$ rpki-client -vvf rpki.apnic.net/member_repository/A9173FAC/B8F5C76A101811F080BCC348C4F9AE02/PxqOo9KtxuyyNg4MN2zlWbn_cfI.mft File: PxqOo9KtxuyyNg4MN2zlWbn_cfI.mft (raw, json) Hash identifier: CHLHaDyWd/bzuxbtOrRm9OCYJIqwTH9spsYztugmR/4= Subject key identifier: A0:73:DE:67:06:84:E5:31:F6:5C:A8:DF:42:23:AC:B2:C6:AB:50:B1 Authority key identifier: 3F:1A:8E:A3:D2:AD:C6:EC:B2:36:0E:0C:37:6C:E5:59:B9:FF:71:F2 Certificate issuer: /CN=A9173FAC/serialNumber=3F1A8EA3D2ADC6ECB2360E0C376CE559B9FF71F2 Certificate serial: 16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PxqOo9KtxuyyNg4MN2zlWbn_cfI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173FAC/B8F5C76A101811F080BCC348C4F9AE02/PxqOo9KtxuyyNg4MN2zlWbn_cfI.mft Manifest number: 16 Signing time: Tue 13 May 2025 07:14:03 +0000 Manifest this update: Tue 13 May 2025 07:14:02 +0000 Manifest next update: Tue 20 May 2025 07:14:02 +0000 Files and hashes: 1: PxqOo9KtxuyyNg4MN2zlWbn_cfI.crl (hash: Q0ppm6MnD/86xewSMM7FZ+r0I+AM5qKBAKL3+oZrYEA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173FAC/B8F5C76A101811F080BCC348C4F9AE02/PxqOo9KtxuyyNg4MN2zlWbn_cfI.crl rsync://rpki.apnic.net/member_repository/A9173FAC/B8F5C76A101811F080BCC348C4F9AE02/PxqOo9KtxuyyNg4MN2zlWbn_cfI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PxqOo9KtxuyyNg4MN2zlWbn_cfI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 07:14:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22 (0x16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173FAC, serialNumber=3F1A8EA3D2ADC6ECB2360E0C376CE559B9FF71F2 Validity Not Before: May 13 07:14:02 2025 GMT Not After : May 20 07:14:02 2025 GMT Subject: CN=6822f13a-8d0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:aa:e5:91:da:09:f0:4d:d6:cd:7a:02:9e:0d: ee:eb:5c:3d:4a:6e:ad:28:79:b4:e1:05:e0:43:48: 67:71:14:e2:7f:82:a2:c4:99:32:e2:e9:0b:bd:d7: f6:e0:d9:fc:d8:d8:1b:86:17:82:cb:54:fb:2d:c3: e3:39:94:ba:c9:bd:9c:5d:59:4e:c6:29:ff:05:b8: 82:2d:a4:fa:2b:14:02:85:05:6f:f3:de:88:1a:ca: a5:38:21:98:b8:68:0c:ff:95:82:9b:7e:17:76:52: 43:d1:d7:4d:df:26:a0:e6:45:b0:02:42:fa:cd:9e: e5:9e:23:20:c4:61:27:a9:43:e9:a8:94:44:83:56: 7e:90:bb:1b:d0:ea:f8:e9:90:18:e4:89:38:f6:2d: 28:94:f8:d7:bc:5d:41:af:04:f9:b4:b8:c1:92:71: 3d:34:f8:23:9d:ca:bf:5b:fb:71:f3:18:1d:5d:43: 4b:1a:01:cb:6b:68:11:44:b7:97:4d:f4:60:01:03: c3:69:65:06:f2:dc:63:73:75:0f:ea:1c:5d:ff:e7: ee:27:a8:ca:ec:ed:36:8b:8c:10:60:08:2a:c4:eb: 05:23:9e:c3:cb:92:e8:c7:6c:26:96:c0:4d:68:6f: 98:72:98:54:f8:e2:af:fd:1d:ae:57:65:24:15:fa: 2a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:73:DE:67:06:84:E5:31:F6:5C:A8:DF:42:23:AC:B2:C6:AB:50:B1 X509v3 Authority Key Identifier: keyid:3F:1A:8E:A3:D2:AD:C6:EC:B2:36:0E:0C:37:6C:E5:59:B9:FF:71:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173FAC/B8F5C76A101811F080BCC348C4F9AE02/PxqOo9KtxuyyNg4MN2zlWbn_cfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PxqOo9KtxuyyNg4MN2zlWbn_cfI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173FAC/B8F5C76A101811F080BCC348C4F9AE02/PxqOo9KtxuyyNg4MN2zlWbn_cfI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:d6:1e:67:0d:a7:9c:74:da:07:fc:04:b8:65:26:37:9a:ee: 7f:4d:93:0d:4f:2b:8e:fa:ed:c2:34:89:12:7e:5a:45:1e:00: 69:99:f6:f0:e7:30:ce:3b:aa:cf:90:21:a2:20:ed:17:21:9e: cc:46:6d:ba:02:c2:37:58:5b:2a:35:e7:b9:ca:d2:c4:2e:44: 44:c7:5f:ed:b2:19:0a:5b:9d:9c:f2:b4:6e:98:b7:bf:6e:74: dd:4f:7e:11:5c:73:e1:89:f4:b5:cd:6c:09:f0:d8:3c:a0:27: 11:3f:f3:6f:c5:9f:77:06:9a:e8:30:a4:b3:db:19:26:e3:88: 67:b2:7c:76:a1:fa:61:92:31:a1:ac:6d:4e:3a:3a:0b:dd:55: f7:e8:40:59:7d:fe:1f:68:5b:ec:05:58:3e:ac:a2:6d:89:ce: 0e:55:7a:34:39:5a:1e:ee:0c:d0:e1:59:24:8b:96:d3:b4:1e: 49:9a:7c:67:07:4f:ac:6d:1e:4d:33:c8:e2:b8:4c:48:1e:45: b4:f7:06:1e:61:7b:e5:8b:4a:f8:da:9a:e1:2b:3f:8f:10:d8: 9f:73:90:6f:0d:50:cd:d6:6c:11:da:ed:12:d1:ba:98:3e:f5: 74:35:cb:6b:17:9b:e6:b2:20:42:d1:0f:9e:74:74:36:72:bf: fc:c2:6b:a3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 M0ZBQzExMC8GA1UEBRMoM0YxQThFQTNEMkFEQzZFQ0IyMzYwRTBDMzc2Q0U1NTlC OUZGNzFGMjAeFw0yNTA1MTMwNzE0MDJaFw0yNTA1MjAwNzE0MDJaMBgxFjAUBgNV BAMTDTY4MjJmMTNhLThkMGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/quWR2gnwTdbNegKeDe7rXD1Kbq0oebThBeBDSGdxFOJ/gqLEmTLi6Qu91/bg 2fzY2BuGF4LLVPstw+M5lLrJvZxdWU7GKf8FuIItpPorFAKFBW/z3ogayqU4IZi4 aAz/lYKbfhd2UkPR103fJqDmRbACQvrNnuWeIyDEYSepQ+molESDVn6QuxvQ6vjp kBjkiTj2LSiU+Ne8XUGvBPm0uMGScT00+COdyr9b+3HzGB1dQ0saActraBFEt5dN 9GABA8NpZQby3GNzdQ/qHF3/5+4nqMrs7TaLjBBgCCrE6wUjnsPLkujHbCaWwE1o b5hymFT44q/9Ha5XZSQV+ioDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUoHPeZwaE 5TH2XKjfQiOsssarULEwHwYDVR0jBBgwFoAUPxqOo9KtxuyyNg4MN2zlWbn/cfIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczRkFDL0I4RjVDNzZBMTAx ODExRjA4MEJDQzM0OEM0RjlBRTAyL1B4cU9vOUt0eHV5eU5nNE1OMnpsV2JuX2Nm SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHhxT285S3R4dXl5Tmc0TU4yemxXYm5fY2ZJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcz RkFDL0I4RjVDNzZBMTAxODExRjA4MEJDQzM0OEM0RjlBRTAyL1B4cU9vOUt0eHV5 eU5nNE1OMnpsV2JuX2NmSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEfWHmcNp5x02gf8BLhlJjea7n9Nkw1PK4767cI0iRJ+WkUeAGmZ9vDn MM47qs+QIaIg7RchnsxGbboCwjdYWyo157nK0sQuRETHX+2yGQpbnZzytG6Yt79u dN1PfhFcc+GJ9LXNbAnw2DygJxE/82/Fn3cGmugwpLPbGSbjiGeyfHah+mGSMaGs bU46OgvdVffoQFl9/h9oW+wFWD6som2Jzg5VejQ5Wh7uDNDhWSSLltO0HkmafGcH T6xtHk0zyOK4TEgeRbT3Bh5he+WLSvjamuErP48Q2J9zkG8NUM3WbBHa7RLRupg+ 9XQ1y2sXm+ayIELRD550dDZyv/zCa6M= -----END CERTIFICATE-----Generated at Wed May 14 11:28:34 2025 by rpki-client