$ rpki-client -vvf rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft File: CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft (raw, json) Hash identifier: Snx+Hi8r5u4c4oG3FAJQjDbWqFJdT5ZdoweqhW9hJj0= Subject key identifier: 94:DD:6D:2A:65:BF:EE:E0:5E:22:1E:FF:7E:4E:14:F4:B2:B3:09:67 Authority key identifier: 0A:61:52:83:4E:12:99:C1:1C:F6:E0:78:65:F7:65:B2:38:65:63:89 Certificate issuer: /CN=A9168C73/serialNumber=0A6152834E1299C11CF6E07865F765B238656389 Certificate serial: 01A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmFSg04SmcEc9uB4ZfdlsjhlY4k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft Manifest number: 01A1 Signing time: Sat 31 May 2025 03:02:50 +0000 Manifest this update: Sat 31 May 2025 03:02:50 +0000 Manifest next update: Sat 07 Jun 2025 03:02:50 +0000 Files and hashes: 1: CmFSg04SmcEc9uB4ZfdlsjhlY4k.crl (hash: hsWoq7kpFErd7rXAOzJ0gjXazfIrWV59a7DZqLwn36A=) 2: D8EC2D84C6FF11EDA93A1D43C4F9AE02.roa (hash: 1DI+mqIXwfIJnsuS//oB0VNc4iGbxjDEhe/n7gNnlpo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.crl rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmFSg04SmcEc9uB4ZfdlsjhlY4k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 420 (0x1a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168C73, serialNumber=0A6152834E1299C11CF6E07865F765B238656389 Validity Not Before: May 31 03:02:50 2025 GMT Not After : Jun 7 03:02:50 2025 GMT Subject: CN=683a715a-b68d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1b:1b:fc:7a:ba:38:e2:99:02:0c:14:e6:01: d4:1b:8a:c2:15:d7:30:ee:a1:1c:2b:59:75:b2:ff: dd:8a:82:19:60:c5:2b:24:8a:14:3f:9d:a0:97:11: 31:f7:5a:ff:7a:cc:5d:cf:7d:4d:89:18:95:e8:03: 66:b9:28:08:0b:cf:14:ec:37:dc:f4:ad:69:6e:63: db:97:50:90:51:b2:4f:85:07:81:09:ba:cd:69:f1: c5:dc:ed:98:4d:28:de:62:a6:b3:97:b3:3b:13:b1: 51:e3:4c:22:9b:de:64:2d:60:54:51:f8:8c:83:53: 2b:b4:e5:6c:5b:87:cf:bb:12:b4:b3:32:a8:ee:c9: ab:36:84:32:a3:58:e9:df:58:20:ed:ca:d8:f7:b1: 78:37:32:8c:ee:48:52:af:a5:8f:73:f2:83:f3:b1: d8:b8:57:59:f9:ca:0f:d5:3a:e3:4a:a6:7f:44:32: a2:be:b5:79:64:7c:96:56:48:bc:94:2e:69:d7:e7: f1:2c:48:b4:f4:d2:3f:1f:d2:65:1a:d2:de:54:a1: f2:74:ea:f3:7a:1e:2d:7f:70:4c:a8:0c:ff:7e:65: 9c:14:8a:dd:06:fd:b5:1a:03:ba:38:e6:f9:ca:49: ec:6b:4c:3e:a2:38:1a:b0:27:65:aa:9c:8a:2c:17: ac:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:DD:6D:2A:65:BF:EE:E0:5E:22:1E:FF:7E:4E:14:F4:B2:B3:09:67 X509v3 Authority Key Identifier: keyid:0A:61:52:83:4E:12:99:C1:1C:F6:E0:78:65:F7:65:B2:38:65:63:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmFSg04SmcEc9uB4ZfdlsjhlY4k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:7f:f0:9d:72:23:d1:f0:26:ce:9d:dc:3e:55:08:77:ec:0b: 5d:a3:e3:5d:31:76:fe:0c:16:57:66:00:78:0a:dc:d6:2d:35: 68:5e:a6:93:36:85:2d:e9:ae:c4:7b:80:27:6f:c6:50:aa:6f: 48:86:ba:96:d5:1b:5d:68:57:5a:99:8b:a7:0d:92:ff:0f:66: 44:c9:c0:f4:ae:32:b2:d5:b3:71:c9:c2:da:5e:30:b0:20:66: 70:04:76:94:44:a9:35:03:21:a4:a8:f5:58:d5:ed:b2:f0:0f: 4e:71:31:dd:86:ff:78:2d:fe:bb:bc:c6:96:45:0f:dd:0a:5a: 6c:cb:f8:84:c5:49:3e:07:20:34:47:b0:10:a1:35:f4:93:1e: a1:58:63:b0:1c:aa:6f:ec:e4:3b:e9:a1:b5:a5:27:5e:28:d3: 5d:1e:66:86:5a:fa:7e:55:e3:1c:8a:06:b1:a7:42:da:0f:20: b3:cb:6d:a6:6b:65:14:73:9c:e3:29:b3:8c:0f:14:cc:0c:a7: 83:01:03:d0:e9:fd:26:fa:61:46:74:22:10:6d:ec:ec:25:49: 06:98:00:bf:99:74:1b:b2:79:a5:68:9b:ac:83:1d:75:aa:2f: ca:c9:ca:6c:1a:8c:4c:09:64:1a:e3:fa:9c:fb:02:7b:46:74: e4:16:77:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjhDNzMxMTAvBgNVBAUTKDBBNjE1MjgzNEUxMjk5QzExQ0Y2RTA3ODY1Rjc2NUIy Mzg2NTYzODkwHhcNMjUwNTMxMDMwMjUwWhcNMjUwNjA3MDMwMjUwWjAYMRYwFAYD VQQDEw02ODNhNzE1YS1iNjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqhsb/Hq6OOKZAgwU5gHUG4rCFdcw7qEcK1l1sv/dioIZYMUrJIoUP52glxEx 91r/esxdz31NiRiV6ANmuSgIC88U7Dfc9K1pbmPbl1CQUbJPhQeBCbrNafHF3O2Y TSjeYqazl7M7E7FR40wim95kLWBUUfiMg1MrtOVsW4fPuxK0szKo7smrNoQyo1jp 31gg7crY97F4NzKM7khSr6WPc/KD87HYuFdZ+coP1TrjSqZ/RDKivrV5ZHyWVki8 lC5p1+fxLEi09NI/H9JlGtLeVKHydOrzeh4tf3BMqAz/fmWcFIrdBv21GgO6OOb5 yknsa0w+ojgasCdlqpyKLBesjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJTdbSpl v+7gXiIe/35OFPSyswlnMB8GA1UdIwQYMBaAFAphUoNOEpnBHPbgeGX3ZbI4ZWOJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEM3My84RTVDOUNDMEMz MTQxMUVEOTdBMEEzN0ZDNEY5QUUwMi9DbUZTZzA0U21jRWM5dUI0WmZkbHNqaGxZ NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtRlNnMDRTbWNFYzl1QjRaZmRsc2pobFk0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OEM3My84RTVDOUNDMEMzMTQxMUVEOTdBMEEzN0ZDNEY5QUUwMi9DbUZTZzA0U21j RWM5dUI0WmZkbHNqaGxZNGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaf/CdciPR8CbOndw+VQh37Atdo+NdMXb+DBZXZgB4CtzWLTVoXqaT NoUt6a7Ee4Anb8ZQqm9IhrqW1RtdaFdamYunDZL/D2ZEycD0rjKy1bNxycLaXjCw IGZwBHaURKk1AyGkqPVY1e2y8A9OcTHdhv94Lf67vMaWRQ/dClpsy/iExUk+ByA0 R7AQoTX0kx6hWGOwHKpv7OQ76aG1pSdeKNNdHmaGWvp+VeMcigaxp0LaDyCzy22m a2UUc5zjKbOMDxTMDKeDAQPQ6f0m+mFGdCIQbezsJUkGmAC/mXQbsnmlaJusgx11 qi/KycpsGoxMCWQa4/qc+wJ7RnTkFneQ -----END CERTIFICATE-----Generated at Sat May 31 17:36:04 2025 by rpki-client