$ rpki-client -vvf rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.mft File: pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.mft (raw, json) Hash identifier: X0ri0P2hrTLCt8z5zYO1EQOZmPaBbvNDGjfr0wCClJI= Subject key identifier: 82:D6:AB:76:54:86:9F:54:83:5A:E0:7F:D2:BB:14:87:51:03:8E:E6 Authority key identifier: A5:70:F3:70:D5:4E:D0:24:54:C5:7F:83:EE:C3:E4:F4:4A:7A:8B:76 Certificate issuer: /CN=A9199DF5/serialNumber=A570F370D54ED02454C57F83EEC3E4F44A7A8B76 Certificate serial: 0310 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.mft Manifest number: 030C Signing time: Sat 17 May 2025 01:28:50 +0000 Manifest this update: Sat 17 May 2025 01:28:50 +0000 Manifest next update: Sat 24 May 2025 01:28:50 +0000 Files and hashes: 1: pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.crl (hash: YFwU1Mjd67VUylBeABf7kUZ7zV6Dv+lokfrZanV4GTo=) 2: B6EB7E8ED14511EC89527642C4F9AE02.roa (hash: Dao3wjzPku/52BEDR9fs3d2J0BLa408frm3MMRpd2w4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.crl rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 01:28:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 784 (0x310) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9199DF5, serialNumber=A570F370D54ED02454C57F83EEC3E4F44A7A8B76 Validity Not Before: May 17 01:28:50 2025 GMT Not After : May 24 01:28:50 2025 GMT Subject: CN=6827e652-c1a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f4:a9:0a:5f:ba:69:a5:65:6e:52:f6:8d:48: 65:60:02:5f:b2:46:66:c3:6a:30:79:eb:0b:32:2c: d3:be:3c:4d:7a:40:65:eb:55:94:af:34:d2:13:f4: 39:25:74:73:c3:ea:99:30:9b:0e:da:31:cf:64:c1: 0c:27:7f:c5:2b:a9:b6:d2:bb:50:ba:6e:ef:c8:b5: 33:36:78:d3:48:be:0c:58:bc:be:7c:fb:ab:56:09: 8b:1c:3f:c8:38:02:d7:e9:99:64:90:c4:6d:e0:6b: 37:37:e4:da:6d:9c:e2:1f:1f:7f:53:06:f9:c6:8f: 10:53:75:74:06:80:ef:71:6a:23:6b:71:97:86:a4: 8e:ee:db:06:a8:db:dc:c0:66:25:9a:66:4d:af:c3: 42:38:4e:56:c1:d9:dc:48:b5:75:13:96:93:fd:91: 32:3f:d1:7f:0a:08:64:14:ac:95:f8:ae:44:8d:5d: 43:00:27:47:65:46:da:da:18:ab:8e:56:cf:55:cb: de:e0:93:17:cf:68:39:a1:4c:18:be:37:c0:13:f5: 1d:45:ec:ef:78:95:00:23:76:53:2f:94:35:8b:94: c4:3e:a5:6d:61:b4:dc:b6:4e:01:6b:c3:70:c0:7a: f0:7a:55:32:4d:90:78:46:a1:c9:f5:19:19:a3:30: 2f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:D6:AB:76:54:86:9F:54:83:5A:E0:7F:D2:BB:14:87:51:03:8E:E6 X509v3 Authority Key Identifier: keyid:A5:70:F3:70:D5:4E:D0:24:54:C5:7F:83:EE:C3:E4:F4:4A:7A:8B:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:9d:bd:4b:94:41:de:f2:1d:16:56:01:4d:c4:17:3d:49:6f: aa:56:8c:c2:5b:bc:04:9e:da:1b:1e:54:1d:25:7e:3e:3a:e9: 93:32:dc:8a:32:c9:d3:25:da:9b:21:62:8b:ea:4b:71:0a:f6: 9e:41:eb:ea:b0:0c:92:97:71:44:e1:af:7e:7c:06:c6:23:9d: 92:69:24:29:3e:e3:ad:d1:c8:46:32:d3:ca:a7:d0:d6:83:69: 31:b4:aa:9e:8e:fa:5b:d3:0c:9e:61:6b:24:6f:b6:3c:3c:73: f0:8d:83:20:b7:2c:9e:b0:72:d6:7d:ec:7f:35:e6:91:05:e1: 91:45:c5:d8:4c:c5:a1:52:55:41:ed:95:6f:78:5a:61:bf:7d: 14:a9:00:00:e0:5b:7d:ac:3e:2b:44:e2:84:5c:f8:84:1a:e9: 7d:b4:73:62:ff:4c:30:13:3a:60:c7:3a:86:72:16:d4:b2:c4: 75:45:17:6e:70:50:d5:f4:66:6e:49:3a:c9:04:8a:2b:05:6c: 21:08:d8:77:50:6a:5f:45:03:0b:3f:ee:3e:eb:57:d2:56:57: 84:ef:90:59:3b:4e:69:96:be:01:8e:e6:3c:b6:0f:27:03:2e: ec:9f:5b:6a:c2:12:0f:29:19:3a:e5:0f:1d:be:f0:f3:cc:33: a3:d4:29:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTlERjUxMTAvBgNVBAUTKEE1NzBGMzcwRDU0RUQwMjQ1NEM1N0Y4M0VFQzNFNEY0 NEE3QThCNzYwHhcNMjUwNTE3MDEyODUwWhcNMjUwNTI0MDEyODUwWjAYMRYwFAYD VQQDEw02ODI3ZTY1Mi1jMWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2vSpCl+6aaVlblL2jUhlYAJfskZmw2oweesLMizTvjxNekBl61WUrzTSE/Q5 JXRzw+qZMJsO2jHPZMEMJ3/FK6m20rtQum7vyLUzNnjTSL4MWLy+fPurVgmLHD/I OALX6ZlkkMRt4Gs3N+TabZziHx9/Uwb5xo8QU3V0BoDvcWoja3GXhqSO7tsGqNvc wGYlmmZNr8NCOE5WwdncSLV1E5aT/ZEyP9F/CghkFKyV+K5EjV1DACdHZUba2hir jlbPVcve4JMXz2g5oUwYvjfAE/UdRezveJUAI3ZTL5Q1i5TEPqVtYbTctk4Ba8Nw wHrwelUyTZB4RqHJ9RkZozAvXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFILWq3ZU hp9Ug1rgf9K7FIdRA47mMB8GA1UdIwQYMBaAFKVw83DVTtAkVMV/g+7D5PRKeot2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OURGNS9DMjQwQjc5NEQx NDExMUVDQTU1Mzg0M0FDNEY5QUUwMi9wWER6Y05WTzBDUlV4WC1EN3NQazlFcDZp M1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BYRHpjTlZPMENSVXhYLUQ3c1BrOUVwNmkzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OURGNS9DMjQwQjc5NEQxNDExMUVDQTU1Mzg0M0FDNEY5QUUwMi9wWER6Y05WTzBD UlV4WC1EN3NQazlFcDZpM1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfnb1LlEHe8h0WVgFNxBc9SW+qVozCW7wEntobHlQdJX4+OumTMtyK MsnTJdqbIWKL6ktxCvaeQevqsAySl3FE4a9+fAbGI52SaSQpPuOt0chGMtPKp9DW g2kxtKqejvpb0wyeYWskb7Y8PHPwjYMgtyyesHLWfex/NeaRBeGRRcXYTMWhUlVB 7ZVveFphv30UqQAA4Ft9rD4rROKEXPiEGul9tHNi/0wwEzpgxzqGchbUssR1RRdu cFDV9GZuSTrJBIorBWwhCNh3UGpfRQMLP+4+61fSVleE75BZO05plr4BjuY8tg8n Ay7sn1tqwhIPKRk65Q8dvvDzzDOj1Clr -----END CERTIFICATE-----Generated at Sat May 17 08:32:51 2025 by rpki-client