$ rpki-client -vvf rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft File: Xtho2ocq-NaWpcGp-ngp9lJzynk.mft (raw, json) Hash identifier: iuBZFQ+SvlffqKsiSv+Kt9KoDqTstERO23XEL7K/zig= Subject key identifier: 72:55:64:B5:06:41:7A:0B:C1:6D:75:E1:97:11:F0:19:A4:93:18:97 Authority key identifier: 5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79 Certificate issuer: /CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79 Certificate serial: 0484 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft Manifest number: 047C Signing time: Tue 01 Jul 2025 00:35:49 +0000 Manifest this update: Tue 01 Jul 2025 00:35:48 +0000 Manifest next update: Tue 08 Jul 2025 00:35:48 +0000 Files and hashes: 1: Xtho2ocq-NaWpcGp-ngp9lJzynk.crl (hash: aQ1165UnBwYkXDPoIM8kY6YeDozqIKoESZ6bUML2ZCE=) 2: 6C27C19E4BFA11ECA6797F6DC4F9AE02.roa (hash: 9zlcNMp71CcrKhJ6RcgbQ3pW8nUmE/ShM6R3qPGEpIM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:35:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1156 (0x484) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119B43, serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79 Validity Not Before: Jul 1 00:35:48 2025 GMT Not After : Jul 8 00:35:48 2025 GMT Subject: CN=68632d64-30fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b0:5a:c8:7d:f5:d2:c5:61:97:01:7d:60:8c: 42:38:85:22:db:1b:6a:33:7e:53:de:4b:f3:ba:92: 9e:3f:82:89:ad:77:4f:95:79:03:a0:6f:8e:42:39: 79:32:56:d3:9c:ab:83:5a:d6:5e:5c:ea:52:b4:59: 84:8e:bb:16:ca:46:8a:d8:97:62:e3:4a:d6:d3:5d: 46:6b:9d:96:b1:ef:00:21:26:f5:77:b6:79:01:02: 3b:3d:8e:6c:72:ab:03:97:ca:df:0f:1a:eb:ce:1a: a6:96:84:a2:e8:3c:ff:30:6e:b5:3e:a4:19:44:45: 12:2c:dc:f2:9b:3c:90:ce:87:ab:d1:cc:28:cf:41: c3:b7:5f:6f:17:e2:2a:95:c0:2e:cf:9a:b0:0b:42: 6d:86:59:f5:6f:0b:9f:ff:66:38:1d:30:da:fa:9b: 0f:25:62:f1:ec:19:95:4d:df:e1:e9:bc:13:04:4c: 39:dd:be:54:95:0a:64:56:a2:38:7b:1c:e2:d1:09: 9c:a0:b3:cf:bd:9c:e4:56:3c:8e:d0:a0:95:20:4e: 7a:60:47:b7:0a:4e:57:27:59:7b:6a:a0:15:53:20: 41:ce:44:c7:34:f7:47:ac:6a:a6:6f:b6:35:31:30: 8b:41:0d:f6:c6:ef:fe:3a:26:ca:9c:08:93:93:a0: f7:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:55:64:B5:06:41:7A:0B:C1:6D:75:E1:97:11:F0:19:A4:93:18:97 X509v3 Authority Key Identifier: keyid:5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:57:73:3f:8d:1a:c3:26:d9:21:74:66:c9:b5:f8:b3:62:b5: 36:85:17:87:37:8a:5f:f2:dd:aa:40:d3:bc:8b:45:d3:16:4e: 46:be:f6:a4:ba:42:c9:94:f2:ac:a1:7c:26:d9:1e:a3:da:e1: 18:4e:27:76:15:96:f7:50:1e:d6:ba:ee:9f:e3:7d:55:1d:fc: ed:c9:3a:46:93:40:19:4c:32:27:99:18:30:27:3c:c4:71:d8: 8a:b7:c5:28:8b:89:25:5e:7a:bc:50:3b:db:6c:31:22:46:a6: 86:09:0c:87:2e:55:bd:d8:a9:fa:44:3a:c0:72:4c:b4:60:20: 3b:66:1d:0b:f0:a3:81:a2:47:66:4e:b7:04:2b:4a:ff:db:10: db:51:10:c6:9d:46:57:2c:bc:0b:da:05:a7:c1:56:ab:70:ab: 4a:b3:e4:79:de:8a:72:8e:4b:93:6f:06:2a:0b:6d:fb:53:31: 67:26:ef:2f:1e:8d:e2:a8:48:46:93:8b:8f:5a:79:a1:8f:98: d0:e2:dc:bd:f0:1d:a1:4e:85:e5:3e:e2:97:29:92:95:bc:a2: c1:8d:8f:bc:42:26:fc:27:6a:8e:93:36:dd:ba:99:9a:3f:f9: 34:20:29:fc:60:41:23:56:62:86:ce:35:15:4a:c3:b6:aa:cb: 51:30:d4:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTlCNDMxMTAvBgNVBAUTKDVFRDg2OERBODcyQUY4RDY5NkE1QzFBOUZBNzgyOUY2 NTI3M0NBNzkwHhcNMjUwNzAxMDAzNTQ4WhcNMjUwNzA4MDAzNTQ4WjAYMRYwFAYD VQQDEw02ODYzMmQ2NC0zMGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1LBayH310sVhlwF9YIxCOIUi2xtqM35T3kvzupKeP4KJrXdPlXkDoG+OQjl5 MlbTnKuDWtZeXOpStFmEjrsWykaK2Jdi40rW011Ga52Wse8AISb1d7Z5AQI7PY5s cqsDl8rfDxrrzhqmloSi6Dz/MG61PqQZREUSLNzymzyQzoer0cwoz0HDt19vF+Iq lcAuz5qwC0Jthln1bwuf/2Y4HTDa+psPJWLx7BmVTd/h6bwTBEw53b5UlQpkVqI4 exzi0QmcoLPPvZzkVjyO0KCVIE56YEe3Ck5XJ1l7aqAVUyBBzkTHNPdHrGqmb7Y1 MTCLQQ32xu/+OibKnAiTk6D3/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJVZLUG QXoLwW114ZcR8BmkkxiXMB8GA1UdIwQYMBaAFF7YaNqHKvjWlqXBqfp4KfZSc8p5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUI0My9FNUI4Mzk4MjRC M0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1OYVdwY0dwLW5ncDlsSnp5 bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h0aG8yb2NxLU5hV3BjR3AtbmdwOWxKenluay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OUI0My9FNUI4Mzk4MjRCM0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1O YVdwY0dwLW5ncDlsSnp5bmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2V3M/jRrDJtkhdGbJtfizYrU2hReHN4pf8t2qQNO8i0XTFk5Gvvak ukLJlPKsoXwm2R6j2uEYTid2FZb3UB7Wuu6f431VHfztyTpGk0AZTDInmRgwJzzE cdiKt8Uoi4klXnq8UDvbbDEiRqaGCQyHLlW92Kn6RDrAcky0YCA7Zh0L8KOBokdm TrcEK0r/2xDbURDGnUZXLLwL2gWnwVarcKtKs+R53opyjkuTbwYqC237UzFnJu8v Ho3iqEhGk4uPWnmhj5jQ4ty98B2hToXlPuKXKZKVvKLBjY+8Qib8J2qOkzbdupma P/k0ICn8YEEjVmKGzjUVSsO2qstRMNR2 -----END CERTIFICATE-----Generated at Tue Jul 1 20:42:12 2025 by rpki-client