$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: bsRC1UE7m4twYY8KjHu7FlIokgrAKubWKVyzSHrHo/U= Subject key identifier: 0E:AF:42:C2:F7:3D:1C:DA:B3:83:F5:F1:8C:A7:DF:60:CC:98:D0:85 Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 0663 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 065F Signing time: Sat 10 May 2025 22:02:31 +0000 Manifest this update: Sat 10 May 2025 22:02:31 +0000 Manifest next update: Sat 17 May 2025 22:02:31 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: 0UZfXdNPuE/MdTVaRlvVpcZCwcvLdselzjPUalmN06s=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: DpNVsF8S1R1VahxgyAnkQsdhv9Y/GOwsBJQM35rMSJ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:02:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1635 (0x663) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: May 10 22:02:31 2025 GMT Not After : May 17 22:02:31 2025 GMT Subject: CN=681fccf7-c41b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:2f:42:87:a1:40:e3:8c:8a:ff:57:84:77:70: 09:21:c1:11:8c:91:97:21:fb:53:59:a4:7c:34:93: 1c:ae:20:f8:42:81:5b:ce:71:fa:f0:6e:8d:b2:e5: e4:51:a9:de:50:08:be:a9:43:a6:08:f7:a1:ba:6c: cd:2e:43:4c:b9:8f:72:ef:7b:e1:b8:03:5a:ee:90: 34:cc:07:e5:67:e3:a9:d2:5b:44:9c:ef:7e:2f:ed: 0b:17:34:f9:d7:60:ec:61:60:74:d8:8f:b8:44:3d: c4:3a:aa:dc:90:bf:2c:58:67:c0:e5:ad:6c:f6:58: 7d:0a:b9:4b:94:a6:ed:f4:ca:b6:84:2d:46:b8:1c: 67:1b:46:47:18:56:6b:94:58:dc:c8:a6:51:45:f6: 0b:86:43:4b:e6:46:35:24:fb:f1:6b:45:c3:2b:6c: e8:c6:b4:75:77:04:d1:00:ab:c4:b6:69:24:9d:cf: 23:58:0f:94:17:9a:ff:f4:50:73:fc:25:97:53:be: f8:34:30:df:ed:b6:b0:89:35:10:81:1f:1e:f5:5e: 32:32:f7:a9:ca:62:b5:fc:0c:a0:a3:7f:99:66:33: 6a:8d:76:3d:9e:20:ba:f8:37:1f:f9:7f:02:61:02: 3f:fb:45:4e:cc:81:30:0a:64:14:c4:dc:60:13:fb: 61:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:AF:42:C2:F7:3D:1C:DA:B3:83:F5:F1:8C:A7:DF:60:CC:98:D0:85 X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:68:10:9b:ba:e3:fa:ff:7f:3f:90:36:78:3e:fb:71:3f:90: f4:59:59:a4:38:12:63:b8:37:d4:0e:8e:c1:2c:4b:23:8f:10: ee:ce:61:db:09:8d:a0:62:b3:a1:d8:51:fa:ca:81:80:6d:bb: 4a:7d:e5:61:11:57:f2:ec:00:c8:f0:40:2d:6c:ae:18:e2:0b: 3f:8b:5c:2f:f9:c9:7a:d0:d5:5a:3e:50:4a:7f:a6:9f:da:2c: 32:d1:d3:64:ba:ac:22:04:78:f1:2a:31:d3:ee:ab:20:35:3b: 87:5f:de:23:a5:db:71:6c:01:b5:f0:11:78:bd:ce:ec:a4:63: a3:e1:51:cc:d7:33:7b:4a:22:14:0e:0e:65:20:30:28:01:ce: 9f:ad:32:20:d4:19:3e:46:c6:6c:48:d7:9c:c6:8b:82:b3:87: 8f:d7:be:2b:da:ca:f2:db:02:20:c5:6a:d3:ce:39:b0:79:7b: 6e:a8:4a:91:6c:d9:fc:62:ac:86:a7:47:1a:c6:ad:e6:bd:16: 81:d2:9b:20:c6:f0:16:bf:db:0d:fe:a5:a9:33:d1:94:74:ad: df:80:3c:b3:a4:b0:04:4c:38:aa:02:ee:dd:48:4a:96:92:49: 17:d3:d5:e1:ac:ce:fa:52:eb:1b:26:20:f8:96:58:cf:0d:21: 1f:8f:73:27 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBmMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUwNTEwMjIwMjMxWhcNMjUwNTE3MjIwMjMxWjAYMRYwFAYD VQQDEw02ODFmY2NmNy1jNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwS9Ch6FA44yK/1eEd3AJIcERjJGXIftTWaR8NJMcriD4QoFbznH68G6NsuXk UaneUAi+qUOmCPehumzNLkNMuY9y73vhuANa7pA0zAflZ+Op0ltEnO9+L+0LFzT5 12DsYWB02I+4RD3EOqrckL8sWGfA5a1s9lh9CrlLlKbt9Mq2hC1GuBxnG0ZHGFZr lFjcyKZRRfYLhkNL5kY1JPvxa0XDK2zoxrR1dwTRAKvEtmkknc8jWA+UF5r/9FBz /CWXU774NDDf7bawiTUQgR8e9V4yMvepymK1/Aygo3+ZZjNqjXY9niC6+Dcf+X8C YQI/+0VOzIEwCmQUxNxgE/th1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA6vQsL3 PRzas4P18Yyn32DMmNCFMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqaBCbuuP6/38/kDZ4PvtxP5D0WVmkOBJjuDfUDo7BLEsjjxDuzmHb CY2gYrOh2FH6yoGAbbtKfeVhEVfy7ADI8EAtbK4Y4gs/i1wv+cl60NVaPlBKf6af 2iwy0dNkuqwiBHjxKjHT7qsgNTuHX94jpdtxbAG18BF4vc7spGOj4VHM1zN7SiIU Dg5lIDAoAc6frTIg1Bk+RsZsSNecxouCs4eP174r2sry2wIgxWrTzjmweXtuqEqR bNn8YqyGp0caxq3mvRaB0psgxvAWv9sN/qWpM9GUdK3fgDyzpLAETDiqAu7dSEqW kkkX09XhrM76UusbJiD4lljPDSEfj3Mn -----END CERTIFICATE-----Generated at Mon May 12 19:12:54 2025 by rpki-client