$ rpki-client -vvf rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft File: p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft (raw, json) Hash identifier: nuaRh7tX2D5OcHRk5065qiOLrhgAmLvOm5gHL58ZnFc= Subject key identifier: 5A:AC:58:5E:06:A3:FE:40:BA:23:FB:38:B7:76:97:71:46:C8:2E:C6 Authority key identifier: A7:F8:82:C0:AC:C8:F0:D8:F1:DB:36:1C:D4:0B:12:60:6B:0C:68:C6 Certificate issuer: /CN=A9165297/serialNumber=A7F882C0ACC8F0D8F1DB361CD40B12606B0C68C6 Certificate serial: 0DF3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft Manifest number: 0DEB Signing time: Mon 12 May 2025 17:46:05 +0000 Manifest this update: Mon 12 May 2025 17:46:05 +0000 Manifest next update: Mon 19 May 2025 17:46:05 +0000 Files and hashes: 1: p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl (hash: WoSx+VNDKznMmCUVE553PCvaOBtX/IGyKLTTkwU4Bfs=) 2: 457A00A8AF7A11E9AFF10782C4F9AE02.roa (hash: mx4Am+cBFSXiPddaACrFcI512PsDACEUWWDSLjunmeM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3571 (0xdf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165297, serialNumber=A7F882C0ACC8F0D8F1DB361CD40B12606B0C68C6 Validity Not Before: May 12 17:46:05 2025 GMT Not After : May 19 17:46:05 2025 GMT Subject: CN=682233dd-51af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:16:d3:fb:0c:4e:45:24:24:39:d6:1e:4e:fd: 0d:66:c1:45:f9:0e:3f:68:f4:b9:5a:21:bd:08:e8: a5:66:46:9b:a3:f2:b8:39:54:27:cc:01:96:bd:a4: bc:27:c0:06:72:7a:3c:ba:75:23:20:99:61:7d:de: f6:01:c9:d4:ef:8f:b4:f5:3b:7b:f5:2a:e0:06:81: 3d:18:d8:d7:42:0f:ea:59:f2:3c:27:78:5a:c0:96: 34:24:a3:cc:55:8e:2d:54:e1:54:b1:e4:62:54:5a: 82:1a:df:08:e7:83:3d:82:fb:50:9e:25:70:59:c1: 17:bf:46:d4:9b:67:04:cf:40:b0:59:59:f6:75:37: cd:e6:3c:db:f7:7b:f7:b3:77:37:cd:85:89:e9:42: 69:68:95:fe:27:f8:f4:80:1d:37:57:00:99:96:be: 03:fd:02:bf:f2:9e:37:e5:7f:20:a3:43:36:cb:c9: cc:6f:36:0d:04:98:60:99:21:70:f7:02:35:59:1a: 01:ac:f3:2d:50:b8:04:ff:26:4f:68:b4:97:dd:e9: e3:c7:85:6e:0a:46:56:be:3b:ab:b3:49:58:e5:2d: 37:09:b5:9a:b6:fb:a0:15:f5:4e:ac:e4:2a:ed:df: 42:98:7a:09:ac:4b:f7:65:c4:9d:cb:e2:c7:ad:b7: 15:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:AC:58:5E:06:A3:FE:40:BA:23:FB:38:B7:76:97:71:46:C8:2E:C6 X509v3 Authority Key Identifier: keyid:A7:F8:82:C0:AC:C8:F0:D8:F1:DB:36:1C:D4:0B:12:60:6B:0C:68:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:cd:40:03:ca:04:35:6c:94:57:8c:9a:9d:60:5c:c5:1c:4d: 71:ff:0a:0f:75:c3:c1:c1:a6:45:f6:9f:1c:05:68:cf:fa:67: 13:63:11:28:fe:9d:6c:5a:84:cf:41:6f:40:de:3a:b8:c3:ee: 15:bf:2f:3a:14:50:ac:3d:2c:f9:ae:d1:05:15:a1:9e:a8:47: d8:96:cb:85:fa:8d:52:21:50:23:c1:42:3d:01:06:4a:ec:60: 8d:6b:6f:af:b0:78:b1:61:66:e8:34:01:61:66:33:01:d5:36: 29:2c:63:b8:7f:0d:ad:93:ae:c5:2e:2d:f9:53:8c:42:a1:d0: 5c:10:11:f8:77:77:48:ec:2c:a8:9a:1e:9d:b4:96:fc:ad:14: b9:74:de:7e:cd:82:ec:d6:35:84:6d:e8:ec:5d:03:79:6a:5b: 9b:d0:0d:f8:c3:c3:79:79:18:1d:0f:9c:4f:0f:9c:7d:f1:17: 94:96:9b:81:e4:91:85:df:e0:33:71:cd:64:1e:b9:7d:ce:56: ea:0d:22:55:23:87:dc:6c:75:b6:9c:ea:a3:97:a0:a2:01:ec: 66:d1:8a:b7:e9:74:47:96:b7:69:d8:27:54:1c:b5:80:f3:83: 22:56:89:ef:49:57:33:64:a3:50:88:01:84:56:fd:ea:8c:8a: 15:01:2a:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjUyOTcxMTAvBgNVBAUTKEE3Rjg4MkMwQUNDOEYwRDhGMURCMzYxQ0Q0MEIxMjYw NkIwQzY4QzYwHhcNMjUwNTEyMTc0NjA1WhcNMjUwNTE5MTc0NjA1WjAYMRYwFAYD VQQDEw02ODIyMzNkZC01MWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+BbT+wxORSQkOdYeTv0NZsFF+Q4/aPS5WiG9COilZkabo/K4OVQnzAGWvaS8 J8AGcno8unUjIJlhfd72AcnU74+09Tt79SrgBoE9GNjXQg/qWfI8J3hawJY0JKPM VY4tVOFUseRiVFqCGt8I54M9gvtQniVwWcEXv0bUm2cEz0CwWVn2dTfN5jzb93v3 s3c3zYWJ6UJpaJX+J/j0gB03VwCZlr4D/QK/8p435X8go0M2y8nMbzYNBJhgmSFw 9wI1WRoBrPMtULgE/yZPaLSX3enjx4VuCkZWvjurs0lY5S03CbWatvugFfVOrOQq 7d9CmHoJrEv3ZcSdy+LHrbcVxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFqsWF4G o/5AuiP7OLd2l3FGyC7GMB8GA1UdIwQYMBaAFKf4gsCsyPDY8ds2HNQLEmBrDGjG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTI5Ny80MzAxRkRCRUFG NkUxMUU5QTkyNTgwNjdDNEY5QUUwMi9wX2lDd0t6SThOangyelljMUFzU1lHc01h TVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BfaUN3S3pJOE5qeDJ6WWMxQXNTWUdzTWFNWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NTI5Ny80MzAxRkRCRUFGNkUxMUU5QTkyNTgwNjdDNEY5QUUwMi9wX2lDd0t6SThO angyelljMUFzU1lHc01hTVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjzUADygQ1bJRXjJqdYFzFHE1x/woPdcPBwaZF9p8cBWjP+mcTYxEo /p1sWoTPQW9A3jq4w+4Vvy86FFCsPSz5rtEFFaGeqEfYlsuF+o1SIVAjwUI9AQZK 7GCNa2+vsHixYWboNAFhZjMB1TYpLGO4fw2tk67FLi35U4xCodBcEBH4d3dI7Cyo mh6dtJb8rRS5dN5+zYLs1jWEbejsXQN5alub0A34w8N5eRgdD5xPD5x98ReUlpuB 5JGF3+Azcc1kHrl9zlbqDSJVI4fcbHW2nOqjl6CiAexm0Yq36XRHlrdp2CdUHLWA 84MiVonvSVczZKNQiAGEVv3qjIoVASrR -----END CERTIFICATE-----Generated at Tue May 13 16:12:46 2025 by rpki-client