$ rpki-client -vvf rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft File: DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft (raw, json) Hash identifier: 2qJMaGVugkZtgwwqnXkb2h2BfObUX888TAaoqNcMzOo= Subject key identifier: AD:F5:36:FD:58:CD:9F:21:7F:CE:BE:15:B8:6E:FF:A1:30:2C:01:4C Authority key identifier: 0C:4C:17:22:9C:6A:B6:7F:54:3F:EC:9C:4D:03:E5:FE:E4:ED:2F:F6 Certificate issuer: /CN=A9157ADC/serialNumber=0C4C17229C6AB67F543FEC9C4D03E5FEE4ED2FF6 Certificate serial: 022A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft Manifest number: 0227 Signing time: Sat 31 May 2025 02:07:32 +0000 Manifest this update: Sat 31 May 2025 02:07:32 +0000 Manifest next update: Sat 07 Jun 2025 02:07:32 +0000 Files and hashes: 1: DEwXIpxqtn9UP-ycTQPl_uTtL_Y.crl (hash: j5axAhA+Q1x1Y7Mrg6CDqDly8/GpI3uxDlJTMjPVobc=) 2: 88FCD2C62DBA11ED94AFED62C4F9AE02.roa (hash: XW5eQLHT9pjam4DydX+MPOf7MxBb8MiFoha5U/4pDCM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.crl rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:07:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 554 (0x22a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157ADC, serialNumber=0C4C17229C6AB67F543FEC9C4D03E5FEE4ED2FF6 Validity Not Before: May 31 02:07:32 2025 GMT Not After : Jun 7 02:07:32 2025 GMT Subject: CN=683a6464-c75e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f3:88:d1:d4:39:41:0f:76:4d:9a:6d:06:a1: 2a:b7:af:78:8b:11:7d:4d:11:6d:c9:a6:3b:49:fe: 69:d6:cf:31:42:46:df:8d:23:53:bf:37:73:5f:b1: 63:00:e3:ae:04:3f:84:c8:4b:8f:4c:d2:63:80:e6: a2:1f:8e:56:ff:57:19:1a:7b:4b:de:c9:1c:dd:b8: 20:77:e9:45:16:23:a9:94:3a:1b:9a:9f:6e:7c:54: 46:85:c6:f2:e1:b9:74:05:8c:f9:8d:fa:b7:26:3b: 8e:2f:6b:a5:61:d8:3a:c1:bb:ad:e7:8e:c2:0c:4d: 5c:32:00:42:ba:f5:50:5a:bc:78:f6:1f:86:be:b9: 86:29:0d:37:ca:1b:05:9e:57:0a:3c:6f:ad:f0:22: 00:ca:3d:d8:bd:0b:22:00:5a:34:18:9f:f5:a9:e6: 70:ad:6f:72:10:82:a9:dc:6d:8a:20:84:b1:57:f9: 82:52:de:6a:c5:88:14:4a:80:a1:9a:e8:bf:5d:c1: 42:a3:40:5d:90:91:a1:71:e9:13:cd:d3:37:5d:7e: 04:75:0c:33:b6:29:7f:e1:8b:c1:c9:93:a7:0f:74: d2:8f:a6:cd:bc:f8:a4:e4:05:1a:4e:09:16:83:a4: 10:58:5b:05:75:37:01:96:84:f5:0e:92:c8:f5:06: cc:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:F5:36:FD:58:CD:9F:21:7F:CE:BE:15:B8:6E:FF:A1:30:2C:01:4C X509v3 Authority Key Identifier: keyid:0C:4C:17:22:9C:6A:B6:7F:54:3F:EC:9C:4D:03:E5:FE:E4:ED:2F:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:f4:a0:c2:c9:ed:06:07:f7:b4:3e:ea:13:c4:44:5f:40:9f: 5e:ee:48:a4:24:af:3a:11:38:0d:ff:93:ee:70:05:a3:b7:f5: 7e:17:b5:36:dc:59:08:ba:21:e5:f4:55:5a:f7:d4:e5:48:24: 5f:03:c6:70:4e:28:f7:f0:c0:83:15:38:17:8b:4b:6a:51:a5: 24:ef:b5:27:1d:2b:3e:dc:a4:70:a4:6b:0b:9b:aa:af:37:2c: fc:f1:68:d7:df:e3:6f:97:a0:64:96:db:81:ec:28:28:68:06: 79:74:5f:ce:92:cd:e3:d3:f8:6c:d2:93:2b:4e:31:4e:95:cb: da:5a:bd:f9:a4:b8:cd:c2:f5:df:5a:c5:ba:fb:d0:b8:36:96: c8:95:e2:24:44:cf:d8:ee:57:b3:07:a7:ed:17:99:18:cd:7c: 4b:86:5c:b4:20:ef:98:88:3c:8b:bd:d4:c9:8d:41:c5:93:ec: f7:4a:8e:d6:c3:d0:6a:f9:50:2d:e1:e3:2d:af:7b:27:a1:5b: e1:6f:eb:05:06:bc:cb:ed:de:db:80:45:fb:18:11:22:e6:fc: e9:74:6c:4b:5e:f5:68:80:7f:a1:8a:26:d5:13:ce:c9:37:65: be:fe:c3:25:55:f8:d7:e6:73:7f:3f:db:84:c2:be:19:01:43: 03:ea:d5:ff -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdBREMxMTAvBgNVBAUTKDBDNEMxNzIyOUM2QUI2N0Y1NDNGRUM5QzREMDNFNUZF RTRFRDJGRjYwHhcNMjUwNTMxMDIwNzMyWhcNMjUwNjA3MDIwNzMyWjAYMRYwFAYD VQQDEw02ODNhNjQ2NC1jNzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv/OI0dQ5QQ92TZptBqEqt694ixF9TRFtyaY7Sf5p1s8xQkbfjSNTvzdzX7Fj AOOuBD+EyEuPTNJjgOaiH45W/1cZGntL3skc3bggd+lFFiOplDobmp9ufFRGhcby 4bl0BYz5jfq3JjuOL2ulYdg6wbut547CDE1cMgBCuvVQWrx49h+GvrmGKQ03yhsF nlcKPG+t8CIAyj3YvQsiAFo0GJ/1qeZwrW9yEIKp3G2KIISxV/mCUt5qxYgUSoCh mui/XcFCo0BdkJGhcekTzdM3XX4EdQwztil/4YvByZOnD3TSj6bNvPik5AUaTgkW g6QQWFsFdTcBloT1DpLI9QbMNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK31Nv1Y zZ8hf86+Fbhu/6EwLAFMMB8GA1UdIwQYMBaAFAxMFyKcarZ/VD/snE0D5f7k7S/2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0FEQy9GNTc1ODlFMjJE QjYxMUVEODIxNTlCNUVDNEY5QUUwMi9ERXdYSXB4cXRuOVVQLXljVFFQbF91VHRM X1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RFd1hJcHhxdG45VVAteWNUUVBsX3VUdExfWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0FEQy9GNTc1ODlFMjJEQjYxMUVEODIxNTlCNUVDNEY5QUUwMi9ERXdYSXB4cXRu OVVQLXljVFFQbF91VHRMX1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAq9KDCye0GB/e0PuoTxERfQJ9e7kikJK86ETgN/5PucAWjt/V+F7U2 3FkIuiHl9FVa99TlSCRfA8ZwTij38MCDFTgXi0tqUaUk77UnHSs+3KRwpGsLm6qv Nyz88WjX3+Nvl6BkltuB7CgoaAZ5dF/Oks3j0/hs0pMrTjFOlcvaWr35pLjNwvXf WsW6+9C4NpbIleIkRM/Y7lezB6ftF5kYzXxLhly0IO+YiDyLvdTJjUHFk+z3So7W w9Bq+VAt4eMtr3snoVvhb+sFBrzL7d7bgEX7GBEi5vzpdGxLXvVogH+hiibVE87J N2W+/sMlVfjX5nN/P9uEwr4ZAUMD6tX/ -----END CERTIFICATE-----Generated at Sat May 31 17:27:59 2025 by rpki-client