$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft File: b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft (raw, json) Hash identifier: qIapeLJPFAsgWXo2qIr4Bunkcc2eTqnry4iVWyFacKo= Subject key identifier: 53:7B:C1:F2:A1:87:02:29:6C:18:AB:A2:4A:D8:A8:1D:75:BD:E1:BE Authority key identifier: 6F:D5:B7:43:1E:71:50:ED:65:0F:7F:27:A3:DC:F8:C5:CE:AC:77:64 Certificate issuer: /CN=A9173CCA/serialNumber=6FD5B7431E7150ED650F7F27A3DCF8C5CEAC7764 Certificate serial: 8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9W3Qx5xUO1lD38no9z4xc6sd2Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft Manifest number: 8A Signing time: Sat 17 May 2025 06:03:52 +0000 Manifest this update: Sat 17 May 2025 06:03:52 +0000 Manifest next update: Sat 24 May 2025 06:03:52 +0000 Files and hashes: 1: b9W3Qx5xUO1lD38no9z4xc6sd2Q.crl (hash: EPJMxEOYxT3IWLa2jelPl3o15TD5jeHPjrAvBdcc2us=) 2: 3866993C6A6711EF929E6773C4F9AE02.roa (hash: blrLiUR2o+nqfH3V7oxiwVZEehZHbPAqakKDEvu+zf4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.crl rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9W3Qx5xUO1lD38no9z4xc6sd2Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 06:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 140 (0x8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173CCA, serialNumber=6FD5B7431E7150ED650F7F27A3DCF8C5CEAC7764 Validity Not Before: May 17 06:03:52 2025 GMT Not After : May 24 06:03:52 2025 GMT Subject: CN=682826c8-f386 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:76:3f:de:fe:70:52:c8:ad:1b:e1:95:eb:9e: 13:0b:e5:ee:c3:8b:68:34:eb:2b:ed:76:b8:7b:1b: 24:6d:17:c4:02:6a:5e:4d:7d:9f:39:89:d7:a2:c0: c6:d5:20:f5:b5:6b:34:ea:97:71:f8:00:6e:9c:be: a6:6f:03:f4:45:97:1a:96:1a:99:a3:b4:01:8a:a2: a6:e2:fa:ee:d3:fe:15:ed:eb:98:c8:e0:b5:c2:3f: 67:b6:be:7a:c0:6f:02:95:65:80:32:ee:5c:67:2f: d4:2c:fa:9c:48:1f:30:a4:aa:2d:05:44:1e:9b:56: 53:78:60:ba:1d:55:d6:1c:8a:0f:14:7f:46:27:5e: de:3c:8b:30:16:db:cd:ba:4d:32:f2:f2:2a:11:cd: 0f:44:17:6b:7e:27:af:2f:8d:5d:b8:4d:cb:8b:7d: 74:3e:03:02:42:e4:c9:99:bd:fd:a4:b1:39:7b:89: a2:07:6c:de:b4:a7:5f:13:90:4f:d1:02:8a:c6:38: af:7c:d4:e1:c0:6d:25:46:da:97:32:0b:ba:5d:0f: 6d:67:d3:08:6c:00:5e:8b:37:e9:86:24:99:dd:43: 82:c8:d5:d0:62:13:6c:a2:64:90:b0:62:ad:86:27: 04:27:8c:92:a5:bc:56:d5:fb:bc:54:95:07:28:de: 6f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:7B:C1:F2:A1:87:02:29:6C:18:AB:A2:4A:D8:A8:1D:75:BD:E1:BE X509v3 Authority Key Identifier: keyid:6F:D5:B7:43:1E:71:50:ED:65:0F:7F:27:A3:DC:F8:C5:CE:AC:77:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9W3Qx5xUO1lD38no9z4xc6sd2Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:0d:06:49:e1:e8:77:a7:18:6f:5d:15:09:ad:db:b3:fe:d3: aa:7b:7d:0f:d7:3d:c7:8d:8e:a2:87:32:17:09:a7:1c:a0:13: be:97:01:4d:1f:c5:88:6d:8f:a8:62:cb:17:35:82:01:c9:1a: 3a:31:8f:58:e1:5a:09:34:39:6d:22:30:cd:6c:32:08:51:53: 37:64:c2:ac:18:dd:5e:99:fa:07:5e:e2:01:ac:24:5c:87:f3: 67:bf:e7:ef:c5:64:7c:44:2c:f1:89:28:be:0e:b7:23:be:2e: ee:45:c6:9d:50:8e:8a:03:ff:ea:19:69:8d:1a:aa:24:09:a0: 54:48:a4:f7:33:5c:cf:5b:ea:ac:6e:58:64:7a:85:94:b5:50: b7:7c:52:f7:9f:eb:da:35:3d:bc:53:b1:ee:96:d6:97:26:49: 16:d9:f4:83:21:14:e1:f8:f3:dc:ee:10:8d:fd:b2:b6:c0:c9: b1:fd:a8:d1:ff:2f:e1:87:c9:7a:da:49:14:42:7b:cc:65:6f: e8:0d:7e:95:2f:e7:29:40:b5:a4:27:e8:0c:91:16:00:2d:ce: f2:10:53:61:0a:d8:f4:63:8d:07:4d:e3:ac:a9:30:79:04:37: 9f:50:07:33:8f:17:14:a1:02:f1:d2:c3:aa:a1:d3:b5:dd:b9: b6:3e:b3:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzNDQ0ExMTAvBgNVBAUTKDZGRDVCNzQzMUU3MTUwRUQ2NTBGN0YyN0EzRENGOEM1 Q0VBQzc3NjQwHhcNMjUwNTE3MDYwMzUyWhcNMjUwNTI0MDYwMzUyWjAYMRYwFAYD VQQDEw02ODI4MjZjOC1mMzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy3Y/3v5wUsitG+GV654TC+Xuw4toNOsr7Xa4exskbRfEAmpeTX2fOYnXosDG 1SD1tWs06pdx+ABunL6mbwP0RZcalhqZo7QBiqKm4vru0/4V7euYyOC1wj9ntr56 wG8ClWWAMu5cZy/ULPqcSB8wpKotBUQem1ZTeGC6HVXWHIoPFH9GJ17ePIswFtvN uk0y8vIqEc0PRBdrfievL41duE3Li310PgMCQuTJmb39pLE5e4miB2zetKdfE5BP 0QKKxjivfNThwG0lRtqXMgu6XQ9tZ9MIbABeizfphiSZ3UOCyNXQYhNsomSQsGKt hicEJ4ySpbxW1fu8VJUHKN5vdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFN7wfKh hwIpbBirokrYqB11veG+MB8GA1UdIwQYMBaAFG/Vt0MecVDtZQ9/J6Pc+MXOrHdk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NDQS8xQ0E5QjgyNDY1 NEQxMUVGQjQ0QjdCNThDNEY5QUUwMi9iOVczUXg1eFVPMWxEMzhubzl6NHhjNnNk MlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5VzNReDV4VU8xbEQzOG5vOXo0eGM2c2QyUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 M0NDQS8xQ0E5QjgyNDY1NEQxMUVGQjQ0QjdCNThDNEY5QUUwMi9iOVczUXg1eFVP MWxEMzhubzl6NHhjNnNkMlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhDQZJ4eh3pxhvXRUJrduz/tOqe30P1z3HjY6ihzIXCaccoBO+lwFN H8WIbY+oYssXNYIByRo6MY9Y4VoJNDltIjDNbDIIUVM3ZMKsGN1emfoHXuIBrCRc h/Nnv+fvxWR8RCzxiSi+Drcjvi7uRcadUI6KA//qGWmNGqokCaBUSKT3M1zPW+qs blhkeoWUtVC3fFL3n+vaNT28U7HultaXJkkW2fSDIRTh+PPc7hCN/bK2wMmx/ajR /y/hh8l62kkUQnvMZW/oDX6VL+cpQLWkJ+gMkRYALc7yEFNhCtj0Y40HTeOsqTB5 BDefUAczjxcUoQLx0sOqodO13bm2PrMP -----END CERTIFICATE-----Generated at Sat May 17 15:28:38 2025 by rpki-client