$ rpki-client -vvf rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft File: XfVm12I2fCjH8_ElYbRxa4yhuWY.mft (raw, json) Hash identifier: EnkgbvrumrlKyhE6jiaKuMQEAhYmGpq4xRe5RO9KHyM= Subject key identifier: 49:62:75:4A:B3:51:AA:6A:01:7D:14:52:19:92:5B:F4:1E:95:D2:5D Authority key identifier: 5D:F5:66:D7:62:36:7C:28:C7:F3:F1:25:61:B4:71:6B:8C:A1:B9:66 Certificate issuer: /CN=A9133B47/serialNumber=5DF566D762367C28C7F3F12561B4716B8CA1B966 Certificate serial: DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XfVm12I2fCjH8_ElYbRxa4yhuWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft Manifest number: D9 Signing time: Thu 03 Jul 2025 05:45:31 +0000 Manifest this update: Thu 03 Jul 2025 05:45:31 +0000 Manifest next update: Thu 10 Jul 2025 05:45:31 +0000 Files and hashes: 1: XfVm12I2fCjH8_ElYbRxa4yhuWY.crl (hash: MtgklMvTuABC70NRm2Q0Mb2g0NGq96cm7lYDEcpc40w=) 2: 23B1A0120FA511EFB28F5235C4F9AE02.roa (hash: 1j2rFTty2/H954Iwvk/ZWmtqptjhE7lYs+ZEPtYw42E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.crl rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XfVm12I2fCjH8_ElYbRxa4yhuWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9133B47, serialNumber=5DF566D762367C28C7F3F12561B4716B8CA1B966 Validity Not Before: Jul 3 05:45:31 2025 GMT Not After : Jul 10 05:45:31 2025 GMT Subject: CN=686618fb-6b07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:f7:75:21:33:57:40:47:6a:19:0d:ce:6b:d7: ff:14:24:0f:74:aa:39:ae:d7:8f:72:78:88:af:db: 4b:70:d6:77:ea:0d:fa:b8:22:db:44:a9:3c:b3:c8: a2:3f:94:51:78:b8:69:f4:d3:18:ef:c6:39:70:7b: 22:ed:86:b4:e9:77:5b:3e:75:c7:d8:47:99:29:d4: 82:21:cf:47:7f:82:7f:a3:34:6a:aa:bc:fd:af:0b: 71:e7:dd:c4:6c:1b:a4:7b:8b:90:f5:54:c7:4e:b1: 5d:4d:b2:d1:2d:23:19:9c:fa:17:9c:c1:ce:33:45: 2a:26:99:66:58:38:dc:22:5e:88:62:ed:63:d0:44: 83:5f:8b:e3:d4:6f:59:e2:fd:22:80:6b:d4:9e:67: df:e8:25:58:00:d0:d5:e4:8f:f5:f7:d9:e2:24:52: d6:48:82:c0:6d:91:5e:a1:3b:ec:8a:12:ab:d2:ee: c2:b5:78:96:44:57:1c:93:08:4a:ee:08:76:6b:17: b2:d4:84:14:f8:c2:f4:54:15:34:22:b6:11:8a:c0: e5:50:18:7b:c2:0b:a0:f8:7f:3b:86:f9:be:27:ea: 25:e9:02:7a:56:15:f1:ce:3c:ea:00:19:bd:b4:49: 9f:8b:d0:d4:b3:50:f7:03:26:f1:c7:15:87:9b:12: 2b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:62:75:4A:B3:51:AA:6A:01:7D:14:52:19:92:5B:F4:1E:95:D2:5D X509v3 Authority Key Identifier: keyid:5D:F5:66:D7:62:36:7C:28:C7:F3:F1:25:61:B4:71:6B:8C:A1:B9:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XfVm12I2fCjH8_ElYbRxa4yhuWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133B47/871B92940FA411EFA1A16934C4F9AE02/XfVm12I2fCjH8_ElYbRxa4yhuWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:4c:c9:50:13:14:6d:19:4c:90:ca:55:52:bc:31:de:a3:e5: 26:77:eb:a6:a5:20:fa:f8:21:f5:30:a8:bc:ad:14:d3:cc:a7: ad:c4:80:2d:76:28:02:a2:2d:b3:14:e5:fe:9f:7c:e7:88:7d: b5:4a:d5:94:2b:bd:e4:c9:07:1f:be:ab:04:ee:61:98:e6:bc: 8f:e3:73:b8:cf:8b:97:44:8c:25:a3:2a:55:5c:cf:8d:2e:ac: 60:77:15:69:8e:c5:16:85:02:4a:d5:18:20:57:41:e9:ac:65: 20:c4:5e:51:58:e1:ce:a3:0e:16:f8:65:82:cb:1d:e8:f9:79: 3c:e1:18:ec:70:31:17:02:d3:6e:e1:79:76:21:6e:5b:72:e7: 73:6d:dc:b4:20:bd:b5:ff:52:65:7f:2c:0d:f1:f3:e7:e2:78: 8c:49:b8:97:5e:8a:a4:4a:fd:75:62:4b:ec:fa:7b:96:01:52: df:c6:59:53:52:4b:3a:6c:61:0a:49:aa:f9:37:d3:5a:a2:b6: 05:c7:b6:03:35:ee:10:06:3b:73:03:3f:2d:61:bd:7b:1c:41: 70:d0:fd:e7:30:29:8f:c9:fd:a0:08:e7:1a:c8:dd:b5:ab:07: ef:1b:05:50:3c:15:f8:d9:54:27:3e:a4:e0:01:2a:48:20:9e: 3a:b0:aa:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzNCNDcxMTAvBgNVBAUTKDVERjU2NkQ3NjIzNjdDMjhDN0YzRjEyNTYxQjQ3MTZC OENBMUI5NjYwHhcNMjUwNzAzMDU0NTMxWhcNMjUwNzEwMDU0NTMxWjAYMRYwFAYD VQQDEw02ODY2MThmYi02YjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmPd1ITNXQEdqGQ3Oa9f/FCQPdKo5rtePcniIr9tLcNZ36g36uCLbRKk8s8ii P5RReLhp9NMY78Y5cHsi7Ya06XdbPnXH2EeZKdSCIc9Hf4J/ozRqqrz9rwtx593E bBuke4uQ9VTHTrFdTbLRLSMZnPoXnMHOM0UqJplmWDjcIl6IYu1j0ESDX4vj1G9Z 4v0igGvUnmff6CVYANDV5I/199niJFLWSILAbZFeoTvsihKr0u7CtXiWRFcckwhK 7gh2axey1IQU+ML0VBU0IrYRisDlUBh7wgug+H87hvm+J+ol6QJ6VhXxzjzqABm9 tEmfi9DUs1D3AybxxxWHmxIrvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFElidUqz UapqAX0UUhmSW/QeldJdMB8GA1UdIwQYMBaAFF31ZtdiNnwox/PxJWG0cWuMoblm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0I0Ny84NzFCOTI5NDBG QTQxMUVGQTFBMTY5MzRDNEY5QUUwMi9YZlZtMTJJMmZDakg4X0VsWWJSeGE0eWh1 V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hmVm0xMkkyZkNqSDhfRWxZYlJ4YTR5aHVXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz M0I0Ny84NzFCOTI5NDBGQTQxMUVGQTFBMTY5MzRDNEY5QUUwMi9YZlZtMTJJMmZD akg4X0VsWWJSeGE0eWh1V1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3TMlQExRtGUyQylVSvDHeo+Umd+umpSD6+CH1MKi8rRTTzKetxIAt digCoi2zFOX+n3zniH21StWUK73kyQcfvqsE7mGY5ryP43O4z4uXRIwloypVXM+N LqxgdxVpjsUWhQJK1RggV0HprGUgxF5RWOHOow4W+GWCyx3o+Xk84RjscDEXAtNu 4Xl2IW5bcudzbdy0IL21/1JlfywN8fPn4niMSbiXXoqkSv11Ykvs+nuWAVLfxllT Uks6bGEKSar5N9NaorYFx7YDNe4QBjtzAz8tYb17HEFw0P3nMCmPyf2gCOcayN21 qwfvGwVQPBX42VQnPqTgASpIIJ46sKrE -----END CERTIFICATE-----Generated at Thu Jul 3 11:39:46 2025 by rpki-client