$ rpki-client -vvf rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft File: cXGYzRpGea2dRS7h2wLQASpDdOw.mft (raw, json) Hash identifier: ECCWJnRwPc+7TWIDH3KBX0N6RbEI2KGXdtMlC84aInQ= Subject key identifier: 8A:F1:49:D1:F6:C2:4A:B7:D5:E5:C2:5D:98:A9:77:E8:0B:57:D4:43 Authority key identifier: 71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC Certificate issuer: /CN=A9169F49/serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft Manifest number: 3D Signing time: Tue 01 Jul 2025 08:15:57 +0000 Manifest this update: Tue 01 Jul 2025 08:15:56 +0000 Manifest next update: Tue 08 Jul 2025 08:15:56 +0000 Files and hashes: 1: cXGYzRpGea2dRS7h2wLQASpDdOw.crl (hash: Z60c7/Nhq2Q+R7G1QQm0+rHBgCzeDTlYaHe5KqwhYXs=) 2: 2B42D1D8F9B611EFB3AB154BC4F9AE02.roa (hash: qRFt1VDcs2OHFjFWZc9CCxRhXeBrmwOFxAL6+b0Q2Co=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:15:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169F49, serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Validity Not Before: Jul 1 08:15:56 2025 GMT Not After : Jul 8 08:15:56 2025 GMT Subject: CN=6863993c-42c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:45:fc:3e:27:61:91:5a:f9:44:f9:69:38:00: 0a:a0:43:2f:48:d2:ad:33:42:65:5b:9b:fc:84:c6: e1:d6:81:a9:2e:ef:08:0e:9f:b8:1b:cb:73:7c:bc: a9:a7:30:11:93:22:d7:0e:a4:66:f1:0a:76:7e:c4: 66:5a:7d:88:aa:6c:ae:e7:3f:84:d2:cf:e2:8f:3b: e2:f8:89:5a:bf:47:12:46:11:cf:57:7f:30:42:b6: 86:49:b1:e6:b0:1e:f1:3a:2c:89:dd:c3:1b:7d:7f: c0:b1:22:ee:e9:42:a2:f9:06:76:8e:ca:b7:82:7c: b1:03:6a:0c:29:50:db:66:03:fc:c1:b7:e7:e8:ce: ad:b7:8c:be:a3:1d:d6:c3:0b:0c:e0:72:a7:55:19: 38:03:96:17:b3:17:e1:47:ea:5f:55:e9:4d:c4:ee: f0:61:a4:1c:90:94:d8:39:35:48:0e:a1:aa:83:f0: 04:3a:2f:23:57:80:e2:6e:76:89:a4:e3:f2:40:d8: 04:a6:e8:aa:8e:b1:9e:df:96:f2:50:ec:1d:de:e5: a1:6b:79:d0:a4:a1:03:e0:f8:81:b2:68:90:e7:22: 29:c0:c9:ca:09:13:b7:6c:a5:9c:0d:62:7b:39:77: fb:e3:2a:40:5a:9c:18:25:eb:a6:85:86:3c:aa:66: 1e:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:F1:49:D1:F6:C2:4A:B7:D5:E5:C2:5D:98:A9:77:E8:0B:57:D4:43 X509v3 Authority Key Identifier: keyid:71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:95:a2:05:a2:01:a0:4f:cb:b7:bf:38:f0:d1:1f:c1:01:2e: ca:e6:2e:ea:c0:55:6b:f4:b6:e2:d3:f5:02:dd:aa:8b:ea:fc: 9b:32:65:45:97:d5:63:8c:5b:bd:9f:24:39:3e:45:ba:1d:94: 38:e8:91:3a:de:ed:b0:2b:23:67:6c:2f:ae:a1:dd:79:5d:86: 6a:1c:28:ec:31:30:49:56:a5:26:b9:cc:59:ed:10:d4:33:aa: 84:08:38:e7:9d:bd:27:30:e1:b1:9e:99:a6:c2:ec:8e:21:97: 19:81:cb:d5:55:4b:e9:99:5b:dd:c7:f0:ea:22:81:61:03:3e: 3a:5f:dc:e4:7d:da:c2:1d:a4:94:04:c4:3c:52:cc:6f:7d:36: a8:ee:46:a9:ac:14:9a:05:dd:4e:d9:6a:4a:87:29:cc:eb:26: 21:2f:d4:bd:17:f1:f9:b7:8b:cf:12:1f:8b:ab:0f:a0:62:85: 14:89:a7:78:2e:fa:8e:36:33:4c:26:e9:3d:26:bf:c9:00:1a: d4:15:96:75:be:57:6f:98:be:7a:07:f5:36:79:f3:b4:5f:20: 62:17:54:d2:7c:16:fc:be:0f:23:e9:f9:9a:0b:ba:d9:7a:74: 53:9f:39:f1:93:15:01:de:5e:ec:44:1f:0c:bc:2e:7e:c0:79: 14:86:01:b9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 OUY0OTExMC8GA1UEBRMoNzE3MTk4Q0QxQTQ2NzlBRDlENDUyRUUxREIwMkQwMDEy QTQzNzRFQzAeFw0yNTA3MDEwODE1NTZaFw0yNTA3MDgwODE1NTZaMBgxFjAUBgNV BAMTDTY4NjM5OTNjLTQyYzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCiRfw+J2GRWvlE+Wk4AAqgQy9I0q0zQmVbm/yExuHWgaku7wgOn7gby3N8vKmn MBGTItcOpGbxCnZ+xGZafYiqbK7nP4TSz+KPO+L4iVq/RxJGEc9XfzBCtoZJseaw HvE6LIndwxt9f8CxIu7pQqL5BnaOyreCfLEDagwpUNtmA/zBt+fozq23jL6jHdbD CwzgcqdVGTgDlhezF+FH6l9V6U3E7vBhpByQlNg5NUgOoaqD8AQ6LyNXgOJudomk 4/JA2ASm6KqOsZ7flvJQ7B3e5aFredCkoQPg+IGyaJDnIinAycoJE7dspZwNYns5 d/vjKkBanBgl66aFhjyqZh4TAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUivFJ0fbC SrfV5cJdmKl36AtX1EMwHwYDVR0jBBgwFoAUcXGYzRpGea2dRS7h2wLQASpDdOww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5RjQ5L0IyQzVGQjlBRjlC NTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEyZFJTN2gyd0xRQVNwRGRP dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY1hHWXpScEdlYTJkUlM3aDJ3TFFBU3BEZE93LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5 RjQ5L0IyQzVGQjlBRjlCNTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEy ZFJTN2gyd0xRQVNwRGRPdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEaVogWiAaBPy7e/OPDRH8EBLsrmLurAVWv0tuLT9QLdqovq/JsyZUWX 1WOMW72fJDk+RbodlDjokTre7bArI2dsL66h3XldhmocKOwxMElWpSa5zFntENQz qoQIOOedvScw4bGemabC7I4hlxmBy9VVS+mZW93H8OoigWEDPjpf3OR92sIdpJQE xDxSzG99NqjuRqmsFJoF3U7ZakqHKczrJiEv1L0X8fm3i88SH4urD6BihRSJp3gu +o42M0wm6T0mv8kAGtQVlnW+V2+YvnoH9TZ587RfIGIXVNJ8Fvy+DyPp+ZoLutl6 dFOfOfGTFQHeXuxEHwy8Ln7AeRSGAbk= -----END CERTIFICATE-----Generated at Wed Jul 2 03:34:35 2025 by rpki-client