$ rpki-client -vvf rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft File: 8kxEMhD3QcvlnQFOum7pcrXN2uc.mft (raw, json) Hash identifier: k20dLoBYrYFXKxvWSqw8nZqSFtn+grJUAN6LoZuXY/4= Subject key identifier: 1B:4D:01:C5:F9:28:55:95:BD:36:85:7C:34:0C:6D:56:BF:8E:D2:6A Authority key identifier: F2:4C:44:32:10:F7:41:CB:E5:9D:01:4E:BA:6E:E9:72:B5:CD:DA:E7 Certificate issuer: /CN=A916B95A/serialNumber=F24C443210F741CBE59D014EBA6EE972B5CDDAE7 Certificate serial: 9B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8kxEMhD3QcvlnQFOum7pcrXN2uc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft Manifest number: 99 Signing time: Fri 25 Apr 2025 05:17:42 +0000 Manifest this update: Fri 25 Apr 2025 05:17:41 +0000 Manifest next update: Fri 02 May 2025 05:17:41 +0000 Files and hashes: 1: 8kxEMhD3QcvlnQFOum7pcrXN2uc.crl (hash: Fee9xUAvObbv8mHfuC7Pqzcnhhjt/Ofuo/Wt4wVj3Pc=) 2: 20A6C35C37AF11EF844EC638C4F9AE02.roa (hash: SBjUcQwgq8eYibunzuM6B0MYbh92vDqaJjZbumGPIz4=) 3: 2117AE6E37AF11EF844EC638C4F9AE02.roa (hash: rxylyIaFWofGp8fi7f1ysoxvtfFGdtzKVIc05XTsdvY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.crl rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8kxEMhD3QcvlnQFOum7pcrXN2uc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:17:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 155 (0x9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B95A, serialNumber=F24C443210F741CBE59D014EBA6EE972B5CDDAE7 Validity Not Before: Apr 25 05:17:41 2025 GMT Not After : May 2 05:17:41 2025 GMT Subject: CN=680b1af6-1f74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:9a:a8:fb:e3:69:82:2c:15:9d:13:8f:14:e0: 06:86:96:0e:e0:bf:3b:8e:6c:9b:fb:21:64:19:39: d6:65:04:49:41:77:51:79:b0:97:65:1a:45:4d:63: 3b:b5:2a:ed:45:d0:d9:85:6e:e7:a9:dc:a1:01:d2: 96:92:ba:6c:3e:06:bb:a4:cf:19:38:90:79:72:98: f1:b3:81:95:3c:d3:48:a2:a0:ff:2a:22:5b:68:3a: 76:84:38:94:54:ed:61:ed:ad:db:ea:ab:99:34:6e: db:6b:e3:86:64:04:66:9f:a2:60:88:30:46:5d:29: d6:b2:c2:b9:05:2d:4e:c4:a0:91:2a:a0:78:fe:8d: dc:66:0f:35:ce:e2:6a:a1:f7:db:eb:39:7d:ab:3e: d5:d8:68:dc:f4:65:56:a7:e9:e1:0c:ab:f7:e4:bc: be:d7:5c:bb:cb:d4:af:ce:4c:96:15:44:c7:14:ba: 20:65:5a:10:78:f9:12:71:ca:82:3e:36:97:9c:28: 70:3d:ba:8d:23:78:aa:fc:d8:e9:0f:e9:b6:91:8d: 18:c0:b3:49:4d:d8:17:57:c2:c9:51:4f:78:07:0e: 76:6b:b8:5a:ed:15:d1:1e:65:22:94:17:65:c4:75: 9c:09:e4:45:d5:db:fc:2a:0e:33:95:c1:f4:5b:af: ac:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:4D:01:C5:F9:28:55:95:BD:36:85:7C:34:0C:6D:56:BF:8E:D2:6A X509v3 Authority Key Identifier: keyid:F2:4C:44:32:10:F7:41:CB:E5:9D:01:4E:BA:6E:E9:72:B5:CD:DA:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8kxEMhD3QcvlnQFOum7pcrXN2uc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:5c:9a:5d:da:44:40:0f:64:d5:7a:44:bb:b0:17:bb:99:13: b8:80:01:fc:2a:b5:02:78:1d:76:e6:a8:ad:e1:5c:62:60:3b: bc:1b:e6:56:b7:14:c5:48:55:e2:2e:0f:a2:ad:0a:ed:a4:d5: 74:3f:0c:20:33:d4:42:5f:0c:cd:77:c0:bb:0b:08:89:52:91: f5:e4:88:37:de:3a:6e:53:74:45:06:75:98:5d:ce:55:dd:92: f6:7a:64:70:8f:33:dc:9c:09:eb:51:ad:21:0d:92:f2:bd:d6: a1:f2:98:4f:df:9a:08:bf:29:6b:bf:d0:c0:d7:58:39:d1:0a: 65:c0:58:ca:16:70:3f:dd:c4:0d:b9:a2:5a:93:34:d0:55:79: 94:2e:84:99:77:0a:43:a1:e3:c9:c3:36:2c:7b:7c:4d:bd:c0: f1:16:71:54:80:58:62:1f:6b:1a:e9:99:91:c9:23:71:ca:eb: 9a:68:8f:9a:63:18:e3:0d:e2:62:c6:a4:26:47:cd:2e:ad:7c: fa:10:60:09:76:05:ef:e1:83:e8:7b:c2:f8:5b:04:3e:f5:51: c5:f0:6b:af:62:9b:ee:da:fa:a0:e0:21:af:52:83:36:c0:35: f1:61:cd:09:a9:fc:44:68:83:d9:67:93:e3:6e:08:c8:3e:56: e1:fe:59:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkI5NUExMTAvBgNVBAUTKEYyNEM0NDMyMTBGNzQxQ0JFNTlEMDE0RUJBNkVFOTcy QjVDRERBRTcwHhcNMjUwNDI1MDUxNzQxWhcNMjUwNTAyMDUxNzQxWjAYMRYwFAYD VQQDEw02ODBiMWFmNi0xZjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6Zqo++NpgiwVnROPFOAGhpYO4L87jmyb+yFkGTnWZQRJQXdRebCXZRpFTWM7 tSrtRdDZhW7nqdyhAdKWkrpsPga7pM8ZOJB5cpjxs4GVPNNIoqD/KiJbaDp2hDiU VO1h7a3b6quZNG7ba+OGZARmn6JgiDBGXSnWssK5BS1OxKCRKqB4/o3cZg81zuJq offb6zl9qz7V2Gjc9GVWp+nhDKv35Ly+11y7y9SvzkyWFUTHFLogZVoQePkSccqC PjaXnChwPbqNI3iq/NjpD+m2kY0YwLNJTdgXV8LJUU94Bw52a7ha7RXRHmUilBdl xHWcCeRF1dv8Kg4zlcH0W6+sbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBtNAcX5 KFWVvTaFfDQMbVa/jtJqMB8GA1UdIwQYMBaAFPJMRDIQ90HL5Z0BTrpu6XK1zdrn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjk1QS81MTJDNzA1RTM3 QUUxMUVGOEE0NThFMzdDNEY5QUUwMi84a3hFTWhEM1FjdmxuUUZPdW03cGNyWE4y dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzhreEVNaEQzUWN2bG5RRk91bTdwY3JYTjJ1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Qjk1QS81MTJDNzA1RTM3QUUxMUVGOEE0NThFMzdDNEY5QUUwMi84a3hFTWhEM1Fj dmxuUUZPdW03cGNyWE4ydWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARXJpd2kRAD2TVekS7sBe7mRO4gAH8KrUCeB125qit4VxiYDu8G+ZW txTFSFXiLg+irQrtpNV0PwwgM9RCXwzNd8C7CwiJUpH15Ig33jpuU3RFBnWYXc5V 3ZL2emRwjzPcnAnrUa0hDZLyvdah8phP35oIvylrv9DA11g50QplwFjKFnA/3cQN uaJakzTQVXmULoSZdwpDoePJwzYse3xNvcDxFnFUgFhiH2sa6ZmRySNxyuuaaI+a YxjjDeJixqQmR80urXz6EGAJdgXv4YPoe8L4WwQ+9VHF8GuvYpvu2vqg4CGvUoM2 wDXxYc0JqfxEaIPZZ5PjbgjIPlbh/ln3 -----END CERTIFICATE-----Generated at Sat Apr 26 15:24:16 2025 by rpki-client