$ rpki-client -vvf rpki.apnic.net/member_repository/A9117CE3/2FD45F78B45B11EF94E6745DC4F9AE02/9bGvaeQg85sCMjAnVBm6VPjOGos.mft File: 9bGvaeQg85sCMjAnVBm6VPjOGos.mft (raw, json) Hash identifier: YrW/GRE4jyCchE4CVro5QWkxiMfd8C3aqBgN8nSUSfs= Subject key identifier: 7C:A4:53:72:8D:C8:BC:D1:1A:E4:60:AF:F4:D3:5D:00:4C:02:BC:C1 Authority key identifier: F5:B1:AF:69:E4:20:F3:9B:02:32:30:27:54:19:BA:54:F8:CE:1A:8B Certificate issuer: /CN=A9117CE3/serialNumber=F5B1AF69E420F39B023230275419BA54F8CE1A8B Certificate serial: 60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9bGvaeQg85sCMjAnVBm6VPjOGos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117CE3/2FD45F78B45B11EF94E6745DC4F9AE02/9bGvaeQg85sCMjAnVBm6VPjOGos.mft Manifest number: 60 Signing time: Fri 13 Jun 2025 04:55:00 +0000 Manifest this update: Fri 13 Jun 2025 04:55:00 +0000 Manifest next update: Fri 20 Jun 2025 04:55:00 +0000 Files and hashes: 1: 9bGvaeQg85sCMjAnVBm6VPjOGos.crl (hash: pXWYrsXDNA0O0Z+X+XcaChz7hcHjPhzc3/poGn3oVCw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117CE3/2FD45F78B45B11EF94E6745DC4F9AE02/9bGvaeQg85sCMjAnVBm6VPjOGos.crl rsync://rpki.apnic.net/member_repository/A9117CE3/2FD45F78B45B11EF94E6745DC4F9AE02/9bGvaeQg85sCMjAnVBm6VPjOGos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9bGvaeQg85sCMjAnVBm6VPjOGos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 04:54:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 96 (0x60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117CE3, serialNumber=F5B1AF69E420F39B023230275419BA54F8CE1A8B Validity Not Before: Jun 13 04:55:00 2025 GMT Not After : Jun 20 04:55:00 2025 GMT Subject: CN=684baf24-aae1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:2a:68:97:a7:21:a1:bd:6d:93:b4:dd:ca:39: dc:c3:b7:1b:f4:5f:6d:62:8d:68:a3:07:2d:5d:2e: b3:7d:06:ff:87:aa:ff:ec:96:35:3f:b8:fa:18:93: 08:86:76:7a:15:53:77:45:8b:16:a0:04:a8:99:2d: eb:36:ca:5d:f2:9d:71:25:a8:95:85:3e:cc:3e:e5: 19:fd:eb:da:9e:9d:e9:bc:95:bf:9a:e1:db:cc:70: b0:8d:a6:2c:e8:44:46:ac:43:76:35:1a:66:eb:b1: 11:b3:05:b7:58:c7:b9:bc:c1:40:48:5d:7e:21:33: 23:c3:87:3d:94:36:8a:ea:78:9e:d4:b4:a4:4d:c5: e0:c1:02:08:ab:27:15:f3:a2:68:29:9e:3c:ab:dd: 69:72:1c:6c:5e:c5:de:4f:9a:e4:eb:9e:4e:c4:0a: 72:fe:b2:37:3b:08:6c:4d:72:77:1f:4f:bd:6d:0b: fa:d7:f5:52:c5:a2:04:08:2e:e1:a5:52:de:67:c9: 75:8e:48:45:df:db:a3:7a:0a:b5:ef:6c:c2:d3:c3: d4:06:46:f9:e3:dc:8b:aa:42:e6:64:04:66:c3:3c: 51:65:cc:97:4b:41:ee:09:41:bb:68:df:0b:fc:f1: 83:2f:e3:a8:e6:41:9c:72:db:1a:75:d7:8c:30:26: 97:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:A4:53:72:8D:C8:BC:D1:1A:E4:60:AF:F4:D3:5D:00:4C:02:BC:C1 X509v3 Authority Key Identifier: keyid:F5:B1:AF:69:E4:20:F3:9B:02:32:30:27:54:19:BA:54:F8:CE:1A:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117CE3/2FD45F78B45B11EF94E6745DC4F9AE02/9bGvaeQg85sCMjAnVBm6VPjOGos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9bGvaeQg85sCMjAnVBm6VPjOGos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117CE3/2FD45F78B45B11EF94E6745DC4F9AE02/9bGvaeQg85sCMjAnVBm6VPjOGos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:63:01:d7:b8:af:d7:4c:8c:64:bf:77:f0:b6:64:22:e0:37: f4:25:4e:12:e6:e0:a1:1e:21:9b:9c:77:c9:74:d7:21:50:81: 0d:d5:38:09:1e:66:4c:84:ca:00:d0:2b:8d:e2:1a:88:e5:d3: ef:87:ad:21:af:57:5a:53:e2:36:15:27:2f:24:ed:94:af:e4: bf:b1:dd:ca:d9:70:d1:33:5c:77:e1:fe:33:da:a0:ff:e0:65: ab:64:e1:64:ad:89:0b:b4:86:93:d9:85:ef:df:23:e0:10:20: 59:09:f7:cf:e6:49:95:56:68:42:88:11:f1:55:2f:0f:da:fa: 9f:d3:e7:1d:5e:9d:db:03:0d:64:d6:69:c0:aa:7c:cb:42:95: 90:e2:44:08:1d:c8:61:bf:25:2e:56:6a:ab:1f:28:fd:33:b1: 9a:cf:78:24:f3:cd:d0:64:ed:01:b0:d8:98:f0:84:6c:f2:d8: c6:f8:2c:e8:61:1a:ea:aa:56:89:fd:e7:56:ec:eb:13:84:94: c1:da:4f:45:7f:2d:6c:38:e4:82:34:c9:4a:ef:fe:0f:5b:4e: 0a:ee:08:ed:ad:da:18:65:be:1e:71:ef:f7:2a:73:01:35:27: cd:55:17:d8:98:aa:93:0d:d1:90:b2:f1:1b:e4:2c:86:d2:53: 08:47:27:9c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx N0NFMzExMC8GA1UEBRMoRjVCMUFGNjlFNDIwRjM5QjAyMzIzMDI3NTQxOUJBNTRG OENFMUE4QjAeFw0yNTA2MTMwNDU1MDBaFw0yNTA2MjAwNDU1MDBaMBgxFjAUBgNV BAMTDTY4NGJhZjI0LWFhZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQChKmiXpyGhvW2TtN3KOdzDtxv0X21ijWijBy1dLrN9Bv+Hqv/sljU/uPoYkwiG dnoVU3dFixagBKiZLes2yl3ynXElqJWFPsw+5Rn969qenem8lb+a4dvMcLCNpizo REasQ3Y1GmbrsRGzBbdYx7m8wUBIXX4hMyPDhz2UNorqeJ7UtKRNxeDBAgirJxXz omgpnjyr3WlyHGxexd5PmuTrnk7ECnL+sjc7CGxNcncfT71tC/rX9VLFogQILuGl Ut5nyXWOSEXf26N6CrXvbMLTw9QGRvnj3IuqQuZkBGbDPFFlzJdLQe4JQbto3wv8 8YMv46jmQZxy2xp114wwJpf/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfKRTco3I vNEa5GCv9NNdAEwCvMEwHwYDVR0jBBgwFoAU9bGvaeQg85sCMjAnVBm6VPjOGosw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE3Q0UzLzJGRDQ1Rjc4QjQ1 QjExRUY5NEU2NzQ1REM0RjlBRTAyLzliR3ZhZVFnODVzQ01qQW5WQm02VlBqT0dv cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOWJHdmFlUWc4NXNDTWpBblZCbTZWUGpPR29zLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE3 Q0UzLzJGRDQ1Rjc4QjQ1QjExRUY5NEU2NzQ1REM0RjlBRTAyLzliR3ZhZVFnODVz Q01qQW5WQm02VlBqT0dvcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB9jAde4r9dMjGS/d/C2ZCLgN/QlThLm4KEeIZucd8l01yFQgQ3VOAke ZkyEygDQK43iGojl0++HrSGvV1pT4jYVJy8k7ZSv5L+x3crZcNEzXHfh/jPaoP/g Zatk4WStiQu0hpPZhe/fI+AQIFkJ98/mSZVWaEKIEfFVLw/a+p/T5x1endsDDWTW acCqfMtClZDiRAgdyGG/JS5WaqsfKP0zsZrPeCTzzdBk7QGw2JjwhGzy2Mb4LOhh GuqqVon951bs6xOElMHaT0V/LWw45II0yUrv/g9bTgruCO2t2hhlvh5x7/cqcwE1 J81VF9iYqpMN0ZCy8RvkLIbSUwhHJ5w= -----END CERTIFICATE-----Generated at Sat Jun 14 18:39:31 2025 by rpki-client