$ rpki-client -vvf rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.mft File: u8x2Cv4-nwqbiMjsekntfN0Dlvc.mft (raw, json) Hash identifier: obDOsGqfYbJ+sA801VzYNyXn1vyQ5rrX7jQi+K4+qjE= Subject key identifier: 00:03:42:CB:90:68:3C:B2:42:69:EE:EF:06:DD:46:A4:0B:F5:F3:C3 Authority key identifier: BB:CC:76:0A:FE:3E:9F:0A:9B:88:C8:EC:7A:49:ED:7C:DD:03:96:F7 Certificate issuer: /CN=A919E3E3/serialNumber=BBCC760AFE3E9F0A9B88C8EC7A49ED7CDD0396F7 Certificate serial: 0683 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u8x2Cv4-nwqbiMjsekntfN0Dlvc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.mft Manifest number: 067E Signing time: Thu 24 Apr 2025 22:04:26 +0000 Manifest this update: Thu 24 Apr 2025 22:04:25 +0000 Manifest next update: Thu 01 May 2025 22:04:25 +0000 Files and hashes: 1: u8x2Cv4-nwqbiMjsekntfN0Dlvc.crl (hash: gDYT1rSwHflfZiXZFX69kheZbmd4zeX1Td9MtNoGt9M=) 2: 58B04DD46F3C11EB924C4E2AC4F9AE02.roa (hash: hT6PiTq4VuebMVKql1Edg2h7UOqDcrvg8gjAvmzNu5c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.crl rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u8x2Cv4-nwqbiMjsekntfN0Dlvc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:04:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1667 (0x683) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919E3E3, serialNumber=BBCC760AFE3E9F0A9B88C8EC7A49ED7CDD0396F7 Validity Not Before: Apr 24 22:04:25 2025 GMT Not After : May 1 22:04:25 2025 GMT Subject: CN=680ab569-4361 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c8:76:dc:49:3c:2c:32:12:ff:9a:95:54:b8: 6c:3c:ce:49:d0:79:ea:99:44:f9:b0:c3:65:86:26: a0:b9:f0:5d:26:98:61:b1:17:ef:f5:c9:d3:5f:6f: da:f5:c1:24:69:8c:cc:3c:a3:44:9e:d2:1a:99:66: 73:03:fa:cb:f4:48:00:95:4e:88:ef:76:2e:79:92: 98:f1:93:cf:89:28:87:5c:a7:60:19:b2:12:b8:4d: a5:2d:1a:3a:1a:e7:d8:c1:0d:65:67:3d:d6:46:0f: e9:8d:4e:a8:bb:e3:74:94:94:02:ea:de:30:19:6a: d5:f0:c7:b6:d2:89:67:78:c7:55:92:8f:d5:19:fc: 92:b3:2d:34:2e:ba:6e:bf:70:90:24:93:a1:f3:0a: 2e:5a:10:c6:b5:cd:64:78:9c:ab:dd:65:19:c6:ea: 1f:3f:fd:2d:97:1d:5c:98:14:8b:2f:2c:3a:7c:99: ad:88:d7:6f:c3:b6:f3:e3:ca:84:df:43:9e:1f:88: b6:52:5b:98:9f:1e:e0:3a:a6:a7:fe:fa:bc:ff:5b: ad:47:dc:35:2e:96:b1:bb:e9:4d:81:62:83:b7:88: c2:73:b3:69:c8:34:ed:5d:16:24:57:0f:d6:ea:6a: 04:e9:50:4a:f2:4b:9e:66:8e:68:64:9b:df:67:92: 68:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:03:42:CB:90:68:3C:B2:42:69:EE:EF:06:DD:46:A4:0B:F5:F3:C3 X509v3 Authority Key Identifier: keyid:BB:CC:76:0A:FE:3E:9F:0A:9B:88:C8:EC:7A:49:ED:7C:DD:03:96:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u8x2Cv4-nwqbiMjsekntfN0Dlvc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:68:a3:db:e9:da:f6:6a:31:2e:f6:33:11:05:86:8a:7c:50: 33:f4:31:21:c6:71:13:a8:3e:bf:f9:6a:82:4d:f8:a1:90:f7: f7:e7:e7:5e:6c:8e:86:c4:34:6b:a8:f6:2d:ef:10:bb:59:78: 1d:e0:42:a9:5e:58:3e:9d:81:30:a4:61:bf:b2:35:ce:7f:95: 2d:85:44:df:ef:49:77:4e:a7:bc:88:82:77:53:3c:e9:85:20: 4c:ad:0c:0e:38:ce:97:33:10:a7:3e:7f:91:ae:ea:28:6b:b5: 6a:76:7c:6d:a6:9c:a0:66:de:63:90:b5:20:81:11:e4:c6:ff: 5f:28:6a:83:5d:b3:94:b5:b6:e6:c6:bf:f8:0b:d0:1e:11:cb: 28:72:4f:bd:2e:9e:a2:ce:cb:6c:de:9b:92:66:cd:80:07:6d: 3a:0c:37:a5:73:5b:3c:83:f9:e7:ae:14:da:de:68:e8:8c:95: f5:6a:66:78:bf:97:0d:20:5e:b5:ae:9c:51:37:4a:b7:1f:40: 28:6c:b2:26:02:9c:96:c5:6d:45:c1:3a:24:71:27:66:5e:5a: 09:f0:cc:97:0a:39:65:76:55:56:19:2a:0e:18:72:82:90:90: 06:ec:d3:c0:c8:af:bb:fa:97:d3:72:f5:44:1f:8f:b4:78:7e: 1b:fc:c8:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUUzRTMxMTAvBgNVBAUTKEJCQ0M3NjBBRkUzRTlGMEE5Qjg4QzhFQzdBNDlFRDdD REQwMzk2RjcwHhcNMjUwNDI0MjIwNDI1WhcNMjUwNTAxMjIwNDI1WjAYMRYwFAYD VQQDEw02ODBhYjU2OS00MzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3sh23Ek8LDIS/5qVVLhsPM5J0HnqmUT5sMNlhiagufBdJphhsRfv9cnTX2/a 9cEkaYzMPKNEntIamWZzA/rL9EgAlU6I73YueZKY8ZPPiSiHXKdgGbISuE2lLRo6 GufYwQ1lZz3WRg/pjU6ou+N0lJQC6t4wGWrV8Me20olneMdVko/VGfySsy00Lrpu v3CQJJOh8wouWhDGtc1keJyr3WUZxuofP/0tlx1cmBSLLyw6fJmtiNdvw7bz48qE 30OeH4i2UluYnx7gOqan/vq8/1utR9w1Lpaxu+lNgWKDt4jCc7NpyDTtXRYkVw/W 6moE6VBK8kueZo5oZJvfZ5Jo5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAADQsuQ aDyyQmnu7wbdRqQL9fPDMB8GA1UdIwQYMBaAFLvMdgr+Pp8Km4jI7HpJ7XzdA5b3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTNFMy8wOEI4RDBEMjZG M0ExMUVCQjExMzM5N0VDNEY5QUUwMi91OHgyQ3Y0LW53cWJpTWpzZWtudGZOMERs dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U4eDJDdjQtbndxYmlNanNla250Zk4wRGx2Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RTNFMy8wOEI4RDBEMjZGM0ExMUVCQjExMzM5N0VDNEY5QUUwMi91OHgyQ3Y0LW53 cWJpTWpzZWtudGZOMERsdmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVaKPb6dr2ajEu9jMRBYaKfFAz9DEhxnETqD6/+WqCTfihkPf35+de bI6GxDRrqPYt7xC7WXgd4EKpXlg+nYEwpGG/sjXOf5UthUTf70l3Tqe8iIJ3Uzzp hSBMrQwOOM6XMxCnPn+Rruooa7VqdnxtppygZt5jkLUggRHkxv9fKGqDXbOUtbbm xr/4C9AeEcsock+9Lp6izsts3puSZs2AB206DDelc1s8g/nnrhTa3mjojJX1amZ4 v5cNIF61rpxRN0q3H0AobLImApyWxW1FwTokcSdmXloJ8MyXCjlldlVWGSoOGHKC kJAG7NPAyK+7+pfTcvVEH4+0eH4b/MiN -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:50 2025 by rpki-client