$ rpki-client -vvf rpki.apnic.net/member_repository/A914BBE1/9E66034C84C511ECA9861564C4F9AE02/S9XCMYZ-JzlRVcAceEizsByGBvI.mft File: S9XCMYZ-JzlRVcAceEizsByGBvI.mft (raw, json) Hash identifier: sUNYtnC6EUbi1M6P3IpvqulKCATNH3FIgPB7JOfj1Lk= Subject key identifier: 30:20:57:34:D7:6B:D9:E6:36:E9:4E:23:35:B0:83:61:A2:16:CD:BB Authority key identifier: 4B:D5:C2:31:86:7E:27:39:51:55:C0:1C:78:48:B3:B0:1C:86:06:F2 Certificate issuer: /CN=A914BBE1/serialNumber=4BD5C231867E27395155C01C7848B3B01C8606F2 Certificate serial: 03D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S9XCMYZ-JzlRVcAceEizsByGBvI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914BBE1/9E66034C84C511ECA9861564C4F9AE02/S9XCMYZ-JzlRVcAceEizsByGBvI.mft Manifest number: 03CD Signing time: Tue 13 May 2025 00:25:25 +0000 Manifest this update: Tue 13 May 2025 00:25:25 +0000 Manifest next update: Tue 20 May 2025 00:25:25 +0000 Files and hashes: 1: S9XCMYZ-JzlRVcAceEizsByGBvI.crl (hash: S7E4zl6nyFLjocAkrgDvCxs9m7c/CG2YjbzkoICQjnM=) 2: 24C0E7A684C911EC8CE1246BC4F9AE02.roa (hash: /ks11M81kp4oGi/uf6+uil4xz+jgg1PhbFjvxN9fgAU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914BBE1/9E66034C84C511ECA9861564C4F9AE02/S9XCMYZ-JzlRVcAceEizsByGBvI.crl rsync://rpki.apnic.net/member_repository/A914BBE1/9E66034C84C511ECA9861564C4F9AE02/S9XCMYZ-JzlRVcAceEizsByGBvI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S9XCMYZ-JzlRVcAceEizsByGBvI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 00:25:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 978 (0x3d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914BBE1, serialNumber=4BD5C231867E27395155C01C7848B3B01C8606F2 Validity Not Before: May 13 00:25:25 2025 GMT Not After : May 20 00:25:25 2025 GMT Subject: CN=68229175-b38d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d6:86:2a:03:da:e6:16:96:82:30:ed:7d:33: 24:8b:c0:93:a0:29:f8:32:5d:84:0f:64:52:00:e8: 72:1e:89:86:f7:86:ed:d3:2e:8d:8a:dd:fa:72:cd: 5b:6c:a3:fa:c1:ce:a0:be:95:e9:84:51:95:7d:2c: 68:42:cb:31:e0:f6:95:bf:06:dd:c4:d1:ee:da:04: 1d:11:bb:d8:d1:3f:ce:cd:5c:3a:86:32:f4:f9:07: f0:a9:cd:62:10:32:94:09:08:05:43:89:cb:b1:3e: 02:df:7c:74:12:b1:cc:dd:55:49:5e:36:cf:28:36: 87:d8:b9:85:dc:63:8b:df:56:25:17:81:cf:52:25: 1f:cb:21:9a:d1:0e:68:9b:1e:77:53:10:2f:5a:b1: d7:70:72:66:bd:0f:c3:59:aa:c2:ad:7a:89:f2:e0: 99:50:87:eb:d9:48:b0:80:bc:32:d4:62:7e:e1:0d: b3:85:0e:bb:fc:d0:6d:db:a3:0a:33:94:ab:3a:c0: 68:4c:ea:25:88:ce:09:99:c3:db:4d:20:ba:3f:8e: f0:df:ae:e4:1b:a6:b8:63:5a:b1:6f:99:8c:28:4e: 68:d6:0e:f2:1a:90:37:a7:78:a0:45:82:a0:ec:59: 3d:6b:cb:e4:cd:d2:ec:b6:8b:0e:cf:40:12:f3:bd: 1a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:20:57:34:D7:6B:D9:E6:36:E9:4E:23:35:B0:83:61:A2:16:CD:BB X509v3 Authority Key Identifier: keyid:4B:D5:C2:31:86:7E:27:39:51:55:C0:1C:78:48:B3:B0:1C:86:06:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914BBE1/9E66034C84C511ECA9861564C4F9AE02/S9XCMYZ-JzlRVcAceEizsByGBvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S9XCMYZ-JzlRVcAceEizsByGBvI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BBE1/9E66034C84C511ECA9861564C4F9AE02/S9XCMYZ-JzlRVcAceEizsByGBvI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:ac:83:88:70:48:5b:a4:bb:3e:d2:e4:91:86:a2:83:36:9b: ae:b5:f0:c6:ce:a7:6c:00:02:9a:bb:84:e6:ce:45:32:f9:40: 9c:77:6e:2f:35:c5:0e:44:47:bb:e8:e8:37:1d:0d:c2:3f:a6: fb:19:65:2e:2c:12:ca:7c:fa:21:8e:c9:3a:bf:8e:c3:e0:20: 83:e6:a5:da:be:22:00:68:2b:e3:88:a1:91:f7:36:c5:9e:e3: e8:00:65:ab:ce:56:bf:5c:c4:5e:c8:e3:a1:7c:03:55:03:a9: 37:31:de:c2:55:07:96:79:f8:20:ed:3a:f2:0d:13:0a:56:1e: be:2a:d1:84:9e:8b:c1:73:ef:84:96:35:30:b1:4c:60:18:15: f1:f1:82:f8:e3:8e:40:ad:92:b8:3f:99:5e:30:18:97:16:38: db:89:57:44:78:14:a4:b9:15:ea:26:28:42:f4:40:67:31:53: b6:9d:3d:19:3d:5f:da:db:a4:3b:31:30:20:df:2d:5d:37:ec: 2a:b8:02:fb:58:de:c7:95:2d:0a:dc:7d:3f:dc:d3:77:6a:50: 8f:e5:ae:2a:5f:7a:c1:4f:0c:86:29:e7:9a:97:22:ec:89:32: 1e:be:5b:51:94:fb:6f:56:9f:08:7b:22:6a:4f:9b:b6:21:e6: 7f:4e:32:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEJCRTExMTAvBgNVBAUTKDRCRDVDMjMxODY3RTI3Mzk1MTU1QzAxQzc4NDhCM0Iw MUM4NjA2RjIwHhcNMjUwNTEzMDAyNTI1WhcNMjUwNTIwMDAyNTI1WjAYMRYwFAYD VQQDEw02ODIyOTE3NS1iMzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0taGKgPa5haWgjDtfTMki8CToCn4Ml2ED2RSAOhyHomG94bt0y6Nit36cs1b bKP6wc6gvpXphFGVfSxoQssx4PaVvwbdxNHu2gQdEbvY0T/OzVw6hjL0+Qfwqc1i EDKUCQgFQ4nLsT4C33x0ErHM3VVJXjbPKDaH2LmF3GOL31YlF4HPUiUfyyGa0Q5o mx53UxAvWrHXcHJmvQ/DWarCrXqJ8uCZUIfr2UiwgLwy1GJ+4Q2zhQ67/NBt26MK M5SrOsBoTOoliM4JmcPbTSC6P47w367kG6a4Y1qxb5mMKE5o1g7yGpA3p3igRYKg 7Fk9a8vkzdLstosOz0AS870aDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDAgVzTX a9nmNulOIzWwg2GiFs27MB8GA1UdIwQYMBaAFEvVwjGGfic5UVXAHHhIs7Achgby MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkJFMS85RTY2MDM0Qzg0 QzUxMUVDQTk4NjE1NjRDNEY5QUUwMi9TOVhDTVlaLUp6bFJWY0FjZUVpenNCeUdC dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1M5WENNWVotSnpsUlZjQWNlRWl6c0J5R0J2SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QkJFMS85RTY2MDM0Qzg0QzUxMUVDQTk4NjE1NjRDNEY5QUUwMi9TOVhDTVlaLUp6 bFJWY0FjZUVpenNCeUdCdkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADrIOIcEhbpLs+0uSRhqKDNpuutfDGzqdsAAKau4TmzkUy+UCcd24v NcUOREe76Og3HQ3CP6b7GWUuLBLKfPohjsk6v47D4CCD5qXaviIAaCvjiKGR9zbF nuPoAGWrzla/XMReyOOhfANVA6k3Md7CVQeWefgg7TryDRMKVh6+KtGEnovBc++E ljUwsUxgGBXx8YL4445ArZK4P5leMBiXFjjbiVdEeBSkuRXqJihC9EBnMVO2nT0Z PV/a26Q7MTAg3y1dN+wquAL7WN7HlS0K3H0/3NN3alCP5a4qX3rBTwyGKeealyLs iTIevltRlPtvVp8IeyJqT5u2IeZ/TjIw -----END CERTIFICATE-----Generated at Wed May 14 11:27:22 2025 by rpki-client