$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: KxWXytMXXX8kMJM/4Vjn/q4HQAQbpeMf4eCPOTB1Hgw= Subject key identifier: 72:7E:87:0D:CC:64:63:C7:CF:59:31:CD:44:C2:AB:6E:00:95:25:8C Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 066D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 0669 Signing time: Sat 31 May 2025 22:27:45 +0000 Manifest this update: Sat 31 May 2025 22:27:45 +0000 Manifest next update: Sat 07 Jun 2025 22:27:45 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: 0kHXfQV4Z0AKx/mXGq6CxE4xLdWAujP7ORax07chtnQ=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: DpNVsF8S1R1VahxgyAnkQsdhv9Y/GOwsBJQM35rMSJ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 22:27:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1645 (0x66d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: May 31 22:27:45 2025 GMT Not After : Jun 7 22:27:45 2025 GMT Subject: CN=683b8261-dc17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:16:46:87:61:d4:9b:79:c6:2c:a7:e9:2e:76: 55:7a:39:b1:ab:db:f9:0e:d5:74:eb:97:89:bf:63: dc:13:82:28:b8:b1:54:9d:30:0f:9b:db:15:58:77: 4f:c7:f6:77:df:ee:1d:da:62:b4:34:60:89:5c:13: 34:07:d3:ac:b5:f9:1d:14:cf:92:ab:79:d4:9a:11: d7:a2:fc:5d:4b:ed:fb:bc:fa:d1:52:7d:05:76:fa: c7:01:a9:0b:c4:fa:ab:90:5e:5f:c2:3e:d0:7e:70: 49:c5:50:cf:10:9f:a1:60:21:cf:11:0e:ee:39:5a: 23:94:15:75:01:29:4b:88:22:48:2e:6a:ae:b9:fc: e9:1a:4f:98:ef:63:bf:69:5c:a5:34:2d:24:13:17: c1:4d:7f:63:3e:75:dd:6c:62:e3:19:28:1c:3e:37: c9:a1:a6:9d:ec:5d:a5:a5:d0:05:a2:3f:7b:02:a2: a2:bf:57:d7:3f:34:ca:fb:1a:96:69:1f:b2:03:d8: 1c:59:11:d6:3a:f4:1b:9d:96:84:ca:43:f5:08:8e: 9e:e1:3c:ef:99:8b:5e:cc:7b:9f:9f:50:41:8f:0c: 35:5e:da:8e:d3:dd:4e:79:1d:15:dc:7c:ac:01:59: f1:ed:7e:af:8c:88:29:c2:92:91:d4:e4:ec:7b:7b: 49:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:7E:87:0D:CC:64:63:C7:CF:59:31:CD:44:C2:AB:6E:00:95:25:8C X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:25:30:c4:81:8e:8f:3e:91:b3:6c:e5:28:36:0e:71:3a:6e: ec:6b:09:5f:19:21:d4:5c:cd:3f:00:9a:a6:9a:c3:8a:93:36: 9a:ef:03:6e:97:6e:0e:0d:02:46:92:45:7a:b1:30:74:8b:8d: e8:02:1b:41:9c:eb:be:83:49:2b:fc:cb:bd:2f:08:b1:51:ae: 1d:0b:b2:85:dd:72:a7:1e:2d:fb:03:65:8f:b9:dd:60:c3:98: 82:2c:5b:05:e7:a6:4f:91:44:88:2b:50:7e:38:32:8d:f4:c1: 5f:3c:4a:15:68:dd:28:09:e2:71:98:ca:9f:fd:f1:9f:81:65: a2:39:70:c4:8b:1e:69:8e:41:c5:7b:6f:07:af:62:fe:b6:24: c9:4a:27:9f:b4:d0:e9:1a:d5:65:2f:b8:b0:55:61:e8:0c:f0: f3:0c:b4:82:46:f9:c2:f2:ee:e5:e4:e3:bf:c2:bf:ca:38:6b: ff:fa:c0:f9:67:5c:00:49:14:ee:3e:84:aa:5d:d1:de:85:10: 64:88:b7:b0:63:e4:94:f2:0d:de:bb:ef:b7:63:35:f8:5f:87: 29:c9:93:a0:d4:fe:c8:98:7b:d6:ee:53:cb:d6:a2:bd:87:01: 47:6f:09:9d:71:c0:b5:70:34:61:94:c2:66:5f:06:60:46:73: ac:bc:25:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUwNTMxMjIyNzQ1WhcNMjUwNjA3MjIyNzQ1WjAYMRYwFAYD VQQDEw02ODNiODI2MS1kYzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwxZGh2HUm3nGLKfpLnZVejmxq9v5DtV065eJv2PcE4IouLFUnTAPm9sVWHdP x/Z33+4d2mK0NGCJXBM0B9OstfkdFM+Sq3nUmhHXovxdS+37vPrRUn0FdvrHAakL xPqrkF5fwj7QfnBJxVDPEJ+hYCHPEQ7uOVojlBV1ASlLiCJILmquufzpGk+Y72O/ aVylNC0kExfBTX9jPnXdbGLjGSgcPjfJoaad7F2lpdAFoj97AqKiv1fXPzTK+xqW aR+yA9gcWRHWOvQbnZaEykP1CI6e4TzvmYtezHufn1BBjww1XtqO091OeR0V3Hys AVnx7X6vjIgpwpKR1OTse3tJnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJ+hw3M ZGPHz1kxzUTCq24AlSWMMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtJTDEgY6PPpGzbOUoNg5xOm7sawlfGSHUXM0/AJqmmsOKkzaa7wNu l24ODQJGkkV6sTB0i43oAhtBnOu+g0kr/Mu9LwixUa4dC7KF3XKnHi37A2WPud1g w5iCLFsF56ZPkUSIK1B+ODKN9MFfPEoVaN0oCeJxmMqf/fGfgWWiOXDEix5pjkHF e28Hr2L+tiTJSieftNDpGtVlL7iwVWHoDPDzDLSCRvnC8u7l5OO/wr/KOGv/+sD5 Z1wASRTuPoSqXdHehRBkiLewY+SU8g3eu++3YzX4X4cpyZOg1P7ImHvW7lPL1qK9 hwFHbwmdccC1cDRhlMJmXwZgRnOsvCU8 -----END CERTIFICATE-----Generated at Mon Jun 2 19:58:16 2025 by rpki-client