$ rpki-client -vvf rpki.apnic.net/member_repository/A9153C27/65BB489C004A11EA980F2A7CC4F9AE02/VFjEVinBBKqnpYcoaG-NHihyqSo.mft File: VFjEVinBBKqnpYcoaG-NHihyqSo.mft (raw, json) Hash identifier: aghJSsvdHCdo51DEPn/YXbCfgysRkzgvUsEJZMwHsZ4= Subject key identifier: D9:17:8A:82:64:C4:38:55:9A:73:BD:02:72:98:9B:A7:49:78:0A:C3 Authority key identifier: 54:58:C4:56:29:C1:04:AA:A7:A5:87:28:68:6F:8D:1E:28:72:A9:2A Certificate issuer: /CN=A9153C27/serialNumber=5458C45629C104AAA7A58728686F8D1E2872A92A Certificate serial: 0C64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFjEVinBBKqnpYcoaG-NHihyqSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153C27/65BB489C004A11EA980F2A7CC4F9AE02/VFjEVinBBKqnpYcoaG-NHihyqSo.mft Manifest number: 0C5C Signing time: Fri 30 May 2025 18:30:47 +0000 Manifest this update: Fri 30 May 2025 18:30:47 +0000 Manifest next update: Fri 06 Jun 2025 18:30:47 +0000 Files and hashes: 1: VFjEVinBBKqnpYcoaG-NHihyqSo.crl (hash: yDDftSB2gfWd7jfQaRkdeKoW+O85C4D+tD/bDw/LXzY=) 2: DB020E9C010D11EAA82AD83CC4F9AE02.roa (hash: +/HgExCatPcRmJalycUeFMmwknrCCg9dQk/HjuFZjUc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153C27/65BB489C004A11EA980F2A7CC4F9AE02/VFjEVinBBKqnpYcoaG-NHihyqSo.crl rsync://rpki.apnic.net/member_repository/A9153C27/65BB489C004A11EA980F2A7CC4F9AE02/VFjEVinBBKqnpYcoaG-NHihyqSo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFjEVinBBKqnpYcoaG-NHihyqSo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:30:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3172 (0xc64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153C27, serialNumber=5458C45629C104AAA7A58728686F8D1E2872A92A Validity Not Before: May 30 18:30:47 2025 GMT Not After : Jun 6 18:30:47 2025 GMT Subject: CN=6839f957-3ea7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ff:65:4d:a5:e3:57:39:a1:e6:7c:a1:1d:60: 1a:17:48:ca:c5:c1:99:91:6e:33:62:de:1a:cd:42: 17:9b:d9:24:7e:0e:fb:c8:2e:8c:f8:49:63:3f:9f: d8:d9:44:18:a7:66:7c:8e:4c:81:71:80:f8:db:21: 01:ad:9c:f1:b4:0b:a5:37:94:93:78:04:d4:e1:90: b8:f6:61:13:2c:3c:ae:a4:ad:9b:5a:47:13:a7:68: 66:21:f3:4e:0b:d7:f0:e6:e7:76:66:92:ff:f0:87: 79:e8:06:ec:36:0c:44:e3:01:44:d0:bd:1e:85:9f: 28:d1:5b:43:2e:47:f7:2e:69:7b:44:e3:88:db:b3: 8b:5d:8d:d7:95:29:a6:73:64:22:38:62:3f:dc:c8: 27:48:20:5e:80:09:b3:d7:f7:67:6d:7f:85:1b:0f: dc:65:00:6c:22:2e:b3:8f:49:ab:50:de:b1:82:6d: 9b:28:e1:6a:32:c8:e2:9a:77:9a:c9:b8:30:de:b0: 2a:bf:34:39:1f:69:a3:27:6f:de:26:50:41:dc:63: 09:38:aa:f1:9d:6c:15:72:2e:16:db:f9:13:e8:85: 82:f8:08:f4:63:a8:16:0e:6d:eb:83:41:98:68:ba: 52:3d:f5:44:ed:50:dc:6e:8b:e6:4a:9b:c6:58:71: 7a:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:17:8A:82:64:C4:38:55:9A:73:BD:02:72:98:9B:A7:49:78:0A:C3 X509v3 Authority Key Identifier: keyid:54:58:C4:56:29:C1:04:AA:A7:A5:87:28:68:6F:8D:1E:28:72:A9:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153C27/65BB489C004A11EA980F2A7CC4F9AE02/VFjEVinBBKqnpYcoaG-NHihyqSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFjEVinBBKqnpYcoaG-NHihyqSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153C27/65BB489C004A11EA980F2A7CC4F9AE02/VFjEVinBBKqnpYcoaG-NHihyqSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:c2:a2:5a:b4:94:7d:2e:6b:dd:c4:56:99:e9:62:2a:eb:a7: db:d1:f3:77:9b:0c:9f:e4:b4:5c:41:6b:d8:59:79:3a:e3:43: 08:da:70:21:0f:de:14:0e:de:5e:e1:86:ee:e9:60:39:51:53: db:33:11:06:70:ad:8e:04:5c:b2:8c:6a:0a:f6:7a:21:14:c6: 9a:26:89:12:f8:ab:bd:88:f2:b2:6c:28:cc:19:9f:f3:c3:8e: 7a:d4:16:e2:7c:79:55:be:47:71:a9:bf:d0:56:80:bc:77:0e: 93:a5:fe:98:9d:88:8d:33:a4:b6:76:14:ff:85:98:b1:1b:c7: f8:34:4f:76:ad:18:53:a9:e4:17:88:c5:81:c4:38:82:4d:8e: 40:40:ff:53:61:62:3e:ea:2f:bc:a0:38:94:9f:e8:5a:c3:9d: e2:fb:77:8c:6c:93:b0:bf:40:d9:1a:c0:fa:20:7b:76:a0:99: eb:dc:5b:ae:6a:eb:eb:59:6e:f3:be:a2:28:28:ca:d3:4b:ad: c7:f9:05:62:f7:72:2e:1f:9a:2e:84:79:be:51:17:fd:68:c4: 98:5f:b4:63:2e:a5:16:dc:b0:1c:52:13:e2:d8:30:4e:36:de: 7c:b6:a8:ae:86:83:58:9b:15:e9:ec:2d:cd:54:b2:06:69:9c: 63:71:1d:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNDMjcxMTAvBgNVBAUTKDU0NThDNDU2MjlDMTA0QUFBN0E1ODcyODY4NkY4RDFF Mjg3MkE5MkEwHhcNMjUwNTMwMTgzMDQ3WhcNMjUwNjA2MTgzMDQ3WjAYMRYwFAYD VQQDEw02ODM5Zjk1Ny0zZWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx/9lTaXjVzmh5nyhHWAaF0jKxcGZkW4zYt4azUIXm9kkfg77yC6M+EljP5/Y 2UQYp2Z8jkyBcYD42yEBrZzxtAulN5STeATU4ZC49mETLDyupK2bWkcTp2hmIfNO C9fw5ud2ZpL/8Id56AbsNgxE4wFE0L0ehZ8o0VtDLkf3Lml7ROOI27OLXY3XlSmm c2QiOGI/3MgnSCBegAmz1/dnbX+FGw/cZQBsIi6zj0mrUN6xgm2bKOFqMsjimnea ybgw3rAqvzQ5H2mjJ2/eJlBB3GMJOKrxnWwVci4W2/kT6IWC+Aj0Y6gWDm3rg0GY aLpSPfVE7VDcbovmSpvGWHF6lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNkXioJk xDhVmnO9AnKYm6dJeArDMB8GA1UdIwQYMBaAFFRYxFYpwQSqp6WHKGhvjR4ocqkq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0MyNy82NUJCNDg5QzAw NEExMUVBOTgwRjJBN0NDNEY5QUUwMi9WRmpFVmluQkJLcW5wWWNvYUctTkhpaHlx U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZGakVWaW5CQktxbnBZY29hRy1OSGloeXFTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0MyNy82NUJCNDg5QzAwNEExMUVBOTgwRjJBN0NDNEY5QUUwMi9WRmpFVmluQkJL cW5wWWNvYUctTkhpaHlxU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBawqJatJR9LmvdxFaZ6WIq66fb0fN3mwyf5LRcQWvYWXk640MI2nAh D94UDt5e4Ybu6WA5UVPbMxEGcK2OBFyyjGoK9nohFMaaJokS+Ku9iPKybCjMGZ/z w4561BbifHlVvkdxqb/QVoC8dw6Tpf6YnYiNM6S2dhT/hZixG8f4NE92rRhTqeQX iMWBxDiCTY5AQP9TYWI+6i+8oDiUn+haw53i+3eMbJOwv0DZGsD6IHt2oJnr3Fuu auvrWW7zvqIoKMrTS63H+QVi93IuH5ouhHm+URf9aMSYX7RjLqUW3LAcUhPi2DBO Nt58tqiuhoNYmxXp7C3NVLIGaZxjcR3l -----END CERTIFICATE-----Generated at Sat May 31 17:58:45 2025 by rpki-client