$ rpki-client -vvf rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft File: 1AsQwSJMYeDTGML8YAOTeOz3LQA.mft (raw, json) Hash identifier: MrOxWvnI3X7L3aus+SZsytphbBeoXOBQ4S04dfUXfec= Subject key identifier: AB:E0:1E:63:1B:70:D6:47:E3:BB:93:8F:1D:63:C6:03:F2:30:46:11 Authority key identifier: D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 Certificate issuer: /CN=A9167C20/serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Certificate serial: 0AC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft Manifest number: 0AC1 Signing time: Sat 10 May 2025 19:13:33 +0000 Manifest this update: Sat 10 May 2025 19:13:33 +0000 Manifest next update: Sat 17 May 2025 19:13:33 +0000 Files and hashes: 1: 1AsQwSJMYeDTGML8YAOTeOz3LQA.crl (hash: wWnLU5BA5mGZuq4dMNb9hibmb5Xvc9syuhQZejAGrNU=) 2: AD35C0044EA511EAAB9DBE7DC4F9AE02.roa (hash: vRrkQ11gFoedPJsbqh7nQv1lr6X8LYa0tpYVg51dxDk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 19:13:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2761 (0xac9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167C20, serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Validity Not Before: May 10 19:13:33 2025 GMT Not After : May 17 19:13:33 2025 GMT Subject: CN=681fa55d-b9f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:87:49:26:89:5c:8e:a0:6d:29:75:57:5d:82: de:66:b2:41:b4:d4:8b:c2:f4:8f:88:d5:4e:eb:ac: cd:44:f7:8a:ec:0e:95:11:b3:a9:b5:43:d0:7c:f4: ed:4d:25:03:3c:a0:7c:c2:f1:b3:8b:a5:09:ad:ac: 39:35:8b:1d:5d:a0:f5:da:56:b1:7a:ab:dc:ca:7c: 71:f3:b5:9c:d0:dc:64:63:6c:e3:da:0c:f4:d8:d9: e0:b8:83:bd:6c:c2:f6:ff:4e:9d:32:d7:1d:2e:21: c2:11:79:e2:46:10:1c:c9:51:3c:18:e7:c3:0c:3a: 61:7f:d5:02:cd:1f:30:7e:6a:68:9d:80:d9:39:1a: d3:6c:3c:de:5f:5b:b0:5b:9f:cf:6b:cf:82:a6:06: bb:c2:80:ab:d2:7f:55:2f:9e:ee:8a:50:6b:e6:87: 0f:4a:64:9b:5a:fd:68:07:3a:92:5e:ff:db:97:b6: 84:aa:30:55:91:d7:5b:da:19:71:74:48:b4:25:45: 6e:6e:e4:c8:e4:97:d5:6e:b8:4e:97:03:de:19:45: 05:ec:5e:85:61:ec:de:89:39:02:61:fd:e7:28:68: d2:83:52:98:fc:af:bf:68:35:e5:53:3c:68:61:6c: c6:c7:9e:85:70:fc:12:bd:67:2f:41:ac:93:e4:ee: c3:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:E0:1E:63:1B:70:D6:47:E3:BB:93:8F:1D:63:C6:03:F2:30:46:11 X509v3 Authority Key Identifier: keyid:D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:5b:db:b5:4f:eb:9f:58:ab:be:f1:dd:88:eb:72:dc:59:2c: 5f:c8:b9:11:54:5a:36:16:eb:f5:d3:7f:46:29:2a:0c:a7:a0: 35:9e:5c:0a:1f:e5:11:a8:a6:09:24:7f:de:5b:49:7c:47:5e: 9f:02:90:31:9c:db:4a:41:86:72:ca:32:74:d8:02:cd:a3:61: 91:1e:c0:91:b2:13:15:61:3f:b3:fc:08:95:06:da:20:f3:b1: 36:37:84:13:f4:f2:eb:b5:3d:eb:51:b0:d3:dc:ad:c7:0b:ac: 0b:cb:a2:f9:f1:ce:92:25:03:a2:6e:6e:68:c5:27:0c:1c:fb: 40:51:44:72:98:d2:bc:aa:49:08:95:97:13:6e:48:0d:d5:b3: 8d:03:06:d6:52:e0:f3:e6:57:8b:bc:96:4f:5d:a1:12:4c:c5: cd:0b:f4:f0:98:05:f9:af:4d:82:70:5f:82:93:df:72:9d:f2: 95:55:a9:a0:f8:3b:d9:64:8e:a0:51:4e:9b:d4:ac:36:8a:ef: 5e:67:d8:69:85:04:35:a4:61:e1:c4:27:6e:90:92:d1:e6:3d: dd:47:4e:0d:0a:bc:f8:04:08:de:f0:f7:c4:e2:a0:54:bc:99: 92:a8:47:19:b9:57:50:bf:f8:08:46:64:15:39:37:d8:39:6e: 42:2a:b8:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDMjAxMTAvBgNVBAUTKEQ0MEIxMEMxMjI0QzYxRTBEMzE4QzJGQzYwMDM5Mzc4 RUNGNzJEMDAwHhcNMjUwNTEwMTkxMzMzWhcNMjUwNTE3MTkxMzMzWjAYMRYwFAYD VQQDEw02ODFmYTU1ZC1iOWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnodJJolcjqBtKXVXXYLeZrJBtNSLwvSPiNVO66zNRPeK7A6VEbOptUPQfPTt TSUDPKB8wvGzi6UJraw5NYsdXaD12laxeqvcynxx87Wc0NxkY2zj2gz02NnguIO9 bML2/06dMtcdLiHCEXniRhAcyVE8GOfDDDphf9UCzR8wfmponYDZORrTbDzeX1uw W5/Pa8+Cpga7woCr0n9VL57uilBr5ocPSmSbWv1oBzqSXv/bl7aEqjBVkddb2hlx dEi0JUVubuTI5JfVbrhOlwPeGUUF7F6FYezeiTkCYf3nKGjSg1KY/K+/aDXlUzxo YWzGx56FcPwSvWcvQayT5O7DrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKvgHmMb cNZH47uTjx1jxgPyMEYRMB8GA1UdIwQYMBaAFNQLEMEiTGHg0xjC/GADk3js9y0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0MyMC84NjU3MUMxMDRF QTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVllRFRHTUw4WUFPVGVPejNM UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBc1F3U0pNWWVEVEdNTDhZQU9UZU96M0xRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0MyMC84NjU3MUMxMDRFQTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVll RFRHTUw4WUFPVGVPejNMUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7W9u1T+ufWKu+8d2I63LcWSxfyLkRVFo2Fuv1039GKSoMp6A1nlwK H+URqKYJJH/eW0l8R16fApAxnNtKQYZyyjJ02ALNo2GRHsCRshMVYT+z/AiVBtog 87E2N4QT9PLrtT3rUbDT3K3HC6wLy6L58c6SJQOibm5oxScMHPtAUURymNK8qkkI lZcTbkgN1bONAwbWUuDz5leLvJZPXaESTMXNC/TwmAX5r02CcF+Ck99ynfKVVamg +DvZZI6gUU6b1Kw2iu9eZ9hphQQ1pGHhxCdukJLR5j3dR04NCrz4BAje8PfE4qBU vJmSqEcZuVdQv/gIRmQVOTfYOW5CKrgK -----END CERTIFICATE-----Generated at Mon May 12 07:11:08 2025 by rpki-client