$ rpki-client -vvf rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft File: X2mHOU7ukmatexkjRBv29RNP-VA.mft (raw, json) Hash identifier: aJSUKD8s/R0p7SHlRELXxDX9ZeEFtoRg1Wbjx0+wua0= Subject key identifier: 78:CF:AE:55:28:20:AE:BB:25:AD:6F:C3:ED:17:A6:A4:BD:25:DE:5E Authority key identifier: 5F:69:87:39:4E:EE:92:66:AD:7B:19:23:44:1B:F6:F5:13:4F:F9:50 Certificate issuer: /CN=A9147241/serialNumber=5F6987394EEE9266AD7B1923441BF6F5134FF950 Certificate serial: 0817 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft Manifest number: 080F Signing time: Fri 22 Aug 2025 21:01:29 +0000 Manifest this update: Fri 22 Aug 2025 21:01:28 +0000 Manifest next update: Fri 29 Aug 2025 21:01:28 +0000 Files and hashes: 1: X2mHOU7ukmatexkjRBv29RNP-VA.crl (hash: 8412Y3pj749C3gm4CraGHv1fersISRHCyCyJn6w7qvs=) 2: F69648C2ECF211EABBFDDD24C4F9AE02.roa (hash: iinohx2uez2EL2svxSw8QxTPKTPPk9i54jHLL6kBKQg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.crl rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2071 (0x817) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147241, serialNumber=5F6987394EEE9266AD7B1923441BF6F5134FF950 Validity Not Before: Aug 22 21:01:28 2025 GMT Not After : Aug 29 21:01:28 2025 GMT Subject: CN=68a8daa8-d8d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:03:b4:36:72:0e:2d:af:e8:e6:e5:bf:3a:1b: b1:4b:64:db:ef:c5:8f:f1:46:86:04:18:9a:56:79: e9:59:40:3a:db:30:25:81:4f:f0:ac:be:fd:73:e7: c5:20:89:d4:c7:1e:cb:20:6c:64:7b:56:2c:a8:80: b6:e1:d1:77:6e:ff:bc:a5:db:b9:9f:43:6b:4b:34: ab:00:5e:5e:7d:b5:dd:10:00:2d:91:fb:95:4a:7f: b6:4f:11:ac:00:7b:90:5c:ba:97:8f:0f:f2:45:5c: 71:58:c6:92:91:95:63:9c:b2:73:fd:c5:20:66:7e: 50:94:90:b9:9c:dc:31:fe:95:b1:a4:5b:1e:b1:ce: de:ca:c9:c9:49:dc:4b:de:45:5a:53:9d:20:97:30: 14:f8:61:aa:d1:d7:46:52:5a:61:ed:f7:26:53:89: b5:3c:af:3b:2d:3e:28:5c:88:70:bc:da:b1:c0:a5: 73:1d:42:cd:ae:9f:b9:31:1b:c3:f5:d6:d1:25:0c: 03:0d:b3:b0:87:95:eb:3d:4c:df:3f:8f:b4:c8:05: 28:27:fa:04:b1:e2:95:e8:7b:fe:30:5e:4e:23:2b: 9a:25:4a:29:26:e8:64:78:9f:50:cd:65:fe:f9:41: 16:6b:6a:c5:93:b3:84:4c:d7:14:a2:65:2e:c6:18: eb:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:CF:AE:55:28:20:AE:BB:25:AD:6F:C3:ED:17:A6:A4:BD:25:DE:5E X509v3 Authority Key Identifier: keyid:5F:69:87:39:4E:EE:92:66:AD:7B:19:23:44:1B:F6:F5:13:4F:F9:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:89:7d:e6:b9:ce:e8:fe:eb:a1:24:89:5f:a8:1d:54:0c:07: 7e:8f:ad:f1:07:bb:8f:1b:eb:ba:e7:d8:e0:b5:1f:79:c7:4a: df:69:1e:e8:59:5b:fe:91:55:dd:19:fa:72:24:76:b3:3e:a8: 6a:e7:c2:2a:af:5d:bf:82:1e:3b:8d:97:db:b1:52:7c:66:58: 70:ab:1b:2e:45:db:d1:ee:73:f5:2f:65:ab:41:a3:b8:8b:ff: 23:e6:f4:5a:72:6c:f4:74:5c:14:a4:d3:3b:ec:36:fb:45:e3: b4:ba:d6:a8:cc:17:a6:cf:5b:37:d0:9b:5e:70:09:6c:b4:86: f8:4e:90:29:5a:37:52:14:04:26:d0:84:5f:0c:bb:8a:05:69: 88:96:9c:9e:9d:c8:f0:89:3d:47:68:e6:16:77:d1:f2:3d:93: 28:d7:d0:53:c8:95:32:91:15:85:1a:93:39:f3:55:03:74:d4: 16:9d:74:c1:67:85:7b:14:a9:01:a6:b1:f8:d3:23:23:f9:23: 16:86:f7:55:21:a0:6c:bf:39:d0:ab:b1:cd:96:0b:09:e8:99: b3:67:f1:b8:12:12:86:00:88:4e:87:16:49:45:3e:d6:69:08: 91:b9:03:1e:9a:a3:c1:69:85:f9:46:4d:06:da:b5:1e:85:09: b4:76:a0:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDcyNDExMTAvBgNVBAUTKDVGNjk4NzM5NEVFRTkyNjZBRDdCMTkyMzQ0MUJGNkY1 MTM0RkY5NTAwHhcNMjUwODIyMjEwMTI4WhcNMjUwODI5MjEwMTI4WjAYMRYwFAYD VQQDEw02OGE4ZGFhOC1kOGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzwO0NnIOLa/o5uW/OhuxS2Tb78WP8UaGBBiaVnnpWUA62zAlgU/wrL79c+fF IInUxx7LIGxke1YsqIC24dF3bv+8pdu5n0NrSzSrAF5efbXdEAAtkfuVSn+2TxGs AHuQXLqXjw/yRVxxWMaSkZVjnLJz/cUgZn5QlJC5nNwx/pWxpFsesc7eysnJSdxL 3kVaU50glzAU+GGq0ddGUlph7fcmU4m1PK87LT4oXIhwvNqxwKVzHULNrp+5MRvD 9dbRJQwDDbOwh5XrPUzfP4+0yAUoJ/oEseKV6Hv+MF5OIyuaJUopJuhkeJ9QzWX+ +UEWa2rFk7OETNcUomUuxhjrIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHjPrlUo IK67Ja1vw+0XpqS9Jd5eMB8GA1UdIwQYMBaAFF9phzlO7pJmrXsZI0Qb9vUTT/lQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzI0MS82MkJCNUM3NEVD RjExMUVBQTM5RDU3MjJDNEY5QUUwMi9YMm1IT1U3dWttYXRleGtqUkJ2MjlSTlAt VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gybUhPVTd1a21hdGV4a2pSQnYyOVJOUC1WQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzI0MS82MkJCNUM3NEVDRjExMUVBQTM5RDU3MjJDNEY5QUUwMi9YMm1IT1U3dWtt YXRleGtqUkJ2MjlSTlAtVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLiX3muc7o/uuhJIlfqB1UDAd+j63xB7uPG+u659jgtR95x0rfaR7o WVv+kVXdGfpyJHazPqhq58Iqr12/gh47jZfbsVJ8ZlhwqxsuRdvR7nP1L2WrQaO4 i/8j5vRacmz0dFwUpNM77Db7ReO0utaozBemz1s30JtecAlstIb4TpApWjdSFAQm 0IRfDLuKBWmIlpyencjwiT1HaOYWd9HyPZMo19BTyJUykRWFGpM581UDdNQWnXTB Z4V7FKkBprH40yMj+SMWhvdVIaBsvznQq7HNlgsJ6JmzZ/G4EhKGAIhOhxZJRT7W aQiRuQMemqPBaYX5Rk0G2rUehQm0dqB/ -----END CERTIFICATE-----Generated at Sun Aug 24 00:15:52 2025 by rpki-client