$ rpki-client -vvf rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft File: cXGYzRpGea2dRS7h2wLQASpDdOw.mft (raw, json) Hash identifier: LqCOaNc0ORkZIHzhCvHEZKX8hoBun+jxjtx6mtcNdfo= Subject key identifier: 6C:32:11:F2:0C:EE:64:F3:ED:E0:29:53:F1:F0:A7:DE:DC:F7:30:2D Authority key identifier: 71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC Certificate issuer: /CN=A9169F49/serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Certificate serial: 1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft Manifest number: 1C Signing time: Fri 25 Apr 2025 06:53:07 +0000 Manifest this update: Fri 25 Apr 2025 06:53:07 +0000 Manifest next update: Fri 02 May 2025 06:53:07 +0000 Files and hashes: 1: cXGYzRpGea2dRS7h2wLQASpDdOw.crl (hash: syw9OcrztS2Hi1cPBbT8Vn0nl1kXaioC84DZDFiEZqE=) 2: 2B42D1D8F9B611EFB3AB154BC4F9AE02.roa (hash: qRFt1VDcs2OHFjFWZc9CCxRhXeBrmwOFxAL6+b0Q2Co=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:53:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29 (0x1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169F49, serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Validity Not Before: Apr 25 06:53:07 2025 GMT Not After : May 2 06:53:07 2025 GMT Subject: CN=680b3153-67db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a0:91:a2:be:aa:9b:4c:44:a6:1b:47:5c:f0: 35:3f:a9:c0:a5:3d:fa:61:d7:ec:d7:d3:82:ca:42: 7b:fa:91:04:3d:63:e6:42:94:40:1c:f2:8d:f8:d6: f0:b4:54:e1:26:84:5f:ae:fd:d1:73:82:5b:09:c3: 0a:d8:a7:16:73:e2:d8:c1:28:87:35:53:f7:79:50: 7d:dc:6e:15:d4:8c:d3:7e:43:9f:0b:01:b4:8c:dc: ab:3a:37:7e:0d:29:7c:1b:30:2f:0f:48:f5:5f:60: 8f:bc:98:f2:0d:8d:a9:77:79:da:b1:b3:81:6e:23: d1:b4:55:b8:ca:71:09:c4:17:6b:9a:3d:4c:d9:12: 49:1f:0a:1c:83:f6:d1:dd:59:3e:9a:f0:43:5c:31: d4:cc:99:c0:ca:5c:00:09:f3:05:4d:eb:0f:4a:90: 8b:71:30:cc:9b:00:00:e6:7c:db:8f:69:d5:47:1b: 52:09:93:e2:8d:a5:93:6e:a3:a6:7e:d1:c8:c2:f7: 16:34:71:7b:8f:bb:16:68:c5:15:dc:32:0b:62:5f: 8c:5d:02:02:9f:09:d5:2a:22:2c:26:05:aa:1b:e2: 65:e2:ab:5e:df:fc:0d:fe:40:41:14:d1:e2:00:87: 7c:db:1a:d1:e2:4b:60:4a:a7:91:dd:23:82:c5:c9: 43:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:32:11:F2:0C:EE:64:F3:ED:E0:29:53:F1:F0:A7:DE:DC:F7:30:2D X509v3 Authority Key Identifier: keyid:71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d6:7e:e5:de:e4:ac:8e:e5:51:f1:82:58:7e:de:8d:dd:6e:b0: ad:21:a3:1f:c0:e3:23:e9:e9:3b:d1:80:19:d2:f1:02:cc:e2: c7:ca:17:c5:da:8c:90:87:4f:5e:d0:7c:5b:94:e2:1e:b4:25: 1c:94:fc:86:c0:4d:1c:f1:31:39:ae:e2:eb:4d:9c:f9:e7:b8: cf:8b:e3:c0:55:79:c5:31:49:1d:df:e1:d0:3e:a7:08:e9:5f: 4f:a0:96:90:b2:e8:c6:a5:ba:e2:20:5c:d3:7d:c4:29:8a:85: 71:37:19:8a:e5:da:bc:a4:f5:ec:c4:35:87:2c:41:60:01:47: 67:d6:4a:5d:bb:86:73:86:28:e9:10:da:f7:fb:dd:11:bd:4a: d7:7d:bc:4d:b8:c6:a3:9f:a3:73:09:33:34:68:a9:32:71:13: e6:05:56:27:01:05:b3:86:02:b1:6e:0f:c0:05:7b:84:47:aa: e4:11:1b:da:ca:ea:9a:66:b5:e6:b8:94:5f:0e:92:93:78:03: f9:b8:a9:f3:d8:cb:3a:87:e6:8f:26:2e:74:43:53:02:aa:f7: a6:e2:3f:8a:8f:8e:f5:88:38:3a:b9:4e:c9:58:fa:8b:c5:f1: eb:0d:54:44:14:fd:93:18:e0:8a:54:6f:81:3f:9d:1d:44:da: aa:a9:0e:43 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 OUY0OTExMC8GA1UEBRMoNzE3MTk4Q0QxQTQ2NzlBRDlENDUyRUUxREIwMkQwMDEy QTQzNzRFQzAeFw0yNTA0MjUwNjUzMDdaFw0yNTA1MDIwNjUzMDdaMBgxFjAUBgNV BAMTDTY4MGIzMTUzLTY3ZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyoJGivqqbTESmG0dc8DU/qcClPfph1+zX04LKQnv6kQQ9Y+ZClEAc8o341vC0 VOEmhF+u/dFzglsJwwrYpxZz4tjBKIc1U/d5UH3cbhXUjNN+Q58LAbSM3Ks6N34N KXwbMC8PSPVfYI+8mPINjal3edqxs4FuI9G0VbjKcQnEF2uaPUzZEkkfChyD9tHd WT6a8ENcMdTMmcDKXAAJ8wVN6w9KkItxMMybAADmfNuPadVHG1IJk+KNpZNuo6Z+ 0cjC9xY0cXuPuxZoxRXcMgtiX4xdAgKfCdUqIiwmBaob4mXiq17f/A3+QEEU0eIA h3zbGtHiS2BKp5HdI4LFyUMPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUbDIR8gzu ZPPt4ClT8fCn3tz3MC0wHwYDVR0jBBgwFoAUcXGYzRpGea2dRS7h2wLQASpDdOww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5RjQ5L0IyQzVGQjlBRjlC NTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEyZFJTN2gyd0xRQVNwRGRP dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY1hHWXpScEdlYTJkUlM3aDJ3TFFBU3BEZE93LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5 RjQ5L0IyQzVGQjlBRjlCNTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEy ZFJTN2gyd0xRQVNwRGRPdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANZ+5d7krI7lUfGCWH7ejd1usK0hox/A4yPp6TvRgBnS8QLM4sfKF8Xa jJCHT17QfFuU4h60JRyU/IbATRzxMTmu4utNnPnnuM+L48BVecUxSR3f4dA+pwjp X0+glpCy6MaluuIgXNN9xCmKhXE3GYrl2ryk9ezENYcsQWABR2fWSl27hnOGKOkQ 2vf73RG9Std9vE24xqOfo3MJMzRoqTJxE+YFVicBBbOGArFuD8AFe4RHquQRG9rK 6ppmtea4lF8OkpN4A/m4qfPYyzqH5o8mLnRDUwKq96biP4qPjvWIODq5TslY+ovF 8esNVEQU/ZMY4IpUb4E/nR1E2qqpDkM= -----END CERTIFICATE-----Generated at Sat Apr 26 16:48:42 2025 by rpki-client