$ rpki-client -vvf rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft File: nQi_OKDTi4yrfP2I9djE7WZ3jME.mft (raw, json) Hash identifier: EXXM9TjQ4e9/kHr+iMKqaWECvlFF062RoVOgFiklyUM= Subject key identifier: 0B:BB:97:90:F4:90:A2:76:B5:70:BA:7E:82:04:FD:CF:DD:A0:15:21 Authority key identifier: 9D:08:BF:38:A0:D3:8B:8C:AB:7C:FD:88:F5:D8:C4:ED:66:77:8C:C1 Certificate issuer: /CN=A913F0DF/serialNumber=9D08BF38A0D38B8CAB7CFD88F5D8C4ED66778CC1 Certificate serial: 010D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft Manifest number: 010A Signing time: Fri 09 May 2025 04:05:48 +0000 Manifest this update: Fri 09 May 2025 04:05:48 +0000 Manifest next update: Fri 16 May 2025 04:05:48 +0000 Files and hashes: 1: nQi_OKDTi4yrfP2I9djE7WZ3jME.crl (hash: bqxfsJLfaLi8NUEAcL0o1gPo0ImruaToSH3l3pApJJE=) 2: 7C7AF8E6E67011EEB76DCB76C4F9AE02.roa (hash: tBwNVvJX12RI1rw1ArvMyaYybwsSqQmw1mHttd1wbm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.crl rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 04:05:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 269 (0x10d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F0DF, serialNumber=9D08BF38A0D38B8CAB7CFD88F5D8C4ED66778CC1 Validity Not Before: May 9 04:05:48 2025 GMT Not After : May 16 04:05:48 2025 GMT Subject: CN=681d7f1c-c20a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:e7:b4:b2:6d:54:dc:8c:d6:58:d5:d9:1c:8d: af:0c:f4:65:89:b9:3f:22:2e:67:bd:3e:17:73:0d: 08:06:f9:f3:93:35:3d:de:e2:fc:58:3e:9a:3b:4d: 5b:50:11:81:f7:c3:e6:7a:45:ee:fe:96:cb:b8:63: ca:59:e6:1a:53:a0:11:de:a1:3b:c9:a7:34:ed:49: bf:00:57:a9:b9:2d:a7:a5:75:c6:ba:84:80:78:35: f8:5d:4a:94:06:af:2e:9f:68:22:ea:33:dc:64:0a: 12:4d:6f:e6:71:8c:f8:d9:78:69:61:43:24:87:57: 57:6d:2a:0c:6e:22:63:da:c9:8f:b2:fa:7b:46:f6: 56:78:a3:a8:7c:41:ab:2d:cb:dc:dc:21:27:5d:66: c7:9e:08:d9:34:65:fa:d9:4a:ee:f7:e6:c9:77:e0: 55:e1:a4:3c:ee:0a:7f:1d:d4:73:c1:42:4a:c7:ce: 2c:94:13:2e:3e:7c:97:0b:2c:94:50:a0:92:fa:13: 02:c7:f1:49:d0:a9:7c:84:ad:c3:14:e7:d5:e9:e6: 72:1e:07:23:34:21:ce:a0:be:66:48:2e:79:93:5a: cb:14:e8:cc:54:38:79:20:a6:45:e9:4e:c1:10:71: 25:09:7b:6c:53:f1:18:bc:c2:12:f3:32:02:b1:9e: df:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:BB:97:90:F4:90:A2:76:B5:70:BA:7E:82:04:FD:CF:DD:A0:15:21 X509v3 Authority Key Identifier: keyid:9D:08:BF:38:A0:D3:8B:8C:AB:7C:FD:88:F5:D8:C4:ED:66:77:8C:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:f7:36:d0:3c:12:dd:eb:3d:1a:57:3c:f7:a8:27:cf:f3:d9: f7:c8:6c:15:4e:ef:0f:1e:45:b5:1d:4f:eb:9e:ee:f9:26:a3: f0:03:f9:ed:41:dc:47:2f:eb:f4:09:87:45:fb:03:e4:bb:14: 63:d8:08:44:e2:f8:33:2a:0f:79:7e:68:c1:09:95:b5:70:fc: 76:5b:d6:11:76:a7:bd:01:37:3c:e9:5e:cf:40:ac:06:31:60: b9:9a:55:db:cb:9b:c6:62:e2:5e:25:04:ee:31:4b:94:f2:33: 56:23:de:7a:5b:bb:1d:a8:f5:1a:54:b8:85:c6:8c:b1:1d:10: 02:3c:94:ef:42:92:11:09:5f:92:da:3b:6e:3d:e9:43:b9:a5: d3:c4:cc:69:00:da:9a:e8:26:a9:48:b6:78:e5:61:c9:1f:81: e0:97:84:5c:8e:63:2d:1e:87:b6:b1:42:b5:ac:23:61:7f:50: 09:c6:f8:35:d1:e8:e0:20:41:ae:87:c5:27:aa:6c:ba:e0:7d: d7:a1:62:b0:5d:f2:68:b0:0b:23:2d:40:04:de:dc:e9:4d:da: 76:ed:37:1d:2b:fe:e3:4b:bb:9c:9b:24:56:4a:21:35:d9:cb: 4c:63:6e:97:2b:86:db:14:32:c4:82:c0:32:02:b7:65:36:6c: 40:b0:24:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0YwREYxMTAvBgNVBAUTKDlEMDhCRjM4QTBEMzhCOENBQjdDRkQ4OEY1RDhDNEVE NjY3NzhDQzEwHhcNMjUwNTA5MDQwNTQ4WhcNMjUwNTE2MDQwNTQ4WjAYMRYwFAYD VQQDEw02ODFkN2YxYy1jMjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6+e0sm1U3IzWWNXZHI2vDPRlibk/Ii5nvT4Xcw0IBvnzkzU93uL8WD6aO01b UBGB98PmekXu/pbLuGPKWeYaU6AR3qE7yac07Um/AFepuS2npXXGuoSAeDX4XUqU Bq8un2gi6jPcZAoSTW/mcYz42XhpYUMkh1dXbSoMbiJj2smPsvp7RvZWeKOofEGr Lcvc3CEnXWbHngjZNGX62Uru9+bJd+BV4aQ87gp/HdRzwUJKx84slBMuPnyXCyyU UKCS+hMCx/FJ0Kl8hK3DFOfV6eZyHgcjNCHOoL5mSC55k1rLFOjMVDh5IKZF6U7B EHElCXtsU/EYvMIS8zICsZ7fBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAu7l5D0 kKJ2tXC6foIE/c/doBUhMB8GA1UdIwQYMBaAFJ0Ivzig04uMq3z9iPXYxO1md4zB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjBERi9FNTA4MzY0ODk5 MjgxMUVFQkJDQUU4N0FDNEY5QUUwMi9uUWlfT0tEVGk0eXJmUDJJOWRqRTdXWjNq TUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25RaV9PS0RUaTR5cmZQMkk5ZGpFN1daM2pNRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjBERi9FNTA4MzY0ODk5MjgxMUVFQkJDQUU4N0FDNEY5QUUwMi9uUWlfT0tEVGk0 eXJmUDJJOWRqRTdXWjNqTUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB59zbQPBLd6z0aVzz3qCfP89n3yGwVTu8PHkW1HU/rnu75JqPwA/nt QdxHL+v0CYdF+wPkuxRj2AhE4vgzKg95fmjBCZW1cPx2W9YRdqe9ATc86V7PQKwG MWC5mlXby5vGYuJeJQTuMUuU8jNWI956W7sdqPUaVLiFxoyxHRACPJTvQpIRCV+S 2jtuPelDuaXTxMxpANqa6CapSLZ45WHJH4Hgl4RcjmMtHoe2sUK1rCNhf1AJxvg1 0ejgIEGuh8Unqmy64H3XoWKwXfJosAsjLUAE3tzpTdp27TcdK/7jS7ucmyRWSiE1 2ctMY26XK4bbFDLEgsAyArdlNmxAsCT5 -----END CERTIFICATE-----Generated at Sat May 10 22:04:51 2025 by rpki-client