$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft File: Psexptohoad1gV0cv-cjFLipXdk.mft (raw, json) Hash identifier: EfAdhYcMYZ1CzdpBGeRkWbg7N3qz9xRDYNmVM583UCQ= Subject key identifier: CA:C4:E2:DF:12:BE:AC:AE:38:9F:9F:F3:AA:34:4F:10:83:F8:0A:DD Authority key identifier: 3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 Certificate issuer: /CN=A9170DA5/serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Certificate serial: 04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft Manifest number: 03 Signing time: Thu 03 Jul 2025 08:28:59 +0000 Manifest this update: Thu 03 Jul 2025 08:28:58 +0000 Manifest next update: Thu 10 Jul 2025 08:28:58 +0000 Files and hashes: 1: Psexptohoad1gV0cv-cjFLipXdk.crl (hash: bUTzzxdEfKyxUxKNs8D9j88R6m05Nr6IfM6kN917vuE=) 2: F99E9E78571B11F093AD0C10C4F9AE02.roa (hash: Ntdzzur1e7UcFcIFXVyf4NefmktAA4cSP3KFPUhWals=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Validity Not Before: Jul 3 08:28:58 2025 GMT Not After : Jul 10 08:28:58 2025 GMT Subject: CN=68663f4a-a809 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:26:0e:cc:97:44:a3:93:3c:60:4b:e3:fd:b8: c6:65:1b:84:f0:ba:e0:81:3e:5e:46:6a:71:57:b4: ba:a1:48:e4:9e:08:3f:ea:10:c3:ca:42:93:f0:90: d8:22:ce:87:8b:03:fb:67:35:71:a9:fe:fd:da:53: 3b:fc:a7:13:8f:8e:e4:ce:80:c9:b6:0d:76:0f:d7: 3f:9c:50:53:d1:3f:05:d4:b7:01:d8:2c:89:bd:12: 3b:0e:f4:dc:f1:18:30:44:3b:2b:e7:b1:0c:48:63: 10:d3:5d:bf:36:55:a5:55:a1:92:1a:f6:66:0c:de: 0c:86:17:07:48:3f:50:23:2f:e3:25:04:61:3f:b6: c3:bc:46:1f:13:cf:5f:d4:50:d6:c7:a7:b9:9d:b5: 98:44:68:f0:9c:43:d3:1b:ee:50:4d:14:ea:37:0f: a7:60:bf:72:94:26:95:9c:66:21:4e:7e:87:90:7e: 71:5c:a8:1a:e0:55:cd:20:4d:7b:9f:02:24:e4:77: 0b:f5:e9:9f:6b:37:5a:b3:7c:04:89:59:dc:3b:79: 54:e2:2c:60:17:87:e6:a7:e3:94:0c:5b:f6:40:97: a2:b5:e6:cd:f2:56:2e:b1:42:80:6b:96:d9:59:78: 36:62:43:15:6a:c8:49:4a:d1:e7:58:15:ce:d5:c5: 71:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:C4:E2:DF:12:BE:AC:AE:38:9F:9F:F3:AA:34:4F:10:83:F8:0A:DD X509v3 Authority Key Identifier: keyid:3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:c5:42:c9:d4:ed:01:6d:1e:17:05:49:f1:31:08:96:8b:68: 94:64:be:f7:d1:d9:94:20:e7:10:b4:2d:2c:58:96:07:da:2d: 29:21:2d:ac:88:38:9b:fe:62:ba:2b:d5:65:f9:b2:33:89:6b: 4b:45:2f:dd:35:29:25:77:6c:6f:fa:b0:8a:8f:61:b8:61:86: 19:e9:7e:94:45:35:b9:b5:b0:eb:5d:32:cd:0a:9b:59:6f:f2: 8f:dc:1c:79:26:b4:45:55:35:77:a7:40:c4:2e:6c:4b:63:1f: 5d:06:eb:e9:de:b0:9b:07:93:7e:ac:d1:55:8a:30:9c:50:6a: 42:e7:72:7c:8f:a8:16:8f:8c:ea:01:94:cd:7b:e7:3a:a3:a7: 0b:08:4a:77:d1:da:83:0d:63:be:e9:4b:1b:39:8c:0e:71:76: 06:d2:86:3d:06:56:fc:f7:57:8b:50:7b:4c:3e:92:94:ba:4b: 73:9e:e2:45:46:f3:8f:07:77:c1:44:36:f2:a0:0b:ec:7e:d5: 32:2f:e3:d7:41:18:59:42:1b:44:53:46:5d:80:fc:53:da:c9: ad:5b:16:d2:b7:9f:e8:22:9c:10:d4:de:6f:5b:ba:24:4d:95: b2:2b:3c:41:04:07:8c:8a:d5:fb:52:53:1a:99:0c:10:5b:f3: d0:bb:4c:77 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoM0VDN0IxQTZEQTIxQTFBNzc1ODE1RDFDQkZFNzIzMTRC OEE5NUREOTAeFw0yNTA3MDMwODI4NThaFw0yNTA3MTAwODI4NThaMBgxFjAUBgNV BAMTDTY4NjYzZjRhLWE4MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDSJg7Ml0SjkzxgS+P9uMZlG4TwuuCBPl5GanFXtLqhSOSeCD/qEMPKQpPwkNgi zoeLA/tnNXGp/v3aUzv8pxOPjuTOgMm2DXYP1z+cUFPRPwXUtwHYLIm9EjsO9Nzx GDBEOyvnsQxIYxDTXb82VaVVoZIa9mYM3gyGFwdIP1AjL+MlBGE/tsO8Rh8Tz1/U UNbHp7mdtZhEaPCcQ9Mb7lBNFOo3D6dgv3KUJpWcZiFOfoeQfnFcqBrgVc0gTXuf AiTkdwv16Z9rN1qzfASJWdw7eVTiLGAXh+an45QMW/ZAl6K15s3yVi6xQoBrltlZ eDZiQxVqyElK0edYFc7VxXHdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUysTi3xK+ rK44n5/zqjRPEIP4Ct0wHwYDVR0jBBgwFoAUPsexptohoad1gV0cv+cjFLipXdkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0NFMEVEQTI2NTcx QTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2FkMWdWMGN2LWNqRkxpcFhk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHNleHB0b2hvYWQxZ1YwY3YtY2pGTGlwWGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0NFMEVEQTI2NTcxQTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2Fk MWdWMGN2LWNqRkxpcFhkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADzFQsnU7QFtHhcFSfExCJaLaJRkvvfR2ZQg5xC0LSxYlgfaLSkhLayI OJv+Yror1WX5sjOJa0tFL901KSV3bG/6sIqPYbhhhhnpfpRFNbm1sOtdMs0Km1lv 8o/cHHkmtEVVNXenQMQubEtjH10G6+nesJsHk36s0VWKMJxQakLncnyPqBaPjOoB lM175zqjpwsISnfR2oMNY77pSxs5jA5xdgbShj0GVvz3V4tQe0w+kpS6S3Oe4kVG 848Hd8FENvKgC+x+1TIv49dBGFlCG0RTRl2A/FPaya1bFtK3n+ginBDU3m9buiRN lbIrPEEEB4yK1ftSUxqZDBBb89C7THc= -----END CERTIFICATE-----Generated at Fri Jul 4 21:27:30 2025 by rpki-client