$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json) Hash identifier: 5s+ayEMW0Qynyo3hFn760PCbVET0sgtg8HNjXJ8fFwI= Subject key identifier: D9:20:C4:90:77:5B:31:07:DA:00:DA:55:6D:E9:38:A1:F7:EA:65:84 Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Certificate serial: 014E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft Manifest number: 014B Signing time: Sun 11 May 2025 03:07:41 +0000 Manifest this update: Sun 11 May 2025 03:07:40 +0000 Manifest next update: Sun 18 May 2025 03:07:40 +0000 Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: 1/5pLJtM5HsblAlhbIaJ7Sjx6L/tiDv7hzcgp5KBuIk=) 2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: Zg2pOaZOOb5sHUdXJNoHkdhEmOD4YyAjMP6N4/VUVYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:07:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 334 (0x14e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DF0, serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Validity Not Before: May 11 03:07:40 2025 GMT Not After : May 18 03:07:40 2025 GMT Subject: CN=6820147d-10bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:66:91:bd:ba:c9:7c:5a:a1:4a:03:0f:c4:78: 49:b5:89:06:25:31:82:8a:43:5b:bf:9b:61:4c:f4: a4:b2:61:07:22:de:b7:62:bf:bc:c5:b5:29:0d:6a: 06:ac:93:3c:b4:ac:24:e5:92:05:80:e7:15:81:25: ef:77:67:09:fe:42:49:6e:16:ee:ce:15:9a:25:93: 06:ba:76:4a:bf:f0:11:dd:40:68:d2:7a:39:f1:f4: e1:bd:30:b4:03:8f:40:36:60:55:e5:fa:f4:90:2b: 05:af:8e:b3:fd:e0:61:ec:bb:24:c5:39:e7:fc:96: d0:bf:b6:d7:c8:14:8b:00:9a:06:ec:77:33:35:d7: db:b9:88:e2:a1:23:f0:78:81:41:2e:62:c1:8d:78: 62:b7:1d:37:5f:24:6e:44:ed:f9:26:bb:cc:69:26: a3:08:d8:cc:92:1c:4a:77:01:3a:b7:35:79:09:f1: f9:d8:b6:25:ff:f3:1f:b7:16:45:93:04:62:03:a2: 7a:33:3f:0e:d9:b0:33:2f:32:da:ff:b6:0f:f7:eb: 58:3b:fc:f2:af:ec:0d:65:d0:9c:73:ad:50:d3:79: c8:a3:ac:d4:7f:3f:33:df:12:6b:af:7c:c8:37:e7: 01:40:88:02:1d:51:3e:fb:5c:7f:e7:46:bf:f1:75: 46:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:20:C4:90:77:5B:31:07:DA:00:DA:55:6D:E9:38:A1:F7:EA:65:84 X509v3 Authority Key Identifier: keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:3b:0b:72:c0:59:be:87:d5:83:72:13:88:de:1d:43:b2:b2: 1c:e8:b7:72:e8:a8:25:80:79:8f:0d:e0:3f:89:b1:d8:8a:a6: ae:2f:e4:2e:e0:10:1c:d7:1a:d5:99:f4:70:2d:01:0c:77:36: c3:5b:c8:cd:47:1c:0c:83:f6:15:74:91:9e:9f:be:53:c8:d2: bf:e8:4c:c1:e3:76:a4:cd:35:d9:5e:af:12:e8:6a:fb:8d:0c: 5e:9a:f0:d6:03:e9:7c:9a:9b:1e:14:7e:ef:88:3d:67:7d:ab: 42:32:31:22:f2:ab:0c:71:06:eb:aa:bf:61:34:20:ec:25:a9: 7e:86:38:6d:5a:36:e9:59:0f:7d:a2:22:9d:7a:15:e6:82:21: a8:17:5d:ed:da:46:11:73:73:b4:3c:eb:ba:11:df:15:72:b5: 9c:d4:b4:8f:70:8a:e3:0b:1b:2c:1f:91:74:18:17:2b:32:ce: 4e:84:4e:af:fc:a5:fb:2f:ab:46:d8:a1:57:7b:57:ad:53:6a: 3d:64:39:d9:46:6b:fd:05:c3:08:39:17:82:6b:6b:6b:57:84: 07:50:66:b5:c5:e5:32:68:4a:22:df:ce:e3:f6:75:68:9c:85: 1b:03:c2:91:ef:17:84:da:05:54:ac:e9:a4:cc:b1:eb:97:3d: 64:a8:44:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC RkY0QTdGRTQwHhcNMjUwNTExMDMwNzQwWhcNMjUwNTE4MDMwNzQwWjAYMRYwFAYD VQQDEw02ODIwMTQ3ZC0xMGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1WaRvbrJfFqhSgMPxHhJtYkGJTGCikNbv5thTPSksmEHIt63Yr+8xbUpDWoG rJM8tKwk5ZIFgOcVgSXvd2cJ/kJJbhbuzhWaJZMGunZKv/AR3UBo0no58fThvTC0 A49ANmBV5fr0kCsFr46z/eBh7LskxTnn/JbQv7bXyBSLAJoG7HczNdfbuYjioSPw eIFBLmLBjXhitx03XyRuRO35JrvMaSajCNjMkhxKdwE6tzV5CfH52LYl//MftxZF kwRiA6J6Mz8O2bAzLzLa/7YP9+tYO/zyr+wNZdCcc61Q03nIo6zUfz8z3xJrr3zI N+cBQIgCHVE++1x/50a/8XVGlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNkgxJB3 WzEH2gDaVW3pOKH36mWEMB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2 NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8OwtywFm+h9WDchOI3h1DsrIc6Ldy6KglgHmPDeA/ibHYiqauL+Qu 4BAc1xrVmfRwLQEMdzbDW8jNRxwMg/YVdJGen75TyNK/6EzB43akzTXZXq8S6Gr7 jQxemvDWA+l8mpseFH7viD1nfatCMjEi8qsMcQbrqr9hNCDsJal+hjhtWjbpWQ99 oiKdehXmgiGoF13t2kYRc3O0POu6Ed8VcrWc1LSPcIrjCxssH5F0GBcrMs5OhE6v /KX7L6tG2KFXe1etU2o9ZDnZRmv9BcMIOReCa2trV4QHUGa1xeUyaEoi387j9nVo nIUbA8KR7xeE2gVUrOmkzLHrlz1kqERS -----END CERTIFICATE-----Generated at Tue May 13 01:40:42 2025 by rpki-client