$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: scJ0rJ6MtNt+Q3/aQEL/b9sG42iKPypdCDJHr+ir6RY= Subject key identifier: 7E:8F:A5:0C:1A:F0:3F:45:E8:AF:A9:82:F5:7F:A9:44:63:F6:E6:34 Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 01D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 01D5 Signing time: Thu 05 Jun 2025 02:11:01 +0000 Manifest this update: Thu 05 Jun 2025 02:11:00 +0000 Manifest next update: Thu 12 Jun 2025 02:11:00 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: 1njmxcT0YJWOXZLUnylvU5NQfk/WY9l8TCBQgRHOWSs=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: C5+qR+xwM5riTT+23t/1tPZQq66L4etzO1hAZvNu09M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 02:11:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 472 (0x1d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB, serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: Jun 5 02:11:00 2025 GMT Not After : Jun 12 02:11:00 2025 GMT Subject: CN=6840fcb4-79e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:14:b0:c2:04:a1:02:fa:8b:cb:a8:c8:a6:04: 88:06:76:be:57:80:7a:d2:7c:82:4e:84:58:be:51: 0f:73:77:71:4c:c4:4e:b9:b6:67:bb:56:04:6e:62: fc:39:44:85:9d:34:37:a1:56:fc:88:c9:f7:f2:6c: 72:b3:c3:16:db:fe:12:ad:42:9c:8f:3c:af:6d:85: e8:57:eb:9a:19:4a:59:53:2c:fe:17:a9:44:e6:9a: 62:c0:3b:cb:9d:3b:20:98:96:9a:5f:b6:d1:84:db: a1:a2:37:57:6a:12:c7:22:95:d3:83:9b:5b:cf:c2: b6:dd:9e:3e:d6:96:5e:20:a0:02:f9:c3:99:bf:ba: 36:04:d2:19:38:5e:fd:bd:bd:72:85:5d:7e:95:12: 8e:2e:ee:15:60:a1:a6:df:60:13:fb:7a:e6:b8:29: 60:42:59:55:59:9a:11:6f:1b:f9:f3:34:7e:73:40: 18:b4:19:f0:ab:05:83:2d:54:23:cb:25:39:32:08: 39:55:ab:7d:3a:b5:2a:45:ce:a9:1c:71:00:aa:fd: c8:68:57:e9:b3:a0:1e:8a:cf:87:b9:dc:3c:eb:49: 0b:77:9a:1e:87:6b:0c:97:67:ef:fc:3c:61:99:d8: 8c:f8:23:60:ad:b8:8a:a6:c9:fc:35:c2:ee:cd:d0: 12:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:8F:A5:0C:1A:F0:3F:45:E8:AF:A9:82:F5:7F:A9:44:63:F6:E6:34 X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:77:ee:bc:26:06:24:86:98:1a:ff:28:8b:7d:99:81:31:9e: 17:de:5f:63:d0:11:8e:29:67:fb:5f:70:6a:f1:00:28:19:8b: cd:8d:4a:cc:e4:8b:15:1c:a0:9e:6e:1c:ad:39:b2:bc:12:43: dc:fe:f5:1e:ca:b6:f8:f6:d0:5a:40:0e:63:d0:33:1a:3d:be: 3a:e0:7f:cd:7e:81:1b:bb:e6:ac:65:75:47:1b:84:f1:13:9e: 96:8a:56:0d:1e:dc:ed:a1:37:98:62:35:cc:3b:0e:63:8b:6a: 61:23:e6:1d:4e:f2:58:6c:8e:be:04:88:29:d6:e2:be:35:a1: 5d:8c:5b:d1:fc:31:69:ee:fa:6c:73:73:da:64:e1:7a:80:14: cc:75:c4:d8:9e:22:8b:6d:fb:b0:4b:c3:e6:a1:f2:97:d6:22: 02:a0:4e:3e:8f:89:7a:85:d3:08:06:0c:4c:8b:f7:5f:df:ab: 62:4e:1d:2b:fd:f4:fb:75:c5:c3:a3:71:47:b5:52:c6:d4:f1: 56:dd:90:b8:13:ee:50:7e:dd:7f:f4:4a:0f:b1:bd:00:cc:3e: 42:76:7b:82:ba:10:b7:6c:18:2d:0a:dd:b6:32:1f:6f:88:8f: 37:db:6b:24:d6:7a:be:f3:3b:c1:a9:96:02:0c:b7:6f:e8:f7: 31:e7:5d:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjUwNjA1MDIxMTAwWhcNMjUwNjEyMDIxMTAwWjAYMRYwFAYD VQQDEw02ODQwZmNiNC03OWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAphSwwgShAvqLy6jIpgSIBna+V4B60nyCToRYvlEPc3dxTMROubZnu1YEbmL8 OUSFnTQ3oVb8iMn38mxys8MW2/4SrUKcjzyvbYXoV+uaGUpZUyz+F6lE5ppiwDvL nTsgmJaaX7bRhNuhojdXahLHIpXTg5tbz8K23Z4+1pZeIKAC+cOZv7o2BNIZOF79 vb1yhV1+lRKOLu4VYKGm32AT+3rmuClgQllVWZoRbxv58zR+c0AYtBnwqwWDLVQj yyU5Mgg5Vat9OrUqRc6pHHEAqv3IaFfps6Aeis+Hudw860kLd5oeh2sMl2fv/Dxh mdiM+CNgrbiKpsn8NcLuzdASFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH6PpQwa 8D9F6K+pgvV/qURj9uY0MB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGd+68JgYkhpga/yiLfZmBMZ4X3l9j0BGOKWf7X3Bq8QAoGYvNjUrM 5IsVHKCebhytObK8EkPc/vUeyrb49tBaQA5j0DMaPb464H/NfoEbu+asZXVHG4Tx E56WilYNHtztoTeYYjXMOw5ji2phI+YdTvJYbI6+BIgp1uK+NaFdjFvR/DFp7vps c3PaZOF6gBTMdcTYniKLbfuwS8PmofKX1iICoE4+j4l6hdMIBgxMi/df36tiTh0r /fT7dcXDo3FHtVLG1PFW3ZC4E+5Qft1/9EoPsb0AzD5CdnuCuhC3bBgtCt22Mh9v iI8322sk1nq+8zvBqZYCDLdv6Pcx512c -----END CERTIFICATE-----Generated at Thu Jun 5 19:53:53 2025 by rpki-client