$ rpki-client -vvf rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft File: xPfznmL0ydeMXhL9wVGuTjK8mkI.mft (raw, json) Hash identifier: pnN/iLX0bQY2YDz/n6kpR3mEiS9XQdf7EHc077atz+s= Subject key identifier: 4B:9F:F7:F7:AD:98:42:B9:A9:6E:29:31:D6:5F:75:EC:0C:46:B1:71 Authority key identifier: C4:F7:F3:9E:62:F4:C9:D7:8C:5E:12:FD:C1:51:AE:4E:32:BC:9A:42 Certificate issuer: /CN=A914B29B/serialNumber=C4F7F39E62F4C9D78C5E12FDC151AE4E32BC9A42 Certificate serial: D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft Manifest number: D2 Signing time: Fri 13 Jun 2025 04:38:53 +0000 Manifest this update: Fri 13 Jun 2025 04:38:53 +0000 Manifest next update: Fri 20 Jun 2025 04:38:53 +0000 Files and hashes: 1: xPfznmL0ydeMXhL9wVGuTjK8mkI.crl (hash: 2L+xmkH5K/2dqkrxv6+dq4sLhZlwD6tSZtLMVtDp46Y=) 2: 127604E20F8B11EF87FC5918C4F9AE02.roa (hash: 5edOTZ9WpkItw4RWOBwB3WoAQbD4XzuXBzAkLSr3s8Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.crl rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 04:38:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B29B, serialNumber=C4F7F39E62F4C9D78C5E12FDC151AE4E32BC9A42 Validity Not Before: Jun 13 04:38:53 2025 GMT Not After : Jun 20 04:38:53 2025 GMT Subject: CN=684bab5d-e6da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:87:af:1d:a8:e1:03:a3:b1:99:aa:ad:1d:63: 3f:fd:7b:4d:a5:3c:11:a3:7c:68:2c:67:8b:b3:45: a2:52:78:51:0f:12:7b:cf:14:7a:90:cd:98:fa:8e: 66:c7:e4:7c:99:a0:69:7f:6b:24:2b:85:21:c3:0b: 15:e6:72:e5:ae:92:04:89:01:17:39:8b:08:19:59: 71:03:93:a2:d1:f7:c7:9f:af:2d:c2:e7:bb:b6:c9: 75:a7:90:27:49:ee:68:d0:5c:93:56:a6:fb:ec:91: 83:41:72:e9:69:08:21:0b:b9:5d:94:89:8b:ee:41: a4:a7:c5:6e:79:18:be:5f:b3:ab:e2:22:8c:3e:47: bd:f0:2c:79:ef:9a:7b:8f:7a:30:ad:01:40:70:a0: 1a:df:b8:1d:f9:16:b2:df:73:5b:96:5d:14:e5:d8: 1c:61:62:ff:3d:3c:d4:c0:e8:0c:03:7b:72:5c:29: 4e:3c:a2:f9:83:aa:12:72:93:60:32:03:c6:1f:c1: 6f:6c:b3:4e:37:26:d2:bd:38:84:cf:29:dc:58:0d: bf:62:cb:24:29:34:06:5a:b9:1d:43:a2:8b:8f:15: ec:3c:2c:22:fc:d8:5f:c9:cf:d8:43:cb:c3:da:43: 89:87:ad:bf:95:be:5f:56:3b:5b:37:4c:da:94:ab: 49:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:9F:F7:F7:AD:98:42:B9:A9:6E:29:31:D6:5F:75:EC:0C:46:B1:71 X509v3 Authority Key Identifier: keyid:C4:F7:F3:9E:62:F4:C9:D7:8C:5E:12:FD:C1:51:AE:4E:32:BC:9A:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:95:25:a4:3a:48:e2:2b:f1:ca:68:eb:6c:f2:1b:7d:03:e1: a4:3b:42:8c:eb:e1:28:3c:cc:e7:d2:51:ef:1c:3c:e9:7c:9e: 4e:3c:fc:79:0d:89:af:a5:c7:80:7d:27:e2:fa:a4:8d:7e:eb: c7:e6:a8:02:3a:ce:71:7d:8a:e6:a9:40:58:9c:7e:f4:82:88: 36:11:26:d8:87:0e:28:f1:1e:3f:f8:ce:1e:0d:a3:91:c4:da: db:71:61:d3:73:87:38:fb:1a:02:3e:ba:0e:1c:53:e2:ff:6c: 0f:ab:77:b4:0d:ab:aa:45:ef:12:86:3e:da:07:cf:22:86:03: e3:3a:7e:08:a0:c3:79:10:af:45:61:3d:f6:a3:ef:c2:9d:8b: 40:c2:d4:11:58:d9:be:ea:fa:99:9c:4c:0b:ea:77:4c:ed:2f: 8b:73:3d:2b:51:d4:51:05:bd:1a:33:2d:ae:5a:0b:36:9c:b7: a4:19:71:27:63:97:fb:55:89:bc:51:c3:f8:9f:bb:1c:9e:0a: a2:bb:23:56:2e:17:ec:67:21:36:6f:5d:1c:2e:84:8b:e3:9f: c1:4a:b8:30:89:4c:6b:56:cd:3a:2a:97:4e:9f:b2:ea:48:2c: 9d:2f:dc:19:2b:61:d1:ef:e8:d9:db:fb:ea:36:a8:e9:4b:5e: e4:b2:1f:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEIyOUIxMTAvBgNVBAUTKEM0RjdGMzlFNjJGNEM5RDc4QzVFMTJGREMxNTFBRTRF MzJCQzlBNDIwHhcNMjUwNjEzMDQzODUzWhcNMjUwNjIwMDQzODUzWjAYMRYwFAYD VQQDEw02ODRiYWI1ZC1lNmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwIevHajhA6OxmaqtHWM//XtNpTwRo3xoLGeLs0WiUnhRDxJ7zxR6kM2Y+o5m x+R8maBpf2skK4UhwwsV5nLlrpIEiQEXOYsIGVlxA5Oi0ffHn68twue7tsl1p5An Se5o0FyTVqb77JGDQXLpaQghC7ldlImL7kGkp8VueRi+X7Or4iKMPke98Cx575p7 j3owrQFAcKAa37gd+Ray33Nbll0U5dgcYWL/PTzUwOgMA3tyXClOPKL5g6oScpNg MgPGH8FvbLNONybSvTiEzyncWA2/YsskKTQGWrkdQ6KLjxXsPCwi/Nhfyc/YQ8vD 2kOJh62/lb5fVjtbN0zalKtJbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEuf9/et mEK5qW4pMdZfdewMRrFxMB8GA1UdIwQYMBaAFMT3855i9MnXjF4S/cFRrk4yvJpC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QjI5Qi84QTNFMUQxQTBG ODIxMUVGODI2NkYwNUVDNEY5QUUwMi94UGZ6bm1MMHlkZU1YaEw5d1ZHdVRqSzht a0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hQZnpubUwweWRlTVhoTDl3Vkd1VGpLOG1rSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QjI5Qi84QTNFMUQxQTBGODIxMUVGODI2NkYwNUVDNEY5QUUwMi94UGZ6bm1MMHlk ZU1YaEw5d1ZHdVRqSzhta0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAylSWkOkjiK/HKaOts8ht9A+GkO0KM6+EoPMzn0lHvHDzpfJ5OPPx5 DYmvpceAfSfi+qSNfuvH5qgCOs5xfYrmqUBYnH70gog2ESbYhw4o8R4/+M4eDaOR xNrbcWHTc4c4+xoCProOHFPi/2wPq3e0DauqRe8Shj7aB88ihgPjOn4IoMN5EK9F YT32o+/CnYtAwtQRWNm+6vqZnEwL6ndM7S+Lcz0rUdRRBb0aMy2uWgs2nLekGXEn Y5f7VYm8UcP4n7scngqiuyNWLhfsZyE2b10cLoSL45/BSrgwiUxrVs06KpdOn7Lq SCydL9wZK2HR7+jZ2/vqNqjpS17ksh8T -----END CERTIFICATE-----Generated at Sat Jun 14 19:07:52 2025 by rpki-client