$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: m92Zh3VYO9M8xAFgftRXyz/FEpr9J9f4HKd2JQj4BtQ= Subject key identifier: 13:7E:92:F6:F2:52:C9:97:50:40:BB:AD:14:78:3B:D7:F8:98:98:29 Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 0219 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 020C Signing time: Sun 15 Jun 2025 01:42:35 +0000 Manifest this update: Sun 15 Jun 2025 01:42:35 +0000 Manifest next update: Sun 22 Jun 2025 01:42:35 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: RVD+nF4g4E02wtor5lwx4+rWLrAttpYTMQrGo0RaozQ=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: RN89+S1mBA7UPdGt6AqckCvGseRU/f6VRbIgO417GXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 01:42:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 537 (0x219) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Jun 15 01:42:35 2025 GMT Not After : Jun 22 01:42:35 2025 GMT Subject: CN=684e250b-e593 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:52:a7:0b:b9:26:82:18:b1:77:c4:4a:aa:c5: 54:fb:5b:c1:15:b3:47:36:49:8d:ad:8a:08:db:e2: 44:10:cc:ab:6c:51:90:7a:d5:3a:cb:60:64:01:0d: 37:6d:09:a4:68:95:cc:50:43:74:ab:5a:00:0f:80: 47:f8:1a:7e:66:90:ec:e0:e7:c0:78:87:b3:1c:1f: 87:c7:4f:a6:4e:ed:63:f0:3c:43:4d:33:e4:b7:d4: 7d:72:33:2d:6a:e5:b4:93:d4:52:88:c0:39:0d:03: 7e:4a:30:42:0d:05:f1:5a:bd:3d:1a:8a:31:0a:b4: 08:b1:44:01:b9:ad:07:08:5e:ec:55:1a:99:ed:6e: 10:83:56:0e:6f:e8:62:a1:85:1c:66:c4:42:36:89: 31:de:47:2f:95:a0:70:24:fe:ef:56:98:48:d7:ab: c2:81:e8:da:55:a4:df:bf:3a:a9:5a:45:0f:5b:14: a8:95:74:16:70:27:9a:98:92:17:7e:24:63:51:02: 7c:83:0b:77:90:ef:fe:ce:15:bc:29:51:8f:5a:39: 97:ad:03:a3:31:eb:79:ff:2b:5a:5f:6a:13:2a:b3: 5b:bd:f3:74:c9:61:42:1c:47:67:ed:4e:93:1f:de: d5:aa:96:2c:6f:60:36:94:16:74:b3:7a:41:76:5a: a4:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:7E:92:F6:F2:52:C9:97:50:40:BB:AD:14:78:3B:D7:F8:98:98:29 X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:a6:6b:db:7b:9a:fc:82:a4:39:40:c7:35:d6:53:48:96:ad: 4e:11:7e:d6:b8:69:7a:0a:66:32:ab:20:78:c7:7c:d2:7b:1a: 44:4d:87:eb:96:be:75:b7:f6:eb:5a:61:f5:89:be:77:05:aa: 62:8e:b1:ed:4e:ef:a9:ee:fc:6e:70:af:d6:46:0f:dd:05:02: 57:0a:62:e5:3b:23:f0:85:e4:c5:bc:79:f9:cd:bc:f4:88:9b: 6a:5f:c7:c8:47:6a:f4:31:f6:cb:e8:f1:f7:44:91:79:58:83: ff:4d:b8:77:d0:dd:8f:98:f3:40:e1:44:70:d5:a7:14:89:0c: 3f:b9:48:4d:9b:bb:9d:70:24:82:7c:53:5d:07:15:88:8e:82: 2d:63:dc:5f:f9:5d:24:76:4b:75:10:05:d6:c9:da:f8:c6:ea: 0b:9c:b1:73:73:a4:98:6a:8e:ab:61:1e:1f:07:30:ed:a5:86: f4:39:04:85:8a:06:38:f3:b7:ff:a3:2d:cb:98:58:22:bb:29: c4:74:da:ce:17:0e:2d:c2:46:85:38:81:09:7a:a0:30:31:6b: e1:d8:82:ae:36:18:89:5d:8f:de:69:d6:f6:a4:3b:eb:bf:da: 09:b2:90:f1:f4:42:07:97:91:5e:ee:34:b7:6a:18:61:3a:4d: e3:a8:b9:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjUwNjE1MDE0MjM1WhcNMjUwNjIyMDE0MjM1WjAYMRYwFAYD VQQDEw02ODRlMjUwYi1lNTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0VKnC7kmghixd8RKqsVU+1vBFbNHNkmNrYoI2+JEEMyrbFGQetU6y2BkAQ03 bQmkaJXMUEN0q1oAD4BH+Bp+ZpDs4OfAeIezHB+Hx0+mTu1j8DxDTTPkt9R9cjMt auW0k9RSiMA5DQN+SjBCDQXxWr09GooxCrQIsUQBua0HCF7sVRqZ7W4Qg1YOb+hi oYUcZsRCNokx3kcvlaBwJP7vVphI16vCgejaVaTfvzqpWkUPWxSolXQWcCeamJIX fiRjUQJ8gwt3kO/+zhW8KVGPWjmXrQOjMet5/ytaX2oTKrNbvfN0yWFCHEdn7U6T H97VqpYsb2A2lBZ0s3pBdlqk3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBN+kvby UsmXUEC7rRR4O9f4mJgpMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgpmvbe5r8gqQ5QMc11lNIlq1OEX7WuGl6CmYyqyB4x3zSexpETYfr lr51t/brWmH1ib53BapijrHtTu+p7vxucK/WRg/dBQJXCmLlOyPwheTFvHn5zbz0 iJtqX8fIR2r0MfbL6PH3RJF5WIP/Tbh30N2PmPNA4URw1acUiQw/uUhNm7udcCSC fFNdBxWIjoItY9xf+V0kdkt1EAXWydr4xuoLnLFzc6SYao6rYR4fBzDtpYb0OQSF igY487f/oy3LmFgiuynEdNrOFw4twkaFOIEJeqAwMWvh2IKuNhiJXY/eadb2pDvr v9oJspDx9EIHl5Fe7jS3ahhhOk3jqLlk -----END CERTIFICATE-----Generated at Sun Jun 15 08:33:50 2025 by rpki-client