$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft File: 2QaTkaPngEpuvd-dQfLeTZG9UbM.mft (raw, json) Hash identifier: 3YnBCGVsDKP8tKMtPfMYUNXkU6lybxF4it3PxhaOxAI= Subject key identifier: E8:A5:7A:58:8E:B3:D8:64:7F:57:D8:34:80:D6:D0:AF:38:C8:37:95 Authority key identifier: D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3 Certificate issuer: /CN=A9125C22/serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3 Certificate serial: 066F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft Manifest number: 0665 Signing time: Mon 12 May 2025 22:12:30 +0000 Manifest this update: Mon 12 May 2025 22:12:30 +0000 Manifest next update: Mon 19 May 2025 22:12:30 +0000 Files and hashes: 1: 2QaTkaPngEpuvd-dQfLeTZG9UbM.crl (hash: L0HaNvB5KouptOqi6vm8flDHYZMhQDot2HsuH95m8UI=) 2: 202A51EA52D611EFA0333E23C4F9AE02.roa (hash: jy45pLpGUEHdAvcc7aV1J1N0BlCts0GUmsU/8qKGZrI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 22:12:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1647 (0x66f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3 Validity Not Before: May 12 22:12:30 2025 GMT Not After : May 19 22:12:30 2025 GMT Subject: CN=6822724e-b034 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fb:4f:e9:8a:f2:47:4b:3b:3f:86:ca:b0:79: 1e:11:a5:75:3e:e4:6f:0a:e8:ae:0e:54:db:c9:4e: 9d:42:ef:64:79:aa:21:9c:11:54:51:23:1b:1b:dd: 73:60:22:95:46:a4:68:7b:56:d5:c8:a3:5c:84:66: 59:1d:bb:33:52:cd:0d:31:35:d7:c4:96:fd:13:93: ad:45:6f:05:5b:98:4b:2d:64:dd:d6:89:f5:07:c9: 3b:d5:c5:d8:c4:22:5f:d2:59:e0:c2:1f:37:68:8d: bf:0d:12:e7:a7:d6:60:19:bc:85:0d:a2:07:2c:00: 08:1c:a6:5c:dd:51:7d:32:8f:80:72:31:50:07:79: 37:4d:a6:c1:aa:46:f7:26:d7:f4:51:d9:ac:2d:2f: f2:9b:a2:54:4f:be:90:33:5c:e7:d7:c2:a5:33:41: 53:cc:d7:9a:1a:c4:39:56:c1:4a:2b:8e:fc:ce:a1: 7f:9f:12:e3:38:c0:93:30:80:68:1d:c3:5b:f2:4c: bc:2b:6d:d9:fc:d9:bc:e5:2c:6e:f6:6c:3d:58:a7: 09:ed:a5:dc:fc:93:ce:1a:a7:e4:15:dc:60:93:b7: 01:d7:d7:2e:82:55:1d:44:b0:f5:ab:31:7c:cc:9e: 18:4f:93:5e:35:46:72:04:fe:f7:79:23:ea:75:98: 0d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:A5:7A:58:8E:B3:D8:64:7F:57:D8:34:80:D6:D0:AF:38:C8:37:95 X509v3 Authority Key Identifier: keyid:D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:34:8d:07:5f:2c:36:bf:83:c8:a7:08:8f:55:d6:b6:08:23: 16:21:8a:28:50:e4:78:80:79:f1:39:58:78:0d:4c:dc:5c:7d: 5c:e3:4a:0a:8c:f6:79:19:49:2e:7e:63:2e:8a:46:51:bf:68: dc:9d:1a:2e:7f:93:f2:5d:69:5c:a1:d5:b4:71:e5:40:3c:cb: e4:2b:68:ed:97:cc:82:b2:84:34:47:8e:7b:89:e2:c1:d3:56: 57:e6:98:9c:96:20:29:ca:9a:e7:16:8b:e2:50:23:47:a7:2c: 47:80:b6:3b:68:0a:a1:b6:28:63:15:3c:48:8a:52:f0:a4:6a: 8c:da:8c:b3:ae:e3:28:3a:b9:92:f1:2d:4f:0a:58:81:82:62: 6d:ab:de:4c:c4:ae:9a:49:95:70:74:46:f8:8e:f7:5a:d9:4f: a4:c2:2b:aa:14:88:30:8e:47:e6:cd:01:5e:26:72:b0:da:c0: 6c:61:5f:97:e9:37:15:06:79:01:e0:a3:ba:2e:a0:cc:20:69: bb:25:2d:46:9e:35:b9:1c:09:f5:97:af:0c:c3:2d:3b:71:d2: b9:12:f8:48:e9:5a:ec:c7:1a:7f:d9:8d:ad:08:31:53:e6:2f: 95:5e:b1:1b:1d:9b:98:c2:30:e0:b9:7b:1c:d2:9d:33:4d:6b: 25:00:74:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBm8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEQ5MDY5MzkxQTNFNzgwNEE2RUJEREY5RDQxRjJERTRE OTFCRDUxQjMwHhcNMjUwNTEyMjIxMjMwWhcNMjUwNTE5MjIxMjMwWjAYMRYwFAYD VQQDEw02ODIyNzI0ZS1iMDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu/tP6YryR0s7P4bKsHkeEaV1PuRvCuiuDlTbyU6dQu9keaohnBFUUSMbG91z YCKVRqRoe1bVyKNchGZZHbszUs0NMTXXxJb9E5OtRW8FW5hLLWTd1on1B8k71cXY xCJf0lngwh83aI2/DRLnp9ZgGbyFDaIHLAAIHKZc3VF9Mo+AcjFQB3k3TabBqkb3 Jtf0UdmsLS/ym6JUT76QM1zn18KlM0FTzNeaGsQ5VsFKK478zqF/nxLjOMCTMIBo HcNb8ky8K23Z/Nm85Sxu9mw9WKcJ7aXc/JPOGqfkFdxgk7cB19cuglUdRLD1qzF8 zJ4YT5NeNUZyBP73eSPqdZgNcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOileliO s9hkf1fYNIDW0K84yDeVMB8GA1UdIwQYMBaAFNkGk5Gj54BKbr3fnUHy3k2RvVGz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi8wNDU2OTVCODdG QUUxMUVCOTc3QjUzMzVDNEY5QUUwMi8yUWFUa2FQbmdFcHV2ZC1kUWZMZVRaRzlV Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRYVRrYVBuZ0VwdXZkLWRRZkxlVFpHOVViTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi8wNDU2OTVCODdGQUUxMUVCOTc3QjUzMzVDNEY5QUUwMi8yUWFUa2FQbmdF cHV2ZC1kUWZMZVRaRzlVYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgNI0HXyw2v4PIpwiPVda2CCMWIYooUOR4gHnxOVh4DUzcXH1c40oK jPZ5GUkufmMuikZRv2jcnRouf5PyXWlcodW0ceVAPMvkK2jtl8yCsoQ0R457ieLB 01ZX5picliApyprnFoviUCNHpyxHgLY7aAqhtihjFTxIilLwpGqM2oyzruMoOrmS 8S1PCliBgmJtq95MxK6aSZVwdEb4jvda2U+kwiuqFIgwjkfmzQFeJnKw2sBsYV+X 6TcVBnkB4KO6LqDMIGm7JS1GnjW5HAn1l68Mwy07cdK5EvhI6Vrsxxp/2Y2tCDFT 5i+VXrEbHZuYwjDguXsc0p0zTWslAHRn -----END CERTIFICATE-----Generated at Wed May 14 16:29:43 2025 by rpki-client