$ rpki-client -vvf rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft File: -Xh9LKFDLKbpMzLg7e9rB7JF17A.mft (raw, json) Hash identifier: yEA3pVgAfytZGUlzPrsuLR1v+p9sU9Q45y+xZl9Sqpc= Subject key identifier: 4C:65:C5:49:EF:8F:85:9B:58:B0:14:12:E6:07:04:04:9D:BA:FC:B3 Authority key identifier: F9:78:7D:2C:A1:43:2C:A6:E9:33:32:E0:ED:EF:6B:07:B2:45:D7:B0 Certificate issuer: /CN=A912DA1F/serialNumber=F9787D2CA1432CA6E93332E0EDEF6B07B245D7B0 Certificate serial: 080C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Xh9LKFDLKbpMzLg7e9rB7JF17A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft Manifest number: 0804 Signing time: Mon 12 May 2025 20:40:30 +0000 Manifest this update: Mon 12 May 2025 20:40:30 +0000 Manifest next update: Mon 19 May 2025 20:40:30 +0000 Files and hashes: 1: -Xh9LKFDLKbpMzLg7e9rB7JF17A.crl (hash: /M1+8Aaa0ie2KfkQQ813WdAMlN2I1O1i31c7DoGcIT0=) 2: D6883996DABE11EAB12A5209C4F9AE02.roa (hash: BMvYT9IDar1yOpAiOIQ1zT2emoZ3Z/Bj9QOBnQBKVOs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.crl rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Xh9LKFDLKbpMzLg7e9rB7JF17A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 20:40:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2060 (0x80c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DA1F, serialNumber=F9787D2CA1432CA6E93332E0EDEF6B07B245D7B0 Validity Not Before: May 12 20:40:30 2025 GMT Not After : May 19 20:40:30 2025 GMT Subject: CN=68225cbe-438d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b2:52:73:15:76:69:54:65:96:a0:67:a4:bb: 60:af:2b:9e:73:8d:ee:90:45:9d:fb:5f:95:f8:17: 67:48:e2:8e:ac:c0:02:b7:d6:b6:15:3a:eb:18:6b: 2b:e0:44:e6:77:c7:e8:83:e0:85:15:9a:6e:41:26: 79:49:de:cf:8e:dd:b7:a4:fd:ad:13:42:07:63:1e: 3b:42:dd:aa:48:2e:da:f3:84:05:98:36:e0:62:16: 64:85:17:9e:b9:75:a3:a6:4b:8e:40:0b:18:15:4c: 06:5c:94:7f:28:93:20:03:9b:e8:ca:60:89:21:6b: 8a:aa:25:dd:cc:b2:f5:b3:8f:53:d3:b1:2a:13:62: 1d:61:ed:f0:96:e7:96:85:e1:e7:c2:03:cc:0a:1b: 3c:5d:66:08:b1:82:b7:ce:30:66:d5:b4:ed:b3:7b: 99:00:84:76:d8:5c:8f:6b:43:06:cd:a1:41:45:0d: bc:c3:99:ef:a7:87:ab:c0:c4:00:85:88:73:51:6e: 26:73:7c:6c:b6:57:02:73:c6:10:2f:45:75:6c:17: 3c:07:5b:2d:e0:0f:45:b1:45:c4:f3:e4:54:f0:10: a7:39:f7:42:2a:ba:c1:c9:8a:0a:4d:ad:f0:70:4b: f4:bb:47:0b:81:48:ef:56:bd:f9:e8:0d:27:19:be: 7d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:65:C5:49:EF:8F:85:9B:58:B0:14:12:E6:07:04:04:9D:BA:FC:B3 X509v3 Authority Key Identifier: keyid:F9:78:7D:2C:A1:43:2C:A6:E9:33:32:E0:ED:EF:6B:07:B2:45:D7:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Xh9LKFDLKbpMzLg7e9rB7JF17A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:e1:f2:55:a1:39:8a:e4:91:fe:e7:9b:18:da:de:b9:ab:66: f3:d1:57:ba:07:a9:d6:6d:16:c7:50:6f:72:4d:3a:92:af:be: d0:e3:ff:d3:2d:f7:08:f6:8a:ce:e4:5c:6c:d1:eb:e3:a9:ea: db:a2:8e:e5:dd:23:af:2a:91:7b:b1:74:41:25:2d:9c:5e:8a: 2d:9a:26:0b:d9:6e:88:b4:b3:79:db:8c:1d:75:2d:eb:20:dd: 37:e9:e0:c6:3b:6f:bd:b3:5a:61:30:18:f4:71:79:32:22:1a: 16:d4:f7:9b:cb:6f:12:13:47:02:8c:95:80:1b:d7:da:57:76: 18:73:d8:59:1f:7c:5c:5a:d2:7d:b8:96:92:6c:72:a4:83:36: 5b:30:7e:e2:a8:76:40:75:42:f5:4e:e1:b1:01:12:03:f3:46: 1b:5b:da:a9:44:31:1e:18:8a:8a:ab:b9:ab:92:c8:76:90:de: 82:cb:13:32:39:1f:dc:38:27:1d:2b:85:86:11:6a:ee:5c:bd: 37:5e:e6:33:86:e6:26:9d:4d:ab:e5:23:f5:31:4d:26:10:f6: 50:9a:5e:7f:52:95:ef:56:3e:02:37:57:bc:7c:a4:d2:a0:3d: 7a:22:18:29:74:19:15:3d:96:cf:8d:3e:4b:e5:08:5a:1b:8d: e3:01:d3:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkRBMUYxMTAvBgNVBAUTKEY5Nzg3RDJDQTE0MzJDQTZFOTMzMzJFMEVERUY2QjA3 QjI0NUQ3QjAwHhcNMjUwNTEyMjA0MDMwWhcNMjUwNTE5MjA0MDMwWjAYMRYwFAYD VQQDEw02ODIyNWNiZS00MzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7JScxV2aVRllqBnpLtgryuec43ukEWd+1+V+BdnSOKOrMACt9a2FTrrGGsr 4ETmd8fog+CFFZpuQSZ5Sd7Pjt23pP2tE0IHYx47Qt2qSC7a84QFmDbgYhZkhRee uXWjpkuOQAsYFUwGXJR/KJMgA5voymCJIWuKqiXdzLL1s49T07EqE2IdYe3wlueW heHnwgPMChs8XWYIsYK3zjBm1bTts3uZAIR22FyPa0MGzaFBRQ28w5nvp4erwMQA hYhzUW4mc3xstlcCc8YQL0V1bBc8B1st4A9FsUXE8+RU8BCnOfdCKrrByYoKTa3w cEv0u0cLgUjvVr356A0nGb59gwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFExlxUnv j4WbWLAUEuYHBASduvyzMB8GA1UdIwQYMBaAFPl4fSyhQyym6TMy4O3vaweyRdew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREExRi9GQjE0QTg4MkRB QkMxMUVBQTYyMDJDODVDNEY5QUUwMi8tWGg5TEtGRExLYnBNekxnN2U5ckI3SkYx N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YaDlMS0ZETEticE16TGc3ZTlyQjdKRjE3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy REExRi9GQjE0QTg4MkRBQkMxMUVBQTYyMDJDODVDNEY5QUUwMi8tWGg5TEtGRExL YnBNekxnN2U5ckI3SkYxN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCm4fJVoTmK5JH+55sY2t65q2bz0Ve6B6nWbRbHUG9yTTqSr77Q4//T LfcI9orO5Fxs0evjqerboo7l3SOvKpF7sXRBJS2cXootmiYL2W6ItLN524wddS3r IN036eDGO2+9s1phMBj0cXkyIhoW1Peby28SE0cCjJWAG9faV3YYc9hZH3xcWtJ9 uJaSbHKkgzZbMH7iqHZAdUL1TuGxARID80YbW9qpRDEeGIqKq7mrksh2kN6CyxMy OR/cOCcdK4WGEWruXL03XuYzhuYmnU2r5SP1MU0mEPZQml5/UpXvVj4CN1e8fKTS oD16IhgpdBkVPZbPjT5L5QhaG43jAdMP -----END CERTIFICATE-----Generated at Wed May 14 17:28:55 2025 by rpki-client