$ rpki-client -vvf rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft File: X48BYbesuyVfE88IG2ZTYZtOLAI.mft (raw, json) Hash identifier: BBQiHtvSaX0oZRVMWYYc4LePUy7cRJz1RZqxZgXfJag= Subject key identifier: 44:3C:FE:66:67:DA:33:05:B2:FA:1F:88:15:63:C0:52:A9:1A:3F:69 Authority key identifier: 5F:8F:01:61:B7:AC:BB:25:5F:13:CF:08:1B:66:53:61:9B:4E:2C:02 Certificate issuer: /CN=A9149A0D/serialNumber=5F8F0161B7ACBB255F13CF081B6653619B4E2C02 Certificate serial: 07C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft Manifest number: 07BF Signing time: Sat 14 Jun 2025 20:54:02 +0000 Manifest this update: Sat 14 Jun 2025 20:54:01 +0000 Manifest next update: Sat 21 Jun 2025 20:54:01 +0000 Files and hashes: 1: X48BYbesuyVfE88IG2ZTYZtOLAI.crl (hash: ztbDqkmGZhhyUmrRASqDw6l6WcoTrKnZU01GEujXO9E=) 2: 799C6AD8149711EFB0CB9E0AC4F9AE02.roa (hash: Z6c5AlKVKf/klPMN7KddRfh49KHTtioUb3aQg5mvfg0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.crl rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 20:54:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1985 (0x7c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149A0D, serialNumber=5F8F0161B7ACBB255F13CF081B6653619B4E2C02 Validity Not Before: Jun 14 20:54:01 2025 GMT Not After : Jun 21 20:54:01 2025 GMT Subject: CN=684de169-bb52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:f8:eb:79:f7:b2:95:bb:29:bb:15:56:94:1d: 61:04:ab:d1:9a:17:c8:05:8c:03:8f:93:c9:01:70: eb:70:af:cc:77:60:f2:32:09:96:39:c6:ab:72:9e: 92:77:48:99:0b:fe:6f:43:65:b3:5c:19:13:18:7e: ff:c1:43:51:4a:2f:c3:d4:04:4e:85:58:98:08:02: ec:70:a8:6f:a6:6e:1a:04:d9:32:6b:e4:2f:1f:68: 3c:5c:7d:50:e3:69:6d:86:07:3a:a8:c4:d2:3f:12: 58:19:cb:40:45:1d:d0:d9:73:52:2b:75:ff:8c:03: 10:c4:7a:11:0e:c6:f8:43:32:30:08:24:1c:cd:22: 85:fb:f1:ca:e5:f9:3b:d0:54:e6:f2:a2:f8:03:61: ee:81:29:45:70:3f:a4:c1:23:5d:2a:6e:24:f2:76: 10:90:f9:7d:62:da:f9:de:eb:78:67:03:46:69:ce: 0b:34:bc:4d:8b:51:99:e0:55:50:67:a9:89:76:0a: 3a:a1:45:a4:0d:89:da:f2:6d:f8:90:1b:70:77:cf: f7:a8:6f:92:24:60:ab:9f:50:e7:9d:a7:0c:0a:55: 8b:0b:91:3d:66:3e:ad:21:80:8a:73:d2:8d:b6:39: 24:b9:fd:32:c1:92:b6:a7:c6:25:95:f3:45:09:d4: 6f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:3C:FE:66:67:DA:33:05:B2:FA:1F:88:15:63:C0:52:A9:1A:3F:69 X509v3 Authority Key Identifier: keyid:5F:8F:01:61:B7:AC:BB:25:5F:13:CF:08:1B:66:53:61:9B:4E:2C:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X48BYbesuyVfE88IG2ZTYZtOLAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149A0D/0FB79164FB1511EAB011EC6EC4F9AE02/X48BYbesuyVfE88IG2ZTYZtOLAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:98:36:47:e7:8f:29:1e:73:2b:81:f6:0a:00:d1:21:63:cc: 9e:0d:30:7e:7c:c2:30:44:54:9d:a5:1f:f2:7d:6a:b5:8f:d3: 91:41:7c:fe:2c:c0:f3:e7:f9:dd:3b:8a:f6:af:5f:4c:b3:fc: 0b:36:bf:41:fb:fe:f9:d2:49:5a:6f:3f:46:e1:64:c9:f5:e4: 1c:8d:46:e9:cb:91:97:11:4f:69:56:f4:cf:78:58:f9:d7:5d: 77:d8:ed:51:da:02:bc:33:96:ec:54:7f:db:9a:8e:8f:99:b1: ab:26:12:75:75:83:e2:ad:52:3c:47:c8:f1:00:1b:5a:3a:b1: 64:ea:ec:d4:f9:e7:3d:d0:a8:8d:36:7f:43:33:d1:ec:4c:0b: c8:14:ca:eb:c9:0e:2a:9a:69:1f:21:fe:19:bc:c9:8e:c4:0b: 3a:10:1a:50:1d:17:56:99:3d:4f:e0:41:ed:9e:4a:bc:34:3e: 3e:0c:33:a5:a5:1b:59:ad:a0:41:b9:b7:c3:05:a1:24:78:24: 43:44:cc:bb:4e:e8:3f:98:36:51:e7:60:02:28:d4:4c:c7:ee: 31:f9:a2:da:08:9b:67:ff:73:ab:ed:99:ee:a5:52:d3:4d:54: e1:9c:a8:f3:05:66:d7:f6:98:6a:e9:92:e2:57:91:f7:7f:52: 6c:9a:4d:2c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlBMEQxMTAvBgNVBAUTKDVGOEYwMTYxQjdBQ0JCMjU1RjEzQ0YwODFCNjY1MzYx OUI0RTJDMDIwHhcNMjUwNjE0MjA1NDAxWhcNMjUwNjIxMjA1NDAxWjAYMRYwFAYD VQQDEw02ODRkZTE2OS1iYjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3/jrefeylbspuxVWlB1hBKvRmhfIBYwDj5PJAXDrcK/Md2DyMgmWOcarcp6S d0iZC/5vQ2WzXBkTGH7/wUNRSi/D1AROhViYCALscKhvpm4aBNkya+QvH2g8XH1Q 42lthgc6qMTSPxJYGctARR3Q2XNSK3X/jAMQxHoRDsb4QzIwCCQczSKF+/HK5fk7 0FTm8qL4A2HugSlFcD+kwSNdKm4k8nYQkPl9Ytr53ut4ZwNGac4LNLxNi1GZ4FVQ Z6mJdgo6oUWkDYna8m34kBtwd8/3qG+SJGCrn1DnnacMClWLC5E9Zj6tIYCKc9KN tjkkuf0ywZK2p8YllfNFCdRvIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEQ8/mZn 2jMFsvofiBVjwFKpGj9pMB8GA1UdIwQYMBaAFF+PAWG3rLslXxPPCBtmU2GbTiwC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUEwRC8wRkI3OTE2NEZC MTUxMUVBQjAxMUVDNkVDNEY5QUUwMi9YNDhCWWJlc3V5VmZFODhJRzJaVFladE9M QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0OEJZYmVzdXlWZkU4OElHMlpUWVp0T0xBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OUEwRC8wRkI3OTE2NEZCMTUxMUVBQjAxMUVDNkVDNEY5QUUwMi9YNDhCWWJlc3V5 VmZFODhJRzJaVFladE9MQUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfmDZH548pHnMrgfYKANEhY8yeDTB+fMIwRFSdpR/yfWq1j9ORQXz+ LMDz5/ndO4r2r19Ms/wLNr9B+/750klabz9G4WTJ9eQcjUbpy5GXEU9pVvTPeFj5 11132O1R2gK8M5bsVH/bmo6PmbGrJhJ1dYPirVI8R8jxABtaOrFk6uzU+ec90KiN Nn9DM9HsTAvIFMrryQ4qmmkfIf4ZvMmOxAs6EBpQHRdWmT1P4EHtnkq8ND4+DDOl pRtZraBBubfDBaEkeCRDRMy7Tug/mDZR52ACKNRMx+4x+aLaCJtn/3Or7ZnupVLT TVThnKjzBWbX9phq6ZLiV5H3f1Jsmk0s -----END CERTIFICATE-----Generated at Sun Jun 15 08:35:25 2025 by rpki-client