$ rpki-client -vvf rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft File: D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft (raw, json) Hash identifier: MS/LsQpT4pcNy1E9mBqyJnMzZp/3dKEWKQkdTEWyLl4= Subject key identifier: E2:68:D4:61:71:6E:4B:A1:61:9F:95:8D:1F:DC:23:0B:40:45:D0:D3 Authority key identifier: 0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 Certificate issuer: /CN=A9134BB0/serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Certificate serial: 0169 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft Manifest number: 0166 Signing time: Sun 11 May 2025 02:51:12 +0000 Manifest this update: Sun 11 May 2025 02:51:11 +0000 Manifest next update: Sun 18 May 2025 02:51:11 +0000 Files and hashes: 1: D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl (hash: yRmJFrMhKyYUPwtWAVFlZoK45713JHoJOXx/BteItAM=) 2: 075B4CC80AC511EEB25A152AC4F9AE02.roa (hash: WMsnJeKRDE/E3eYU+nh3vcngfITTgAj3NVw90NWzGkU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:51:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 361 (0x169) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134BB0, serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Validity Not Before: May 11 02:51:11 2025 GMT Not After : May 18 02:51:11 2025 GMT Subject: CN=6820109f-c331 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:58:ce:72:93:5b:45:34:9a:8c:dc:a0:f0:f1: b4:8e:0d:0e:0d:82:12:3d:b7:b7:d0:0f:48:de:c4: e4:ec:c2:05:83:6a:83:ad:5b:1b:9f:3e:18:fd:64: a5:38:4e:df:ef:61:e1:24:a2:0b:ee:bb:f5:0f:c5: 1e:13:73:b2:73:55:4b:85:c0:ef:ce:dc:12:3e:08: 7b:44:01:2e:9b:c3:47:c3:70:20:92:08:f7:2b:3c: f3:9f:7f:0d:9d:22:60:5d:50:78:67:04:6c:aa:06: b2:b4:61:f6:a6:b0:03:01:56:c5:6c:20:eb:44:23: 6d:34:e5:ff:e1:71:09:8d:f0:c2:25:ea:34:47:0a: 20:71:f8:a1:50:a8:b2:13:64:dd:ab:63:47:a1:3c: 11:25:fb:85:ea:d9:fb:df:35:0a:72:1e:25:df:85: 9e:a2:80:89:59:00:2d:c8:e8:55:6a:2e:e7:87:2a: 64:6b:a9:7c:b3:75:a7:5a:d5:93:24:48:27:89:24: 26:50:b6:28:fa:ac:31:c6:fb:4b:41:06:4e:93:92: 60:ac:99:2d:fd:57:25:0b:e1:70:2a:c5:4f:c8:df: 2f:3b:4c:36:1d:7f:c9:36:4f:13:3b:63:2d:b5:bf: dc:c2:c8:63:14:bb:fa:de:e6:21:89:bc:98:37:09: f0:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:68:D4:61:71:6E:4B:A1:61:9F:95:8D:1F:DC:23:0B:40:45:D0:D3 X509v3 Authority Key Identifier: keyid:0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:1a:63:5f:05:b9:ac:ed:fc:4a:37:81:a6:bc:04:11:81:19: 70:78:cd:d1:cb:0b:27:5e:45:f1:e5:50:34:9e:46:fe:b6:e6: 3b:c3:f9:29:b3:ac:4e:98:3d:cd:6a:49:d8:71:73:b9:2a:09: aa:20:7b:34:0e:38:63:77:90:24:32:91:ba:df:97:e9:2e:86: 6c:84:77:1b:65:b9:7b:d2:8a:d7:54:0a:5c:74:1e:6e:e4:60: 3d:79:86:aa:70:83:c4:d9:7f:3a:32:dc:63:b6:6f:f4:23:9d: 66:a3:28:1d:6d:59:83:ff:16:ff:32:08:64:7a:a4:0e:b8:d6: 67:d0:ca:be:0c:2a:bc:ab:c8:cc:6c:21:1b:23:f7:72:34:74: f1:34:ae:4e:76:a4:10:ca:b0:34:a4:0f:24:6d:3e:87:e9:1b: 51:53:b6:80:ad:56:53:e8:3c:bd:c8:cc:a9:e2:2b:42:82:2a: 6b:0a:17:3c:90:94:ba:49:ef:74:35:9f:40:11:9e:5e:6d:83: 84:3d:59:81:11:6a:75:a3:eb:ea:18:e1:6f:b8:50:4a:42:93: cd:b1:3f:e8:1e:bf:ff:c2:5e:a0:00:6a:bc:2a:56:aa:29:5b: a5:d9:06:95:92:a5:64:1d:f9:ca:a2:db:7d:2d:61:f5:2a:87: b5:7a:5d:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzRCQjAxMTAvBgNVBAUTKDBGNjE0MkFFNDE2OERGMEIxODA1RkE1ODFEMjAzOTQ3 NjdBQTIyNTgwHhcNMjUwNTExMDI1MTExWhcNMjUwNTE4MDI1MTExWjAYMRYwFAYD VQQDEw02ODIwMTA5Zi1jMzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu1jOcpNbRTSajNyg8PG0jg0ODYISPbe30A9I3sTk7MIFg2qDrVsbnz4Y/WSl OE7f72HhJKIL7rv1D8UeE3Oyc1VLhcDvztwSPgh7RAEum8NHw3Agkgj3Kzzzn38N nSJgXVB4ZwRsqgaytGH2prADAVbFbCDrRCNtNOX/4XEJjfDCJeo0RwogcfihUKiy E2Tdq2NHoTwRJfuF6tn73zUKch4l34WeooCJWQAtyOhVai7nhypka6l8s3WnWtWT JEgniSQmULYo+qwxxvtLQQZOk5JgrJkt/VclC+FwKsVPyN8vO0w2HX/JNk8TO2Mt tb/cwshjFLv63uYhibyYNwnwIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOJo1GFx bkuhYZ+VjR/cIwtARdDTMB8GA1UdIwQYMBaAFA9hQq5BaN8LGAX6WB0gOUdnqiJY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEJCMC9ERDQ3MzhFMDBB QkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3c1lCZnBZSFNBNVIyZXFJ bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QyRkNya0ZvM3dzWUJmcFlIU0E1UjJlcUlsZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEJCMC9ERDQ3MzhFMDBBQkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3 c1lCZnBZSFNBNVIyZXFJbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoGmNfBbms7fxKN4GmvAQRgRlweM3RywsnXkXx5VA0nkb+tuY7w/kp s6xOmD3NaknYcXO5KgmqIHs0Djhjd5AkMpG635fpLoZshHcbZbl70orXVApcdB5u 5GA9eYaqcIPE2X86Mtxjtm/0I51moygdbVmD/xb/MghkeqQOuNZn0Mq+DCq8q8jM bCEbI/dyNHTxNK5OdqQQyrA0pA8kbT6H6RtRU7aArVZT6Dy9yMyp4itCgiprChc8 kJS6Se90NZ9AEZ5ebYOEPVmBEWp1o+vqGOFvuFBKQpPNsT/oHr//wl6gAGq8Klaq KVul2QaVkqVkHfnKott9LWH1Koe1el2h -----END CERTIFICATE-----Generated at Sun May 11 16:50:43 2025 by rpki-client