$ rpki-client -vvf rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft File: tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft (raw, json) Hash identifier: BZI0x2McpiGKgvl8lU+et+TG+pS6z2s2/6lb1FexHvc= Subject key identifier: B6:FC:ED:37:6C:10:60:09:67:5D:4B:4A:79:F4:F6:0A:7B:C7:EB:FB Authority key identifier: B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C Certificate issuer: /CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C Certificate serial: F5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft Manifest number: F0 Signing time: Thu 15 May 2025 04:41:43 +0000 Manifest this update: Thu 15 May 2025 04:41:43 +0000 Manifest next update: Thu 22 May 2025 04:41:43 +0000 Files and hashes: 1: tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl (hash: ZcV/cbmwRxLwf4qD5X3LCwRdF/9DIO0hvSGO59oo7A8=) 2: B2B006BAE3E911EEB845B268C4F9AE02.roa (hash: fj5an6uMsWFMPTZr6PrKep91XRX3rQER6UmH0deptJM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 03:15:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 245 (0xf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131711, serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C Validity Not Before: May 15 04:41:43 2025 GMT Not After : May 22 04:41:43 2025 GMT Subject: CN=68257087-c65c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:6b:12:1c:65:3c:2d:bd:05:e6:03:b3:99:0a: 6e:23:ca:5b:01:24:67:69:09:aa:e9:f5:39:2c:33: 90:f6:0c:84:84:b9:1e:8b:dc:90:37:77:6a:f1:4d: c7:9d:7a:bf:df:4a:3a:51:83:4f:11:8d:f7:b4:17: d4:6f:27:86:b3:d8:18:7b:8e:48:79:d6:e8:28:10: d1:7e:71:63:21:e6:3b:da:2a:8b:cd:0e:3e:d7:23: 3c:eb:93:06:ec:b7:8f:7b:d7:ac:15:68:ea:ca:27: 59:f9:1f:18:8b:e6:2d:a3:9e:88:74:a5:ce:35:08: 2f:bd:f5:cd:ce:08:fd:65:98:4b:36:ae:7c:d2:89: 71:92:7f:23:ef:34:c8:33:46:7d:f0:b0:5d:89:9f: f0:4e:df:f0:4d:7e:10:2c:c0:93:04:eb:7c:fd:e6: 59:9d:0f:98:56:7d:22:fa:e2:f8:0d:7a:f3:e9:5b: 0d:22:97:73:e2:28:fe:a1:02:5f:81:00:eb:33:d0: 03:80:84:04:71:6c:53:ec:93:2e:f8:2c:82:06:7c: cb:5d:10:5c:21:a5:f4:fe:41:08:9a:6c:ed:19:71: 90:07:b4:26:cd:da:37:80:12:b1:50:3a:ce:9a:3f: 4e:ad:9c:4f:7c:2a:d3:7e:95:ab:48:99:96:91:49: a8:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:FC:ED:37:6C:10:60:09:67:5D:4B:4A:79:F4:F6:0A:7B:C7:EB:FB X509v3 Authority Key Identifier: keyid:B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:10:be:98:22:51:d3:3d:83:4c:80:81:98:52:43:47:ad:06: a0:c7:b0:1b:82:a2:f3:4d:42:e2:dc:d8:6a:e2:d0:84:4e:19: 7b:22:31:3b:ed:30:3b:c2:cd:dd:01:b5:0b:3e:ca:23:f4:c9: 3d:06:0b:19:65:35:72:25:eb:7b:4c:b5:53:aa:db:46:e2:e0: df:49:0d:40:ae:6c:3e:7c:5c:fb:2d:d5:2f:7c:77:9e:c3:66: 07:d5:82:bf:d8:75:0b:ce:12:4f:8f:64:0f:ee:2c:c0:32:fc: 5a:4c:c6:d7:24:d1:7f:8f:25:e2:65:4f:eb:12:5c:ed:06:38: 61:e5:3c:66:6c:55:fa:a5:74:4a:4c:c4:ce:ba:e9:34:8b:28: 30:ce:d3:b4:1b:d0:d5:26:86:d9:13:af:0e:45:6e:ff:b0:a2: 9d:6e:57:63:cd:81:51:32:5e:bd:f4:a5:61:c8:59:14:5b:bd: 6a:64:dc:37:98:bc:46:72:a8:a7:28:a6:73:f8:da:7f:be:90: 2c:61:38:0c:6c:fb:a9:d8:cb:f5:ff:2e:94:02:72:84:e3:ff: 27:07:0b:23:e2:08:87:0b:c7:88:33:da:3d:1d:7d:b8:39:e4: 97:08:f0:73:2f:c7:47:f0:1d:8a:2a:65:17:32:72:da:c6:9c: bc:a0:9d:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE3MTExMTAvBgNVBAUTKEI1N0IyMDdGMEUxQzFCQTg3M0EwNzkzNTgyQzdBODEz NDA5ODY3NEMwHhcNMjUwNTE1MDQ0MTQzWhcNMjUwNTIyMDQ0MTQzWjAYMRYwFAYD VQQDEw02ODI1NzA4Ny1jNjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs2sSHGU8Lb0F5gOzmQpuI8pbASRnaQmq6fU5LDOQ9gyEhLkei9yQN3dq8U3H nXq/30o6UYNPEY33tBfUbyeGs9gYe45IedboKBDRfnFjIeY72iqLzQ4+1yM865MG 7LePe9esFWjqyidZ+R8Yi+Yto56IdKXONQgvvfXNzgj9ZZhLNq580olxkn8j7zTI M0Z98LBdiZ/wTt/wTX4QLMCTBOt8/eZZnQ+YVn0i+uL4DXrz6VsNIpdz4ij+oQJf gQDrM9ADgIQEcWxT7JMu+CyCBnzLXRBcIaX0/kEImmztGXGQB7Qmzdo3gBKxUDrO mj9OrZxPfCrTfpWrSJmWkUmomwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLb87Tds EGAJZ11LSnn09gp7x+v7MB8GA1UdIwQYMBaAFLV7IH8OHBuoc6B5NYLHqBNAmGdM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTcxMS85RkREMkRBMEM5 OTExMUVFODkxQkE0MTlDNEY5QUUwMi90WHNnZnc0Y0c2aHpvSGsxZ3Nlb0UwQ1la MHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3RYc2dmdzRjRzZoem9IazFnc2VvRTBDWVowdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTcxMS85RkREMkRBMEM5OTExMUVFODkxQkE0MTlDNEY5QUUwMi90WHNnZnc0Y0c2 aHpvSGsxZ3Nlb0UwQ1laMHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoEL6YIlHTPYNMgIGYUkNHrQagx7AbgqLzTULi3Nhq4tCEThl7IjE7 7TA7ws3dAbULPsoj9Mk9BgsZZTVyJet7TLVTqttG4uDfSQ1Armw+fFz7LdUvfHee w2YH1YK/2HULzhJPj2QP7izAMvxaTMbXJNF/jyXiZU/rElztBjhh5TxmbFX6pXRK TMTOuuk0iygwztO0G9DVJobZE68ORW7/sKKdbldjzYFRMl699KVhyFkUW71qZNw3 mLxGcqinKKZz+Np/vpAsYTgMbPup2Mv1/y6UAnKE4/8nBwsj4giHC8eIM9o9HX24 OeSXCPBzL8dH8B2KKmUXMnLaxpy8oJ33 -----END CERTIFICATE-----Generated at Thu May 15 06:53:51 2025 by rpki-client