$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json) Hash identifier: NhYLs8B84a4vhf0O3B/Y9uMdnVNR8s6TDn3QMAsvHdI= Subject key identifier: BB:E5:C9:F5:84:4D:47:08:1E:B2:37:5E:E1:AC:31:85:75:41:9F:DA Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 0417 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft Manifest number: 040B Signing time: Sun 29 Jun 2025 00:00:19 +0000 Manifest this update: Sun 29 Jun 2025 00:00:18 +0000 Manifest next update: Sun 06 Jul 2025 00:00:18 +0000 Files and hashes: 1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: BXxagES+I7Yp57ihNWmW892fpCLxoMOjyaz6Aj28iaI=) 2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: ciNIImuAbj1AO0K4GihG7jlhzLEKvAURaWl26eH889E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1047 (0x417) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Jun 29 00:00:18 2025 GMT Not After : Jul 6 00:00:18 2025 GMT Subject: CN=68608213-aa2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:69:85:74:f7:05:d0:1d:7d:85:5a:d5:6d:0f: b6:98:cd:90:01:c9:01:1b:70:14:ff:62:5e:12:07: 99:ab:bf:e7:75:ba:c6:99:23:ad:8d:f5:ec:4e:4b: db:95:4a:ae:37:68:f5:63:c1:42:14:13:12:9a:e1: 6a:48:76:97:86:bd:35:ac:fa:c2:d4:2a:80:7a:28: 50:e0:8e:3a:e3:33:bc:3b:53:64:4c:1e:c1:0d:7e: da:19:75:93:e1:5a:b5:53:fa:25:ce:f4:b3:6e:51: 04:aa:9f:ec:d5:6b:16:67:7d:1c:f1:d5:92:fa:0c: 4c:77:3b:79:57:7c:f4:64:0a:11:07:be:9a:99:72: 5d:0a:e7:05:5e:aa:a0:0f:e2:42:6c:ff:49:ad:c8: ab:e0:83:36:dc:ea:5f:ba:ec:bc:e1:ec:a0:d0:5e: 5d:9e:7b:c3:fa:cd:a8:22:c4:66:ea:8b:0a:0b:a8: 1d:f4:f4:97:05:96:10:9d:d1:96:5e:91:ae:d7:d9: d2:6d:e7:a3:a3:fb:fb:35:f6:e7:23:ae:a7:69:c6: d9:c3:7e:97:bb:fd:f9:59:f7:69:d7:3a:d1:95:28: b1:d1:de:25:49:89:bd:ff:3f:c4:dc:36:a2:6a:e5: ef:1c:34:59:fd:21:0b:e0:ad:c3:98:c3:c2:42:a7: 1e:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:E5:C9:F5:84:4D:47:08:1E:B2:37:5E:E1:AC:31:85:75:41:9F:DA X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:3e:1d:64:50:a2:2d:c4:93:ed:c4:3c:12:23:de:26:3b:04: 07:c9:72:1b:6b:4d:04:f9:30:7b:96:c8:b2:e9:7a:cf:40:9c: f8:28:d2:79:86:50:8d:26:3e:58:94:3b:76:7c:f7:b9:0a:4d: 42:1c:35:35:af:c1:f1:9a:45:41:63:18:c1:a8:95:90:15:08: 5b:fc:93:f7:9a:6f:80:7c:30:ab:fc:6c:5e:31:50:7d:b7:65: a1:5a:11:b5:ac:cd:63:b6:dd:7f:2d:b3:a1:3e:d2:46:36:26: 27:6b:1e:b3:c3:bd:20:e2:a9:65:31:c5:a7:26:db:91:0c:f0: 81:98:e4:cc:83:4b:cb:33:02:71:e7:aa:e8:4a:d6:74:e1:3b: c8:7a:68:13:85:b8:c0:df:80:7b:25:8a:88:f8:3f:1a:0f:89: 57:0d:4a:78:39:ec:e0:b9:06:e5:e3:30:1f:35:72:42:6a:cf: 8d:e3:d6:d9:a7:ba:3c:bc:9f:7a:52:c2:eb:34:b7:25:b4:55: 67:17:3a:6c:ac:ee:e1:d3:e7:45:3c:bf:ab:94:da:3c:1b:93: fa:a9:07:e9:e2:df:85:f9:d2:f7:d2:d9:17:79:25:9b:a4:1d: 1d:c9:4b:97:0d:37:b3:b0:f6:43:db:70:7d:2a:71:72:0c:40: bb:cb:bd:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjUwNjI5MDAwMDE4WhcNMjUwNzA2MDAwMDE4WjAYMRYwFAYD VQQDEw02ODYwODIxMy1hYTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAummFdPcF0B19hVrVbQ+2mM2QAckBG3AU/2JeEgeZq7/ndbrGmSOtjfXsTkvb lUquN2j1Y8FCFBMSmuFqSHaXhr01rPrC1CqAeihQ4I464zO8O1NkTB7BDX7aGXWT 4Vq1U/olzvSzblEEqp/s1WsWZ30c8dWS+gxMdzt5V3z0ZAoRB76amXJdCucFXqqg D+JCbP9Jrcir4IM23Opfuuy84eyg0F5dnnvD+s2oIsRm6osKC6gd9PSXBZYQndGW XpGu19nSbeejo/v7NfbnI66nacbZw36Xu/35Wfdp1zrRlSix0d4lSYm9/z/E3Dai auXvHDRZ/SEL4K3DmMPCQqce+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLvlyfWE TUcIHrI3XuGsMYV1QZ/aMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5Ph1kUKItxJPtxDwSI94mOwQHyXIba00E+TB7lsiy6XrPQJz4KNJ5 hlCNJj5YlDt2fPe5Ck1CHDU1r8HxmkVBYxjBqJWQFQhb/JP3mm+AfDCr/GxeMVB9 t2WhWhG1rM1jtt1/LbOhPtJGNiYnax6zw70g4qllMcWnJtuRDPCBmOTMg0vLMwJx 56roStZ04TvIemgThbjA34B7JYqI+D8aD4lXDUp4OezguQbl4zAfNXJCas+N49bZ p7o8vJ96UsLrNLcltFVnFzpsrO7h0+dFPL+rlNo8G5P6qQfp4t+F+dL30tkXeSWb pB0dyUuXDTezsPZD23B9KnFyDEC7y72a -----END CERTIFICATE-----Generated at Sun Jun 29 17:50:03 2025 by rpki-client