$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: I23m9qd2pbTbTcJQbGhRQdY6VSXgnlQJDGsUzjTYWMg= Subject key identifier: 4B:7C:3E:F9:F3:08:EC:0B:87:49:A0:9B:97:D4:3E:37:81:93:7E:19 Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 01DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 01DA Signing time: Sun 15 Jun 2025 02:00:38 +0000 Manifest this update: Sun 15 Jun 2025 02:00:38 +0000 Manifest next update: Sun 22 Jun 2025 02:00:38 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: JRCDlLTv809DcFcTiAXNJeB4TV/ZKmxHAxJlQJvU2sU=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: C5+qR+xwM5riTT+23t/1tPZQq66L4etzO1hAZvNu09M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 477 (0x1dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB, serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: Jun 15 02:00:38 2025 GMT Not After : Jun 22 02:00:38 2025 GMT Subject: CN=684e2946-93e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f3:d3:67:39:46:b1:4a:de:73:eb:32:b5:95: 82:39:73:c8:b6:0c:2e:a6:16:c5:08:8b:14:a5:55: 2a:3e:d2:ad:0e:0f:f6:6c:1d:42:ae:06:3e:56:e8: 77:05:a0:1e:f3:34:6c:88:b1:d0:b7:b9:89:60:75: 3d:3c:eb:16:bd:50:77:c1:4d:9f:5c:ef:7c:ce:62: 3d:16:fe:0a:e8:9d:3b:09:d4:02:8c:7e:13:6e:a6: 6d:7b:d0:d7:49:a7:f7:ae:9d:a4:c6:bd:92:f3:90: 47:ad:28:dc:04:16:05:32:7b:d1:ee:4b:13:32:29: 79:cd:03:1e:2c:ee:67:8d:a9:67:ca:d1:9b:36:a2: cc:25:24:80:60:dd:29:02:92:23:b1:9a:f8:12:34: 89:45:52:9b:40:b9:c7:a3:aa:9c:d2:ad:0e:f1:8b: 01:f2:71:f1:9c:a6:e9:59:cd:57:ae:4d:4c:55:58: ff:d6:e0:ac:80:9e:49:7c:c2:bc:72:1a:56:99:ac: d1:e8:02:66:2d:7b:31:a1:a6:a6:35:46:08:d0:90: cb:25:e8:66:c1:87:dd:d3:bc:97:7b:37:99:85:d6: e6:0d:b5:76:f0:5e:56:aa:b8:13:b9:3c:dd:89:20: 24:b7:9b:10:01:58:8b:91:45:e9:9d:25:f6:1b:dd: cf:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:7C:3E:F9:F3:08:EC:0B:87:49:A0:9B:97:D4:3E:37:81:93:7E:19 X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:cb:20:f0:15:51:97:74:9b:bb:2f:8b:b8:5a:94:18:ab:e5: a2:bc:da:53:55:7e:f7:8a:34:69:03:52:00:1e:ed:d0:4e:6a: 17:57:b9:a8:07:0b:0e:37:f0:4a:a5:67:1b:61:fd:d8:70:04: 3c:0e:f2:f1:b7:8b:72:05:4c:48:13:83:32:c8:20:ae:ee:03: dd:19:b7:68:a3:9b:bc:27:ac:20:e9:7d:de:ba:ec:de:a3:cd: 8f:f1:23:a1:23:de:e1:5d:f9:a5:4a:e8:e4:d8:1c:4e:9c:44: 26:53:7a:a3:cc:f1:6a:48:c1:22:08:d4:bb:e4:8f:2d:3c:22: 42:b4:9a:5b:53:5a:a5:ac:6b:f8:58:76:09:3f:cc:f4:98:1d: 8b:73:14:44:c8:80:4d:23:eb:a6:15:3f:68:7c:1c:ed:42:3b: e4:de:43:cc:53:b4:30:85:cc:a6:ee:53:a7:34:a3:2a:5d:99: 8d:1d:fc:36:35:cc:88:28:68:c8:1c:c7:b7:e1:ac:7c:ac:f9: 60:12:62:02:02:b9:de:05:29:b6:68:53:cf:71:04:3a:21:26: 99:f1:d7:c1:14:b9:0f:ad:72:9f:d1:4c:83:0a:6d:92:82:17: ee:9d:0f:f1:35:37:d7:e2:7c:e6:d2:46:79:da:35:f9:d0:ac: 57:df:b0:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjUwNjE1MDIwMDM4WhcNMjUwNjIyMDIwMDM4WjAYMRYwFAYD VQQDEw02ODRlMjk0Ni05M2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy/PTZzlGsUrec+sytZWCOXPItgwuphbFCIsUpVUqPtKtDg/2bB1CrgY+Vuh3 BaAe8zRsiLHQt7mJYHU9POsWvVB3wU2fXO98zmI9Fv4K6J07CdQCjH4TbqZte9DX Saf3rp2kxr2S85BHrSjcBBYFMnvR7ksTMil5zQMeLO5njalnytGbNqLMJSSAYN0p ApIjsZr4EjSJRVKbQLnHo6qc0q0O8YsB8nHxnKbpWc1Xrk1MVVj/1uCsgJ5JfMK8 chpWmazR6AJmLXsxoaamNUYI0JDLJehmwYfd07yXezeZhdbmDbV28F5WqrgTuTzd iSAkt5sQAViLkUXpnSX2G93PhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEt8Pvnz COwLh0mgm5fUPjeBk34ZMB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDIyyDwFVGXdJu7L4u4WpQYq+WivNpTVX73ijRpA1IAHu3QTmoXV7mo BwsON/BKpWcbYf3YcAQ8DvLxt4tyBUxIE4MyyCCu7gPdGbdoo5u8J6wg6X3euuze o82P8SOhI97hXfmlSujk2BxOnEQmU3qjzPFqSMEiCNS75I8tPCJCtJpbU1qlrGv4 WHYJP8z0mB2LcxREyIBNI+umFT9ofBztQjvk3kPMU7Qwhcym7lOnNKMqXZmNHfw2 NcyIKGjIHMe34ax8rPlgEmICArneBSm2aFPPcQQ6ISaZ8dfBFLkPrXKf0UyDCm2S ghfunQ/xNTfX4nzm0kZ52jX50KxX37DW -----END CERTIFICATE-----Generated at Sun Jun 15 09:30:28 2025 by rpki-client