4b:6d:c6:84:b4:10:b0:a5: 59:6b:71:68:89:e6:fb:be:94:04:e1:32:1a:9c:36: f0:63:90:df:74:5a:3b:d7:83:e0:30:06:29:31:e0: b6:eb:84:5c:b6:a4:a9:18:21:1b:ad:ea:cd:26:a9: c7:2b:0b:12:30:cf:55:45:c0:8b:69:65:13:5b:1e: bb:6a:a8:fa:0f:56:2b:e4:04:60:f4:91:de:da:7a: df:06:ea:c6:24:0e:94:3a:eb:f8:d8:c2:8b:fb:5c: 53:24:7c:74:ca:9a:74:fe:e3:88:e2:81:c3:25:b2: ac:c9:0c:9b:47:b1:6a:46:82:e0:32:f8:da:ea:f3: d2:47:52:71:46:2f:a7:92:de:84:af:c1:0e:cc:d0: 5a:fe:d9:af:2f:ca:03:c9:2b:78:df:e6:eb:c8:15: 87:7b:bf:63:03:72:e9:86:98:21:cf:df:ca:d8:8f: 34:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:7D:C9:62:CF:F7:D2:BD:80:E3:DB:51:B6:ED:AF:99:F6:54:50:67 X509v3 Authority Key Identifier: keyid:54:58:3C:29:BB:FB:50:09:DB:9C:C0:56:14:F6:3D:62:BC:B7:7C:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195AA2/1FE357D406C511EA888ED919C4F9AE02/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195AA2/1FE357D406C511EA888ED919C4F9AE02/VFg8Kbv7UAnbnMBWFPY9Yry3fDk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:04:4a:57:5a:30:de:6b:31:2a:75:17:1c:6f:e2:2b:15:dc: a3:ce:ce:3a:5c:fc:6f:26:da:e5:2c:da:1f:c7:48:da:9c:5a: 86:2a:8e:15:a5:7e:25:74:60:b5:65:56:62:b6:53:4d:7a:49: 5f:f4:9e:7b:97:6f:1c:d6:d3:aa:3a:26:f1:f2:54:dd:9c:ae: e7:88:08:e7:ac:df:02:ef:10:77:e2:49:a7:15:65:11:ca:81: f3:4b:82:ec:b1:05:86:2e:ce:51:72:b8:a8:76:af:00:10:95: 2b:0f:1e:23:8a:a1:f0:72:31:34:f4:9c:d2:08:94:ca:76:32: 00:e3:f8:ca:40:13:5b:76:6a:bb:e7:6d:7a:c0:b5:05:6f:3c: 0f:04:84:33:12:fb:b3:ee:d2:88:a8:de:f5:2e:1a:cf:9a:77: cd:b0:3e:52:c7:d4:17:18:23:1d:ed:10:23:bf:fd:a0:58:99: 96:19:de:03:0f:f1:3c:c1:ef:32:e9:0f:90:c2:ef:fb:41:7d: 69:3f:6f:2b:3e:98:e3:07:ad:d5:f0:4c:1f:4d:51:d9:31:95: 01:97:dd:81:d7:0a:f4:69:3d:5e:1d:d8:1f:57:f3:25:dc:e2: 17:32:8a:96:09:40:0e:cb:0a:1c:fc:48:b9:88:fe:f6:0e:c9: c0:22:d2:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVBQTIxMTAvBgNVBAUTKDU0NTgzQzI5QkJGQjUwMDlEQjlDQzA1NjE0RjYzRDYy QkNCNzdDMzkwHhcNMjUwNDI0MTgyNzA5WhcNMjUwNTAxMTgyNzA5WjAYMRYwFAYD VQQDEw02ODBhODI3ZC1mZDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwOX6Fo/8vxQAze4YI2uV8ZCKmYSSumdawAxo8P36Y1Ku0dzuD+jyezFYrlp+ 8Ba7geNTRg9hLy4YQKXFs69IrOe5d+IjRS3e2VqtYXcP8nUMS23GhLQQsKVZa3Fo ieb7vpQE4TIanDbwY5DfdFo714PgMAYpMeC264RctqSpGCEbrerNJqnHKwsSMM9V RcCLaWUTWx67aqj6D1Yr5ARg9JHe2nrfBurGJA6UOuv42MKL+1xTJHx0ypp0/uOI 4oHDJbKsyQybR7FqRoLgMvja6vPSR1JxRi+nkt6Er8EOzNBa/tmvL8oDySt43+br yBWHe79jA3Lphpghz9/K2I80fwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE59yWLP 99K9gOPbUbbtr5n2VFBnMB8GA1UdIwQYMBaAFFRYPCm7+1AJ25zAVhT2PWK8t3w5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUFBMi8xRkUzNTdENDA2 QzUxMUVBODg4RUQ5MTlDNEY5QUUwMi9WRmc4S2J2N1VBbmJuTUJXRlBZOVlyeTNm RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZGZzhLYnY3VUFuYm5NQldGUFk5WXJ5M2ZEay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUFBMi8xRkUzNTdENDA2QzUxMUVBODg4RUQ5MTlDNEY5QUUwMi9WRmc4S2J2N1VB bmJuTUJXRlBZOVlyeTNmRGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCBEpXWjDeazEqdRccb+IrFdyjzs46XPxvJtrlLNofx0janFqGKo4V pX4ldGC1ZVZitlNNeklf9J57l28c1tOqOibx8lTdnK7niAjnrN8C7xB34kmnFWUR yoHzS4LssQWGLs5Rcriodq8AEJUrDx4jiqHwcjE09JzSCJTKdjIA4/jKQBNbdmq7 5216wLUFbzwPBIQzEvuz7tKIqN71LhrPmnfNsD5Sx9QXGCMd7RAjv/2gWJmWGd4D D/E8we8y6Q+Qwu/7QX1pP28rPpjjB63V8EwfTVHZMZUBl92B1wr0aT1eHdgfV/Ml 3OIXMoqWCUAOywoc/Ei5iP72DsnAItLI -----END CERTIFICATE-----Generated at Sat Apr 26 07:49:15 2025 by rpki-client