$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B66/E5C4D326903811EBA4DC5A54C4F9AE02/xFWwhrq4ZHzSUQyoMkHnABTNikQ.mft File: xFWwhrq4ZHzSUQyoMkHnABTNikQ.mft (raw, json) Hash identifier: ab8SJTvNuoAIr50ps17sSv2fcMYq6cHvG6tJ6L/N1bc= Subject key identifier: C1:40:EB:E5:81:1C:78:CB:84:B1:4E:81:BE:E3:D3:B3:47:77:10:32 Authority key identifier: C4:55:B0:86:BA:B8:64:7C:D2:51:0C:A8:32:41:E7:00:14:CD:8A:44 Certificate issuer: /CN=A9157B66/serialNumber=C455B086BAB8647CD2510CA83241E70014CD8A44 Certificate serial: 0649 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xFWwhrq4ZHzSUQyoMkHnABTNikQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B66/E5C4D326903811EBA4DC5A54C4F9AE02/xFWwhrq4ZHzSUQyoMkHnABTNikQ.mft Manifest number: 0644 Signing time: Thu 12 Jun 2025 22:14:00 +0000 Manifest this update: Thu 12 Jun 2025 22:13:59 +0000 Manifest next update: Thu 19 Jun 2025 22:13:59 +0000 Files and hashes: 1: xFWwhrq4ZHzSUQyoMkHnABTNikQ.crl (hash: APjfhNvkYItM7KP5MlpMar3lCUowOhRfOPbMRfLSbpk=) 2: 807CB298903A11EBA9783756C4F9AE02.roa (hash: HcRkeL0L46StqN8XUYCiDhZBU5a1szFT/RluEKL79UI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B66/E5C4D326903811EBA4DC5A54C4F9AE02/xFWwhrq4ZHzSUQyoMkHnABTNikQ.crl rsync://rpki.apnic.net/member_repository/A9157B66/E5C4D326903811EBA4DC5A54C4F9AE02/xFWwhrq4ZHzSUQyoMkHnABTNikQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xFWwhrq4ZHzSUQyoMkHnABTNikQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 22:13:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1609 (0x649) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B66, serialNumber=C455B086BAB8647CD2510CA83241E70014CD8A44 Validity Not Before: Jun 12 22:13:59 2025 GMT Not After : Jun 19 22:13:59 2025 GMT Subject: CN=684b5128-a90d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:75:4a:ec:67:c7:0f:7e:cf:5e:dc:27:a4:af: 98:ba:e7:2f:b8:5a:64:d2:86:50:61:10:29:4a:ee: 88:7e:ac:b0:dc:8d:71:b4:3a:c4:dd:06:47:72:fb: a0:73:46:c7:30:8f:0b:d5:7b:f7:fa:0f:0a:b3:50: b5:52:25:90:74:37:73:ad:c0:82:e3:10:f7:bd:27: 88:01:a8:b8:bd:b2:0b:66:8b:eb:0f:6d:17:61:09: 54:83:bb:89:8f:8d:5e:1a:d2:c7:6a:60:7a:77:b1: cb:47:9a:d7:b0:aa:75:51:e3:d7:db:be:2b:88:7b: 75:f9:bd:84:d6:42:53:34:44:d5:b3:01:ed:66:65: e4:af:80:1d:1a:4d:7a:12:78:f5:79:ed:81:f2:90: 7b:f6:2a:3e:5d:43:64:59:70:64:68:58:fa:9e:e8: d4:87:32:80:be:11:04:db:d8:65:74:fa:d1:79:54: 30:83:ed:c1:e5:51:eb:3d:9f:03:52:7c:c0:f6:00: 93:c4:49:42:d6:e6:35:15:14:84:8f:b7:51:be:be: fa:8b:0d:44:a9:c2:d8:14:cb:94:82:33:57:72:11: ea:4e:ed:55:41:c2:35:fe:fa:ee:31:bc:01:8d:fd: 10:46:24:db:b9:4a:7d:69:7c:dd:a8:20:c3:16:40: 4f:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:40:EB:E5:81:1C:78:CB:84:B1:4E:81:BE:E3:D3:B3:47:77:10:32 X509v3 Authority Key Identifier: keyid:C4:55:B0:86:BA:B8:64:7C:D2:51:0C:A8:32:41:E7:00:14:CD:8A:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B66/E5C4D326903811EBA4DC5A54C4F9AE02/xFWwhrq4ZHzSUQyoMkHnABTNikQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xFWwhrq4ZHzSUQyoMkHnABTNikQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B66/E5C4D326903811EBA4DC5A54C4F9AE02/xFWwhrq4ZHzSUQyoMkHnABTNikQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:53:f2:80:50:01:a1:bc:23:bd:a7:4c:d6:85:19:a9:e6:a0: e5:c9:56:90:10:0c:56:53:d6:af:fa:58:fb:10:aa:b1:76:e4: 08:8f:37:89:5b:a6:36:c8:47:42:c3:5c:c3:a6:bc:05:a5:4a: 41:47:e4:60:13:32:3b:50:28:1c:50:63:f7:47:1e:b4:dc:8f: 98:a3:f8:26:fe:37:b4:62:36:1f:fc:47:f1:3f:40:8e:2a:8d: 3d:9c:06:16:1f:84:88:7a:62:52:bd:87:cb:c5:b2:11:26:c6: 2c:fa:88:9c:25:04:de:1f:c7:e9:36:1c:02:1a:4a:38:2f:df: 4d:73:dd:14:50:06:42:3a:38:ed:a6:3f:3d:91:d8:bf:47:67: f9:89:0c:15:4d:2c:35:96:bb:b0:ba:6b:e0:5d:a7:c4:9d:ba: ff:37:3f:59:7c:a2:a5:c3:aa:5b:3e:ff:fd:68:5a:60:f3:9b: e9:e3:82:06:81:dc:b4:d6:68:4e:b1:bd:8d:bf:50:9f:4c:3a: 0e:21:65:ed:d6:1f:9e:54:6a:cd:98:4a:f6:8c:c8:90:d5:6b: a8:9c:5a:a5:ad:c5:2e:9e:d6:9a:99:e9:26:65:4b:e0:ce:cd: b2:c3:54:a8:5e:0a:b6:8d:0c:1e:b5:77:08:13:48:19:72:83: 43:c2:a6:fa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCNjYxMTAvBgNVBAUTKEM0NTVCMDg2QkFCODY0N0NEMjUxMENBODMyNDFFNzAw MTRDRDhBNDQwHhcNMjUwNjEyMjIxMzU5WhcNMjUwNjE5MjIxMzU5WjAYMRYwFAYD VQQDEw02ODRiNTEyOC1hOTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA33VK7GfHD37PXtwnpK+YuucvuFpk0oZQYRApSu6Ifqyw3I1xtDrE3QZHcvug c0bHMI8L1Xv3+g8Ks1C1UiWQdDdzrcCC4xD3vSeIAai4vbILZovrD20XYQlUg7uJ j41eGtLHamB6d7HLR5rXsKp1UePX274riHt1+b2E1kJTNETVswHtZmXkr4AdGk16 Enj1ee2B8pB79io+XUNkWXBkaFj6nujUhzKAvhEE29hldPrReVQwg+3B5VHrPZ8D UnzA9gCTxElC1uY1FRSEj7dRvr76iw1EqcLYFMuUgjNXchHqTu1VQcI1/vruMbwB jf0QRiTbuUp9aXzdqCDDFkBPCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMFA6+WB HHjLhLFOgb7j07NHdxAyMB8GA1UdIwQYMBaAFMRVsIa6uGR80lEMqDJB5wAUzYpE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0I2Ni9FNUM0RDMyNjkw MzgxMUVCQTREQzVBNTRDNEY5QUUwMi94Rld3aHJxNFpIelNVUXlvTWtIbkFCVE5p a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hGV3docnE0Wkh6U1VReW9Na0huQUJUTmlrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0I2Ni9FNUM0RDMyNjkwMzgxMUVCQTREQzVBNTRDNEY5QUUwMi94Rld3aHJxNFpI elNVUXlvTWtIbkFCVE5pa1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJU/KAUAGhvCO9p0zWhRmp5qDlyVaQEAxWU9av+lj7EKqxduQIjzeJ W6Y2yEdCw1zDprwFpUpBR+RgEzI7UCgcUGP3Rx603I+Yo/gm/je0YjYf/EfxP0CO Ko09nAYWH4SIemJSvYfLxbIRJsYs+oicJQTeH8fpNhwCGko4L99Nc90UUAZCOjjt pj89kdi/R2f5iQwVTSw1lruwumvgXafEnbr/Nz9ZfKKlw6pbPv/9aFpg85vp44IG gdy01mhOsb2Nv1CfTDoOIWXt1h+eVGrNmEr2jMiQ1WuonFqlrcUuntaamekmZUvg zs2yw1SoXgq2jQwetXcIE0gZcoNDwqb6 -----END CERTIFICATE-----Generated at Sat Jun 14 19:26:56 2025 by rpki-client