$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: 5qY+z++U6MY/n6ZdN+jtUqG4TH+ZdEk9c2FIOi/tVRQ= Subject key identifier: 92:51:11:EC:5A:EE:57:5B:55:D3:06:8D:E4:53:D6:3A:3A:7D:A6:B5 Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 065B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 0657 Signing time: Thu 24 Apr 2025 22:14:43 +0000 Manifest this update: Thu 24 Apr 2025 22:14:43 +0000 Manifest next update: Thu 01 May 2025 22:14:43 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: YcKPWn4y/AIS6Sxue7tuZ6CgHoCvP4aw6giUT1jYHms=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: DpNVsF8S1R1VahxgyAnkQsdhv9Y/GOwsBJQM35rMSJ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:14:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1627 (0x65b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: Apr 24 22:14:43 2025 GMT Not After : May 1 22:14:43 2025 GMT Subject: CN=680ab7d3-9fe8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ba:77:77:37:99:bc:1d:0a:4c:6f:0e:50:a6: 60:ef:4b:a8:54:86:80:fc:10:3c:30:0f:46:5e:52: 60:5f:c8:db:9a:c9:2b:29:a9:64:6e:0a:2b:29:3b: ba:c3:d0:81:94:7e:d9:b1:9f:5d:a2:05:22:c3:3e: ca:da:d4:35:d6:42:10:4d:2c:ac:b1:92:f9:18:e1: 0d:95:12:51:fd:42:f1:d1:45:7c:b4:0e:b0:0b:96: 42:0a:49:87:ad:d8:d0:99:6d:cd:0b:c4:a2:23:9e: 9d:9a:ab:62:36:ed:be:81:11:06:80:3e:e7:5d:97: dd:da:73:6c:75:cc:90:dd:d4:14:35:32:57:36:5f: 40:ef:be:8c:7c:01:0a:23:5a:5a:9e:40:88:5e:26: b5:34:5b:1a:44:75:af:e7:dd:6d:c3:21:8d:87:fd: a5:83:6a:59:58:b6:0b:24:24:ec:5d:b1:58:fe:d1: 48:3f:74:3f:55:e0:e9:a0:79:b3:df:70:f4:3f:3b: 61:60:aa:b6:18:05:2a:6e:40:90:94:f3:6d:82:d4: 5c:a0:0a:c6:a8:b2:50:a8:b6:17:08:66:d8:65:5f: e6:a1:13:b7:3a:a8:a6:18:dd:43:42:87:c4:b1:cd: 61:fb:9b:33:aa:e4:74:d1:ee:ef:06:9f:ec:83:6e: 68:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:51:11:EC:5A:EE:57:5B:55:D3:06:8D:E4:53:D6:3A:3A:7D:A6:B5 X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:6d:63:37:22:c9:24:a8:9b:6e:55:b2:2e:2f:f9:59:7e:40: 3d:67:32:b2:73:23:95:cf:68:56:91:14:6f:17:7f:13:ef:e2: 09:21:a3:6d:54:85:bb:81:d8:c6:0b:ad:2a:01:24:35:95:4b: 77:c6:78:a2:99:ff:02:5c:e7:87:f3:2e:b7:e3:0f:64:bf:45: fc:71:38:bb:ca:09:36:49:9d:e1:08:4a:27:9a:50:6d:89:88: 88:0b:f5:a7:9a:43:41:65:20:82:c4:9c:08:94:6c:8c:5d:c2: 9d:5c:e0:6a:ea:8f:a4:da:16:41:2a:45:a8:e1:05:b5:29:e7: 6d:1b:01:29:b6:87:96:31:79:75:c6:30:f6:9f:d1:1a:5b:b6: 53:db:73:44:33:8a:72:9e:b6:d0:79:51:ec:6a:e7:ad:09:2d: 26:30:82:00:1a:a2:23:6d:8f:34:6c:83:9e:47:e7:0e:3b:76: 2e:d6:db:09:c6:f2:6c:8c:45:82:25:56:ec:69:65:ac:51:43: 72:9f:3f:e3:ea:c5:8b:8a:03:7c:48:48:aa:42:e3:ca:63:89: 04:5d:d2:0c:48:d8:b6:ac:57:02:10:74:76:0c:32:b4:c4:1d: b6:67:b0:e7:17:27:ef:b8:54:a6:42:16:4e:b9:0c:33:5a:9e: 0b:c0:a1:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUwNDI0MjIxNDQzWhcNMjUwNTAxMjIxNDQzWjAYMRYwFAYD VQQDEw02ODBhYjdkMy05ZmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAurp3dzeZvB0KTG8OUKZg70uoVIaA/BA8MA9GXlJgX8jbmskrKalkbgorKTu6 w9CBlH7ZsZ9dogUiwz7K2tQ11kIQTSyssZL5GOENlRJR/ULx0UV8tA6wC5ZCCkmH rdjQmW3NC8SiI56dmqtiNu2+gREGgD7nXZfd2nNsdcyQ3dQUNTJXNl9A776MfAEK I1pankCIXia1NFsaRHWv591twyGNh/2lg2pZWLYLJCTsXbFY/tFIP3Q/VeDpoHmz 33D0PzthYKq2GAUqbkCQlPNtgtRcoArGqLJQqLYXCGbYZV/moRO3OqimGN1DQofE sc1h+5szquR00e7vBp/sg25ogwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJJREexa 7ldbVdMGjeRT1jo6faa1MB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNbWM3IskkqJtuVbIuL/lZfkA9ZzKycyOVz2hWkRRvF38T7+IJIaNt VIW7gdjGC60qASQ1lUt3xniimf8CXOeH8y634w9kv0X8cTi7ygk2SZ3hCEonmlBt iYiIC/WnmkNBZSCCxJwIlGyMXcKdXOBq6o+k2hZBKkWo4QW1KedtGwEptoeWMXl1 xjD2n9EaW7ZT23NEM4pynrbQeVHsauetCS0mMIIAGqIjbY80bIOeR+cOO3Yu1tsJ xvJsjEWCJVbsaWWsUUNynz/j6sWLigN8SEiqQuPKY4kEXdIMSNi2rFcCEHR2DDK0 xB22Z7DnFyfvuFSmQhZOuQwzWp4LwKHX -----END CERTIFICATE-----Generated at Sat Apr 26 13:41:31 2025 by rpki-client