$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.mft File: 9lz9HPOxxajqYIcfo8NAYdtM84M.mft (raw, json) Hash identifier: DRP+bVpAq1dJlUN3n2l+PlNVxitTO9lWlwob3ebtf3U= Subject key identifier: 5D:D3:88:A4:6D:BD:71:19:D8:6A:84:64:59:09:B0:6F:02:EB:C2:D4 Authority key identifier: F6:5C:FD:1C:F3:B1:C5:A8:EA:60:87:1F:A3:C3:40:61:DB:4C:F3:83 Certificate issuer: /CN=A9195BA9/serialNumber=F65CFD1CF3B1C5A8EA60871FA3C34061DB4CF383 Certificate serial: 0149 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9lz9HPOxxajqYIcfo8NAYdtM84M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.mft Manifest number: 0146 Signing time: Thu 24 Apr 2025 19:55:21 +0000 Manifest this update: Thu 24 Apr 2025 19:55:20 +0000 Manifest next update: Thu 01 May 2025 19:55:20 +0000 Files and hashes: 1: 9lz9HPOxxajqYIcfo8NAYdtM84M.crl (hash: 8V8RTqrwyxrL8geWV/xA1+tl8P0QaiABNa/AEGwQ73U=) 2: 7A63013E3A4F11EEA10D3A7AC4F9AE02.roa (hash: iTrEAAlkJw9OclXVQcOsLhF2OGcA/o+GNahTLZ1PRQo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.crl rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9lz9HPOxxajqYIcfo8NAYdtM84M.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:55:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 329 (0x149) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195BA9, serialNumber=F65CFD1CF3B1C5A8EA60871FA3C34061DB4CF383 Validity Not Before: Apr 24 19:55:20 2025 GMT Not After : May 1 19:55:20 2025 GMT Subject: CN=680a9729-c820 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:fa:91:a5:a4:d6:c5:14:d4:7d:5f:3a:46:48: 20:c8:cb:94:fc:18:55:6c:24:f7:6c:15:73:03:47: 61:c2:09:6d:ee:04:2d:5e:02:53:03:93:77:59:ca: 4a:09:a2:a4:16:08:01:07:19:49:b7:22:96:90:9e: 62:c3:9c:e9:ff:ff:7e:e1:7c:38:7b:59:cf:e0:ca: 76:bc:ae:c5:49:e2:6e:20:0c:15:b8:ab:c6:76:68: 32:be:a3:89:28:21:ea:59:4a:70:f9:3a:45:01:43: c8:a2:3a:3e:10:33:f7:a2:bf:5d:dd:29:e1:f0:5b: 64:fe:8d:88:48:dc:72:45:06:57:b5:78:5d:50:51: fc:5c:a4:a4:9c:fd:2e:e0:f6:89:6e:93:5b:b7:d4: bc:46:5b:bb:e8:b6:eb:05:13:e8:64:cf:96:4d:77: 18:d6:0a:c9:c1:c3:7a:ee:60:2d:7b:11:8c:3e:29: 90:28:d9:a9:d2:63:3d:84:c6:ee:ea:ba:b7:0a:bc: 79:a8:45:f6:9e:c7:52:07:ef:07:40:1e:97:b3:45: d5:9e:cf:2c:dc:3e:9e:6e:7c:7a:75:db:7d:1d:68: 0a:49:fe:f5:07:43:0a:18:87:33:0a:e6:17:9a:9c: 7e:80:83:7d:3e:82:0a:87:c3:04:e3:da:42:63:4e: c2:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:D3:88:A4:6D:BD:71:19:D8:6A:84:64:59:09:B0:6F:02:EB:C2:D4 X509v3 Authority Key Identifier: keyid:F6:5C:FD:1C:F3:B1:C5:A8:EA:60:87:1F:A3:C3:40:61:DB:4C:F3:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9lz9HPOxxajqYIcfo8NAYdtM84M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:06:3c:7b:58:43:28:99:1c:9e:9f:95:02:b0:45:46:4b:19: ac:d8:23:11:d3:53:57:1f:11:86:f9:4e:1d:5e:fe:05:0c:0b: 83:25:46:5f:a1:de:e1:e2:cd:12:aa:7c:53:d4:ae:46:14:41: 6b:03:51:0f:18:fa:71:db:8a:71:1e:da:4f:b8:e3:e9:3f:7b: 97:07:f0:a1:39:b5:e6:42:d0:26:15:f4:9b:27:3b:f1:f1:3a: 87:27:6a:7a:a8:d5:7b:38:22:18:de:91:a8:17:ee:2a:26:8a: db:37:5c:7a:49:34:fd:54:2d:da:32:6a:a0:6a:7f:ae:1f:d0: a9:63:e5:55:7a:db:2b:8f:05:03:b9:2a:48:ab:6c:ea:4b:4c: 5a:ca:c1:1b:f9:c3:75:c7:5b:21:5f:ec:62:fd:76:92:21:88: e0:b4:90:1f:2c:4e:d5:5e:f3:95:69:34:6e:6b:54:fc:0c:12: de:8a:4e:50:70:b8:d3:39:38:88:59:02:65:40:77:cf:aa:f7: 6d:48:26:85:4b:d9:93:d0:05:bf:c0:8f:0f:74:3b:d9:0d:f5: 2f:f5:fb:fa:71:55:54:c4:8b:e4:76:0d:35:73:6a:d4:24:c0: 78:ed:5a:90:ff:d4:5f:d7:ee:76:42:b8:8c:8f:95:6e:b1:9f: f3:9c:81:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVCQTkxMTAvBgNVBAUTKEY2NUNGRDFDRjNCMUM1QThFQTYwODcxRkEzQzM0MDYx REI0Q0YzODMwHhcNMjUwNDI0MTk1NTIwWhcNMjUwNTAxMTk1NTIwWjAYMRYwFAYD VQQDEw02ODBhOTcyOS1jODIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzfqRpaTWxRTUfV86RkggyMuU/BhVbCT3bBVzA0dhwglt7gQtXgJTA5N3WcpK CaKkFggBBxlJtyKWkJ5iw5zp//9+4Xw4e1nP4Mp2vK7FSeJuIAwVuKvGdmgyvqOJ KCHqWUpw+TpFAUPIojo+EDP3or9d3Snh8Ftk/o2ISNxyRQZXtXhdUFH8XKSknP0u 4PaJbpNbt9S8Rlu76LbrBRPoZM+WTXcY1grJwcN67mAtexGMPimQKNmp0mM9hMbu 6rq3Crx5qEX2nsdSB+8HQB6Xs0XVns8s3D6ebnx6ddt9HWgKSf71B0MKGIczCuYX mpx+gIN9PoIKh8ME49pCY07CEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF3TiKRt vXEZ2GqEZFkJsG8C68LUMB8GA1UdIwQYMBaAFPZc/RzzscWo6mCHH6PDQGHbTPOD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9DRUU2ODgyMjM3 QkUxMUVFQTY0MEFCNTVDNEY5QUUwMi85bHo5SFBPeHhhanFZSWNmbzhOQVlkdE04 NE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzlsejlIUE94eGFqcVlJY2ZvOE5BWWR0TTg0TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUJBOS9DRUU2ODgyMjM3QkUxMUVFQTY0MEFCNTVDNEY5QUUwMi85bHo5SFBPeHhh anFZSWNmbzhOQVlkdE04NE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmBjx7WEMomRyen5UCsEVGSxms2CMR01NXHxGG+U4dXv4FDAuDJUZf od7h4s0SqnxT1K5GFEFrA1EPGPpx24pxHtpPuOPpP3uXB/ChObXmQtAmFfSbJzvx 8TqHJ2p6qNV7OCIY3pGoF+4qJorbN1x6STT9VC3aMmqgan+uH9CpY+VVetsrjwUD uSpIq2zqS0xaysEb+cN1x1shX+xi/XaSIYjgtJAfLE7VXvOVaTRua1T8DBLeik5Q cLjTOTiIWQJlQHfPqvdtSCaFS9mT0AW/wI8PdDvZDfUv9fv6cVVUxIvkdg01c2rU JMB47VqQ/9Rf1+52QriMj5VusZ/znIGc -----END CERTIFICATE-----Generated at Sat Apr 26 13:11:27 2025 by rpki-client