$ rpki-client -vvf rpki.apnic.net/member_repository/A9164663/14EAA9FADA7911E89B95A672C4F9AE02/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.mft File: CGM2oMfhveZ4do0Qwwvrfyvc4Sc.mft (raw, json) Hash identifier: J+PnOdQxPOwz0h2Hy/kmYrVGDkRMAtTEadgCBJNCj0o= Subject key identifier: 21:EC:C3:EB:F4:0F:C4:DB:09:A7:3A:B0:0B:C1:93:19:E0:C2:56:66 Authority key identifier: 08:63:36:A0:C7:E1:BD:E6:78:76:8D:10:C3:0B:EB:7F:2B:DC:E1:27 Certificate issuer: /CN=A9164663/serialNumber=086336A0C7E1BDE678768D10C30BEB7F2BDCE127 Certificate serial: 122D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9164663/14EAA9FADA7911E89B95A672C4F9AE02/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.mft Manifest number: 1A06 Signing time: Thu 24 Apr 2025 17:09:21 +0000 Manifest this update: Thu 24 Apr 2025 17:09:20 +0000 Manifest next update: Thu 01 May 2025 17:09:20 +0000 Files and hashes: 1: CGM2oMfhveZ4do0Qwwvrfyvc4Sc.crl (hash: WmLz5m6b6IHQ0kV5apNWIHijHA1J+7YKSjS/k1ewRVw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9164663/14EAA9FADA7911E89B95A672C4F9AE02/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.crl rsync://rpki.apnic.net/member_repository/A9164663/14EAA9FADA7911E89B95A672C4F9AE02/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:09:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4653 (0x122d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9164663, serialNumber=086336A0C7E1BDE678768D10C30BEB7F2BDCE127 Validity Not Before: Apr 24 17:09:20 2025 GMT Not After : May 1 17:09:20 2025 GMT Subject: CN=680a7040-9e04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e7:70:07:a9:8d:86:0c:24:58:a9:23:c9:f2: 32:cc:93:a7:5a:0f:ff:61:0c:f4:89:eb:73:29:de: 8b:73:3a:b3:89:2d:07:09:e9:19:1c:06:d9:d7:fd: 90:f1:7b:09:c9:27:7f:bc:d4:ed:32:1d:8d:fe:5c: 9d:cb:ce:5b:61:bb:ad:6c:b4:e8:a5:da:a8:5a:e8: a8:66:8f:22:fd:99:82:6c:d4:5d:d3:9b:79:60:51: 36:bc:20:27:33:54:dc:d2:2c:8b:6d:5c:46:7b:7f: 6e:06:0a:4a:a9:f5:d7:0b:6a:67:b3:55:91:72:c6: 45:f2:99:b9:f9:ec:0c:2d:4d:19:c4:e6:3a:78:c2: e5:4f:55:72:02:da:95:a9:43:0c:c5:49:b8:8c:63: e1:1d:01:e7:b9:fe:73:e9:4f:42:4d:33:31:64:44: 52:35:c1:fc:56:ba:cb:9f:e5:38:03:e5:6d:e8:5d: 7c:25:0e:7d:b2:26:63:68:6c:66:0c:aa:cf:d2:c3: 32:ac:3e:d5:f9:41:45:0e:11:9b:e1:06:64:56:81: 18:a3:9b:fe:98:6a:e4:77:4d:0e:cf:d8:32:ed:3c: be:48:91:70:f5:f1:a2:8d:db:b6:7b:ce:e0:24:9a: 38:21:1f:61:00:d6:f6:89:6b:cd:d5:9d:a8:07:07: 0d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:EC:C3:EB:F4:0F:C4:DB:09:A7:3A:B0:0B:C1:93:19:E0:C2:56:66 X509v3 Authority Key Identifier: keyid:08:63:36:A0:C7:E1:BD:E6:78:76:8D:10:C3:0B:EB:7F:2B:DC:E1:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9164663/14EAA9FADA7911E89B95A672C4F9AE02/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164663/14EAA9FADA7911E89B95A672C4F9AE02/CGM2oMfhveZ4do0Qwwvrfyvc4Sc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:35:e6:c9:66:68:14:6f:75:68:29:41:98:21:6e:a3:ac:9a: 10:7b:0f:79:25:d6:c3:e4:03:86:92:65:63:07:37:cd:e5:a0: 6f:39:5f:ea:f1:e5:52:a5:4d:68:26:05:50:c7:61:e4:8a:85: 88:46:67:17:36:5f:de:b4:68:c9:b6:1a:b0:23:89:67:3f:24: 71:8e:f1:3a:1e:b4:d6:be:13:80:e5:9c:f6:57:10:bd:99:f2: 5b:73:ae:b6:4c:5c:44:bf:69:cb:6e:72:f5:01:7e:df:ca:b0: 6d:32:ca:48:c8:05:0e:3d:4e:da:24:ef:95:c7:79:f9:eb:33: 6b:a0:4e:10:51:04:ed:58:d9:85:57:f2:26:fd:ee:09:9f:03: 20:33:75:0b:f4:c9:53:e3:ab:e5:78:c5:53:91:f9:6d:81:ac: 49:a2:1c:75:f4:9d:92:d0:21:61:a6:7a:e3:41:78:52:1a:50: e3:08:44:27:55:18:c5:08:10:16:95:ff:43:ae:0b:55:25:52: 59:35:50:2c:4d:b8:f2:5e:28:5f:9f:93:f0:de:58:df:05:fb: 25:95:7e:f8:12:68:bd:c0:c2:b4:23:98:6b:a3:03:de:eb:b9: 4a:52:5b:7d:03:b8:05:6c:64:05:c1:26:82:a7:87:bc:b3:bf: d4:5f:d8:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQ2NjMxMTAvBgNVBAUTKDA4NjMzNkEwQzdFMUJERTY3ODc2OEQxMEMzMEJFQjdG MkJEQ0UxMjcwHhcNMjUwNDI0MTcwOTIwWhcNMjUwNTAxMTcwOTIwWjAYMRYwFAYD VQQDEw02ODBhNzA0MC05ZTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyOdwB6mNhgwkWKkjyfIyzJOnWg//YQz0ietzKd6LczqziS0HCekZHAbZ1/2Q 8XsJySd/vNTtMh2N/lydy85bYbutbLTopdqoWuioZo8i/ZmCbNRd05t5YFE2vCAn M1Tc0iyLbVxGe39uBgpKqfXXC2pns1WRcsZF8pm5+ewMLU0ZxOY6eMLlT1VyAtqV qUMMxUm4jGPhHQHnuf5z6U9CTTMxZERSNcH8VrrLn+U4A+Vt6F18JQ59siZjaGxm DKrP0sMyrD7V+UFFDhGb4QZkVoEYo5v+mGrkd00Oz9gy7Ty+SJFw9fGijdu2e87g JJo4IR9hANb2iWvN1Z2oBwcN9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCHsw+v0 D8TbCac6sAvBkxngwlZmMB8GA1UdIwQYMBaAFAhjNqDH4b3meHaNEMML638r3OEn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDY2My8xNEVBQTlGQURB NzkxMUU4OUI5NUE2NzJDNEY5QUUwMi9DR00yb01maHZlWjRkbzBRd3d2cmZ5dmM0 U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NHTTJvTWZodmVaNGRvMFF3d3ZyZnl2YzRTYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NDY2My8xNEVBQTlGQURBNzkxMUU4OUI5NUE2NzJDNEY5QUUwMi9DR00yb01maHZl WjRkbzBRd3d2cmZ5dmM0U2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWNebJZmgUb3VoKUGYIW6jrJoQew95JdbD5AOGkmVjBzfN5aBvOV/q 8eVSpU1oJgVQx2HkioWIRmcXNl/etGjJthqwI4lnPyRxjvE6HrTWvhOA5Zz2VxC9 mfJbc662TFxEv2nLbnL1AX7fyrBtMspIyAUOPU7aJO+Vx3n56zNroE4QUQTtWNmF V/Im/e4JnwMgM3UL9MlT46vleMVTkfltgaxJohx19J2S0CFhpnrjQXhSGlDjCEQn VRjFCBAWlf9DrgtVJVJZNVAsTbjyXihfn5Pw3ljfBfsllX74Emi9wMK0I5hrowPe 67lKUlt9A7gFbGQFwSaCp4e8s7/UX9jj -----END CERTIFICATE-----Generated at Sat Apr 26 04:34:04 2025 by rpki-client