$ rpki-client -vvf rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft File: CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft (raw, json) Hash identifier: 0xrt7RhzCMw7NuIKSNMCncxrYPm9io0CrqFjvkO7EmI= Subject key identifier: 68:3A:6A:F9:EF:4F:C3:24:4C:AE:28:1B:B2:41:BC:FF:3D:C9:75:BD Authority key identifier: 0A:A6:E4:83:28:42:5E:12:4C:56:1C:2A:C1:87:C8:A1:96:24:71:10 Certificate issuer: /CN=A9176E1D/serialNumber=0AA6E48328425E124C561C2AC187C8A196247110 Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft Manifest number: 27 Signing time: Fri 09 May 2025 06:50:10 +0000 Manifest this update: Fri 09 May 2025 06:50:09 +0000 Manifest next update: Fri 16 May 2025 06:50:09 +0000 Files and hashes: 1: CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl (hash: OC3r30nSiTVAq2PnjfipGO1r7eCgV8J/jRiq+r07r30=) 2: 8A5CF8F0FB7411EF83C11685C4F9AE02.roa (hash: gNUxEstcyYM8bAYzOWKSq0siVBhwvrTxTLZTCsVvFik=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 06:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176E1D, serialNumber=0AA6E48328425E124C561C2AC187C8A196247110 Validity Not Before: May 9 06:50:09 2025 GMT Not After : May 16 06:50:09 2025 GMT Subject: CN=681da5a2-c42c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c0:23:0c:3b:dd:e0:36:14:d6:31:99:be:92: 19:91:83:f4:40:e9:77:ca:7f:19:bc:e5:07:a4:38: f9:b8:ce:e7:87:7d:11:81:75:d8:bb:be:28:a6:a8: 05:4f:e3:43:03:8e:4a:92:60:e0:3a:60:d8:7a:66: e7:bb:57:b3:dd:97:1a:c3:66:ca:57:88:d9:09:5e: 80:1e:10:da:3e:15:b5:76:9a:80:88:e2:7e:c8:fd: 00:c0:ef:bb:bb:54:95:fc:79:f1:1b:97:30:0b:15: 88:14:23:f7:67:95:35:f6:21:20:a7:9f:e6:f9:07: be:0c:e5:3b:4a:52:e6:66:8d:df:4c:56:e6:16:ff: 3a:ba:80:ea:ed:44:ae:31:7d:ea:aa:7c:7e:0a:86: 92:ee:ca:0c:18:45:bc:22:0f:e9:71:f2:e2:a7:0f: 26:5a:59:19:51:8a:a0:23:8d:44:83:fc:d7:7c:fb: f4:c6:fc:2f:a2:8f:3a:e7:59:c4:6c:cd:4d:39:27: 6e:f2:c8:e3:59:e4:b2:bb:91:61:c1:09:02:49:d6: 04:cb:a0:ea:41:85:83:c7:70:7a:8f:fd:99:1e:a3: 24:98:02:4e:b6:81:f8:dc:27:96:ca:61:4d:fb:6b: 00:62:03:72:0b:d4:fd:86:51:92:15:4b:72:87:24: 57:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:3A:6A:F9:EF:4F:C3:24:4C:AE:28:1B:B2:41:BC:FF:3D:C9:75:BD X509v3 Authority Key Identifier: keyid:0A:A6:E4:83:28:42:5E:12:4C:56:1C:2A:C1:87:C8:A1:96:24:71:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:22:f7:c2:54:a9:a6:7b:4e:0b:7c:c2:80:6b:c6:6e:0c:28: 5b:f0:59:17:f9:84:fa:63:35:78:79:ca:72:5b:a9:de:95:f3: 2c:a7:6a:b1:97:a9:61:af:13:9d:0a:9c:33:1b:e2:10:65:0a: 0e:2f:60:e0:4b:d2:0c:1c:38:62:25:6c:0f:25:92:91:5a:5f: 5c:e1:96:bd:f6:86:e8:ec:39:19:3e:15:8f:a3:f0:68:a3:e9: 31:1b:8e:26:dd:bf:e8:3a:68:39:62:ac:e9:24:66:b4:d0:be: ba:23:4b:43:75:d3:b6:12:cc:51:53:82:09:69:1b:9c:b4:01: f3:c8:e3:5c:e2:d4:a7:3b:1e:8e:b8:5b:bf:46:52:e0:37:06: 50:7f:85:9c:5f:86:c2:81:22:98:b0:80:cd:0d:f6:54:ae:a3: ca:32:31:29:d5:40:e1:e6:93:7e:29:36:2e:48:e5:b6:55:d7: 7d:42:30:87:45:d9:91:1a:12:bb:33:5c:21:fd:00:9f:2a:eb: 31:fd:b3:89:48:61:e6:ae:33:29:20:38:ca:9a:6e:72:3b:fd: f0:f9:ad:1a:c5:f4:84:65:87:83:50:53:d5:17:ca:59:b8:62: 4e:52:78:5c:df:9c:86:64:7c:2f:e3:89:7b:7b:a2:79:22:3c: da:ca:43:82 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NkUxRDExMC8GA1UEBRMoMEFBNkU0ODMyODQyNUUxMjRDNTYxQzJBQzE4N0M4QTE5 NjI0NzExMDAeFw0yNTA1MDkwNjUwMDlaFw0yNTA1MTYwNjUwMDlaMBgxFjAUBgNV BAMTDTY4MWRhNWEyLWM0MmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEwCMMO93gNhTWMZm+khmRg/RA6XfKfxm85QekOPm4zueHfRGBddi7viimqAVP 40MDjkqSYOA6YNh6Zue7V7PdlxrDZspXiNkJXoAeENo+FbV2moCI4n7I/QDA77u7 VJX8efEblzALFYgUI/dnlTX2ISCnn+b5B74M5TtKUuZmjd9MVuYW/zq6gOrtRK4x feqqfH4KhpLuygwYRbwiD+lx8uKnDyZaWRlRiqAjjUSD/Nd8+/TG/C+ijzrnWcRs zU05J27yyONZ5LK7kWHBCQJJ1gTLoOpBhYPHcHqP/ZkeoySYAk62gfjcJ5bKYU37 awBiA3IL1P2GUZIVS3KHJFd5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaDpq+e9P wyRMrigbskG8/z3Jdb0wHwYDVR0jBBgwFoAUCqbkgyhCXhJMVhwqwYfIoZYkcRAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2RTFEL0ZFODgzNUJDRjlG MDExRUZCNzdBOEM2RUM0RjlBRTAyL0NxYmtneWhDWGhKTVZod3F3WWZJb1pZa2NS QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQ3Fia2d5aENYaEpNVmh3cXdZZklvWllrY1JBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2 RTFEL0ZFODgzNUJDRjlGMDExRUZCNzdBOEM2RUM0RjlBRTAyL0NxYmtneWhDWGhK TVZod3F3WWZJb1pZa2NSQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKEi98JUqaZ7Tgt8woBrxm4MKFvwWRf5hPpjNXh5ynJbqd6V8yynarGX qWGvE50KnDMb4hBlCg4vYOBL0gwcOGIlbA8lkpFaX1zhlr32hujsORk+FY+j8Gij 6TEbjibdv+g6aDlirOkkZrTQvrojS0N107YSzFFTgglpG5y0AfPI41zi1Kc7Ho64 W79GUuA3BlB/hZxfhsKBIpiwgM0N9lSuo8oyMSnVQOHmk34pNi5I5bZV131CMIdF 2ZEaErszXCH9AJ8q6zH9s4lIYeauMykgOMqabnI7/fD5rRrF9IRlh4NQU9UXylm4 Yk5SeFzfnIZkfC/jiXt7onkiPNrKQ4I= -----END CERTIFICATE-----Generated at Fri May 9 23:56:50 2025 by rpki-client