$ rpki-client -vvf rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft File: AQMtnfw2KpWHQ-htPI0GEaatsFs.mft (raw, json) Hash identifier: m8T3fotVMxdc6QTwluvvfqrS9nghqm9qtRqH8E6vPWY= Subject key identifier: 1C:ED:3B:11:0C:72:8E:86:C2:6D:8D:2D:28:29:3A:B7:B2:B0:AA:67 Authority key identifier: 01:03:2D:9D:FC:36:2A:95:87:43:E8:6D:3C:8D:06:11:A6:AD:B0:5B Certificate issuer: /CN=A9166E2B/serialNumber=01032D9DFC362A958743E86D3C8D0611A6ADB05B Certificate serial: 0C30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQMtnfw2KpWHQ-htPI0GEaatsFs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft Manifest number: 0C1C Signing time: Mon 12 May 2025 18:30:39 +0000 Manifest this update: Mon 12 May 2025 18:30:39 +0000 Manifest next update: Mon 19 May 2025 18:30:39 +0000 Files and hashes: 1: AQMtnfw2KpWHQ-htPI0GEaatsFs.crl (hash: 0OB2uT+VnolxXm8QHeUrfLWmFDEQl67E92BG+UUuRuU=) 2: 2D0509BC078511ED87041524C4F9AE02.roa (hash: mkLhDheVvSZEQXdMpQZm/3lb3eLuVbKFGeKtwuwQQaM=) 3: 8045C26A3B3E11EC94B9CE0BC4F9AE02.roa (hash: I/1YYRZufm+Qc/8Hh8/4oZUCrPLEFvhM/LrJmE0hiuA=) 4: 2BA0624C078511ED87041524C4F9AE02.roa (hash: 1RZU0spXmvxzBxOJllCgbla9KxLkGAPl5bLUojUqNcc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.crl rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQMtnfw2KpWHQ-htPI0GEaatsFs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:30:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3120 (0xc30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166E2B, serialNumber=01032D9DFC362A958743E86D3C8D0611A6ADB05B Validity Not Before: May 12 18:30:39 2025 GMT Not After : May 19 18:30:39 2025 GMT Subject: CN=68223e4f-9f09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:65:e7:9a:40:ba:67:f3:f8:07:c0:3a:ba:b6: 8c:73:9f:b9:16:0f:ab:48:b7:77:d3:d2:6c:f0:77: e8:cb:48:76:f6:69:b4:ed:d6:60:db:60:52:cb:1d: 39:dc:ee:88:80:1b:ac:5c:ad:49:7c:76:b9:aa:ec: e6:3a:12:3d:26:c9:c2:4c:32:db:da:b9:e8:e4:d4: 3b:fc:f6:ef:16:e6:36:13:c7:fc:c1:2c:80:17:f2: d8:8e:72:30:3d:86:4d:fa:88:4f:5f:f3:f0:76:c3: 1a:c9:8b:f0:35:bd:d2:e2:2b:f2:84:ca:ea:69:76: a6:18:0a:63:34:f7:e6:40:34:3a:e8:35:a5:72:be: b9:db:dd:78:82:72:56:70:fc:58:81:2b:7e:52:1c: 43:7a:ff:10:7b:fb:ba:3a:87:3e:1e:c6:d3:ec:52: 71:c0:20:3b:d9:eb:b9:7f:ff:91:cf:83:78:bf:6e: 14:73:28:2e:d5:b7:a8:1c:6b:83:82:d3:8a:ff:e6: 9f:98:5a:fa:35:e5:17:d0:95:83:ab:27:6b:86:86: 58:64:c2:fb:dc:b1:8a:c7:87:7b:11:31:81:13:4d: d0:fd:d0:a9:5b:53:9f:fd:03:ba:20:d9:c5:0f:3c: fb:45:f9:c6:34:26:4a:45:62:4a:10:ab:a2:02:ad: bc:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:ED:3B:11:0C:72:8E:86:C2:6D:8D:2D:28:29:3A:B7:B2:B0:AA:67 X509v3 Authority Key Identifier: keyid:01:03:2D:9D:FC:36:2A:95:87:43:E8:6D:3C:8D:06:11:A6:AD:B0:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQMtnfw2KpWHQ-htPI0GEaatsFs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:0f:b9:49:6c:c4:6c:27:a6:29:38:55:45:22:d5:cc:f9:a6: 5f:47:4d:c4:23:f8:86:09:53:60:3c:b8:f8:4c:9a:38:e8:fc: f9:de:94:a4:b5:f8:54:0d:15:85:cb:c6:84:d1:4f:96:7d:2d: 4e:d7:74:af:ac:80:0a:3a:f1:50:06:b3:d2:de:55:d9:96:76: 91:ff:f5:5c:6e:66:40:00:86:c8:69:ea:c1:a8:92:7b:13:4c: 7a:f6:7b:18:a7:32:db:85:b0:77:a5:92:77:53:f1:c7:6a:ca: 49:1e:5b:2b:b0:f6:ec:34:a4:1f:cd:ae:6f:eb:16:a6:53:59: 52:ba:30:01:cb:96:23:f7:a9:08:4b:a4:ca:ed:0d:32:e2:a5: 00:b3:97:9b:21:e3:6d:6c:f1:5f:5e:7d:d6:b9:03:0b:11:08: 02:76:d8:cc:73:63:94:80:16:ed:05:25:ad:41:95:1a:e7:cc: 29:5d:43:bd:c6:71:6b:77:86:2e:a9:6d:10:73:9b:59:a6:f0: c3:1e:f3:8e:72:8c:63:89:90:04:c3:d3:dd:81:29:ad:a3:e2: 2a:d1:a0:64:ae:93:50:63:85:a6:e7:10:5c:9d:5e:17:91:39: 5f:06:fa:cb:d7:8a:47:67:8c:fc:54:1e:57:14:60:23:49:5e: be:0e:d5:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZFMkIxMTAvBgNVBAUTKDAxMDMyRDlERkMzNjJBOTU4NzQzRTg2RDNDOEQwNjEx QTZBREIwNUIwHhcNMjUwNTEyMTgzMDM5WhcNMjUwNTE5MTgzMDM5WjAYMRYwFAYD VQQDEw02ODIyM2U0Zi05ZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0mXnmkC6Z/P4B8A6uraMc5+5Fg+rSLd309Js8Hfoy0h29mm07dZg22BSyx05 3O6IgBusXK1JfHa5quzmOhI9JsnCTDLb2rno5NQ7/PbvFuY2E8f8wSyAF/LYjnIw PYZN+ohPX/PwdsMayYvwNb3S4ivyhMrqaXamGApjNPfmQDQ66DWlcr652914gnJW cPxYgSt+UhxDev8Qe/u6Ooc+HsbT7FJxwCA72eu5f/+Rz4N4v24Ucygu1beoHGuD gtOK/+afmFr6NeUX0JWDqydrhoZYZML73LGKx4d7ETGBE03Q/dCpW1Of/QO6INnF Dzz7RfnGNCZKRWJKEKuiAq28MwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBztOxEM co6Gwm2NLSgpOreysKpnMB8GA1UdIwQYMBaAFAEDLZ38NiqVh0PobTyNBhGmrbBb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkUyQi8yN0U3Q0FBNjBD MkQxMUVBQjAyOURCNTNDNEY5QUUwMi9BUU10bmZ3MktwV0hRLWh0UEkwR0VhYXRz RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FRTXRuZncyS3BXSFEtaHRQSTBHRWFhdHNGcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkUyQi8yN0U3Q0FBNjBDMkQxMUVBQjAyOURCNTNDNEY5QUUwMi9BUU10bmZ3Mktw V0hRLWh0UEkwR0VhYXRzRnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQD7lJbMRsJ6YpOFVFItXM+aZfR03EI/iGCVNgPLj4TJo46Pz53pSk tfhUDRWFy8aE0U+WfS1O13SvrIAKOvFQBrPS3lXZlnaR//VcbmZAAIbIaerBqJJ7 E0x69nsYpzLbhbB3pZJ3U/HHaspJHlsrsPbsNKQfza5v6xamU1lSujABy5Yj96kI S6TK7Q0y4qUAs5ebIeNtbPFfXn3WuQMLEQgCdtjMc2OUgBbtBSWtQZUa58wpXUO9 xnFrd4YuqW0Qc5tZpvDDHvOOcoxjiZAEw9PdgSmto+Iq0aBkrpNQY4Wm5xBcnV4X kTlfBvrL14pHZ4z8VB5XFGAjSV6+DtXQ -----END CERTIFICATE-----Generated at Wed May 14 00:39:51 2025 by rpki-client