$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft File: XdRoWi6WsUFvfNM1zetK0YIvfes.mft (raw, json) Hash identifier: X9T8sbwyE62fKZybivFMnHC+E8dZKqai9SB4fH4MWTM= Subject key identifier: AB:30:2F:A3:50:01:38:82:97:D9:5B:85:D2:42:7E:1D:88:6C:0F:3C Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB Certificate issuer: /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Certificate serial: 0168 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft Manifest number: 0161 Signing time: Sat 29 Mar 2025 03:31:47 +0000 Manifest this update: Sat 29 Mar 2025 03:31:47 +0000 Manifest next update: Sat 05 Apr 2025 03:31:47 +0000 Files and hashes: 1: XdRoWi6WsUFvfNM1zetK0YIvfes.crl (hash: Xkxe4eNKGxVECptyym0oZyHDAl9nPAdsdiHHAs+PPcU=) 2: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (hash: 6NUoQsi6MufbTG0wg5lLW6EPmg3seRvoOTXJysh5OoQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 03:31:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 360 (0x168) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF01C Validity Not Before: Mar 29 03:31:47 2025 GMT Not After : Apr 5 03:31:47 2025 GMT Subject: CN=67e769a3-47cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:68:bf:bc:68:6e:65:03:fe:50:09:4b:cc:3e: fd:e1:8e:69:c3:6b:43:c0:bc:ba:61:84:60:39:be: c3:17:be:45:38:7c:f1:80:a0:08:b9:ff:ca:0e:ab: 22:73:4c:66:3e:80:a8:4d:c3:93:dc:56:49:cd:1b: 3c:66:3b:6b:fb:41:7f:f7:51:39:73:e3:96:54:5c: 4a:18:a4:ca:25:e4:cf:82:96:cc:16:c6:58:73:43: 97:7b:4a:30:67:49:8d:ab:79:10:dd:0c:cd:40:77: fc:f9:74:7c:d5:ef:8c:bd:1f:7a:60:47:fe:ac:46: f4:24:f9:32:5f:7d:2b:e1:99:5c:84:7e:95:0c:1a: dc:c2:2b:ff:73:23:21:0c:9b:79:28:94:2e:bf:b0: 8a:d3:bd:9d:6f:44:2c:52:93:28:4e:5d:fe:fe:f2: 98:54:c1:fb:fb:e4:10:45:cd:c6:93:0c:67:b1:e6: 08:12:68:02:99:df:24:ee:d5:1e:ec:8d:0f:cd:0a: 8c:c5:c9:e3:46:50:c9:aa:74:5e:e0:b9:9f:c0:c7: 4b:24:75:99:9b:8f:ce:9d:70:37:a5:b6:f5:0e:4e: 3b:62:c3:7a:87:e5:0e:1c:1a:29:81:7e:ab:fa:f1: 96:96:79:bf:ae:fc:83:9b:f6:22:5b:8a:b6:8b:82: 8f:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:30:2F:A3:50:01:38:82:97:D9:5B:85:D2:42:7E:1D:88:6C:0F:3C X509v3 Authority Key Identifier: keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:29:21:46:59:b2:c7:e8:dd:27:b8:07:6a:10:70:6a:a7:5d: 77:25:02:d3:2a:3c:16:a2:92:b3:bc:f8:93:56:10:ed:cc:f5: f1:e9:e1:c1:15:61:a3:b2:72:e6:64:94:8c:94:b8:bd:b2:b7: 69:9a:8a:40:4f:b2:cc:8f:25:42:67:95:a6:b2:2b:8a:b4:ed: 1a:da:6d:82:18:c1:e7:70:33:b5:7a:d7:69:df:9b:b8:ec:ef: 64:02:c6:5f:71:2b:5e:49:62:92:82:50:5e:4b:d5:43:3d:d8: d4:f3:af:15:91:75:5a:82:bf:f3:13:b4:7f:35:66:16:3d:5d: fd:56:20:f5:de:c7:d0:95:2e:95:31:78:f9:6d:05:0e:df:ef: 47:fb:c1:39:10:29:46:fe:5e:44:24:ca:d7:3f:25:7b:4e:bc: 5a:de:9c:58:2e:54:92:a5:14:a9:bd:30:87:78:c1:04:cd:7d: c2:67:1e:f4:05:0c:5d:e0:e2:65:fb:5a:7c:e3:6e:5f:3b:be: 34:31:4c:d2:78:52:a8:9f:bb:61:e4:a7:81:f4:26:2d:65:f5: b7:4c:67:e8:98:a9:97:37:03:34:37:07:f7:cf:fa:39:aa:2f: 92:c3:f6:7b:33:ec:36:9f:0c:3f:b7:03:e6:08:69:01:a2:57: 8a:2d:72:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx ODIyRjdERUIwHhcNMjUwMzI5MDMzMTQ3WhcNMjUwNDA1MDMzMTQ3WjAYMRYwFAYD VQQDEw02N2U3NjlhMy00N2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Wi/vGhuZQP+UAlLzD794Y5pw2tDwLy6YYRgOb7DF75FOHzxgKAIuf/KDqsi c0xmPoCoTcOT3FZJzRs8Zjtr+0F/91E5c+OWVFxKGKTKJeTPgpbMFsZYc0OXe0ow Z0mNq3kQ3QzNQHf8+XR81e+MvR96YEf+rEb0JPkyX30r4ZlchH6VDBrcwiv/cyMh DJt5KJQuv7CK072db0QsUpMoTl3+/vKYVMH7++QQRc3GkwxnseYIEmgCmd8k7tUe 7I0PzQqMxcnjRlDJqnRe4LmfwMdLJHWZm4/OnXA3pbb1Dk47YsN6h+UOHBopgX6r +vGWlnm/rvyDm/YiW4q2i4KPQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKswL6NQ ATiCl9lbhdJCfh2IbA88MB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjAxQy9FNUQ5RTczNEZBQ0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NV RnZmTk0xemV0SzBZSXZmZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZKSFGWbLH6N0nuAdqEHBqp113JQLTKjwWopKzvPiTVhDtzPXx6eHB FWGjsnLmZJSMlLi9srdpmopAT7LMjyVCZ5WmsiuKtO0a2m2CGMHncDO1etdp35u4 7O9kAsZfcSteSWKSglBeS9VDPdjU868VkXVagr/zE7R/NWYWPV39ViD13sfQlS6V MXj5bQUO3+9H+8E5EClG/l5EJMrXPyV7Trxa3pxYLlSSpRSpvTCHeMEEzX3CZx70 BQxd4OJl+1p8425fO740MUzSeFKon7th5KeB9CYtZfW3TGfomKmXNwM0Nwf3z/o5 qi+Sw/Z7M+w2nww/twPmCGkBoleKLXI0 -----END CERTIFICATE-----Generated at Fri Apr 4 21:40:01 2025 by rpki-client