$ rpki-client -vvf rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft File: thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft (raw, json) Hash identifier: wjumSyqHa14un4Xf/To24naILsQzwMQgtl6rezwN2uU= Subject key identifier: B9:26:EB:60:0A:66:21:03:4D:58:52:95:F4:12:20:7F:7A:CC:D2:81 Authority key identifier: B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 Certificate issuer: /CN=A9118B32/serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Certificate serial: 039F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft Manifest number: 039A Signing time: Sat 31 May 2025 00:58:38 +0000 Manifest this update: Sat 31 May 2025 00:58:38 +0000 Manifest next update: Sat 07 Jun 2025 00:58:38 +0000 Files and hashes: 1: thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl (hash: xQkIx/mDfwbJgClp4mfwvxAx8K+TK/mXJ8GOySdzEPE=) 2: 0F291AFE9D2811EC83448E6FC4F9AE02.roa (hash: p2rd5X9PRaHj3dg5SJAK0M8GBgiGK7ul3HPfe5PMkz4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 927 (0x39f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118B32, serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Validity Not Before: May 31 00:58:38 2025 GMT Not After : Jun 7 00:58:38 2025 GMT Subject: CN=683a543e-26ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:71:59:63:01:2d:47:b3:26:21:78:0a:3b:af: 50:b9:e1:5b:21:41:fc:37:b8:af:7b:f6:2e:7d:5a: 3d:ec:4f:b4:54:c7:81:2b:a4:9d:39:f1:e4:76:a6: 2f:4a:02:8b:a6:91:2b:4b:7a:cc:e1:45:65:04:11: c6:0d:ea:1a:85:28:4c:b4:6e:f6:34:f9:8a:65:d5: de:ab:b9:25:cb:5f:da:e6:81:d6:06:62:b6:84:ee: f8:b8:24:ab:ca:87:12:32:57:c5:8f:72:be:e9:b3: 79:d7:7a:77:e9:e8:fa:60:d9:00:dc:6a:67:13:e7: d4:91:0c:a2:ba:c8:eb:78:2f:1c:3f:33:e5:f9:5d: 0c:16:19:f2:06:dd:54:9b:66:9c:43:6e:b1:9f:6e: b0:07:77:80:44:64:3c:d3:e5:b8:18:0f:4a:bb:1a: 34:13:a5:1c:0a:33:9b:7b:c9:be:bb:2a:77:7f:7a: 4b:ef:07:24:7d:c7:2d:da:cc:a7:42:0c:f4:6e:c0: 49:33:91:60:d4:d7:71:86:be:29:f5:60:ba:42:d2: 97:f3:53:18:fc:4c:19:45:61:c4:f7:b4:00:47:4e: f4:4c:67:2b:6a:7e:fd:d2:39:bf:22:df:bc:ac:1e: 9d:0e:f5:17:23:ff:5e:00:ec:6b:5c:14:02:8b:e1: 30:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:26:EB:60:0A:66:21:03:4D:58:52:95:F4:12:20:7F:7A:CC:D2:81 X509v3 Authority Key Identifier: keyid:B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:c9:2a:f9:b9:1b:67:de:53:f3:b3:40:38:68:8b:dc:65:5b: 67:f5:36:55:f5:3b:ad:9c:fe:be:fc:1f:b4:72:d1:3f:c1:a0: a2:1d:ec:31:bf:a6:12:df:5a:02:6e:89:6a:25:d3:80:0f:03: aa:1a:ed:d7:69:c5:94:bc:88:84:9d:e3:80:34:87:db:cd:6c: 59:b5:75:47:cf:8d:71:4d:ed:09:9c:bb:81:a7:0a:c8:b4:c3: ba:b3:20:bb:9f:19:c4:12:43:c0:a0:fe:6f:82:b2:5e:18:7c: c8:12:fa:03:95:25:91:9a:0f:91:11:ce:da:c5:cf:e8:a3:96: a5:1f:8a:8f:2f:aa:47:0c:21:11:a4:29:44:a7:82:dc:73:68: 9d:f3:ec:62:09:72:e3:f0:9c:92:39:53:4b:3f:a8:c5:ad:7c: ae:76:1d:a7:34:ce:2f:5b:3b:05:cd:4f:91:ae:92:ff:ce:da: d6:36:53:fc:fc:ae:25:53:85:ab:87:d6:2b:d3:14:76:8b:23: 0e:9f:0b:e2:5d:cf:7c:ac:c6:a2:35:b0:49:82:a0:08:ec:60: 73:63:aa:30:4c:f2:0b:6d:e3:02:06:62:15:cb:eb:9a:55:03: c1:93:54:c0:0b:5e:ab:6c:e9:9a:96:5a:89:bd:57:ee:60:b5: 0c:51:c5:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA58wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThCMzIxMTAvBgNVBAUTKEI2MTEwM0E1QzlDQzYwRUFEMTg4QTJGOUZEMTFFNjNE NTIzM0Q5OTUwHhcNMjUwNTMxMDA1ODM4WhcNMjUwNjA3MDA1ODM4WjAYMRYwFAYD VQQDEw02ODNhNTQzZS0yNmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXFZYwEtR7MmIXgKO69QueFbIUH8N7ive/YufVo97E+0VMeBK6SdOfHkdqYv SgKLppErS3rM4UVlBBHGDeoahShMtG72NPmKZdXeq7kly1/a5oHWBmK2hO74uCSr yocSMlfFj3K+6bN513p36ej6YNkA3GpnE+fUkQyiusjreC8cPzPl+V0MFhnyBt1U m2acQ26xn26wB3eARGQ80+W4GA9Kuxo0E6UcCjObe8m+uyp3f3pL7wckfcct2syn Qgz0bsBJM5Fg1Ndxhr4p9WC6QtKX81MY/EwZRWHE97QAR070TGcran790jm/It+8 rB6dDvUXI/9eAOxrXBQCi+EwbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLkm62AK ZiEDTVhSlfQSIH96zNKBMB8GA1UdIwQYMBaAFLYRA6XJzGDq0Yii+f0R5j1SM9mV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEIzMi9GRjc3MUJCQzlE MjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlPclJpS0w1X1JIbVBWSXoy WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RoRURwY25NWU9yUmlLTDVfUkhtUFZJejJaVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OEIzMi9GRjc3MUJCQzlEMjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlP clJpS0w1X1JIbVBWSXoyWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKySr5uRtn3lPzs0A4aIvcZVtn9TZV9TutnP6+/B+0ctE/waCiHewx v6YS31oCbolqJdOADwOqGu3XacWUvIiEneOANIfbzWxZtXVHz41xTe0JnLuBpwrI tMO6syC7nxnEEkPAoP5vgrJeGHzIEvoDlSWRmg+REc7axc/oo5alH4qPL6pHDCER pClEp4Lcc2id8+xiCXLj8JySOVNLP6jFrXyudh2nNM4vWzsFzU+RrpL/ztrWNlP8 /K4lU4Wrh9Yr0xR2iyMOnwviXc98rMaiNbBJgqAI7GBzY6owTPILbeMCBmIVy+ua VQPBk1TAC16rbOmallqJvVfuYLUMUcUa -----END CERTIFICATE-----Generated at Sat May 31 16:32:11 2025 by rpki-client