$ rpki-client -vvf rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft File: cnOFPaBj78uOxUSwMg1acHuUwIk.mft (raw, json) Hash identifier: A9289dbCWYCOmVPjwduKNASmaDART9kGqyKShyw6ChI= Subject key identifier: E4:0B:E8:86:E7:02:B6:E8:B0:55:53:3B:72:26:B1:AB:C3:7C:AA:28 Authority key identifier: 72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 Certificate issuer: /CN=A9163824/serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Certificate serial: 070B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft Manifest number: 2CED Signing time: Mon 12 May 2025 15:40:57 +0000 Manifest this update: Mon 12 May 2025 15:40:56 +0000 Manifest next update: Mon 19 May 2025 15:40:56 +0000 Files and hashes: 1: cnOFPaBj78uOxUSwMg1acHuUwIk.crl (hash: OdD/o9oknOOS3OHw7SfUn0+P/VJ6j3+95afpQMRjJW4=) 2: 4BB610C2E16511EC8EDF6621C4F9AE02.roa (hash: Mse2fnTgzH7IcGff7hL/OaUafi6TDhnPkojb8Rkr2XY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 15:40:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1803 (0x70b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9163824, serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Validity Not Before: May 12 15:40:56 2025 GMT Not After : May 19 15:40:56 2025 GMT Subject: CN=68221689-3a49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0c:e2:70:99:37:07:ce:05:14:5c:9e:79:a4: 79:eb:fe:1b:ed:3e:fa:37:44:42:b1:53:63:72:c4: b0:cf:ed:1c:f6:89:29:8d:a4:bf:d0:a5:09:85:9b: 8f:1c:90:fb:8c:32:eb:81:7e:58:62:6a:80:08:33: 67:dc:d1:d4:fe:79:db:63:f3:96:85:09:75:58:aa: 07:57:fa:16:a2:53:99:6f:46:51:30:e8:8f:80:75: 09:48:0c:66:4b:f9:53:2d:92:54:40:71:97:a8:6e: bf:b2:4a:b2:fa:bc:1c:bf:4a:6f:fc:d4:77:27:3e: 0d:f8:a1:60:8e:d3:b6:97:fe:65:61:96:6e:cb:f2: f7:b0:11:53:24:ed:ba:30:3d:33:a0:53:a6:23:be: 2b:67:e4:54:bf:bb:7f:b5:10:50:41:f6:56:08:98: db:0a:3d:fe:1f:a8:45:3c:15:21:3b:6e:27:66:54: 21:8c:14:73:cf:62:bb:c5:aa:57:18:7d:b7:66:6a: 44:46:95:b8:d9:6e:d0:83:39:a1:db:5d:dc:7d:26: 0f:79:d2:c7:bc:69:0b:49:c8:46:77:fc:4b:38:ab: 4b:02:bb:95:c7:19:09:d4:f1:64:f2:54:9e:b0:63: a7:45:e2:b1:4b:80:47:32:d9:32:a6:d3:55:8a:1f: 0f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:0B:E8:86:E7:02:B6:E8:B0:55:53:3B:72:26:B1:AB:C3:7C:AA:28 X509v3 Authority Key Identifier: keyid:72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:cc:29:4f:de:3b:9d:da:99:58:e6:5c:bc:80:b3:4f:89:a5: 4b:3d:b1:ae:69:b1:c0:70:22:d4:96:b0:07:16:03:2a:63:3e: 0a:17:93:a1:27:71:9a:b8:ce:12:a3:81:ac:21:28:33:35:a6: 5e:5e:dd:86:df:29:a5:f2:f9:cc:29:87:b4:4c:bc:10:61:03: 0b:7f:0e:82:f7:03:b5:bf:fe:ba:f1:3f:d3:72:05:4f:20:5b: f2:bf:53:81:dc:ae:12:81:48:f4:7b:e8:c4:f2:eb:d6:e1:84: 06:21:9b:51:38:4a:ba:2d:7e:e9:88:f5:27:6c:17:fb:4d:e8: 6c:3e:1e:c6:f3:62:49:d3:04:0a:9a:71:47:1b:ab:d6:ec:01: a7:20:63:56:7c:bf:39:41:2b:b1:ce:b5:a3:1f:84:7d:f1:f2: 4e:95:14:86:08:f4:f7:3f:02:d9:b1:92:d4:1c:7a:52:99:55: a7:fc:9e:eb:32:a6:be:b6:ce:1e:9d:a0:a9:38:df:05:38:de: 22:f8:e4:9f:b2:df:7b:86:f8:ed:37:29:35:aa:89:f8:14:fe: 28:dd:66:43:e1:c6:bb:09:07:be:78:72:34:48:59:57:2f:11: ec:d0:43:86:0b:f2:c3:d1:7a:ef:69:bf:30:73:e9:54:c6:e3: 0a:e6:bd:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBwswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4MjQxMTAvBgNVBAUTKDcyNzM4NTNEQTA2M0VGQ0I4RUM1NDRCMDMyMEQ1QTcw N0I5NEMwODkwHhcNMjUwNTEyMTU0MDU2WhcNMjUwNTE5MTU0MDU2WjAYMRYwFAYD VQQDEw02ODIyMTY4OS0zYTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwQzicJk3B84FFFyeeaR56/4b7T76N0RCsVNjcsSwz+0c9okpjaS/0KUJhZuP HJD7jDLrgX5YYmqACDNn3NHU/nnbY/OWhQl1WKoHV/oWolOZb0ZRMOiPgHUJSAxm S/lTLZJUQHGXqG6/skqy+rwcv0pv/NR3Jz4N+KFgjtO2l/5lYZZuy/L3sBFTJO26 MD0zoFOmI74rZ+RUv7t/tRBQQfZWCJjbCj3+H6hFPBUhO24nZlQhjBRzz2K7xapX GH23ZmpERpW42W7Qgzmh213cfSYPedLHvGkLSchGd/xLOKtLAruVxxkJ1PFk8lSe sGOnReKxS4BHMtkyptNVih8P+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOQL6Ibn ArbosFVTO3ImsavDfKooMB8GA1UdIwQYMBaAFHJzhT2gY+/LjsVEsDINWnB7lMCJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzgyNC9CQTBFRkU1MkZE MjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4dU94VVN3TWcxYWNIdVV3 SWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuT0ZQYUJqNzh1T3hVU3dNZzFhY0h1VXdJay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzgyNC9CQTBFRkU1MkZEMjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4 dU94VVN3TWcxYWNIdVV3SWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjzClP3jud2plY5ly8gLNPiaVLPbGuabHAcCLUlrAHFgMqYz4KF5Oh J3GauM4So4GsISgzNaZeXt2G3yml8vnMKYe0TLwQYQMLfw6C9wO1v/668T/TcgVP IFvyv1OB3K4SgUj0e+jE8uvW4YQGIZtROEq6LX7piPUnbBf7TehsPh7G82JJ0wQK mnFHG6vW7AGnIGNWfL85QSuxzrWjH4R98fJOlRSGCPT3PwLZsZLUHHpSmVWn/J7r Mqa+ts4enaCpON8FON4i+OSfst97hvjtNyk1qon4FP4o3WZD4ca7CQe+eHI0SFlX LxHs0EOGC/LD0Xrvab8wc+lUxuMK5r1A -----END CERTIFICATE-----Generated at Wed May 14 13:20:41 2025 by rpki-client