$ rpki-client -vvf rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft File: CStU0vnpbT_OHwwNuzGxuCyNLOA.mft (raw, json) Hash identifier: MCWanMxjlqVWSY3RZO1vGMaKd3I/X1Udutu6g+8r6yo= Subject key identifier: 80:0C:77:23:18:D4:95:2D:7E:C0:23:9A:A6:C7:82:68:58:A7:AA:47 Authority key identifier: 09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 Certificate issuer: /CN=A9122EA2/serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Certificate serial: 01DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft Manifest number: 01D2 Signing time: Sat 31 May 2025 02:41:07 +0000 Manifest this update: Sat 31 May 2025 02:41:07 +0000 Manifest next update: Sat 07 Jun 2025 02:41:07 +0000 Files and hashes: 1: CStU0vnpbT_OHwwNuzGxuCyNLOA.crl (hash: HsrJVdO52rAoKYg253xmHOqtDzmI6KwB3U/liB22H9E=) 2: C20F71E0992A11EEBDE4AF84C4F9AE02.roa (hash: csl85VTomjs4iPv8bKOFHRUkLivByj84d/cWaa81y8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:41:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 478 (0x1de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122EA2, serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Validity Not Before: May 31 02:41:07 2025 GMT Not After : Jun 7 02:41:07 2025 GMT Subject: CN=683a6c43-596e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ae:4f:15:f1:9c:53:86:3f:40:df:7e:de:0e: 4e:bf:ee:19:92:45:98:84:82:fe:be:18:64:f4:3d: 20:0b:c0:bc:d8:30:10:d4:9c:70:71:d7:88:80:54: c0:a0:da:c2:c2:bc:74:a8:37:f2:14:06:54:37:2e: dc:8b:fe:66:8e:7f:52:b2:b9:05:98:2a:cf:10:84: 8d:bf:87:db:e0:20:f8:3c:3d:da:41:49:31:08:c8: 0c:13:58:95:2d:6f:af:1e:94:44:f7:e7:85:77:55: 56:98:15:6f:30:f1:86:4e:bd:e0:ee:ce:c9:fc:b9: 32:89:5e:04:cf:1b:3a:81:df:57:66:f7:9b:70:c6: 33:6f:3e:bf:de:ed:1f:a4:06:c5:21:d8:c7:07:63: 3b:a0:01:46:d4:2c:4b:1f:9b:b6:16:f2:74:1e:05: 4c:19:72:71:1b:22:b7:12:b1:9b:fe:c4:bf:b5:ad: 6e:a1:75:a5:bb:d8:05:4a:4d:64:5e:b6:d7:c0:c8: 41:0a:64:90:32:a0:46:da:c2:55:f1:82:25:cd:9d: bc:7a:c6:3c:a4:9b:fe:d3:93:68:08:5f:4b:1e:31: 2f:e4:5d:76:cb:56:6a:51:a4:0e:1b:07:de:78:8e: b6:6a:6f:90:5f:db:ee:2a:ff:8b:4f:55:64:a9:f3: 5c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:0C:77:23:18:D4:95:2D:7E:C0:23:9A:A6:C7:82:68:58:A7:AA:47 X509v3 Authority Key Identifier: keyid:09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:a4:5c:e0:0c:79:06:96:6b:31:47:92:3c:7f:8b:17:ed:32: f1:3c:28:56:d9:c0:ae:49:9b:a9:08:07:a6:fc:bc:f9:1c:71: fe:87:8c:e1:7b:97:3c:96:4a:b7:9e:7c:42:2a:78:d7:04:12: 92:26:ed:2a:21:44:e6:7b:cb:9c:eb:7a:41:67:51:a4:70:eb: 80:ac:02:d9:d8:53:ab:83:57:28:c1:78:3c:d8:9c:64:96:00: 11:b2:6c:80:80:54:8b:e1:88:59:e5:53:d0:0d:bc:d6:48:d6: 86:4b:01:9e:fd:42:c7:3c:5b:c6:26:e8:ed:19:5c:59:8a:9b: 8b:a4:e5:f0:03:2e:71:37:39:15:f6:2b:32:6e:0e:f1:83:10: 86:95:ec:24:2b:b1:fe:98:f9:09:c7:c0:21:83:f9:d1:71:34: bc:e0:25:b7:61:1d:2d:b0:1b:e1:30:00:67:f2:bd:c1:3f:1f: 2c:37:ab:82:8e:ba:37:f8:5c:45:c7:55:6a:95:4c:34:1e:7d: 9b:6e:3b:29:3e:f4:49:67:a5:c7:1c:4c:cd:43:79:bc:09:6b: 34:bb:09:41:cd:85:36:47:c8:2b:a3:e3:3a:bc:f7:0b:74:1b: 31:45:18:ef:61:15:c6:29:e1:1b:9b:8a:73:a2:89:42:d7:2c: 85:98:a1:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJFQTIxMTAvBgNVBAUTKDA5MkI1NEQyRjlFOTZEM0ZDRTFGMEMwREJCMzFCMUI4 MkM4RDJDRTAwHhcNMjUwNTMxMDI0MTA3WhcNMjUwNjA3MDI0MTA3WjAYMRYwFAYD VQQDEw02ODNhNmM0My01OTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAta5PFfGcU4Y/QN9+3g5Ov+4ZkkWYhIL+vhhk9D0gC8C82DAQ1JxwcdeIgFTA oNrCwrx0qDfyFAZUNy7ci/5mjn9SsrkFmCrPEISNv4fb4CD4PD3aQUkxCMgME1iV LW+vHpRE9+eFd1VWmBVvMPGGTr3g7s7J/LkyiV4Ezxs6gd9XZvebcMYzbz6/3u0f pAbFIdjHB2M7oAFG1CxLH5u2FvJ0HgVMGXJxGyK3ErGb/sS/ta1uoXWlu9gFSk1k XrbXwMhBCmSQMqBG2sJV8YIlzZ28esY8pJv+05NoCF9LHjEv5F12y1ZqUaQOGwfe eI62am+QX9vuKv+LT1VkqfNcKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIAMdyMY 1JUtfsAjmqbHgmhYp6pHMB8GA1UdIwQYMBaAFAkrVNL56W0/zh8MDbsxsbgsjSzg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkVBMi8xNTI1MzQxNDg1 NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJUX09Id3dOdXpHeHVDeU5M T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NTdFUwdm5wYlRfT0h3d051ekd4dUN5TkxPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MkVBMi8xNTI1MzQxNDg1NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJU X09Id3dOdXpHeHVDeU5MT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcpFzgDHkGlmsxR5I8f4sX7TLxPChW2cCuSZupCAem/Lz5HHH+h4zh e5c8lkq3nnxCKnjXBBKSJu0qIUTme8uc63pBZ1GkcOuArALZ2FOrg1cowXg82Jxk lgARsmyAgFSL4YhZ5VPQDbzWSNaGSwGe/ULHPFvGJujtGVxZipuLpOXwAy5xNzkV 9isybg7xgxCGlewkK7H+mPkJx8Ahg/nRcTS84CW3YR0tsBvhMABn8r3BPx8sN6uC jro3+FxFx1VqlUw0Hn2bbjspPvRJZ6XHHEzNQ3m8CWs0uwlBzYU2R8gro+M6vPcL dBsxRRjvYRXGKeEbm4pzoolC1yyFmKEG -----END CERTIFICATE-----Generated at Sat May 31 17:23:33 2025 by rpki-client