$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft File: -oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft (raw, json) Hash identifier: 8FNJKwPXRG7O9DukuMOXmWJLvVKJmsqHVdhyN+DvCoM= Subject key identifier: 33:52:66:11:D9:83:35:74:35:37:42:AF:C9:E6:A7:09:9E:62:C1:61 Authority key identifier: FA:81:1F:52:E5:19:5A:42:9D:70:6D:19:C0:03:23:7C:32:09:AA:37 Certificate issuer: /CN=A9167CB5/serialNumber=FA811F52E5195A429D706D19C003237C3209AA37 Certificate serial: B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft Manifest number: B8 Signing time: Sat 31 May 2025 05:30:21 +0000 Manifest this update: Sat 31 May 2025 05:30:21 +0000 Manifest next update: Sat 07 Jun 2025 05:30:21 +0000 Files and hashes: 1: -oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl (hash: IzzDG/YEWAGInp7Sv30MPOgkPtXtvynMn9wnwLzxAPI=) 2: D16A1B5C225711EF975F6747C4F9AE02.roa (hash: 8wJfVmwicvQp5ybkXyvh/U8tiFP/mOR8lTRB18DXQ0w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 185 (0xb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167CB5, serialNumber=FA811F52E5195A429D706D19C003237C3209AA37 Validity Not Before: May 31 05:30:21 2025 GMT Not After : Jun 7 05:30:21 2025 GMT Subject: CN=683a93ed-36ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:fc:07:70:ce:56:f1:f3:7d:c5:ef:64:32:f1: f4:6a:c9:35:7e:6f:ce:73:2e:df:da:19:db:91:43: a1:d5:23:36:08:0d:04:71:53:6f:9f:c8:33:2a:00: 11:60:41:ed:77:f3:92:c2:c7:e9:d0:7c:8f:ca:f8: 95:73:ef:27:67:0b:23:38:d7:0b:ca:40:92:fc:c5: 19:c6:3b:19:8a:f6:27:5d:f0:f0:19:1f:c2:b9:6b: c3:09:c0:eb:10:c0:e1:39:67:fe:40:e3:b8:9c:47: 7b:83:8a:d2:69:ad:a9:73:83:30:7d:73:08:0a:a4: 57:54:20:cb:68:f0:ad:8f:d1:e8:e9:87:68:35:d5: 05:36:74:6d:c7:85:8f:73:26:02:f9:ae:eb:c2:3a: cc:b4:02:fc:4b:a1:c7:99:ae:7a:3e:09:4f:9f:36: 7b:5b:b6:ee:30:23:94:7f:45:f8:bb:e1:80:55:0d: 66:be:c1:b5:bb:85:cf:92:63:a8:e7:5b:33:3d:bd: 35:ca:b9:b3:3e:16:69:3e:ca:7e:9d:bf:4d:c2:71: bf:cf:4b:ce:13:2d:6b:93:95:b3:f9:00:9d:3f:52: de:4e:83:00:28:87:ec:92:f8:c3:0c:35:48:60:e2: 91:ea:d0:2a:4b:c4:5e:4c:73:9f:f1:66:39:90:8d: 78:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:52:66:11:D9:83:35:74:35:37:42:AF:C9:E6:A7:09:9E:62:C1:61 X509v3 Authority Key Identifier: keyid:FA:81:1F:52:E5:19:5A:42:9D:70:6D:19:C0:03:23:7C:32:09:AA:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:56:c8:57:94:ed:97:08:95:76:3d:b8:ad:d3:db:1a:d8:10: da:aa:3d:41:76:5c:7b:df:eb:f3:44:77:1c:9b:a1:b1:2d:fd: 51:b7:c2:4d:62:9e:ff:d3:9b:26:9f:d0:c2:86:58:57:5e:04: b5:06:e3:46:95:a6:4b:9e:fa:d7:73:23:dd:46:9f:ce:ac:c5: c3:3e:54:aa:d9:ed:70:2e:a9:5d:eb:ff:fd:17:85:dd:b6:39: 8e:ae:21:5c:4a:9a:20:65:7e:fc:1e:6d:0c:13:f2:7a:dc:ce: 1e:70:8f:9f:25:10:81:f6:ae:f0:ca:26:2e:1c:66:b6:19:24: f8:75:f3:1e:35:96:e8:6b:79:34:ac:e7:d5:cf:b8:1d:c4:fb: f6:c5:6e:e8:09:1d:ca:14:ba:47:ed:70:f5:30:de:d2:15:21: e2:38:0d:83:2f:06:9b:93:73:d1:11:e8:15:2d:b5:ce:59:e9: 6c:a1:7d:b5:57:c5:38:76:4f:ed:e9:6e:a8:3c:cc:fd:bc:8a: af:84:0f:fb:73:9a:fb:62:9d:26:b9:99:97:37:c0:61:b5:4a: 9f:5f:b1:d3:6b:37:8a:8a:b0:58:b5:79:2b:b7:5e:15:6e:7e: 03:e4:22:c8:ff:40:43:a5:03:c3:0b:d6:1a:5d:b4:77:09:70: 38:94:3c:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDQjUxMTAvBgNVBAUTKEZBODExRjUyRTUxOTVBNDI5RDcwNkQxOUMwMDMyMzdD MzIwOUFBMzcwHhcNMjUwNTMxMDUzMDIxWhcNMjUwNjA3MDUzMDIxWjAYMRYwFAYD VQQDEw02ODNhOTNlZC0zNmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1fwHcM5W8fN9xe9kMvH0ask1fm/Ocy7f2hnbkUOh1SM2CA0EcVNvn8gzKgAR YEHtd/OSwsfp0HyPyviVc+8nZwsjONcLykCS/MUZxjsZivYnXfDwGR/CuWvDCcDr EMDhOWf+QOO4nEd7g4rSaa2pc4MwfXMICqRXVCDLaPCtj9Ho6YdoNdUFNnRtx4WP cyYC+a7rwjrMtAL8S6HHma56PglPnzZ7W7buMCOUf0X4u+GAVQ1mvsG1u4XPkmOo 51szPb01yrmzPhZpPsp+nb9NwnG/z0vOEy1rk5Wz+QCdP1LeToMAKIfskvjDDDVI YOKR6tAqS8ReTHOf8WY5kI14BQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDNSZhHZ gzV0NTdCr8nmpwmeYsFhMB8GA1UdIwQYMBaAFPqBH1LlGVpCnXBtGcADI3wyCao3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NCNS9GQTM3QzYzRTIy NTYxMUVGQjc1NjFGNDZDNEY5QUUwMi8tb0VmVXVVWldrS2RjRzBad0FNamZESUpx amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1vRWZVdVVaV2tLZGNHMFp3QU1qZkRJSnFqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0NCNS9GQTM3QzYzRTIyNTYxMUVGQjc1NjFGNDZDNEY5QUUwMi8tb0VmVXVVWldr S2RjRzBad0FNamZESUpxamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0VshXlO2XCJV2Pbit09sa2BDaqj1Bdlx73+vzRHccm6GxLf1Rt8JN Yp7/05smn9DChlhXXgS1BuNGlaZLnvrXcyPdRp/OrMXDPlSq2e1wLqld6//9F4Xd tjmOriFcSpogZX78Hm0ME/J63M4ecI+fJRCB9q7wyiYuHGa2GST4dfMeNZboa3k0 rOfVz7gdxPv2xW7oCR3KFLpH7XD1MN7SFSHiOA2DLwabk3PREegVLbXOWelsoX21 V8U4dk/t6W6oPMz9vIqvhA/7c5r7Yp0muZmXN8BhtUqfX7HTazeKirBYtXkrt14V bn4D5CLI/0BDpQPDC9YaXbR3CXA4lDyc -----END CERTIFICATE-----Generated at Sat May 31 17:40:56 2025 by rpki-client