$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B83/77AA414687E111EBB501CB25C4F9AE02/xG1ZE_bCUMau4vMnRTXOhmKVufo.mft File: xG1ZE_bCUMau4vMnRTXOhmKVufo.mft (raw, json) Hash identifier: 7Nz0QqUcWqStvo3qXzn4qwO9vd6mH+JwC94Men0zB6M= Subject key identifier: 20:89:01:A2:F4:48:A1:94:8E:EC:65:EB:98:BB:81:8F:A7:E0:67:FC Authority key identifier: C4:6D:59:13:F6:C2:50:C6:AE:E2:F3:27:45:35:CE:86:62:95:B9:FA Certificate issuer: /CN=A9148B83/serialNumber=C46D5913F6C250C6AEE2F3274535CE866295B9FA Certificate serial: 0643 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xG1ZE_bCUMau4vMnRTXOhmKVufo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B83/77AA414687E111EBB501CB25C4F9AE02/xG1ZE_bCUMau4vMnRTXOhmKVufo.mft Manifest number: 0638 Signing time: Fri 04 Apr 2025 22:44:35 +0000 Manifest this update: Fri 04 Apr 2025 22:44:34 +0000 Manifest next update: Fri 11 Apr 2025 22:44:34 +0000 Files and hashes: 1: xG1ZE_bCUMau4vMnRTXOhmKVufo.crl (hash: Cp2Iq+YxC1ePxTrbIHo2AmLsmfDzkgj92+sD5vI5nLM=) 2: 65FE79B8885D11EB81454E41C4F9AE02.roa (hash: 327ah/e9fUSF5H9j9NGNYuwKtrueHyZEroURzg2Xyh8=) 3: 009E969E885C11EB88A7723DC4F9AE02.roa (hash: 10SP9rtLMhnfiCiDsyU/nUUSFenGWa1NBToGV5Ae6kE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B83/77AA414687E111EBB501CB25C4F9AE02/xG1ZE_bCUMau4vMnRTXOhmKVufo.crl rsync://rpki.apnic.net/member_repository/A9148B83/77AA414687E111EBB501CB25C4F9AE02/xG1ZE_bCUMau4vMnRTXOhmKVufo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xG1ZE_bCUMau4vMnRTXOhmKVufo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 22:44:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1603 (0x643) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B83 Validity Not Before: Apr 4 22:44:34 2025 GMT Not After : Apr 11 22:44:34 2025 GMT Subject: CN=67f060d2-af2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1d:34:c0:7e:b1:51:f7:28:70:8d:9f:5f:5c: bf:c7:df:f6:e0:1e:d2:27:9e:ab:05:81:1c:9b:f4: 03:33:91:23:50:e5:2b:b5:56:ee:74:2b:1e:12:6e: 29:07:40:d4:a6:28:3c:a1:00:96:83:d6:17:de:56: f9:e1:59:8c:b5:53:16:82:44:1d:98:ef:f4:ef:e0: 64:a8:fe:22:ad:6f:cd:54:d8:e2:c2:96:e8:03:f8: 98:b9:08:f1:ed:25:f5:14:68:15:6d:3f:8c:61:aa: db:92:e5:9a:15:b3:87:e5:29:b6:5c:43:98:a7:a9: 70:5a:fc:b4:10:8c:13:67:13:72:d1:13:be:93:0a: 83:66:3d:1d:91:81:76:9d:a9:28:33:62:f5:98:14: dd:65:57:2d:63:09:87:ac:4f:93:ab:61:ed:77:49: fe:db:fc:61:f3:99:38:d0:df:e6:41:89:17:52:90: d5:02:a0:f2:67:8a:5a:d6:60:1d:e2:52:e9:21:04: 1d:cc:10:14:05:61:08:be:b5:48:46:1f:55:05:8e: c7:c5:24:01:28:50:85:cf:19:4e:63:ca:85:0d:e1: 7c:a9:e4:34:61:7c:28:46:8b:a1:da:d9:c9:c6:9c: b2:f5:30:58:13:bb:f2:ab:eb:21:33:5d:26:b3:f6: 63:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:89:01:A2:F4:48:A1:94:8E:EC:65:EB:98:BB:81:8F:A7:E0:67:FC X509v3 Authority Key Identifier: keyid:C4:6D:59:13:F6:C2:50:C6:AE:E2:F3:27:45:35:CE:86:62:95:B9:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B83/77AA414687E111EBB501CB25C4F9AE02/xG1ZE_bCUMau4vMnRTXOhmKVufo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xG1ZE_bCUMau4vMnRTXOhmKVufo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B83/77AA414687E111EBB501CB25C4F9AE02/xG1ZE_bCUMau4vMnRTXOhmKVufo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:de:c3:b4:2b:39:e0:f5:e1:28:f0:13:9f:4a:b7:2b:d7:fd: 7c:89:68:f7:12:0f:43:4c:61:46:67:1c:cb:d1:0e:fa:ca:a3: ff:9e:44:dd:76:5f:f3:5c:df:4e:27:a6:33:13:6f:37:01:d1: 82:71:8d:b8:ca:36:d4:49:2c:f7:26:a5:44:77:dc:6c:cb:ac: b4:bf:c3:ed:d9:d1:ef:f1:35:62:5e:0d:34:ce:f5:0d:46:89: 84:2f:70:82:28:0c:ee:42:b1:b0:75:50:15:87:9e:80:fd:04: 73:4f:3f:1e:e4:4c:2f:dc:03:4f:10:7c:74:cb:d9:bb:d3:c8: 20:34:4a:c0:ad:0a:81:ad:d4:99:e5:64:81:0b:9b:8a:f2:b3: e1:95:f5:40:dc:6d:c8:4f:44:29:88:67:74:ea:21:c5:f0:e2: 10:8e:1c:61:97:86:73:ea:4c:1d:0e:39:53:63:8c:5b:3c:78: 9f:e2:b0:d0:78:2c:a8:27:4a:3c:df:67:a3:56:7a:52:66:56: 49:ac:86:60:53:7e:0e:53:59:16:08:72:6e:bd:b8:04:1e:a4: 0b:04:11:4e:0a:d0:59:1a:9b:27:7b:2c:ad:13:b4:da:27:d3: 73:87:8e:c9:78:3c:d6:3d:de:34:61:64:ee:15:70:6d:75:1f: ca:72:d7:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCODMxMTAvBgNVBAUTKEM0NkQ1OTEzRjZDMjUwQzZBRUUyRjMyNzQ1MzVDRTg2 NjI5NUI5RkEwHhcNMjUwNDA0MjI0NDM0WhcNMjUwNDExMjI0NDM0WjAYMRYwFAYD VQQDEw02N2YwNjBkMi1hZjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyh00wH6xUfcocI2fX1y/x9/24B7SJ56rBYEcm/QDM5EjUOUrtVbudCseEm4p B0DUpig8oQCWg9YX3lb54VmMtVMWgkQdmO/07+BkqP4irW/NVNjiwpboA/iYuQjx 7SX1FGgVbT+MYarbkuWaFbOH5Sm2XEOYp6lwWvy0EIwTZxNy0RO+kwqDZj0dkYF2 nakoM2L1mBTdZVctYwmHrE+Tq2Htd0n+2/xh85k40N/mQYkXUpDVAqDyZ4pa1mAd 4lLpIQQdzBAUBWEIvrVIRh9VBY7HxSQBKFCFzxlOY8qFDeF8qeQ0YXwoRouh2tnJ xpyy9TBYE7vyq+shM10ms/ZjVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCCJAaL0 SKGUjuxl65i7gY+n4Gf8MB8GA1UdIwQYMBaAFMRtWRP2wlDGruLzJ0U1zoZilbn6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEI4My83N0FBNDE0Njg3 RTExMUVCQjUwMUNCMjVDNEY5QUUwMi94RzFaRV9iQ1VNYXU0dk1uUlRYT2htS1Z1 Zm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hHMVpFX2JDVU1hdTR2TW5SVFhPaG1LVnVmby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEI4My83N0FBNDE0Njg3RTExMUVCQjUwMUNCMjVDNEY5QUUwMi94RzFaRV9iQ1VN YXU0dk1uUlRYT2htS1Z1Zm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBj3sO0Kzng9eEo8BOfSrcr1/18iWj3Eg9DTGFGZxzL0Q76yqP/nkTd dl/zXN9OJ6YzE283AdGCcY24yjbUSSz3JqVEd9xsy6y0v8Pt2dHv8TViXg00zvUN RomEL3CCKAzuQrGwdVAVh56A/QRzTz8e5Ewv3ANPEHx0y9m708ggNErArQqBrdSZ 5WSBC5uK8rPhlfVA3G3IT0QpiGd06iHF8OIQjhxhl4Zz6kwdDjlTY4xbPHif4rDQ eCyoJ0o832ejVnpSZlZJrIZgU34OU1kWCHJuvbgEHqQLBBFOCtBZGpsneyytE7Ta J9Nzh47JeDzWPd40YWTuFXBtdR/Kctc/ -----END CERTIFICATE-----Generated at Sun Apr 6 12:23:29 2025 by rpki-client