$ rpki-client -vvf rpki.apnic.net/member_repository/A9116D68/724CC84C788711E9A08AEC60C4F9AE02/XOWb6kBJP8xXRnFpIvGYjZYpH74.mft File: XOWb6kBJP8xXRnFpIvGYjZYpH74.mft (raw, json) Hash identifier: XepxPJiemI4+k4GGdJ3OzQ4aGHQ3suoci6C92xOusW0= Subject key identifier: 9A:1B:D2:BD:7D:7C:9A:FF:0F:03:E6:9E:2F:57:D4:68:79:DE:35:77 Authority key identifier: 5C:E5:9B:EA:40:49:3F:CC:57:46:71:69:22:F1:98:8D:96:29:1F:BE Certificate issuer: /CN=A9116D68/serialNumber=5CE59BEA40493FCC5746716922F1988D96291FBE Certificate serial: 0853 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XOWb6kBJP8xXRnFpIvGYjZYpH74.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9116D68/724CC84C788711E9A08AEC60C4F9AE02/XOWb6kBJP8xXRnFpIvGYjZYpH74.mft Manifest number: 1744 Signing time: Mon 12 May 2025 17:33:19 +0000 Manifest this update: Mon 12 May 2025 17:33:18 +0000 Manifest next update: Mon 19 May 2025 17:33:18 +0000 Files and hashes: 1: XOWb6kBJP8xXRnFpIvGYjZYpH74.crl (hash: 94Klw0xZabOKWs8LLV+rTqv7auvJiKoc+Axb2K9iC0Y=) 2: 98A1BAB6E9B611EE89994B66C4F9AE02.roa (hash: t2aB2zeGB7GLVJUFKuYwNrlRUrrBiilMq9C3DO3eLYk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9116D68/724CC84C788711E9A08AEC60C4F9AE02/XOWb6kBJP8xXRnFpIvGYjZYpH74.crl rsync://rpki.apnic.net/member_repository/A9116D68/724CC84C788711E9A08AEC60C4F9AE02/XOWb6kBJP8xXRnFpIvGYjZYpH74.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XOWb6kBJP8xXRnFpIvGYjZYpH74.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:33:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2131 (0x853) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9116D68, serialNumber=5CE59BEA40493FCC5746716922F1988D96291FBE Validity Not Before: May 12 17:33:18 2025 GMT Not After : May 19 17:33:18 2025 GMT Subject: CN=682230de-5295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f9:e7:f9:37:91:c0:40:16:f6:09:be:74:a8: 3f:bd:2f:db:97:0c:72:8a:52:da:c6:3a:ea:69:77: 3c:a1:32:40:61:0d:ab:87:c9:84:76:fc:5f:64:c4: 7d:33:e2:26:ad:b1:35:11:03:82:6d:f3:a6:4a:8e: 49:42:f6:36:fc:8c:ad:bc:24:37:ee:4a:dc:78:55: ac:c2:58:f5:6a:61:e1:f3:c9:a9:f1:52:68:ed:cf: ce:8f:9e:bf:fb:74:b0:c6:28:5d:a7:cb:50:d5:da: 76:a0:82:2f:95:b4:ae:65:ed:b5:3b:9b:9e:e9:50: 6c:25:af:40:48:38:ba:56:c1:d1:45:c6:2b:cb:c7: c6:1f:24:0b:43:4a:3d:34:e1:92:64:6c:74:d9:19: 2b:74:cc:60:71:06:99:33:cb:14:03:e3:c2:65:bd: c0:59:43:a4:e9:e4:dd:00:66:dc:3f:43:40:c8:35: 24:3a:9f:6f:7a:f0:ab:c0:95:db:da:03:fd:df:43: 55:60:54:cb:03:56:d5:ad:6e:6e:15:27:81:2f:95: fa:f1:3d:7a:61:18:dc:45:dc:14:77:c8:04:bc:d4: 48:01:16:1d:05:cd:d8:59:5a:f0:e8:97:85:20:29: 41:a6:1d:8d:e3:be:7e:67:14:3d:3f:d0:5f:c7:2b: 69:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:1B:D2:BD:7D:7C:9A:FF:0F:03:E6:9E:2F:57:D4:68:79:DE:35:77 X509v3 Authority Key Identifier: keyid:5C:E5:9B:EA:40:49:3F:CC:57:46:71:69:22:F1:98:8D:96:29:1F:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9116D68/724CC84C788711E9A08AEC60C4F9AE02/XOWb6kBJP8xXRnFpIvGYjZYpH74.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XOWb6kBJP8xXRnFpIvGYjZYpH74.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116D68/724CC84C788711E9A08AEC60C4F9AE02/XOWb6kBJP8xXRnFpIvGYjZYpH74.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:9e:7a:60:5a:82:ad:2c:29:13:45:a9:81:a3:89:7d:00:9d: ce:b6:11:f4:56:82:b9:86:2b:36:9b:bf:1c:68:6e:f1:17:c7: 85:57:90:98:06:31:af:6a:ef:7a:54:f1:27:6b:44:7b:fb:d7: 86:11:ba:17:bf:1b:95:fa:ac:51:34:2b:81:01:6a:7a:12:3e: b7:b1:6e:6a:17:bf:f2:8a:24:20:08:49:d3:e8:fe:03:4b:53: 3c:30:27:82:5c:e4:d1:64:10:90:b3:93:42:ae:1f:17:bd:f8: 31:bf:93:4a:0f:e2:ff:31:b5:2b:e7:fa:b7:10:0d:f3:43:ba: ed:47:a4:db:27:ba:62:36:6e:fc:08:8a:a0:16:5a:7d:8c:48: 48:da:bb:9f:41:8c:a6:cc:1f:4d:80:88:ac:d5:f0:92:b5:1a: 6c:ee:f1:84:8f:b2:ff:e1:be:8c:e4:7f:e1:f5:e7:36:9c:2c: fe:a3:41:98:b8:3d:a3:38:83:0d:97:2f:21:fa:b9:ac:a1:5e: 67:8e:83:97:0b:6f:d4:d7:ef:07:44:1d:ef:06:32:f7:9b:5b: 94:8b:8a:a2:5b:62:fe:f8:4b:7c:5c:65:e0:63:64:7a:a7:dc: 84:15:5f:ad:34:12:8c:19:0f:e7:d0:3c:dc:0d:64:4c:18:a1: 90:26:9e:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTZENjgxMTAvBgNVBAUTKDVDRTU5QkVBNDA0OTNGQ0M1NzQ2NzE2OTIyRjE5ODhE OTYyOTFGQkUwHhcNMjUwNTEyMTczMzE4WhcNMjUwNTE5MTczMzE4WjAYMRYwFAYD VQQDEw02ODIyMzBkZS01Mjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw/nn+TeRwEAW9gm+dKg/vS/blwxyilLaxjrqaXc8oTJAYQ2rh8mEdvxfZMR9 M+ImrbE1EQOCbfOmSo5JQvY2/IytvCQ37krceFWswlj1amHh88mp8VJo7c/Oj56/ +3Swxihdp8tQ1dp2oIIvlbSuZe21O5ue6VBsJa9ASDi6VsHRRcYry8fGHyQLQ0o9 NOGSZGx02RkrdMxgcQaZM8sUA+PCZb3AWUOk6eTdAGbcP0NAyDUkOp9vevCrwJXb 2gP930NVYFTLA1bVrW5uFSeBL5X68T16YRjcRdwUd8gEvNRIARYdBc3YWVrw6JeF IClBph2N475+ZxQ9P9BfxytpUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJob0r19 fJr/DwPmni9X1Gh53jV3MB8GA1UdIwQYMBaAFFzlm+pAST/MV0ZxaSLxmI2WKR++ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkQ2OC83MjRDQzg0Qzc4 ODcxMUU5QTA4QUVDNjBDNEY5QUUwMi9YT1diNmtCSlA4eFhSbkZwSXZHWWpaWXBI NzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hPV2I2a0JKUDh4WFJuRnBJdkdZalpZcEg3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NkQ2OC83MjRDQzg0Qzc4ODcxMUU5QTA4QUVDNjBDNEY5QUUwMi9YT1diNmtCSlA4 eFhSbkZwSXZHWWpaWXBINzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3nnpgWoKtLCkTRamBo4l9AJ3OthH0VoK5his2m78caG7xF8eFV5CY BjGvau96VPEna0R7+9eGEboXvxuV+qxRNCuBAWp6Ej63sW5qF7/yiiQgCEnT6P4D S1M8MCeCXOTRZBCQs5NCrh8Xvfgxv5NKD+L/MbUr5/q3EA3zQ7rtR6TbJ7piNm78 CIqgFlp9jEhI2rufQYymzB9NgIis1fCStRps7vGEj7L/4b6M5H/h9ec2nCz+o0GY uD2jOIMNly8h+rmsoV5njoOXC2/U1+8HRB3vBjL3m1uUi4qiW2L++Et8XGXgY2R6 p9yEFV+tNBKMGQ/n0DzcDWRMGKGQJp5e -----END CERTIFICATE-----Generated at Tue May 13 10:29:43 2025 by rpki-client