$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json) Hash identifier: L4SZQedzYv4x4ZFn5Q/EhxF5Sypxj3cLReA/8yWv7nw= Subject key identifier: 6C:02:CE:77:6D:28:31:91:52:31:E8:B3:FA:E1:5D:4A:81:75:38:FC Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 040B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft Manifest number: 0401 Signing time: Sun 15 Jun 2025 00:10:58 +0000 Manifest this update: Sun 15 Jun 2025 00:10:57 +0000 Manifest next update: Sun 22 Jun 2025 00:10:57 +0000 Files and hashes: 1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: qPO/f7esCs7428GNs+9Z8Vu1nhobDLIeK0L5OztPV6g=) 2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: yvgJMR+/eFQNfa9YPke7BcqszX7za/b5BsbuAWKuz/Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 00:10:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1035 (0x40b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Jun 15 00:10:57 2025 GMT Not After : Jun 22 00:10:57 2025 GMT Subject: CN=684e0f92-3975 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:7c:b2:52:35:ca:1b:81:44:4b:8c:bb:ed:29: 67:25:50:4c:94:21:02:00:ce:7d:c0:91:bd:7d:55: 8a:58:db:53:c0:51:6b:cf:e2:47:6c:74:42:3e:11: 0a:be:39:fb:04:06:db:6e:99:d7:fc:5d:4a:96:3c: f4:60:2f:b6:40:67:3d:cc:99:ec:ec:b6:45:bf:2d: b1:e6:dc:42:0a:f4:bd:72:cb:89:00:33:92:5b:bf: 38:3c:25:aa:40:19:1f:4e:7a:49:b5:96:26:7a:9d: 11:68:0c:63:9c:61:69:05:c9:78:0f:6f:f7:37:98: 09:5c:57:dd:ef:8d:6a:4a:07:8e:fa:a3:f3:31:a5: 11:79:2c:f3:ae:7a:07:c3:d1:cc:b2:16:41:35:3f: 44:e2:d5:8e:f0:fc:a8:d3:f9:f1:3a:d8:f8:e3:34: 7a:85:88:f5:d6:a1:d7:47:ca:32:b3:57:c0:37:ab: 36:3d:f2:a6:76:84:7c:dc:43:3c:6d:d0:6f:44:d7: 28:85:fc:ab:ff:53:8c:a2:65:bb:4b:68:6d:25:ba: 85:8e:7e:e9:b0:17:f1:0a:13:cb:7f:e4:0b:70:f4: be:54:7e:c8:0f:72:49:9a:67:0c:40:62:d9:1d:36: c0:37:e3:8e:a6:52:e2:84:79:58:eb:de:85:de:63: 4d:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:02:CE:77:6D:28:31:91:52:31:E8:B3:FA:E1:5D:4A:81:75:38:FC X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:43:c2:a6:2a:98:8d:b6:48:bc:9a:7f:78:16:93:fc:02:c2: d6:61:9b:d9:29:0e:3d:1f:df:d5:6f:c9:b1:6e:81:7a:72:74: ea:34:c3:82:e9:c1:25:92:05:25:ec:2e:de:64:4b:d0:14:28: e3:37:a1:e7:41:df:20:32:e9:62:26:30:32:bd:f8:d6:0b:be: ce:ad:48:c0:c2:61:eb:a1:b2:92:cb:ee:df:e2:24:ec:a0:d5: 71:2e:43:97:37:cf:24:75:4b:15:7f:7a:93:84:a2:4d:19:be: fa:e0:03:96:f2:fa:6f:41:9a:4c:fe:1e:01:73:b2:3c:7c:90: 8f:a1:3a:b2:74:1f:e6:8e:ae:a7:af:a2:ab:bb:0a:a5:60:a6: 21:2d:05:94:44:91:e0:0f:7f:ea:bc:18:c6:9b:fd:79:b2:a0: c3:bc:ec:95:3d:53:29:12:49:d0:f2:a1:34:71:69:4f:10:06: a9:8f:a9:e4:54:0e:36:01:ff:f7:2c:98:ea:29:15:07:71:52: 1e:11:55:e2:55:72:8f:ac:2b:20:fa:ac:d1:d6:7c:f2:69:45: aa:65:2c:b5:8b:fa:4b:4e:dd:04:24:68:b9:30:12:db:16:c0: 71:c0:f2:74:f7:c9:8b:e2:fd:9c:20:c8:7d:20:7d:1c:18:00: 5b:3e:6c:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjUwNjE1MDAxMDU3WhcNMjUwNjIyMDAxMDU3WjAYMRYwFAYD VQQDEw02ODRlMGY5Mi0zOTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2XyyUjXKG4FES4y77SlnJVBMlCECAM59wJG9fVWKWNtTwFFrz+JHbHRCPhEK vjn7BAbbbpnX/F1Kljz0YC+2QGc9zJns7LZFvy2x5txCCvS9csuJADOSW784PCWq QBkfTnpJtZYmep0RaAxjnGFpBcl4D2/3N5gJXFfd741qSgeO+qPzMaUReSzzrnoH w9HMshZBNT9E4tWO8Pyo0/nxOtj44zR6hYj11qHXR8oys1fAN6s2PfKmdoR83EM8 bdBvRNcohfyr/1OMomW7S2htJbqFjn7psBfxChPLf+QLcPS+VH7ID3JJmmcMQGLZ HTbAN+OOplLihHlY696F3mNNkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGwCzndt KDGRUjHos/rhXUqBdTj8MB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8Q8KmKpiNtki8mn94FpP8AsLWYZvZKQ49H9/Vb8mxboF6cnTqNMOC 6cElkgUl7C7eZEvQFCjjN6HnQd8gMuliJjAyvfjWC77OrUjAwmHrobKSy+7f4iTs oNVxLkOXN88kdUsVf3qThKJNGb764AOW8vpvQZpM/h4Bc7I8fJCPoTqydB/mjq6n r6KruwqlYKYhLQWURJHgD3/qvBjGm/15sqDDvOyVPVMpEknQ8qE0cWlPEAapj6nk VA42Af/3LJjqKRUHcVIeEVXiVXKPrCsg+qzR1nzyaUWqZSy1i/pLTt0EJGi5MBLb FsBxwPJ098mL4v2cIMh9IH0cGABbPmyI -----END CERTIFICATE-----Generated at Mon Jun 16 05:34:13 2025 by rpki-client