$ rpki-client -vvf rpki.apnic.net/member_repository/A9173FAC/AFF563E6101811F080BCC348C4F9AE02/nUVn--JSxmFkKqM-eASKhxf6fLM.mft File: nUVn--JSxmFkKqM-eASKhxf6fLM.mft (raw, json) Hash identifier: eSyTBKSS39C+ZnbX3SCSyrcBky4/lsZfe3iELpBulmI= Subject key identifier: 0B:EB:EC:74:9E:4B:7A:72:36:F1:11:DB:1F:A2:74:70:5E:21:A3:39 Authority key identifier: 9D:45:67:FB:E2:52:C6:61:64:2A:A3:3E:78:04:8A:87:17:FA:7C:B3 Certificate issuer: /CN=A9173FAC/serialNumber=9D4567FBE252C661642AA33E78048A8717FA7CB3 Certificate serial: 17 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nUVn--JSxmFkKqM-eASKhxf6fLM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173FAC/AFF563E6101811F080BCC348C4F9AE02/nUVn--JSxmFkKqM-eASKhxf6fLM.mft Manifest number: 16 Signing time: Tue 13 May 2025 07:14:00 +0000 Manifest this update: Tue 13 May 2025 07:13:59 +0000 Manifest next update: Tue 20 May 2025 07:13:59 +0000 Files and hashes: 1: nUVn--JSxmFkKqM-eASKhxf6fLM.crl (hash: ZLnBc3sQOzVwygbs0KSe9lIa2f6UA2gi5vZ77O+MhaE=) 2: AF75682A101911F09363D44DC4F9AE02.roa (hash: /DitzvGpGkwCd2xAbI8HPUNETw+T64yJeC7XoZd/K/Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173FAC/AFF563E6101811F080BCC348C4F9AE02/nUVn--JSxmFkKqM-eASKhxf6fLM.crl rsync://rpki.apnic.net/member_repository/A9173FAC/AFF563E6101811F080BCC348C4F9AE02/nUVn--JSxmFkKqM-eASKhxf6fLM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nUVn--JSxmFkKqM-eASKhxf6fLM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173FAC, serialNumber=9D4567FBE252C661642AA33E78048A8717FA7CB3 Validity Not Before: May 13 07:13:59 2025 GMT Not After : May 20 07:13:59 2025 GMT Subject: CN=6822f138-58ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:73:53:5b:07:ea:1f:64:8e:67:90:0c:55:f6: d6:af:84:d7:38:56:33:94:11:50:7f:bd:fb:a5:b3: 65:74:da:66:b7:3e:f7:b9:11:ee:c5:06:c2:e1:c5: 68:eb:f7:80:c9:6b:8d:09:b8:34:dd:ae:80:fe:a0: 4b:ff:21:09:24:17:c5:bc:93:b9:8e:eb:30:1a:8d: 90:a6:f4:8e:e2:af:2f:19:da:32:0e:e8:67:b5:15: 61:06:cf:61:24:af:49:77:f5:b8:53:fa:05:8d:d5: 80:1d:d6:54:9f:e5:5c:bb:0b:73:eb:36:4b:86:28: 90:e0:ae:72:77:e2:ef:4f:28:50:88:1c:e8:24:d0: d1:2d:b2:5f:80:c2:f7:c4:23:93:f5:83:9a:85:ca: 9b:ae:5d:84:6a:9a:b1:0e:bd:d5:73:2b:67:a8:b0: 39:26:a1:37:ae:86:ba:e4:c4:3a:54:05:52:83:7c: 21:2f:20:75:51:87:29:39:95:f6:4f:1d:79:ca:50: 75:00:a4:72:2b:7b:d7:ba:77:7c:5b:51:4f:fd:a2: a8:16:5a:7c:a2:d6:03:f7:df:85:ba:95:ea:7a:98: 79:b0:99:3a:14:bd:ee:41:be:1d:06:2a:d6:c2:eb: 2e:d6:96:5e:a4:cc:d3:34:34:98:a7:c2:20:9b:9e: 17:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:EB:EC:74:9E:4B:7A:72:36:F1:11:DB:1F:A2:74:70:5E:21:A3:39 X509v3 Authority Key Identifier: keyid:9D:45:67:FB:E2:52:C6:61:64:2A:A3:3E:78:04:8A:87:17:FA:7C:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173FAC/AFF563E6101811F080BCC348C4F9AE02/nUVn--JSxmFkKqM-eASKhxf6fLM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nUVn--JSxmFkKqM-eASKhxf6fLM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173FAC/AFF563E6101811F080BCC348C4F9AE02/nUVn--JSxmFkKqM-eASKhxf6fLM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:2d:6f:d1:92:67:67:d7:f2:3d:2d:3d:b8:99:c5:03:96:a7: eb:55:d5:1c:85:45:34:b0:ab:d8:a5:88:93:94:86:b1:93:a9: 52:55:83:9c:bb:51:9a:86:bc:b4:27:b0:e1:b5:44:4e:0b:0f: e5:67:fb:30:45:2f:58:74:6d:60:0d:48:a2:73:f1:30:e3:00: 69:87:8f:8b:70:30:9e:69:31:9e:d1:76:8c:1e:39:5d:d0:9b: 10:ff:ec:4d:ba:69:ef:b8:7a:0d:f9:f9:6e:1e:0b:1d:a6:31: 06:ae:2a:a6:31:cc:d8:1f:66:9d:1a:f5:84:23:df:d2:4e:32: e7:28:84:0b:95:92:0d:d0:42:de:19:96:6d:f0:05:8e:28:2a: 90:8d:26:99:22:cc:81:ed:a7:6e:40:5c:5b:b7:51:e8:89:5e: 1c:2a:93:2f:96:29:f9:42:8f:98:b9:0d:80:fa:a6:de:95:84: 48:58:d1:41:ed:c5:43:69:0c:6b:b8:59:56:31:04:b9:bc:d9: c1:8a:7e:7b:76:b7:29:2e:94:be:f7:76:4f:75:73:1c:84:42: dc:8e:90:1a:d9:bd:0d:a0:91:8a:0d:bc:1f:55:00:63:76:d4: 97:95:33:7f:db:c1:e4:f9:ee:2b:7a:94:e1:44:ca:17:41:85: a8:5b:da:36 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 M0ZBQzExMC8GA1UEBRMoOUQ0NTY3RkJFMjUyQzY2MTY0MkFBMzNFNzgwNDhBODcx N0ZBN0NCMzAeFw0yNTA1MTMwNzEzNTlaFw0yNTA1MjAwNzEzNTlaMBgxFjAUBgNV BAMTDTY4MjJmMTM4LTU4ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDKc1NbB+ofZI5nkAxV9tavhNc4VjOUEVB/vfuls2V02ma3Pve5Ee7FBsLhxWjr 94DJa40JuDTdroD+oEv/IQkkF8W8k7mO6zAajZCm9I7iry8Z2jIO6Ge1FWEGz2Ek r0l39bhT+gWN1YAd1lSf5Vy7C3PrNkuGKJDgrnJ34u9PKFCIHOgk0NEtsl+AwvfE I5P1g5qFypuuXYRqmrEOvdVzK2eosDkmoTeuhrrkxDpUBVKDfCEvIHVRhyk5lfZP HXnKUHUApHIre9e6d3xbUU/9oqgWWnyi1gP334W6lep6mHmwmToUve5Bvh0GKtbC 6y7Wll6kzNM0NJinwiCbnhdFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUC+vsdJ5L enI28RHbH6J0cF4hozkwHwYDVR0jBBgwFoAUnUVn++JSxmFkKqM+eASKhxf6fLMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczRkFDL0FGRjU2M0U2MTAx ODExRjA4MEJDQzM0OEM0RjlBRTAyL25VVm4tLUpTeG1Ga0txTS1lQVNLaHhmNmZM TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvblVWbi0tSlN4bUZrS3FNLWVBU0toeGY2ZkxNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcz RkFDL0FGRjU2M0U2MTAxODExRjA4MEJDQzM0OEM0RjlBRTAyL25VVm4tLUpTeG1G a0txTS1lQVNLaHhmNmZMTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABctb9GSZ2fX8j0tPbiZxQOWp+tV1RyFRTSwq9iliJOUhrGTqVJVg5y7 UZqGvLQnsOG1RE4LD+Vn+zBFL1h0bWANSKJz8TDjAGmHj4twMJ5pMZ7RdoweOV3Q mxD/7E26ae+4eg35+W4eCx2mMQauKqYxzNgfZp0a9YQj39JOMucohAuVkg3QQt4Z lm3wBY4oKpCNJpkizIHtp25AXFu3UeiJXhwqky+WKflCj5i5DYD6pt6VhEhY0UHt xUNpDGu4WVYxBLm82cGKfnt2tykulL73dk91cxyEQtyOkBrZvQ2gkYoNvB9VAGN2 1JeVM3/bweT57it6lOFEyhdBhahb2jY= -----END CERTIFICATE-----Generated at Tue May 13 11:55:22 2025 by rpki-client