$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.mft File: XSeFtU0WPtAepUGLz6NPG3RWtxM.mft (raw, json) Hash identifier: Bh9zkdr+PRs5+HSkh2Sbu0LwvHcPf0z9CRgIBHKY2P8= Subject key identifier: 50:9F:5C:10:9F:74:41:99:2D:F4:7E:BD:F4:83:5E:58:94:B0:D7:C5 Authority key identifier: 5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13 Certificate issuer: /CN=A9167CC5/serialNumber=5D2785B54D163ED01EA5418BCFA34F1B7456B713 Certificate serial: 04A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.mft Manifest number: 048D Signing time: Thu 03 Jul 2025 00:23:07 +0000 Manifest this update: Thu 03 Jul 2025 00:23:07 +0000 Manifest next update: Thu 10 Jul 2025 00:23:07 +0000 Files and hashes: 1: XSeFtU0WPtAepUGLz6NPG3RWtxM.crl (hash: +x3tCJt/yOHFimYf1c3oAO9+VCdQR/f6cyyQ2qIlqG0=) 2: 6337963E4C3D11ECB5FF844FC4F9AE02.roa (hash: 3KTOI3tChJ1EuHHkZIxY0+a6WeVb+6nR6Jk3wwfwMHU=) 3: ACE844F047AA11ECA0F05026C4F9AE02.roa (hash: xweR0My4YSEWr28C8V1U/OMEuVwH/Ly7NJUba0hYsCg=) 4: 1F77EFA44C4011EC952D5A23C4F9AE02.roa (hash: c5WQ+yUKORBq8d/u8k3An8QJMDIFK4yVXiwWYWbL5qc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.crl rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:23:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1189 (0x4a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167CC5, serialNumber=5D2785B54D163ED01EA5418BCFA34F1B7456B713 Validity Not Before: Jul 3 00:23:07 2025 GMT Not After : Jul 10 00:23:07 2025 GMT Subject: CN=6865cd6b-8b8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:20:d6:a1:8d:3a:d7:fa:4d:b2:a1:20:6d:04: 52:84:0a:04:6f:47:cd:67:13:0f:be:a9:0d:e1:33: 31:e4:43:ee:4e:dc:f6:e7:30:fd:c9:1a:df:c6:83: 92:9b:a5:04:67:7e:16:da:ee:c0:b5:47:ac:e3:ca: 5d:ee:4b:95:27:1f:ae:b5:82:a6:7e:9e:92:31:e1: 16:f1:51:52:82:b3:14:91:e5:83:95:fd:06:90:46: fa:e4:6d:ea:b4:8e:f4:1c:e8:a2:ef:be:9b:0b:85: 94:e3:c0:7f:c3:2d:0e:13:e5:aa:ef:cf:93:d3:30: 1b:65:c5:66:e6:a8:70:35:5d:7e:56:17:35:79:86: a8:51:a6:ed:2d:bc:b4:2a:ea:93:3c:ea:87:da:3c: 00:44:78:d1:61:5c:4c:e4:1f:00:d4:7e:79:aa:ae: 46:90:77:c4:20:c3:06:7c:12:83:76:6d:00:30:96: 57:d9:ad:9e:a4:03:0d:1b:48:53:f1:c0:c2:00:cb: 08:e7:29:49:dc:51:06:70:fe:d0:7d:fe:a5:b0:e1: 05:6a:7d:13:d4:c6:92:3c:cb:18:f6:08:8b:6e:e5: d4:c4:90:66:ee:4f:27:84:a7:85:3d:a8:01:74:5f: d4:c2:1c:a0:09:64:f7:1c:59:a6:85:60:0d:66:b8: ce:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:9F:5C:10:9F:74:41:99:2D:F4:7E:BD:F4:83:5E:58:94:B0:D7:C5 X509v3 Authority Key Identifier: keyid:5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:ab:09:6e:fc:53:42:29:c7:1c:18:5c:e2:97:13:5d:7a:1f: 3f:a3:02:75:9d:bf:d7:29:6f:4a:88:05:e1:df:81:4e:17:c0: 2b:ab:31:5a:41:e6:00:72:f3:3d:1e:3a:e1:9c:53:1f:d7:9d: 5a:ef:82:bf:cd:b0:f8:1d:fe:75:47:ec:25:93:a4:a0:ed:71: fa:de:98:0e:d9:9d:e2:f8:63:4c:7c:54:7a:5b:e2:f0:c8:bb: 2b:dc:e4:cd:5a:b9:ad:d7:45:b0:ee:eb:00:46:f2:1c:81:71: c3:7d:47:ef:d9:80:3c:0b:03:46:ea:0b:5f:2e:8f:a0:23:a6: 82:6b:89:3e:6d:b1:04:84:05:a1:dc:ff:d9:50:c9:00:5d:7b: 74:98:b5:29:26:c8:0d:5d:47:7c:ed:40:bc:68:cf:5b:0b:11: fd:9c:e9:0c:03:02:3e:20:0b:41:1e:30:ff:2b:73:da:62:1c: 84:e6:d6:08:9f:a5:c7:5f:ff:f4:3e:5b:ef:d4:18:a8:85:13: 88:f2:c6:b8:9f:8e:e3:0c:f2:53:ab:80:49:37:46:b5:24:82: 23:73:aa:86:f2:b0:07:0d:70:79:82:af:12:2f:39:df:9f:50: 5c:62:88:71:8a:0f:3b:95:5c:86:30:34:66:c7:25:33:89:99: b7:de:cb:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDQzUxMTAvBgNVBAUTKDVEMjc4NUI1NEQxNjNFRDAxRUE1NDE4QkNGQTM0RjFC NzQ1NkI3MTMwHhcNMjUwNzAzMDAyMzA3WhcNMjUwNzEwMDAyMzA3WjAYMRYwFAYD VQQDEw02ODY1Y2Q2Yi04YjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzCDWoY061/pNsqEgbQRShAoEb0fNZxMPvqkN4TMx5EPuTtz25zD9yRrfxoOS m6UEZ34W2u7AtUes48pd7kuVJx+utYKmfp6SMeEW8VFSgrMUkeWDlf0GkEb65G3q tI70HOii776bC4WU48B/wy0OE+Wq78+T0zAbZcVm5qhwNV1+Vhc1eYaoUabtLby0 KuqTPOqH2jwARHjRYVxM5B8A1H55qq5GkHfEIMMGfBKDdm0AMJZX2a2epAMNG0hT 8cDCAMsI5ylJ3FEGcP7Qff6lsOEFan0T1MaSPMsY9giLbuXUxJBm7k8nhKeFPagB dF/UwhygCWT3HFmmhWANZrjOoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFCfXBCf dEGZLfR+vfSDXliUsNfFMB8GA1UdIwQYMBaAFF0nhbVNFj7QHqVBi8+jTxt0VrcT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NDNS8yQUM0RDMzRTQ2 QjExMUVDOTQ1QjRGNTdDNEY5QUUwMi9YU2VGdFUwV1B0QWVwVUdMejZOUEczUld0 eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hTZUZ0VTBXUHRBZXBVR0x6Nk5QRzNSV3R4TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0NDNS8yQUM0RDMzRTQ2QjExMUVDOTQ1QjRGNTdDNEY5QUUwMi9YU2VGdFUwV1B0 QWVwVUdMejZOUEczUld0eE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+qwlu/FNCKcccGFzilxNdeh8/owJ1nb/XKW9KiAXh34FOF8ArqzFa QeYAcvM9HjrhnFMf151a74K/zbD4Hf51R+wlk6Sg7XH63pgO2Z3i+GNMfFR6W+Lw yLsr3OTNWrmt10Ww7usARvIcgXHDfUfv2YA8CwNG6gtfLo+gI6aCa4k+bbEEhAWh 3P/ZUMkAXXt0mLUpJsgNXUd87UC8aM9bCxH9nOkMAwI+IAtBHjD/K3PaYhyE5tYI n6XHX//0Plvv1BiohROI8sa4n47jDPJTq4BJN0a1JIIjc6qG8rAHDXB5gq8SLznf n1BcYohxig87lVyGMDRmxyUziZm33svE -----END CERTIFICATE-----Generated at Thu Jul 3 10:08:12 2025 by rpki-client