$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft File: cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft (raw, json) Hash identifier: DXI6RIfxC/XhL5m499QKptz+2vPa1HdlaCz9s5N0t8k= Subject key identifier: 4E:08:52:DF:F1:53:F9:97:84:D6:E3:9D:87:FB:AC:71:DC:23:DD:BE Authority key identifier: 70:D2:60:1C:B0:D0:FA:4F:9C:5F:0E:02:86:D8:B6:AF:D9:23:5A:06 Certificate issuer: /CN=A9130F21/serialNumber=70D2601CB0D0FA4F9C5F0E0286D8B6AFD9235A06 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft Manifest number: 14 Signing time: Tue 13 May 2025 07:15:42 +0000 Manifest this update: Tue 13 May 2025 07:15:41 +0000 Manifest next update: Tue 20 May 2025 07:15:41 +0000 Files and hashes: 1: cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl (hash: fVFO8Vh9VG2+2KvZkLtUBB24egenwO0eLSjB31VOLgI=) 2: 42CFB44C141411F0BAD16274C4F9AE02.roa (hash: NvkrBL0iNWC0KsiDXy6BO+nae3k0qk/y4fPT3v4Fzd4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 07:15:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9130F21, serialNumber=70D2601CB0D0FA4F9C5F0E0286D8B6AFD9235A06 Validity Not Before: May 13 07:15:41 2025 GMT Not After : May 20 07:15:41 2025 GMT Subject: CN=6822f19e-88e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:e6:27:1f:87:d6:f8:99:6e:c2:4c:9d:1a:9a: 0b:fb:bd:fb:f7:19:90:f2:78:24:b2:65:29:41:2f: f5:54:25:dc:47:94:9d:aa:3c:2d:62:48:1f:4f:d3: 90:41:70:81:4b:c2:9b:88:8a:24:3c:2c:44:02:87: 17:18:43:20:ad:7f:68:f1:dd:eb:0f:ea:b9:ca:db: 23:e9:4a:98:f1:8d:f5:80:9a:49:65:e0:9e:97:cf: 36:75:a6:e4:81:83:79:74:cd:58:df:95:a9:8f:da: 7d:6d:c0:d2:99:5f:5f:38:55:0b:e1:7b:d7:32:f4: 7b:27:c8:53:6c:63:0a:ea:c1:18:b3:9a:84:71:c0: 26:13:f0:62:ce:53:5a:ef:73:be:b8:89:b7:cd:1e: 87:ac:90:d0:c0:1a:d7:75:b2:7d:c7:86:67:6e:a1: ec:f8:83:7d:39:9b:0c:95:a5:58:a2:76:fa:f7:b0: 88:b5:f2:fc:44:1f:b2:e7:bb:21:dc:d3:59:b8:d9: b7:35:4e:16:fc:5e:9b:00:52:a2:16:0f:6b:bf:6e: b5:44:57:e7:10:a2:83:2c:59:63:fe:04:fd:76:a5: 39:53:e4:41:fe:84:f1:ee:5f:ac:4f:ef:d3:b1:3b: 88:db:51:a6:99:32:91:91:73:a7:6b:71:5b:73:c0: 55:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:08:52:DF:F1:53:F9:97:84:D6:E3:9D:87:FB:AC:71:DC:23:DD:BE X509v3 Authority Key Identifier: keyid:70:D2:60:1C:B0:D0:FA:4F:9C:5F:0E:02:86:D8:B6:AF:D9:23:5A:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:22:4c:d9:61:cc:e9:af:34:4e:5d:94:77:fc:39:2f:19:3d: f1:6f:d3:36:6c:b1:59:fc:37:e8:6e:ea:fd:68:7e:4e:1d:ac: 0c:dd:98:66:2b:17:74:f9:c1:54:ba:5d:d4:55:b5:80:10:ae: ba:b5:93:d4:01:98:ac:fe:2b:f0:e7:44:39:69:52:28:b2:cc: c3:80:3d:f7:64:52:4b:bd:a7:95:a1:6b:dc:c2:83:e4:fe:6d: fd:74:c4:15:fb:c5:8d:eb:3e:8b:df:c1:76:ea:f2:47:9e:43: 60:01:5a:a4:a6:83:1d:64:a6:d5:71:e4:11:cc:96:41:07:46: e8:c7:2c:61:1d:20:80:80:ff:f1:a7:97:52:a4:f6:38:58:c2: a4:85:c1:0f:f4:8a:24:1a:a8:ea:af:84:a3:18:20:6b:2b:95: e3:75:d3:26:6b:85:65:a6:80:84:6d:34:88:b4:63:59:9e:6c: 18:9d:2a:ca:b9:3c:71:4e:5a:b7:49:f3:06:e4:de:1b:14:8d: 21:e4:07:0b:f6:df:c6:e1:d5:f6:fc:43:1c:74:be:84:53:76: f4:d9:cd:bb:e9:e5:94:26:9d:f2:09:2b:4b:28:b3:7e:d2:58: e6:e5:b6:e9:31:8a:77:7f:9a:be:38:68:c3:f8:b0:9a:ca:1f: 50:a4:eb:56 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MEYyMTExMC8GA1UEBRMoNzBEMjYwMUNCMEQwRkE0RjlDNUYwRTAyODZEOEI2QUZE OTIzNUEwNjAeFw0yNTA1MTMwNzE1NDFaFw0yNTA1MjAwNzE1NDFaMBgxFjAUBgNV BAMTDTY4MjJmMTllLTg4ZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDe5icfh9b4mW7CTJ0amgv7vfv3GZDyeCSyZSlBL/VUJdxHlJ2qPC1iSB9P05BB cIFLwpuIiiQ8LEQChxcYQyCtf2jx3esP6rnK2yPpSpjxjfWAmkll4J6XzzZ1puSB g3l0zVjflamP2n1twNKZX184VQvhe9cy9HsnyFNsYwrqwRizmoRxwCYT8GLOU1rv c764ibfNHoeskNDAGtd1sn3Hhmduoez4g305mwyVpViidvr3sIi18vxEH7LnuyHc 01m42bc1Thb8XpsAUqIWD2u/brVEV+cQooMsWWP+BP12pTlT5EH+hPHuX6xP79Ox O4jbUaaZMpGRc6drcVtzwFU7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTghS3/FT +ZeE1uOdh/uscdwj3b4wHwYDVR0jBBgwFoAUcNJgHLDQ+k+cXw4Chti2r9kjWgYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMwRjIxLzg1MTdGQjA4MTQx MzExRjA4RjFBMUQ3M0M0RjlBRTAyL2NOSmdITERRLWstY1h3NENodGkycjlraldn WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY05KZ0hMRFEtay1jWHc0Q2h0aTJyOWtqV2dZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMw RjIxLzg1MTdGQjA4MTQxMzExRjA4RjFBMUQ3M0M0RjlBRTAyL2NOSmdITERRLWst Y1h3NENodGkycjlraldnWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH8iTNlhzOmvNE5dlHf8OS8ZPfFv0zZssVn8N+hu6v1ofk4drAzdmGYr F3T5wVS6XdRVtYAQrrq1k9QBmKz+K/DnRDlpUiiyzMOAPfdkUku9p5Wha9zCg+T+ bf10xBX7xY3rPovfwXbq8keeQ2ABWqSmgx1kptVx5BHMlkEHRujHLGEdIICA//Gn l1Kk9jhYwqSFwQ/0iiQaqOqvhKMYIGsrleN10yZrhWWmgIRtNIi0Y1mebBidKsq5 PHFOWrdJ8wbk3hsUjSHkBwv238bh1fb8Qxx0voRTdvTZzbvp5ZQmnfIJK0sos37S WObltukxind/mr44aMP4sJrKH1Ck61Y= -----END CERTIFICATE-----Generated at Tue May 13 11:43:51 2025 by rpki-client