$ rpki-client -vvf rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft File: cnOFPaBj78uOxUSwMg1acHuUwIk.mft (raw, json) Hash identifier: KgPnB4Dhwzcqo8rHey5EXWhYCfM621Xc34nTOr4kQjY= Subject key identifier: 9E:9C:A0:D6:41:99:BE:9F:04:69:11:D8:F3:1C:15:0F:40:A1:D1:F8 Authority key identifier: 72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 Certificate issuer: /CN=A9163824/serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Certificate serial: 0716 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft Manifest number: 2D03 Signing time: Sat 31 May 2025 15:40:40 +0000 Manifest this update: Sat 31 May 2025 15:40:39 +0000 Manifest next update: Sat 07 Jun 2025 15:40:39 +0000 Files and hashes: 1: cnOFPaBj78uOxUSwMg1acHuUwIk.crl (hash: OUOquS10LpsVn+tsM8PiIhKpm62u8G07t8E25lqmt2g=) 2: 4BB610C2E16511EC8EDF6621C4F9AE02.roa (hash: Mse2fnTgzH7IcGff7hL/OaUafi6TDhnPkojb8Rkr2XY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:40:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1814 (0x716) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9163824, serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Validity Not Before: May 31 15:40:39 2025 GMT Not After : Jun 7 15:40:39 2025 GMT Subject: CN=683b22f8-84fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2e:b5:98:7f:71:17:c3:45:fa:83:32:35:00: 7d:2b:09:9a:d6:d4:6b:d9:fc:a4:90:f4:69:8a:15: cd:92:45:a4:89:71:42:62:38:c2:96:78:26:cf:c5: 0e:b1:be:e0:94:31:e4:bc:95:d6:91:09:9c:e9:30: df:16:10:ea:46:71:07:ce:1c:b3:6a:bb:95:51:cb: 8d:ec:63:34:5a:84:70:9f:61:2c:f1:45:9e:11:36: 1c:32:83:87:99:5b:01:46:c1:2c:e6:42:a8:4e:ea: ed:44:95:e1:48:28:1a:9b:ac:4c:f6:86:8e:e4:96: 5d:51:7b:2e:ee:18:de:b3:d8:53:e8:c7:b6:5c:2b: e2:a5:2b:35:61:11:68:55:a0:af:53:d2:9e:10:47: 0c:21:2d:6e:04:01:4f:c9:6a:dd:e2:2a:d8:e7:83: 49:07:2a:db:7c:11:0d:c6:82:26:66:15:26:b4:8c: 1b:5c:72:8c:0f:c7:ec:9c:f6:c9:29:32:61:93:b5: ae:f1:4d:c1:d7:18:73:0d:37:d6:0b:c6:8a:74:5c: b7:03:5a:53:a3:01:8b:ec:c9:35:81:1d:8d:fc:1c: 23:73:0f:44:f3:74:54:8f:de:20:3e:e4:c9:c1:a4: b9:45:7f:eb:79:50:d9:98:47:4a:45:6e:8c:48:8b: 15:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:9C:A0:D6:41:99:BE:9F:04:69:11:D8:F3:1C:15:0F:40:A1:D1:F8 X509v3 Authority Key Identifier: keyid:72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:10:f9:8d:b4:86:22:e6:f2:32:78:d6:39:1a:52:69:ba:f4: 78:70:6b:b4:54:e4:4d:36:ee:7f:76:3f:8e:4b:88:f8:7d:40: e0:16:fb:a6:bb:07:56:aa:ca:5c:b5:8b:b6:86:ee:9d:33:d9: 6f:56:fa:8e:c5:81:bf:cb:64:b2:c7:ea:83:0c:1b:9d:9c:26: f9:b8:80:15:43:f4:13:05:03:7c:09:35:db:44:87:97:63:58: b5:3d:38:c0:72:77:41:56:b7:b5:8a:92:a0:5b:a0:9a:e7:76: 3e:11:75:a9:bb:0a:16:2a:fd:b7:fc:34:b1:fc:32:7c:3f:e5: 7a:4a:2b:2b:e8:41:ed:8b:70:c6:2d:7e:8a:86:9e:18:a5:51: 10:c3:f7:cf:2e:fb:3c:4b:21:54:6a:74:90:c9:c4:f2:52:bc: b8:4d:09:d7:6a:13:6c:2f:09:59:79:12:66:07:00:ff:b8:24: 89:d7:a4:21:a3:d6:15:fd:49:2f:e1:5f:4b:1d:5f:ae:a9:3c: a6:b4:5e:78:7e:67:f5:c1:8c:2d:90:44:bc:34:c1:3a:26:4a: 39:76:03:1b:67:60:19:2a:67:76:35:5d:c2:c9:5b:09:db:17: 24:84:ac:27:6f:05:7a:c5:02:40:41:8f:2c:24:a8:e6:8c:ab: 8e:0a:be:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBxYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4MjQxMTAvBgNVBAUTKDcyNzM4NTNEQTA2M0VGQ0I4RUM1NDRCMDMyMEQ1QTcw N0I5NEMwODkwHhcNMjUwNTMxMTU0MDM5WhcNMjUwNjA3MTU0MDM5WjAYMRYwFAYD VQQDEw02ODNiMjJmOC04NGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAui61mH9xF8NF+oMyNQB9Kwma1tRr2fykkPRpihXNkkWkiXFCYjjClngmz8UO sb7glDHkvJXWkQmc6TDfFhDqRnEHzhyzaruVUcuN7GM0WoRwn2Es8UWeETYcMoOH mVsBRsEs5kKoTurtRJXhSCgam6xM9oaO5JZdUXsu7hjes9hT6Me2XCvipSs1YRFo VaCvU9KeEEcMIS1uBAFPyWrd4irY54NJByrbfBENxoImZhUmtIwbXHKMD8fsnPbJ KTJhk7Wu8U3B1xhzDTfWC8aKdFy3A1pTowGL7Mk1gR2N/Bwjcw9E83RUj94gPuTJ waS5RX/reVDZmEdKRW6MSIsVfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ6coNZB mb6fBGkR2PMcFQ9AodH4MB8GA1UdIwQYMBaAFHJzhT2gY+/LjsVEsDINWnB7lMCJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzgyNC9CQTBFRkU1MkZE MjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4dU94VVN3TWcxYWNIdVV3 SWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuT0ZQYUJqNzh1T3hVU3dNZzFhY0h1VXdJay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzgyNC9CQTBFRkU1MkZEMjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4 dU94VVN3TWcxYWNIdVV3SWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGEPmNtIYi5vIyeNY5GlJpuvR4cGu0VORNNu5/dj+OS4j4fUDgFvum uwdWqspctYu2hu6dM9lvVvqOxYG/y2Syx+qDDBudnCb5uIAVQ/QTBQN8CTXbRIeX Y1i1PTjAcndBVre1ipKgW6Ca53Y+EXWpuwoWKv23/DSx/DJ8P+V6Sisr6EHti3DG LX6Khp4YpVEQw/fPLvs8SyFUanSQycTyUry4TQnXahNsLwlZeRJmBwD/uCSJ16Qh o9YV/Ukv4V9LHV+uqTymtF54fmf1wYwtkES8NME6Jko5dgMbZ2AZKmd2NV3CyVsJ 2xckhKwnbwV6xQJAQY8sJKjmjKuOCr42 -----END CERTIFICATE-----Generated at Sat May 31 17:17:35 2025 by rpki-client