$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: cGlgtFAaB/Gjg7GkZqJNe2uDMMdE/UvpWl1Z/xOZwzU= Subject key identifier: F5:A1:64:02:AB:CA:5F:CB:C2:6D:78:18:9F:A7:7F:3A:66:D9:D2:36 Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D1B Signing time: Fri 30 May 2025 18:14:42 +0000 Manifest this update: Fri 30 May 2025 18:14:42 +0000 Manifest next update: Fri 06 Jun 2025 18:14:42 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: HmVvSwjGAkg1nZngYNP2nuyjhMaf9hwDmPrP96B0huI=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:14:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3364 (0xd24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: May 30 18:14:42 2025 GMT Not After : Jun 6 18:14:42 2025 GMT Subject: CN=6839f592-f6a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:f6:12:69:aa:7b:23:d3:72:34:eb:91:63:9c: 5f:40:72:02:a5:05:f5:a9:9d:db:f7:68:bf:57:c0: a3:fc:f0:62:a3:db:04:7a:12:a1:46:4d:29:72:2b: 5b:af:91:de:db:ec:7a:c7:80:9b:f4:60:d6:80:c6: 9f:57:22:f2:fd:45:2c:0d:55:6f:d3:5d:48:2b:98: f4:b6:a4:81:32:0f:c9:93:60:48:70:22:1b:ad:10: 14:61:f9:79:ac:30:1a:36:19:9e:36:e8:b1:73:65: b5:9f:57:fd:bd:27:36:73:02:9c:b7:78:13:da:98: 43:83:94:69:bd:27:12:63:2e:2e:5f:1b:aa:e7:c5: ea:25:6d:78:f8:c6:48:20:e7:ba:f7:17:dc:2f:e2: f1:cd:c0:f1:39:3f:69:4f:d4:22:e6:68:d9:53:01: 6a:da:82:9f:95:d3:da:56:5e:f4:8f:9c:ca:d6:25: b3:77:ca:36:cc:c6:fd:f7:d5:b4:39:cd:e4:2a:e4: 4b:5a:8e:bd:f6:a2:0c:39:74:af:6c:dc:9f:30:e0: ef:44:15:2b:9f:9e:a5:f1:a1:3b:cd:06:98:9c:ef: 8a:48:b6:08:5f:8c:6d:b8:05:ed:10:63:58:c9:06: 1b:5f:cb:5c:d5:90:25:3b:7d:30:af:c7:61:bd:02: 4d:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:A1:64:02:AB:CA:5F:CB:C2:6D:78:18:9F:A7:7F:3A:66:D9:D2:36 X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:c8:5a:fc:9e:5b:7a:7c:03:17:ef:dc:d9:e6:4f:a0:ba:a4: 5c:f7:fd:1d:a4:c8:6c:d1:38:18:25:e6:a4:de:e0:cb:59:7c: 83:74:97:a6:b8:fe:25:e2:31:84:97:a1:f4:62:84:b5:27:34: 0b:35:ff:41:26:c0:32:81:07:7f:bf:84:03:ca:28:45:76:02: 12:82:6b:f8:be:cf:21:04:d7:fd:b7:76:79:3c:eb:e0:27:0b: a7:3f:95:99:68:f6:9f:29:e1:bf:47:b9:a2:ce:7c:43:32:48: a8:71:42:89:27:70:8f:7c:2a:17:02:20:b2:06:e9:43:fb:cd: ff:d4:97:d5:2a:63:29:db:6f:dc:9b:55:81:7a:9e:c4:e5:d4: dd:87:48:bd:2f:15:9e:b3:46:aa:36:29:7f:6e:d1:0c:80:bb: 5e:26:0d:c5:0b:fb:99:90:34:30:a7:2a:aa:e2:95:b2:b5:6f: 4b:a3:8b:7c:43:27:ad:95:0e:a8:13:99:31:91:ef:34:0e:41: 21:d8:35:f0:16:60:ea:34:f7:67:b1:c4:06:99:48:81:0b:a0: b1:fe:5d:22:87:16:87:6a:cf:77:25:46:0f:ba:79:72:33:af: 6d:96:88:bf:e4:f7:f8:0d:07:32:d7:02:d6:3c:0d:1e:3b:d2: f2:e5:14:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUwNTMwMTgxNDQyWhcNMjUwNjA2MTgxNDQyWjAYMRYwFAYD VQQDEw02ODM5ZjU5Mi1mNmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsfYSaap7I9NyNOuRY5xfQHICpQX1qZ3b92i/V8Cj/PBio9sEehKhRk0pcitb r5He2+x6x4Cb9GDWgMafVyLy/UUsDVVv011IK5j0tqSBMg/Jk2BIcCIbrRAUYfl5 rDAaNhmeNuixc2W1n1f9vSc2cwKct3gT2phDg5RpvScSYy4uXxuq58XqJW14+MZI IOe69xfcL+LxzcDxOT9pT9Qi5mjZUwFq2oKfldPaVl70j5zK1iWzd8o2zMb999W0 Oc3kKuRLWo699qIMOXSvbNyfMODvRBUrn56l8aE7zQaYnO+KSLYIX4xtuAXtEGNY yQYbX8tc1ZAlO30wr8dhvQJNnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPWhZAKr yl/Lwm14GJ+nfzpm2dI2MB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoyFr8nlt6fAMX79zZ5k+guqRc9/0dpMhs0TgYJeak3uDLWXyDdJem uP4l4jGEl6H0YoS1JzQLNf9BJsAygQd/v4QDyihFdgISgmv4vs8hBNf9t3Z5POvg JwunP5WZaPafKeG/R7miznxDMkiocUKJJ3CPfCoXAiCyBulD+83/1JfVKmMp22/c m1WBep7E5dTdh0i9LxWes0aqNil/btEMgLteJg3FC/uZkDQwpyqq4pWytW9Lo4t8 QyetlQ6oE5kxke80DkEh2DXwFmDqNPdnscQGmUiBC6Cx/l0ihxaHas93JUYPunly M69tloi/5Pf4DQcy1wLWPA0eO9Ly5RTI -----END CERTIFICATE-----Generated at Sat May 31 17:27:59 2025 by rpki-client