$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft File: cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft (raw, json) Hash identifier: LjmorejjcXyyRr7EniY3NMYWwJ9PfHqOn8DEYYb+PYA= Subject key identifier: 75:E7:AB:7D:E3:FB:4D:14:29:4B:C5:1D:50:A9:92:0E:F3:7A:B1:6A Authority key identifier: 70:D2:60:1C:B0:D0:FA:4F:9C:5F:0E:02:86:D8:B6:AF:D9:23:5A:06 Certificate issuer: /CN=A9130F21/serialNumber=70D2601CB0D0FA4F9C5F0E0286D8B6AFD9235A06 Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft Manifest number: 2B Signing time: Tue 01 Jul 2025 08:30:30 +0000 Manifest this update: Tue 01 Jul 2025 08:30:30 +0000 Manifest next update: Tue 08 Jul 2025 08:30:30 +0000 Files and hashes: 1: cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl (hash: VrRxu3EV+s6Oa8P+Hv9/wm4+QFUQF0Xqyx+kiuvPSfA=) 2: 42CFB44C141411F0BAD16274C4F9AE02.roa (hash: NvkrBL0iNWC0KsiDXy6BO+nae3k0qk/y4fPT3v4Fzd4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9130F21, serialNumber=70D2601CB0D0FA4F9C5F0E0286D8B6AFD9235A06 Validity Not Before: Jul 1 08:30:30 2025 GMT Not After : Jul 8 08:30:30 2025 GMT Subject: CN=68639ca6-e3ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:03:93:3f:58:6d:f8:cb:22:75:2d:c3:b3:b2: c8:94:6e:f9:a8:7a:01:6b:f0:fd:a0:b5:9c:1e:30: 2d:26:cd:ff:65:53:d9:08:96:1b:20:c4:7d:04:85: 58:6d:0f:63:3e:9f:c2:74:76:75:7c:15:ca:de:36: 4c:ec:14:05:d8:1b:3d:b0:29:98:f6:75:99:9e:c7: 83:f3:47:2d:4b:22:bc:6d:fd:12:76:ad:b2:c5:a9: 16:97:15:7a:25:10:7b:fd:91:30:48:12:03:70:56: 23:24:ea:33:32:5e:67:7d:58:ca:80:28:c5:98:3b: 29:f2:53:32:cd:b8:ba:76:68:cf:b6:82:74:cb:c0: 34:b5:dd:44:a5:e7:12:57:23:14:2b:67:65:d4:6d: bc:ab:63:0b:95:68:14:48:92:1f:3f:28:38:b7:74: 79:da:a0:fe:8e:5e:09:38:57:13:54:24:d3:84:64: ce:5f:f0:a7:c4:c8:46:b3:9b:2d:7d:e4:e1:1d:56: 02:e2:64:4e:f8:5e:c6:53:aa:ad:47:01:d4:6c:e5: fe:d5:d2:8c:f1:dd:79:80:91:9a:c7:5e:9d:51:f5: f5:f8:58:c1:0c:af:e6:78:53:81:68:b8:1a:91:84: cc:7a:eb:31:ae:f8:51:bd:e6:71:e3:95:74:1e:72: 21:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:E7:AB:7D:E3:FB:4D:14:29:4B:C5:1D:50:A9:92:0E:F3:7A:B1:6A X509v3 Authority Key Identifier: keyid:70:D2:60:1C:B0:D0:FA:4F:9C:5F:0E:02:86:D8:B6:AF:D9:23:5A:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:d6:c6:4d:d2:09:18:0b:8f:e9:fe:6c:60:d2:4e:0b:f0:0b: 59:58:34:a3:f9:2c:d7:25:ac:7b:05:fe:e8:e5:e0:d8:86:15: f1:d1:c7:ca:bd:4f:d4:73:07:24:51:03:22:d6:d0:ab:ac:ae: 46:e9:85:24:05:79:8b:54:ee:31:1c:ae:96:7c:bf:6f:ce:70: f8:66:64:95:f0:82:9b:e8:cd:ce:25:ba:83:c1:ab:ce:2e:e5: 0b:07:a4:b6:b4:fc:28:e1:c3:b7:41:03:d0:8f:ea:41:cc:bb: ba:1d:70:47:e5:a4:e4:d3:5c:47:49:fb:2a:cc:34:5a:75:10: 07:d2:77:37:c8:52:8b:aa:62:70:af:73:5d:e4:55:da:4b:df: b5:5d:1e:2d:65:13:59:59:9c:7d:64:41:a7:ca:18:50:86:52: 4f:3e:3a:32:a3:67:b1:9a:de:f8:c4:8b:12:3e:ad:91:ac:6f: bc:e8:4c:3e:2b:cf:44:0a:30:25:2c:e8:9d:98:12:9c:67:81: dd:7b:87:db:26:94:83:f4:52:49:42:52:96:e5:99:a8:1e:9f: 95:f6:76:fd:01:0a:64:24:1f:e1:5f:79:91:cf:36:37:4b:8c: 24:56:ad:2d:a7:81:cf:fc:ce:13:e4:63:b3:c2:31:bf:91:dc: 3d:49:93:1e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MEYyMTExMC8GA1UEBRMoNzBEMjYwMUNCMEQwRkE0RjlDNUYwRTAyODZEOEI2QUZE OTIzNUEwNjAeFw0yNTA3MDEwODMwMzBaFw0yNTA3MDgwODMwMzBaMBgxFjAUBgNV BAMTDTY4NjM5Y2E2LWUzYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAA5M/WG34yyJ1LcOzssiUbvmoegFr8P2gtZweMC0mzf9lU9kIlhsgxH0EhVht D2M+n8J0dnV8FcreNkzsFAXYGz2wKZj2dZmex4PzRy1LIrxt/RJ2rbLFqRaXFXol EHv9kTBIEgNwViMk6jMyXmd9WMqAKMWYOynyUzLNuLp2aM+2gnTLwDS13USl5xJX IxQrZ2XUbbyrYwuVaBRIkh8/KDi3dHnaoP6OXgk4VxNUJNOEZM5f8KfEyEazmy19 5OEdVgLiZE74XsZTqq1HAdRs5f7V0ozx3XmAkZrHXp1R9fX4WMEMr+Z4U4FouBqR hMx66zGu+FG95nHjlXQeciE5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUdeerfeP7 TRQpS8UdUKmSDvN6sWowHwYDVR0jBBgwFoAUcNJgHLDQ+k+cXw4Chti2r9kjWgYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMwRjIxLzg1MTdGQjA4MTQx MzExRjA4RjFBMUQ3M0M0RjlBRTAyL2NOSmdITERRLWstY1h3NENodGkycjlraldn WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY05KZ0hMRFEtay1jWHc0Q2h0aTJyOWtqV2dZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMw RjIxLzg1MTdGQjA4MTQxMzExRjA4RjFBMUQ3M0M0RjlBRTAyL2NOSmdITERRLWst Y1h3NENodGkycjlraldnWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAK3Wxk3SCRgLj+n+bGDSTgvwC1lYNKP5LNclrHsF/ujl4NiGFfHRx8q9 T9RzByRRAyLW0KusrkbphSQFeYtU7jEcrpZ8v2/OcPhmZJXwgpvozc4luoPBq84u 5QsHpLa0/Cjhw7dBA9CP6kHMu7odcEflpOTTXEdJ+yrMNFp1EAfSdzfIUouqYnCv c13kVdpL37VdHi1lE1lZnH1kQafKGFCGUk8+OjKjZ7Ga3vjEixI+rZGsb7zoTD4r z0QKMCUs6J2YEpxngd17h9smlIP0UklCUpblmagen5X2dv0BCmQkH+FfeZHPNjdL jCRWrS2ngc/8zhPkY7PCMb+R3D1Jkx4= -----END CERTIFICATE-----Generated at Wed Jul 2 21:53:21 2025 by rpki-client