$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: m2pfM2pDGsuR2slgmq1GutHBaH8DarMz9tp0e1yAdVE= Subject key identifier: 59:39:26:89:FE:CE:C3:67:76:8D:B9:76:64:2A:7E:00:E2:61:E5:58 Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 0214 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 0207 Signing time: Thu 05 Jun 2025 01:52:55 +0000 Manifest this update: Thu 05 Jun 2025 01:52:54 +0000 Manifest next update: Thu 12 Jun 2025 01:52:54 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: 2+0pP6+H2wRxfLsh5YICninW8O5byi080kicv7wXaL0=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: RN89+S1mBA7UPdGt6AqckCvGseRU/f6VRbIgO417GXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 01:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 532 (0x214) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Jun 5 01:52:54 2025 GMT Not After : Jun 12 01:52:54 2025 GMT Subject: CN=6840f877-065e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:91:84:65:3c:e0:de:9f:77:0e:b6:14:e1:7b: de:29:cb:1e:5d:7f:75:56:5a:c9:9d:b5:88:75:3c: 47:ee:54:c3:cd:c3:b0:7c:32:ee:aa:d8:33:cc:ef: 8d:06:15:77:f2:a2:2c:9f:b0:82:85:01:80:ba:ca: 3c:78:e9:dd:89:7b:85:1e:f6:2a:79:90:8c:d6:28: 4f:a5:29:4d:30:db:f8:45:23:13:45:a4:e5:dc:90: 87:b6:d8:d9:f4:15:bb:d9:38:c6:ee:1b:fd:b5:0e: d4:a6:63:0d:e7:c7:a6:5a:6e:59:ba:84:7f:c1:12: f8:06:99:1c:00:0d:6a:7a:77:1e:39:fa:68:33:99: 48:04:a2:8a:08:47:56:73:ae:99:2d:5b:77:1a:e7: 02:f8:36:f9:75:ff:f4:20:30:03:68:03:c9:35:7f: a1:6a:36:c3:9a:38:3e:bf:d3:6a:85:c0:6b:8d:b2: 19:c9:6e:b7:37:7f:2c:a9:39:23:fe:60:04:58:d3: 1f:7b:3f:55:65:fe:1d:99:ed:c6:2c:52:9c:05:10: ec:3e:40:95:76:80:be:be:74:84:29:39:a0:e7:49: 36:de:71:70:9f:f7:59:66:b2:cd:aa:17:84:2a:ce: 01:3c:2e:79:80:ae:29:ae:7e:fb:68:68:4d:f0:da: f6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:39:26:89:FE:CE:C3:67:76:8D:B9:76:64:2A:7E:00:E2:61:E5:58 X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:70:8b:fd:8c:63:1e:89:9e:ec:54:8e:0d:d6:ed:1a:cb:b1: 4e:d0:ce:fd:df:fc:49:01:11:d6:5d:58:1d:81:a0:da:30:1b: 44:af:b9:af:61:95:f1:17:1f:cd:d0:df:52:95:2d:b9:6e:66: 39:53:91:10:e1:0a:13:2f:79:d4:7a:67:8d:bb:9e:72:fe:ca: d0:38:fe:e8:dc:04:67:ab:67:75:e7:7d:b3:af:7c:59:25:be: c2:66:01:f4:3f:c2:ce:2b:41:ab:c0:53:97:c1:e0:85:88:d5: 7d:78:ce:0e:e5:90:27:cd:57:5b:cd:75:53:c0:5f:e6:3b:6c: 20:e8:f5:1e:71:38:2c:7f:0a:0b:63:f3:cc:49:58:6d:f2:0d: d3:87:bb:5b:4e:11:48:8b:c7:0a:bf:d0:7d:83:15:83:2d:8e: 7e:d7:5c:49:4a:59:bd:f3:61:01:26:07:15:64:3b:28:32:c9: 11:48:cd:3c:70:06:1f:84:64:c8:83:55:8f:29:fd:08:a6:8b: e7:d1:62:5e:b4:37:2b:48:51:57:17:97:d7:ea:97:0d:1b:0e: a0:2f:2b:bb:4a:cc:59:c3:10:04:bd:a0:58:0e:09:f0:42:e8: f8:a3:8e:82:11:79:d6:e7:b8:b2:a1:fa:f1:13:56:b7:1a:d3: 4e:08:34:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjUwNjA1MDE1MjU0WhcNMjUwNjEyMDE1MjU0WjAYMRYwFAYD VQQDEw02ODQwZjg3Ny0wNjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvJGEZTzg3p93DrYU4XveKcseXX91VlrJnbWIdTxH7lTDzcOwfDLuqtgzzO+N BhV38qIsn7CChQGAuso8eOndiXuFHvYqeZCM1ihPpSlNMNv4RSMTRaTl3JCHttjZ 9BW72TjG7hv9tQ7UpmMN58emWm5ZuoR/wRL4BpkcAA1qenceOfpoM5lIBKKKCEdW c66ZLVt3GucC+Db5df/0IDADaAPJNX+hajbDmjg+v9NqhcBrjbIZyW63N38sqTkj /mAEWNMfez9VZf4dme3GLFKcBRDsPkCVdoC+vnSEKTmg50k23nFwn/dZZrLNqheE Ks4BPC55gK4prn77aGhN8Nr28wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFk5Jon+ zsNndo25dmQqfgDiYeVYMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEcIv9jGMeiZ7sVI4N1u0ay7FO0M793/xJARHWXVgdgaDaMBtEr7mv YZXxFx/N0N9SlS25bmY5U5EQ4QoTL3nUemeNu55y/srQOP7o3ARnq2d1532zr3xZ Jb7CZgH0P8LOK0GrwFOXweCFiNV9eM4O5ZAnzVdbzXVTwF/mO2wg6PUecTgsfwoL Y/PMSVht8g3Th7tbThFIi8cKv9B9gxWDLY5+11xJSlm982EBJgcVZDsoMskRSM08 cAYfhGTIg1WPKf0Ipovn0WJetDcrSFFXF5fX6pcNGw6gLyu7SsxZwxAEvaBYDgnw Quj4o46CEXnW57iyofrxE1a3GtNOCDTx -----END CERTIFICATE-----Generated at Thu Jun 5 19:14:48 2025 by rpki-client