$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: n1QbBjPBlYfe+1e5XzMOwUDDNoSAaomin6X7lN8yJTE= Subject key identifier: CD:0B:C5:78:C2:3F:4E:26:6B:FF:32:58:A2:42:B1:4C:32:D9:5A:E4 Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 0676 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 0672 Signing time: Wed 18 Jun 2025 22:11:57 +0000 Manifest this update: Wed 18 Jun 2025 22:11:56 +0000 Manifest next update: Wed 25 Jun 2025 22:11:56 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: pnqnGOwrjopAcxI8qtX3MtFPEr5ruGBqB4OefgwlSC8=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: DpNVsF8S1R1VahxgyAnkQsdhv9Y/GOwsBJQM35rMSJ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 22:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1654 (0x676) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: Jun 18 22:11:56 2025 GMT Not After : Jun 25 22:11:56 2025 GMT Subject: CN=685339ac-dade Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:70:6d:e6:4e:c6:d0:de:1e:9e:be:3a:a4:fd: e9:c1:9d:5e:15:a9:cb:2c:02:e7:9a:b3:2e:2f:ae: 63:83:33:de:c4:58:2c:5f:15:54:79:98:9a:bb:bd: 51:13:9d:e9:d0:5e:3a:75:94:76:36:95:37:27:a6: 37:51:bc:52:1e:69:b3:87:1c:bd:6d:fd:0b:43:6a: 09:87:a1:12:e5:b8:06:13:6d:e5:ba:40:5d:22:42: f1:cf:e8:c1:5d:f4:1c:63:12:27:51:28:ef:6b:ba: 7e:2e:bb:2c:68:ca:2f:b5:cd:a9:7b:ee:85:58:3b: ed:e0:18:24:31:f9:c1:14:51:fd:16:60:43:90:2c: 40:10:f7:6e:81:36:0c:d2:ec:74:9f:cf:9b:fe:59: 0e:48:46:15:e0:f2:55:f6:b0:b0:8a:e0:be:65:62: 78:c9:8e:10:8f:7e:f4:ff:62:58:e0:48:c7:30:85: f9:ee:d4:24:12:85:db:82:66:a5:31:9e:f6:f4:33: 75:cc:3e:7b:a5:66:6b:bb:59:e8:60:30:bc:f3:66: e7:45:5a:5d:10:11:62:0e:3d:8b:63:07:f8:fb:fe: 0e:3b:00:d8:de:4d:30:fa:4b:3e:b0:ea:dc:35:ff: 29:64:7a:c0:f7:db:cb:cb:df:05:c4:15:08:4d:3f: 79:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:0B:C5:78:C2:3F:4E:26:6B:FF:32:58:A2:42:B1:4C:32:D9:5A:E4 X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:6a:9c:77:9d:49:24:ee:f6:7b:32:d7:98:bd:90:e6:50:17: 36:46:4c:06:8f:27:6f:be:61:15:5d:b0:78:36:43:e0:54:4e: b6:28:26:50:53:31:c6:03:3d:8f:94:06:d8:bc:6b:94:31:56: 42:40:0e:25:e2:6e:e2:76:94:44:49:08:e3:d5:93:ba:fa:bb: 36:db:78:d5:51:2d:1a:a9:bc:a6:e0:ab:d4:0b:b0:64:aa:8d: bf:16:64:07:2a:3b:ef:24:17:4f:f4:b7:6b:10:fe:ce:c2:24: 43:81:c7:78:77:e5:96:05:85:68:a7:8e:b0:d6:b0:79:50:b5: 6f:99:52:6e:a5:5d:44:fe:57:e6:07:3d:14:94:f0:d5:7c:4d: 15:8b:08:15:c6:0b:1c:b9:3e:93:06:fb:6c:a8:de:55:f7:86: 28:ba:39:0e:39:2d:11:be:6d:e0:1d:e4:a4:ec:50:c3:05:bb: 6a:1a:ec:11:6a:0b:e9:83:53:5c:1a:36:8e:09:fa:e7:e0:a5: cf:10:7b:bc:6d:34:63:a7:74:dc:5c:55:df:15:ff:62:49:c8: 04:0d:29:05:19:db:83:95:ee:19:d6:7e:09:0a:63:a6:13:42: 5e:a1:a2:a5:27:5e:75:0b:24:86:76:f1:67:0a:36:9b:fb:15: b5:32:83:ff -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUwNjE4MjIxMTU2WhcNMjUwNjI1MjIxMTU2WjAYMRYwFAYD VQQDEw02ODUzMzlhYy1kYWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2HBt5k7G0N4enr46pP3pwZ1eFanLLALnmrMuL65jgzPexFgsXxVUeZiau71R E53p0F46dZR2NpU3J6Y3UbxSHmmzhxy9bf0LQ2oJh6ES5bgGE23lukBdIkLxz+jB XfQcYxInUSjva7p+LrssaMovtc2pe+6FWDvt4BgkMfnBFFH9FmBDkCxAEPdugTYM 0ux0n8+b/lkOSEYV4PJV9rCwiuC+ZWJ4yY4Qj370/2JY4EjHMIX57tQkEoXbgmal MZ729DN1zD57pWZru1noYDC882bnRVpdEBFiDj2LYwf4+/4OOwDY3k0w+ks+sOrc Nf8pZHrA99vLy98FxBUITT95XwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0LxXjC P04ma/8yWKJCsUwy2VrkMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJapx3nUkk7vZ7MteYvZDmUBc2RkwGjydvvmEVXbB4NkPgVE62KCZQ UzHGAz2PlAbYvGuUMVZCQA4l4m7idpRESQjj1ZO6+rs223jVUS0aqbym4KvUC7Bk qo2/FmQHKjvvJBdP9LdrEP7OwiRDgcd4d+WWBYVop46w1rB5ULVvmVJupV1E/lfm Bz0UlPDVfE0ViwgVxgscuT6TBvtsqN5V94YoujkOOS0Rvm3gHeSk7FDDBbtqGuwR agvpg1NcGjaOCfrn4KXPEHu8bTRjp3TcXFXfFf9iScgEDSkFGduDle4Z1n4JCmOm E0JeoaKlJ151CySGdvFnCjab+xW1MoP/ -----END CERTIFICATE-----Generated at Fri Jun 20 07:14:02 2025 by rpki-client