$ rpki-client -vvf rpki.apnic.net/member_repository/A9189AA3/0A2CB786784B11EEA4D7DB77C4F9AE02/VKXY-_hOPt8x-iTkXGxnKpO2WtA.mft File: VKXY-_hOPt8x-iTkXGxnKpO2WtA.mft (raw, json) Hash identifier: d15J/lnSjbttDgt0m3LmHt5ZQP/MkoxqgsD1BxG9TlI= Subject key identifier: C8:26:C3:D1:19:59:0B:22:A7:07:C1:D7:B7:AD:33:10:21:22:D6:E6 Authority key identifier: 54:A5:D8:FB:F8:4E:3E:DF:31:FA:24:E4:5C:6C:67:2A:93:B6:5A:D0 Certificate issuer: /CN=A9189AA3/serialNumber=54A5D8FBF84E3EDF31FA24E45C6C672A93B65AD0 Certificate serial: 012F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VKXY-_hOPt8x-iTkXGxnKpO2WtA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189AA3/0A2CB786784B11EEA4D7DB77C4F9AE02/VKXY-_hOPt8x-iTkXGxnKpO2WtA.mft Manifest number: 012A Signing time: Sat 31 May 2025 04:17:05 +0000 Manifest this update: Sat 31 May 2025 04:17:04 +0000 Manifest next update: Sat 07 Jun 2025 04:17:04 +0000 Files and hashes: 1: VKXY-_hOPt8x-iTkXGxnKpO2WtA.crl (hash: qdmkw29TkOtOfs7IJ28OLZkFft0282Q5To78jC5Rwrw=) 2: 230576C0784C11EE9C354422C4F9AE02.roa (hash: RALcV87N2SziukH0pwzyeMCClLLK8BxrG9ZYFcFQDRA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189AA3/0A2CB786784B11EEA4D7DB77C4F9AE02/VKXY-_hOPt8x-iTkXGxnKpO2WtA.crl rsync://rpki.apnic.net/member_repository/A9189AA3/0A2CB786784B11EEA4D7DB77C4F9AE02/VKXY-_hOPt8x-iTkXGxnKpO2WtA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VKXY-_hOPt8x-iTkXGxnKpO2WtA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:17:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 303 (0x12f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189AA3, serialNumber=54A5D8FBF84E3EDF31FA24E45C6C672A93B65AD0 Validity Not Before: May 31 04:17:04 2025 GMT Not After : Jun 7 04:17:04 2025 GMT Subject: CN=683a82c1-153b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:9b:20:7f:4a:80:2e:a1:41:9f:c2:d2:22:84: b3:e5:72:40:e7:c4:78:6e:d4:ec:3b:cc:6c:40:d8: df:d1:ee:1d:76:80:1d:e7:b4:a4:47:87:52:08:04: a5:a9:f1:08:13:ee:ba:d4:12:77:5f:b9:d0:c2:d3: ba:9d:82:d7:d0:89:83:5a:77:3c:6d:80:4e:ef:b1: 8e:f0:71:b4:1a:7f:8f:41:89:e9:97:35:24:41:43: e3:f3:8f:97:72:6a:75:70:0e:ef:d7:c9:17:f3:3c: 97:70:21:62:80:cc:d0:8b:d5:ac:b6:14:ba:11:72: 8f:bc:24:b1:06:32:30:ff:f2:3a:0c:6c:da:ad:f9: 72:f3:83:d4:26:58:53:bf:ed:2b:03:ba:4d:7c:e7: c7:77:68:46:d6:ba:ee:98:b4:02:19:24:8f:fc:d2: 20:eb:10:40:60:01:f1:e6:6d:65:71:1f:f9:10:90: 5c:a8:2c:98:e9:4b:f0:57:2f:a7:cf:61:08:54:82: 38:1b:81:72:a3:23:77:ed:37:67:5f:15:2c:38:fd: e7:1d:8e:af:b8:b1:ba:23:ea:b9:76:05:61:be:d3: f6:b3:82:84:b2:6e:16:3a:24:1b:55:82:76:d2:1d: 99:6d:69:4f:60:79:b5:72:c9:48:a3:80:6c:26:d1: 41:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:26:C3:D1:19:59:0B:22:A7:07:C1:D7:B7:AD:33:10:21:22:D6:E6 X509v3 Authority Key Identifier: keyid:54:A5:D8:FB:F8:4E:3E:DF:31:FA:24:E4:5C:6C:67:2A:93:B6:5A:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189AA3/0A2CB786784B11EEA4D7DB77C4F9AE02/VKXY-_hOPt8x-iTkXGxnKpO2WtA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VKXY-_hOPt8x-iTkXGxnKpO2WtA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189AA3/0A2CB786784B11EEA4D7DB77C4F9AE02/VKXY-_hOPt8x-iTkXGxnKpO2WtA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:53:47:44:0d:76:ff:94:cd:eb:db:e0:c0:36:37:34:a3:5d: 05:c1:d2:9c:bd:f1:d2:3f:7f:5e:a1:f5:eb:92:83:bf:0d:39: d4:2f:5b:56:e4:f4:e9:a7:62:23:38:af:12:9b:33:ad:2a:1e: ba:e6:c8:bd:e3:8d:3d:d7:f9:7e:2f:05:20:b3:38:3a:3b:21: be:76:d8:6d:c2:a6:4b:da:f0:12:b6:8e:93:2d:64:d3:26:05: c5:fe:9f:34:7f:14:c8:d9:2d:a0:df:77:c0:5c:92:9e:21:e5: 97:05:d0:8c:66:b4:34:26:0a:c8:2b:49:db:3f:92:c7:d8:05: d5:f0:e7:ab:37:7e:68:95:bb:12:8c:17:83:74:41:ac:9c:39: ae:ba:9e:aa:5a:89:b6:c1:06:61:74:da:41:10:ae:c7:59:ca: 87:7a:6e:10:60:21:65:db:09:93:00:a3:db:5b:d3:e9:89:15: 91:49:38:a9:50:a9:88:df:56:ea:c1:79:41:36:6f:d9:24:6d: ed:1b:69:c3:b6:b7:7f:a2:ad:cc:15:3f:3f:a3:3d:36:3d:e5: 97:24:a9:13:48:5f:04:81:17:c7:ea:11:8e:a7:ec:54:73:eb: 6d:60:ea:69:9c:06:1a:bf:5b:6f:26:06:e8:8d:d4:45:3e:bb: fc:cc:25:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODlBQTMxMTAvBgNVBAUTKDU0QTVEOEZCRjg0RTNFREYzMUZBMjRFNDVDNkM2NzJB OTNCNjVBRDAwHhcNMjUwNTMxMDQxNzA0WhcNMjUwNjA3MDQxNzA0WjAYMRYwFAYD VQQDEw02ODNhODJjMS0xNTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA45sgf0qALqFBn8LSIoSz5XJA58R4btTsO8xsQNjf0e4ddoAd57SkR4dSCASl qfEIE+661BJ3X7nQwtO6nYLX0ImDWnc8bYBO77GO8HG0Gn+PQYnplzUkQUPj84+X cmp1cA7v18kX8zyXcCFigMzQi9WsthS6EXKPvCSxBjIw//I6DGzarfly84PUJlhT v+0rA7pNfOfHd2hG1rrumLQCGSSP/NIg6xBAYAHx5m1lcR/5EJBcqCyY6UvwVy+n z2EIVII4G4FyoyN37TdnXxUsOP3nHY6vuLG6I+q5dgVhvtP2s4KEsm4WOiQbVYJ2 0h2ZbWlPYHm1cslIo4BsJtFBGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMgmw9EZ WQsipwfB17etMxAhItbmMB8GA1UdIwQYMBaAFFSl2Pv4Tj7fMfok5FxsZyqTtlrQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OUFBMy8wQTJDQjc4Njc4 NEIxMUVFQTREN0RCNzdDNEY5QUUwMi9WS1hZLV9oT1B0OHgtaVRrWEd4bktwTzJX dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZLWFktX2hPUHQ4eC1pVGtYR3huS3BPMld0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 OUFBMy8wQTJDQjc4Njc4NEIxMUVFQTREN0RCNzdDNEY5QUUwMi9WS1hZLV9oT1B0 OHgtaVRrWEd4bktwTzJXdEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpU0dEDXb/lM3r2+DANjc0o10FwdKcvfHSP39eofXrkoO/DTnUL1tW 5PTpp2IjOK8SmzOtKh665si944091/l+LwUgszg6OyG+dthtwqZL2vASto6TLWTT JgXF/p80fxTI2S2g33fAXJKeIeWXBdCMZrQ0JgrIK0nbP5LH2AXV8OerN35olbsS jBeDdEGsnDmuup6qWom2wQZhdNpBEK7HWcqHem4QYCFl2wmTAKPbW9PpiRWRSTip UKmI31bqwXlBNm/ZJG3tG2nDtrd/oq3MFT8/oz02PeWXJKkTSF8EgRfH6hGOp+xU c+ttYOppnAYav1tvJgbojdRFPrv8zCWD -----END CERTIFICATE-----Generated at Sat May 31 17:24:47 2025 by rpki-client