$ rpki-client -vvf rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft File: cXGYzRpGea2dRS7h2wLQASpDdOw.mft (raw, json) Hash identifier: rh4r8gZ5PGuaPZn6W+uZrHjR6xYheeWPH5wpM3XIY/8= Subject key identifier: 6F:F4:1A:23:45:12:3D:1C:C6:07:48:04:1F:32:7F:66:36:2B:EE:A0 Authority key identifier: 71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC Certificate issuer: /CN=A9169F49/serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Certificate serial: 2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft Manifest number: 2D Signing time: Sat 31 May 2025 07:15:35 +0000 Manifest this update: Sat 31 May 2025 07:15:34 +0000 Manifest next update: Sat 07 Jun 2025 07:15:34 +0000 Files and hashes: 1: cXGYzRpGea2dRS7h2wLQASpDdOw.crl (hash: qk0P9SVXhr9xIngOCvf8vkQ4YNTf8A1QygpZyh5rTAk=) 2: 2B42D1D8F9B611EFB3AB154BC4F9AE02.roa (hash: qRFt1VDcs2OHFjFWZc9CCxRhXeBrmwOFxAL6+b0Q2Co=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:15:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169F49, serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Validity Not Before: May 31 07:15:34 2025 GMT Not After : Jun 7 07:15:34 2025 GMT Subject: CN=683aac97-3dcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8e:55:50:b4:bd:9b:b0:9f:d7:b4:70:d1:2e: 04:cb:c3:9c:c1:b7:ed:e4:2c:35:f9:8f:f5:a1:6c: 5a:cd:87:08:71:0e:ab:2c:a5:43:5e:68:31:40:a3: 27:3f:71:a6:bf:02:fd:de:e2:26:c1:83:bf:63:a0: 8a:bb:df:cd:b8:0a:19:ac:95:a5:d8:55:75:8e:8e: a2:e1:80:6c:55:62:ae:19:82:16:ff:d0:7a:ef:92: 00:dd:7f:15:ea:19:72:ea:cc:80:b4:68:1e:53:eb: 0c:39:44:07:84:a0:e7:f0:67:7f:a7:19:2d:6e:af: 59:ee:f1:7a:4a:57:35:b6:cf:7b:29:ad:3e:0a:bc: 02:97:82:bf:f4:3d:c8:29:1e:5c:94:03:9a:5a:a7: 5f:34:eb:85:d3:99:de:7e:5b:e0:11:86:b2:61:26: f7:42:13:0e:eb:67:5a:2d:62:5f:62:95:ea:60:69: d0:2a:79:84:c7:3e:e5:26:90:08:2a:44:2e:1d:06: 7d:c4:9a:81:67:ac:90:57:50:02:1b:49:ee:a3:33: 6f:62:34:fd:e7:ed:37:96:23:cf:bd:37:a8:a0:18: 73:09:f4:71:6b:81:a7:83:a8:48:a8:5c:7b:88:e6: 0a:5f:6c:cc:6e:22:be:30:c2:31:2a:b0:58:40:10: 78:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:F4:1A:23:45:12:3D:1C:C6:07:48:04:1F:32:7F:66:36:2B:EE:A0 X509v3 Authority Key Identifier: keyid:71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:5b:aa:48:07:c8:06:9d:45:13:78:21:a6:cc:0f:32:1e:43: a1:27:af:0c:68:a4:e8:76:38:e9:b5:fd:54:3b:6d:5a:36:c0: 5e:fc:40:dc:f7:e3:5d:a6:b7:21:f5:f3:2d:67:d5:fe:47:66: 7b:af:9b:70:5d:71:e3:ff:e3:39:7e:2e:a2:22:17:7f:55:ba: ea:f3:18:47:26:d6:1d:99:f7:7f:34:ad:5b:a7:0d:25:d3:35: 19:c0:96:0d:85:ec:d2:dd:c1:2c:be:18:16:60:54:cb:57:9f: 2f:4c:44:bf:16:02:d2:3e:89:e3:a1:5e:f1:e5:dc:4d:7b:fb: a7:18:22:4c:b8:ea:3d:d7:b3:e6:86:01:b9:2d:be:ef:ed:e8: 50:df:7d:d3:b9:a1:37:7f:6e:44:02:cb:35:00:53:03:fd:62: bd:ba:0a:1c:69:a3:88:78:e0:92:2c:1f:22:9d:86:0e:0d:a6: e8:10:8c:e8:b8:02:77:ce:0f:30:d3:02:66:be:c4:3e:19:55: 5a:43:f4:fd:38:c7:76:43:0f:ff:31:a8:12:00:49:bf:ba:b2: 57:21:da:ee:35:fe:f5:77:b8:fa:7c:27:71:10:a6:6d:45:23: 06:d2:f1:0f:d3:b4:73:d5:06:89:b0:69:8b:15:4e:c9:2a:cc: 12:0f:46:f6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 OUY0OTExMC8GA1UEBRMoNzE3MTk4Q0QxQTQ2NzlBRDlENDUyRUUxREIwMkQwMDEy QTQzNzRFQzAeFw0yNTA1MzEwNzE1MzRaFw0yNTA2MDcwNzE1MzRaMBgxFjAUBgNV BAMTDTY4M2FhYzk3LTNkY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkjlVQtL2bsJ/XtHDRLgTLw5zBt+3kLDX5j/WhbFrNhwhxDqsspUNeaDFAoyc/ caa/Av3e4ibBg79joIq73824ChmslaXYVXWOjqLhgGxVYq4Zghb/0HrvkgDdfxXq GXLqzIC0aB5T6ww5RAeEoOfwZ3+nGS1ur1nu8XpKVzW2z3sprT4KvAKXgr/0Pcgp HlyUA5pap18064XTmd5+W+ARhrJhJvdCEw7rZ1otYl9ilepgadAqeYTHPuUmkAgq RC4dBn3EmoFnrJBXUAIbSe6jM29iNP3n7TeWI8+9N6igGHMJ9HFrgaeDqEioXHuI 5gpfbMxuIr4wwjEqsFhAEHiNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUb/QaI0US PRzGB0gEHzJ/ZjYr7qAwHwYDVR0jBBgwFoAUcXGYzRpGea2dRS7h2wLQASpDdOww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5RjQ5L0IyQzVGQjlBRjlC NTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEyZFJTN2gyd0xRQVNwRGRP dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY1hHWXpScEdlYTJkUlM3aDJ3TFFBU3BEZE93LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5 RjQ5L0IyQzVGQjlBRjlCNTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEy ZFJTN2gyd0xRQVNwRGRPdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC5bqkgHyAadRRN4IabMDzIeQ6EnrwxopOh2OOm1/VQ7bVo2wF78QNz3 412mtyH18y1n1f5HZnuvm3BdceP/4zl+LqIiF39VuurzGEcm1h2Z9380rVunDSXT NRnAlg2F7NLdwSy+GBZgVMtXny9MRL8WAtI+ieOhXvHl3E17+6cYIky46j3Xs+aG Abktvu/t6FDffdO5oTd/bkQCyzUAUwP9Yr26Chxpo4h44JIsHyKdhg4NpugQjOi4 AnfODzDTAma+xD4ZVVpD9P04x3ZDD/8xqBIASb+6slch2u41/vV3uPp8J3EQpm1F IwbS8Q/TtHPVBomwaYsVTskqzBIPRvY= -----END CERTIFICATE-----Generated at Sat May 31 16:45:49 2025 by rpki-client