$ rpki-client -vvf rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft File: XfVm12I2fCjH8_ElYbRxa4yhuWY.mft (raw, json) Hash identifier: SoUqsqotZg4M+HSqBAkvX9JhMkz4AkMERnTt0pwKUqg= Subject key identifier: 4D:7A:89:3B:97:9B:F9:24:09:D5:8B:D2:CB:0B:82:66:56:1D:1F:B3 Authority key identifier: 5D:F5:66:D7:62:36:7C:28:C7:F3:F1:25:61:B4:71:6B:8C:A1:B9:66 Certificate issuer: /CN=A9133B47/serialNumber=5DF566D762367C28C7F3F12561B4716B8CA1B966 Certificate serial: C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XfVm12I2fCjH8_ElYbRxa4yhuWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft Manifest number: C6 Signing time: Sat 31 May 2025 05:22:42 +0000 Manifest this update: Sat 31 May 2025 05:22:42 +0000 Manifest next update: Sat 07 Jun 2025 05:22:42 +0000 Files and hashes: 1: XfVm12I2fCjH8_ElYbRxa4yhuWY.crl (hash: CV78sD5gJcKHG0LQWXDH6XTHraK+PSmXVva/MKbNisQ=) 2: 23B1A0120FA511EFB28F5235C4F9AE02.roa (hash: hXpBoYToApPmmdPekjKleadge49SIJY0fjcaISdG6yE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.crl rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XfVm12I2fCjH8_ElYbRxa4yhuWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:22:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9133B47, serialNumber=5DF566D762367C28C7F3F12561B4716B8CA1B966 Validity Not Before: May 31 05:22:42 2025 GMT Not After : Jun 7 05:22:42 2025 GMT Subject: CN=683a9222-c2ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ba:cb:b5:99:b7:a2:ab:ea:9c:77:a8:6a:cc: d1:f4:21:2a:eb:e8:c3:6a:e3:13:0b:49:47:e0:a6: c3:14:7f:0a:bc:23:7c:59:f6:73:b4:a8:14:7e:11: 5e:b5:96:c1:f5:dc:24:45:9b:16:0e:62:67:3c:3e: 5c:e2:bf:5d:2d:94:e5:d5:27:e9:a3:99:46:2a:e5: 7a:84:3d:b7:ab:9c:fd:78:ad:50:2e:da:32:c7:7d: 16:91:f6:4d:7f:e1:20:15:95:e9:e7:d0:66:15:c6: c2:56:7c:83:9a:55:94:00:71:de:61:b5:ac:eb:85: 53:0f:7b:ba:13:1a:ab:80:63:7f:ff:7d:d0:d9:3a: da:97:dc:9a:e4:6f:43:55:ed:16:99:3f:a6:55:56: 04:c6:79:0b:28:ee:6a:ce:f1:8c:35:2f:39:e7:d5: 64:f8:a6:b6:09:a2:f7:95:9b:72:41:0d:d7:b3:8b: cc:a7:24:5d:65:9f:8e:b1:7d:0d:48:e9:52:4c:9a: a4:2a:24:fe:df:09:8a:49:66:77:96:0e:f7:cf:c0: fc:e6:34:f0:fb:e1:54:e7:3e:cc:ff:61:08:a7:a2: d5:09:4e:9d:90:c9:4b:6a:01:d5:e9:c8:75:63:97: a8:22:0f:a3:52:8f:02:e3:a4:49:bc:46:7e:b3:92: 9a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:7A:89:3B:97:9B:F9:24:09:D5:8B:D2:CB:0B:82:66:56:1D:1F:B3 X509v3 Authority Key Identifier: keyid:5D:F5:66:D7:62:36:7C:28:C7:F3:F1:25:61:B4:71:6B:8C:A1:B9:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XfVm12I2fCjH8_ElYbRxa4yhuWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:a7:1e:1f:ab:15:3d:98:6c:2d:8d:19:0f:46:fa:42:03:92: 75:b7:0e:f2:f3:bd:22:9c:6c:f2:54:67:47:51:2b:f8:72:1d: 80:40:60:92:93:a4:60:b0:1f:cb:6e:a6:9f:9b:2b:6a:85:b3: b7:67:40:8b:58:53:bd:56:f8:3b:73:a5:71:39:5c:7a:e2:1c: 9a:52:fb:30:28:ca:22:e3:41:26:58:eb:c7:0b:bf:ac:a7:c7: b3:52:64:ab:a7:8c:38:95:ed:0e:bd:e9:50:37:48:2e:19:f6: 3e:82:69:ef:49:4f:a4:44:ed:f9:cd:ae:01:1d:52:2d:54:14: 0e:89:87:26:f2:10:70:ed:6f:df:78:ef:e0:88:11:4e:f6:f7: 9a:64:53:a6:91:92:d2:3c:45:ea:e2:e1:6e:28:89:2a:c4:cb: 98:d4:89:46:0a:36:28:0a:86:82:6d:f4:87:66:2e:c8:94:41: 08:10:fc:9f:56:0a:1d:cd:a0:dc:45:33:4c:d8:30:10:0a:a8: 65:23:b8:0d:d3:5a:a5:2e:0b:71:c4:18:1b:95:de:c9:98:5a: 0a:86:ec:f4:a3:43:74:ba:a7:eb:a0:69:13:94:85:b4:3a:9b: 52:41:4d:ef:85:8d:e0:ab:89:51:cc:17:e8:35:9b:b2:19:34: 57:74:f5:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzNCNDcxMTAvBgNVBAUTKDVERjU2NkQ3NjIzNjdDMjhDN0YzRjEyNTYxQjQ3MTZC OENBMUI5NjYwHhcNMjUwNTMxMDUyMjQyWhcNMjUwNjA3MDUyMjQyWjAYMRYwFAYD VQQDEw02ODNhOTIyMi1jMmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqbrLtZm3oqvqnHeoaszR9CEq6+jDauMTC0lH4KbDFH8KvCN8WfZztKgUfhFe tZbB9dwkRZsWDmJnPD5c4r9dLZTl1Sfpo5lGKuV6hD23q5z9eK1QLtoyx30WkfZN f+EgFZXp59BmFcbCVnyDmlWUAHHeYbWs64VTD3u6ExqrgGN//33Q2Tral9ya5G9D Ve0WmT+mVVYExnkLKO5qzvGMNS8559Vk+Ka2CaL3lZtyQQ3Xs4vMpyRdZZ+OsX0N SOlSTJqkKiT+3wmKSWZ3lg73z8D85jTw++FU5z7M/2EIp6LVCU6dkMlLagHV6ch1 Y5eoIg+jUo8C46RJvEZ+s5KaPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE16iTuX m/kkCdWL0ssLgmZWHR+zMB8GA1UdIwQYMBaAFF31ZtdiNnwox/PxJWG0cWuMoblm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0I0Ny84NzFCOTI5NDBG QTQxMUVGQTFBMTY5MzRDNEY5QUUwMi9YZlZtMTJJMmZDakg4X0VsWWJSeGE0eWh1 V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hmVm0xMkkyZkNqSDhfRWxZYlJ4YTR5aHVXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz M0I0Ny84NzFCOTI5NDBGQTQxMUVGQTFBMTY5MzRDNEY5QUUwMi9YZlZtMTJJMmZD akg4X0VsWWJSeGE0eWh1V1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCppx4fqxU9mGwtjRkPRvpCA5J1tw7y870inGzyVGdHUSv4ch2AQGCS k6RgsB/LbqafmytqhbO3Z0CLWFO9Vvg7c6VxOVx64hyaUvswKMoi40EmWOvHC7+s p8ezUmSrp4w4le0OvelQN0guGfY+gmnvSU+kRO35za4BHVItVBQOiYcm8hBw7W/f eO/giBFO9veaZFOmkZLSPEXq4uFuKIkqxMuY1IlGCjYoCoaCbfSHZi7IlEEIEPyf VgodzaDcRTNM2DAQCqhlI7gN01qlLgtxxBgbld7JmFoKhuz0o0N0uqfroGkTlIW0 OptSQU3vhY3gq4lRzBfoNZuyGTRXdPVW -----END CERTIFICATE-----Generated at Sat May 31 17:51:39 2025 by rpki-client