$ rpki-client -vvf rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft File: CKORxrOJyBDpW8YTnOyynV05WMQ.mft (raw, json) Hash identifier: sI0S+j+1FBVPM264FUOobawI1iw4lPirln+fV0gbh60= Subject key identifier: AB:1B:C7:C2:77:64:BC:95:80:87:58:77:3B:AD:DB:F5:85:A4:ED:A8 Authority key identifier: 08:A3:91:C6:B3:89:C8:10:E9:5B:C6:13:9C:EC:B2:9D:5D:39:58:C4 Certificate issuer: /CN=A9145E09/serialNumber=08A391C6B389C810E95BC6139CECB29D5D3958C4 Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft Manifest number: 1B Signing time: Tue 13 May 2025 07:11:00 +0000 Manifest this update: Tue 13 May 2025 07:10:59 +0000 Manifest next update: Tue 20 May 2025 07:10:59 +0000 Files and hashes: 1: CKORxrOJyBDpW8YTnOyynV05WMQ.crl (hash: GGHz2O3hivLpTWWkyGGLw5HYbrFF8bOfETzrb2fznAc=) 2: EE04266A08C811F09F9B7B57C4F9AE02.roa (hash: D+C1K1lzyhPvB9LwJB8gZilHLGwebOslipSKAX/r/Wo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.crl rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 07:10:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145E09, serialNumber=08A391C6B389C810E95BC6139CECB29D5D3958C4 Validity Not Before: May 13 07:10:59 2025 GMT Not After : May 20 07:10:59 2025 GMT Subject: CN=6822f084-e630 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:dc:df:3e:3b:c1:33:01:ac:49:b8:70:16:39: 35:b5:3f:16:d9:15:a8:f7:5f:8b:e4:c6:9e:02:6c: e0:45:4d:a2:0b:b4:00:75:9a:d8:ee:31:fd:80:13: be:a9:01:9f:6c:ed:9a:3b:5f:9a:13:94:ee:3c:cc: dc:6e:3e:0b:c3:82:88:8d:e9:cf:8a:1c:ea:6f:78: e9:61:47:72:de:e1:01:56:55:fc:c0:bb:85:9c:61: cd:10:43:b2:9e:af:79:42:59:ea:5b:a7:fa:fd:ce: 16:20:06:cb:ca:1a:5b:cd:cd:62:79:fa:dc:f0:6d: d7:3d:1f:78:16:9c:d6:60:97:34:5b:96:1e:e6:eb: d0:3a:fd:e4:09:27:4b:d7:a1:da:ad:85:a5:d0:77: 86:c9:e5:15:d2:07:b7:68:07:88:4f:f8:9a:fd:63: cf:20:60:7f:19:a2:5e:40:49:99:10:e6:7f:25:09: bc:f6:d7:5b:b2:24:00:6c:ea:a7:be:42:34:5b:2e: 9a:7f:0b:b6:a0:30:67:d9:55:dc:10:45:14:bc:e7: 5c:0b:24:bf:39:09:13:56:fb:fb:d7:05:4f:28:e6: c5:39:65:44:aa:12:23:83:0f:af:0d:81:82:c9:56: d5:57:dc:77:54:b4:72:06:ae:7b:bf:0d:8f:d5:e5: 3e:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:1B:C7:C2:77:64:BC:95:80:87:58:77:3B:AD:DB:F5:85:A4:ED:A8 X509v3 Authority Key Identifier: keyid:08:A3:91:C6:B3:89:C8:10:E9:5B:C6:13:9C:EC:B2:9D:5D:39:58:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:76:0f:8e:ff:55:31:86:7c:ad:f3:ef:f3:4f:44:9a:24:1c: cd:38:8e:b2:91:2d:47:15:5d:ab:c8:38:72:ac:5b:33:dd:05: 8a:b4:12:7d:a3:7c:68:75:9a:40:16:fc:24:86:a5:39:a4:e9: 78:62:6a:0b:8c:d2:4d:e2:43:ed:99:49:70:b3:99:74:bf:0e: 35:64:42:af:2a:73:cc:ea:f9:af:f5:bd:66:15:5d:b9:ef:6f: b3:87:79:59:8c:e2:9a:57:5f:01:9e:7d:6e:35:eb:d0:cb:7f: fe:df:0c:8b:bc:1e:f2:d6:94:90:1e:32:49:5f:18:a4:8a:06: af:76:2f:21:31:e1:4d:0c:e0:11:3e:8d:4a:71:0c:73:70:2a: bb:80:74:78:31:91:81:b9:9a:9f:2d:2e:90:07:ff:eb:6f:dd: e7:8e:48:a3:79:ab:b4:81:65:59:a2:f0:2d:f6:9b:4c:8c:1e: 8c:55:5c:fd:8d:9d:66:ad:fb:eb:5f:80:08:93:e6:5f:e1:a6: 17:02:05:50:88:16:75:b1:f5:e5:ec:40:b9:35:c1:0f:f0:1b: ee:37:53:42:fc:9c:70:32:42:e8:dc:cf:1a:2c:00:43:5e:11: 72:0a:ca:95:4e:9d:97:79:49:17:2d:4b:c7:ef:38:b5:62:e0: 49:53:39:1e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NUUwOTExMC8GA1UEBRMoMDhBMzkxQzZCMzg5QzgxMEU5NUJDNjEzOUNFQ0IyOUQ1 RDM5NThDNDAeFw0yNTA1MTMwNzEwNTlaFw0yNTA1MjAwNzEwNTlaMBgxFjAUBgNV BAMTDTY4MjJmMDg0LWU2MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDo3N8+O8EzAaxJuHAWOTW1PxbZFaj3X4vkxp4CbOBFTaILtAB1mtjuMf2AE76p AZ9s7Zo7X5oTlO48zNxuPgvDgoiN6c+KHOpveOlhR3Le4QFWVfzAu4WcYc0QQ7Ke r3lCWepbp/r9zhYgBsvKGlvNzWJ5+tzwbdc9H3gWnNZglzRblh7m69A6/eQJJ0vX odqthaXQd4bJ5RXSB7doB4hP+Jr9Y88gYH8Zol5ASZkQ5n8lCbz211uyJABs6qe+ QjRbLpp/C7agMGfZVdwQRRS851wLJL85CRNW+/vXBU8o5sU5ZUSqEiODD68NgYLJ VtVX3HdUtHIGrnu/DY/V5T4dAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUqxvHwndk vJWAh1h3O63b9YWk7agwHwYDVR0jBBgwFoAUCKORxrOJyBDpW8YTnOyynV05WMQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1RTA5Lzg3MDU1QjMyMDhD ODExRjBBMEQzNEU1NkM0RjlBRTAyL0NLT1J4ck9KeUJEcFc4WVRuT3l5blYwNVdN US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0tPUnhyT0p5QkRwVzhZVG5PeXluVjA1V01RLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1 RTA5Lzg3MDU1QjMyMDhDODExRjBBMEQzNEU1NkM0RjlBRTAyL0NLT1J4ck9KeUJE cFc4WVRuT3l5blYwNVdNUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABV2D47/VTGGfK3z7/NPRJokHM04jrKRLUcVXavIOHKsWzPdBYq0En2j fGh1mkAW/CSGpTmk6XhiaguM0k3iQ+2ZSXCzmXS/DjVkQq8qc8zq+a/1vWYVXbnv b7OHeVmM4ppXXwGefW4169DLf/7fDIu8HvLWlJAeMklfGKSKBq92LyEx4U0M4BE+ jUpxDHNwKruAdHgxkYG5mp8tLpAH/+tv3eeOSKN5q7SBZVmi8C32m0yMHoxVXP2N nWat++tfgAiT5l/hphcCBVCIFnWx9eXsQLk1wQ/wG+43U0L8nHAyQujczxosAENe EXIKypVOnZd5SRctS8fvOLVi4ElTOR4= -----END CERTIFICATE-----Generated at Wed May 14 17:35:22 2025 by rpki-client