$ rpki-client -vvf rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft File: X2mHOU7ukmatexkjRBv29RNP-VA.mft (raw, json) Hash identifier: zcode0ETHufTZG0hFodnuIcloAwE1Y3GRZKm56uFAQw= Subject key identifier: A3:32:39:8E:4B:1E:18:E4:DA:85:ED:09:A2:E1:F9:76:6B:B4:0E:26 Authority key identifier: 5F:69:87:39:4E:EE:92:66:AD:7B:19:23:44:1B:F6:F5:13:4F:F9:50 Certificate issuer: /CN=A9147241/serialNumber=5F6987394EEE9266AD7B1923441BF6F5134FF950 Certificate serial: 07E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft Manifest number: 07E2 Signing time: Fri 30 May 2025 21:14:50 +0000 Manifest this update: Fri 30 May 2025 21:14:50 +0000 Manifest next update: Fri 06 Jun 2025 21:14:50 +0000 Files and hashes: 1: X2mHOU7ukmatexkjRBv29RNP-VA.crl (hash: D5nhkqUvjlFNgrp0oD0lGBcaXay6X1GSnQ+hQArzpEs=) 2: F69648C2ECF211EABBFDDD24C4F9AE02.roa (hash: 90ekW1pDIqXWRjwU9tVaYqCrzXTRiG8h8pa7XJ3ojS8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.crl rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:14:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2025 (0x7e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147241, serialNumber=5F6987394EEE9266AD7B1923441BF6F5134FF950 Validity Not Before: May 30 21:14:50 2025 GMT Not After : Jun 6 21:14:50 2025 GMT Subject: CN=683a1fca-1027 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:39:9c:bf:6f:d0:57:97:4b:c7:97:84:79:3b: d7:9f:a3:b4:b6:59:02:e6:ac:b9:40:46:c4:dd:10: d1:b8:dd:96:7c:58:42:9b:b6:86:60:89:97:d6:b9: e4:ab:c8:55:0a:2e:49:56:43:2e:96:98:88:64:03: bf:1e:ef:99:8c:69:6f:42:c1:56:75:45:28:c6:67: bc:20:00:b3:ac:8e:0f:75:ae:b3:0d:87:29:7b:f1: 2f:46:53:8e:ba:af:02:fe:26:e5:98:23:4d:2d:92: 9c:aa:be:4e:14:60:81:bb:9b:1e:52:2d:58:f6:35: 4b:4b:81:5f:3a:69:77:ab:a9:3b:07:1c:78:48:bf: bc:83:02:41:19:3a:60:07:4c:af:32:6a:11:77:83: 3a:4b:65:f3:67:b0:32:32:d9:a5:9d:ff:4d:92:5b: 4e:95:4a:9d:cd:23:d8:14:39:bc:53:13:c8:29:23: 02:56:8a:31:cf:a4:b0:c4:08:9e:38:07:5c:7e:6f: e7:e8:97:cd:f3:fa:bd:63:1a:34:71:2b:6b:56:f4: b1:fb:1c:44:16:ba:95:b9:3a:18:c0:50:89:27:e0: d2:d6:d6:02:ca:b1:87:8e:8d:d2:23:a8:9e:47:ff: 29:6b:3e:f8:67:5f:ee:9b:06:0a:dd:d6:cf:6a:eb: 7e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:32:39:8E:4B:1E:18:E4:DA:85:ED:09:A2:E1:F9:76:6B:B4:0E:26 X509v3 Authority Key Identifier: keyid:5F:69:87:39:4E:EE:92:66:AD:7B:19:23:44:1B:F6:F5:13:4F:F9:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:11:46:86:60:1f:7d:33:45:0b:e7:c6:3a:83:37:c7:a7:14: 98:be:58:1e:d8:82:37:7d:97:79:ac:39:ab:7a:8d:af:ba:d8: 04:cb:8f:84:95:b0:f7:d5:7c:80:03:eb:98:3b:4c:87:d0:21: 33:3f:4f:e7:3c:38:5c:7c:ba:91:8f:3a:96:72:73:62:60:e1: ce:52:5b:8f:9b:58:b5:81:69:8b:97:76:35:bf:20:66:4c:54: a5:1e:62:2e:c4:44:ce:47:78:4f:1e:81:36:16:0f:db:95:83: 81:79:11:1c:4a:3c:69:9c:7a:58:0c:b2:54:51:1b:99:86:b1: 98:74:38:25:c6:9c:d5:e6:23:54:ef:01:4b:a6:48:77:67:03: 31:bb:2d:93:9a:26:ec:2c:2c:00:73:57:97:3a:81:b1:0c:fe: ab:ae:1b:ac:22:22:fc:c3:c6:ed:42:ef:67:64:27:2e:53:4a: 73:d0:7e:0f:d4:2c:df:c3:06:4b:d2:0e:48:6c:86:95:84:cd: 94:94:c6:6a:0c:db:32:9d:75:c0:3f:77:89:e6:f1:9f:21:3a: bb:5b:a8:57:82:65:57:99:4e:f8:ac:ee:c0:44:86:30:49:0d: e1:2a:69:49:1f:ea:f4:88:11:6d:23:fe:fc:16:9e:4b:db:9c: 7c:8e:6c:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDcyNDExMTAvBgNVBAUTKDVGNjk4NzM5NEVFRTkyNjZBRDdCMTkyMzQ0MUJGNkY1 MTM0RkY5NTAwHhcNMjUwNTMwMjExNDUwWhcNMjUwNjA2MjExNDUwWjAYMRYwFAYD VQQDEw02ODNhMWZjYS0xMDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsTmcv2/QV5dLx5eEeTvXn6O0tlkC5qy5QEbE3RDRuN2WfFhCm7aGYImX1rnk q8hVCi5JVkMulpiIZAO/Hu+ZjGlvQsFWdUUoxme8IACzrI4Pda6zDYcpe/EvRlOO uq8C/iblmCNNLZKcqr5OFGCBu5seUi1Y9jVLS4FfOml3q6k7Bxx4SL+8gwJBGTpg B0yvMmoRd4M6S2XzZ7AyMtmlnf9NkltOlUqdzSPYFDm8UxPIKSMCVooxz6SwxAie OAdcfm/n6JfN8/q9Yxo0cStrVvSx+xxEFrqVuToYwFCJJ+DS1tYCyrGHjo3SI6ie R/8paz74Z1/umwYK3dbPaut+8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKMyOY5L Hhjk2oXtCaLh+XZrtA4mMB8GA1UdIwQYMBaAFF9phzlO7pJmrXsZI0Qb9vUTT/lQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzI0MS82MkJCNUM3NEVD RjExMUVBQTM5RDU3MjJDNEY5QUUwMi9YMm1IT1U3dWttYXRleGtqUkJ2MjlSTlAt VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gybUhPVTd1a21hdGV4a2pSQnYyOVJOUC1WQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzI0MS82MkJCNUM3NEVDRjExMUVBQTM5RDU3MjJDNEY5QUUwMi9YMm1IT1U3dWtt YXRleGtqUkJ2MjlSTlAtVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeEUaGYB99M0UL58Y6gzfHpxSYvlge2II3fZd5rDmreo2vutgEy4+E lbD31XyAA+uYO0yH0CEzP0/nPDhcfLqRjzqWcnNiYOHOUluPm1i1gWmLl3Y1vyBm TFSlHmIuxETOR3hPHoE2Fg/blYOBeREcSjxpnHpYDLJUURuZhrGYdDglxpzV5iNU 7wFLpkh3ZwMxuy2TmibsLCwAc1eXOoGxDP6rrhusIiL8w8btQu9nZCcuU0pz0H4P 1CzfwwZL0g5IbIaVhM2UlMZqDNsynXXAP3eJ5vGfITq7W6hXgmVXmU74rO7ARIYw SQ3hKmlJH+r0iBFtI/78Fp5L25x8jmyx -----END CERTIFICATE-----Generated at Sat May 31 17:23:42 2025 by rpki-client