$ rpki-client -vvf rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft File: Xtho2ocq-NaWpcGp-ngp9lJzynk.mft (raw, json) Hash identifier: 9TXg3Ck4TORPoDT/kHS9nrFVawCev6amgTIJDyJd5VY= Subject key identifier: 22:69:3F:76:BE:6F:E3:1B:E6:4E:CE:1A:78:02:D9:C6:8F:79:49:E9 Authority key identifier: 5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79 Certificate issuer: /CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79 Certificate serial: 046C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft Manifest number: 0464 Signing time: Mon 12 May 2025 23:56:53 +0000 Manifest this update: Mon 12 May 2025 23:56:52 +0000 Manifest next update: Mon 19 May 2025 23:56:52 +0000 Files and hashes: 1: Xtho2ocq-NaWpcGp-ngp9lJzynk.crl (hash: 6gSIyUW4GZeNOfX6KtzucueQzQECU5M2e2CrY4vi6g0=) 2: 6C27C19E4BFA11ECA6797F6DC4F9AE02.roa (hash: 9zlcNMp71CcrKhJ6RcgbQ3pW8nUmE/ShM6R3qPGEpIM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 23:56:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1132 (0x46c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119B43, serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79 Validity Not Before: May 12 23:56:52 2025 GMT Not After : May 19 23:56:52 2025 GMT Subject: CN=68228ac4-c0d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:34:4a:38:ac:3e:99:02:98:41:6f:09:f9:21: b6:d3:57:8b:e7:72:30:ad:8d:ed:98:05:53:fd:d6: 5e:41:7e:22:1d:d7:79:77:97:9e:02:ff:41:84:0d: 0a:d9:26:27:f6:4f:23:f5:7b:63:6e:a9:6d:e4:ab: 25:5c:66:ee:74:36:9a:16:44:1b:12:d5:c0:4f:29: 53:08:42:a4:e0:ec:00:e6:7a:f8:11:06:b9:fc:64: 58:72:b5:99:97:c2:37:01:f3:66:38:91:34:ac:ee: 35:a1:65:24:ad:2b:03:41:ea:01:4c:5a:f4:64:59: d5:56:26:09:60:41:20:ed:db:55:32:b4:f4:69:80: a1:3a:9d:fa:77:9d:45:47:a4:57:26:d9:fb:0f:2d: e3:3d:8d:86:b2:2a:1d:90:15:2b:af:1c:56:99:a2: 31:6d:19:e6:11:c8:ed:62:3b:4d:35:1e:38:2e:b8: e7:bb:5e:0c:6f:b4:42:48:bf:b8:ee:67:d3:83:1e: 38:17:2c:08:3f:37:cc:38:aa:32:73:f9:66:3f:88: 93:d5:3e:ee:84:b3:8d:45:15:5f:5f:4b:d3:3f:61: f9:b3:0b:2a:5c:bc:71:50:af:12:78:c4:40:96:f1: 4d:89:56:6f:9a:3c:9d:c4:90:19:c9:c9:1f:75:63: 47:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:69:3F:76:BE:6F:E3:1B:E6:4E:CE:1A:78:02:D9:C6:8F:79:49:E9 X509v3 Authority Key Identifier: keyid:5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:40:db:06:0f:67:94:43:c3:a3:56:32:0b:80:ff:41:15:5c: 70:0c:0d:53:30:53:93:d4:9a:7e:e8:2f:9e:65:4b:a5:05:c0: 41:34:92:21:82:0d:cf:2f:df:7d:46:58:f2:31:97:1b:ee:4a: d3:45:56:b9:e7:41:03:a9:80:e7:ae:e9:2d:1e:e8:e9:eb:7d: 45:e8:96:11:29:a9:99:3e:14:08:05:b5:74:fb:85:67:bd:e2: bf:cb:86:44:4c:7f:10:a0:c7:5c:5c:93:dd:14:32:5b:7f:22: 51:3b:2b:3a:ff:2b:31:a5:d5:7c:aa:a7:df:e5:de:78:1c:a8: 07:bd:97:e5:12:06:a1:80:26:56:71:04:4b:6b:21:0f:78:61: 01:88:39:fc:d2:38:f7:3b:9a:e0:ec:60:fc:ad:5a:7e:b7:fb: 69:2a:4b:ef:2b:44:d7:57:2c:64:95:0d:89:e8:ef:32:39:aa: 83:89:af:fa:b7:67:ba:50:bd:88:df:8e:31:c5:c6:3c:f8:32: 83:51:a8:3c:74:74:b9:c5:3b:e3:36:d7:48:13:36:6d:3f:d4: dd:ec:3c:47:5c:c1:b1:e6:75:30:fe:e7:7d:7c:de:23:36:ca: 95:90:de:3e:e0:74:c6:53:6a:b7:cf:ee:a5:13:97:08:cc:ec: a1:f5:44:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBGwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTlCNDMxMTAvBgNVBAUTKDVFRDg2OERBODcyQUY4RDY5NkE1QzFBOUZBNzgyOUY2 NTI3M0NBNzkwHhcNMjUwNTEyMjM1NjUyWhcNMjUwNTE5MjM1NjUyWjAYMRYwFAYD VQQDEw02ODIyOGFjNC1jMGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxTRKOKw+mQKYQW8J+SG201eL53IwrY3tmAVT/dZeQX4iHdd5d5eeAv9BhA0K 2SYn9k8j9Xtjbqlt5KslXGbudDaaFkQbEtXATylTCEKk4OwA5nr4EQa5/GRYcrWZ l8I3AfNmOJE0rO41oWUkrSsDQeoBTFr0ZFnVViYJYEEg7dtVMrT0aYChOp36d51F R6RXJtn7Dy3jPY2GsiodkBUrrxxWmaIxbRnmEcjtYjtNNR44Lrjnu14Mb7RCSL+4 7mfTgx44FywIPzfMOKoyc/lmP4iT1T7uhLONRRVfX0vTP2H5swsqXLxxUK8SeMRA lvFNiVZvmjydxJAZyckfdWNH9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCJpP3a+ b+Mb5k7OGngC2caPeUnpMB8GA1UdIwQYMBaAFF7YaNqHKvjWlqXBqfp4KfZSc8p5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUI0My9FNUI4Mzk4MjRC M0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1OYVdwY0dwLW5ncDlsSnp5 bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h0aG8yb2NxLU5hV3BjR3AtbmdwOWxKenluay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OUI0My9FNUI4Mzk4MjRCM0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1O YVdwY0dwLW5ncDlsSnp5bmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUQNsGD2eUQ8OjVjILgP9BFVxwDA1TMFOT1Jp+6C+eZUulBcBBNJIh gg3PL999RljyMZcb7krTRVa550EDqYDnruktHujp631F6JYRKamZPhQIBbV0+4Vn veK/y4ZETH8QoMdcXJPdFDJbfyJROys6/ysxpdV8qqff5d54HKgHvZflEgahgCZW cQRLayEPeGEBiDn80jj3O5rg7GD8rVp+t/tpKkvvK0TXVyxklQ2J6O8yOaqDia/6 t2e6UL2I344xxcY8+DKDUag8dHS5xTvjNtdIEzZtP9Td7DxHXMGx5nUw/ud9fN4j NsqVkN4+4HTGU2q3z+6lE5cIzOyh9UTu -----END CERTIFICATE-----Generated at Tue May 13 20:50:22 2025 by rpki-client