$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft File: XAo1I_02RadjWvJRmtzQAuEy-84.mft (raw, json) Hash identifier: hdFqOpXF/BH5De/xjiSunFXX9Vttlioe9huklcI2NQo= Subject key identifier: 80:6C:71:D4:FB:BF:00:88:95:81:B7:5A:19:BA:56:E7:B1:C0:18:EC Authority key identifier: 5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE Certificate issuer: /CN=A91B0F90/serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft Manifest number: 23 Signing time: Thu 03 Apr 2025 07:12:06 +0000 Manifest this update: Thu 03 Apr 2025 07:12:06 +0000 Manifest next update: Thu 10 Apr 2025 07:12:06 +0000 Files and hashes: 1: XAo1I_02RadjWvJRmtzQAuEy-84.crl (hash: tSE3rtxW0eTNGjz+IpA8DVxEIWtbRP2YDwhHtTEEL3E=) 2: 304DD002EFAB11EF97C9610FC4F9AE02.roa (hash: xsROjP2odAWh0kHafpV6U2yAzjD0YVmpO7HNKMKB17M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:12:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0F90 Validity Not Before: Apr 3 07:12:06 2025 GMT Not After : Apr 10 07:12:06 2025 GMT Subject: CN=67ee34c6-0c5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8a:c6:21:96:86:24:b7:03:a0:bd:10:5b:4c: 0e:df:5f:48:aa:55:79:7a:bb:d5:29:0f:7a:74:d6: 82:27:c2:82:b5:e8:56:c0:43:d3:db:2d:c7:d3:c4: 70:2a:5a:92:93:50:58:07:19:cc:b7:94:d9:07:93: fd:7a:32:41:42:d7:71:03:58:56:75:62:be:1e:06: 91:70:a3:b6:99:48:d6:c7:a0:26:aa:38:ee:cf:05: 74:79:75:0b:96:79:fb:75:9c:99:38:d2:e0:f1:07: 52:8d:f8:0e:51:d2:ad:f7:2c:1a:2d:2a:03:05:3b: 5d:91:6b:d7:a2:75:e4:24:0e:45:39:b7:2d:8a:34: bc:c5:0c:77:7e:1b:c1:b7:14:c8:0c:a5:48:ad:d4: ac:18:56:3f:f2:b9:2a:14:d2:66:13:c9:56:87:bf: 28:c2:66:c8:b5:e7:c5:65:39:58:3e:fe:ec:bb:cb: ba:6e:f6:dd:57:01:fa:b3:f7:1f:92:14:56:55:9d: d0:10:98:fd:93:5b:5c:de:0c:e0:0a:e2:f8:b1:e5: 2a:12:d0:e2:00:ec:63:5e:74:d7:2b:d3:8d:84:fa: 67:ed:96:7a:42:12:e3:ca:c3:1c:46:99:57:4f:2e: 49:f0:01:c3:bd:f6:1f:50:38:f1:bd:05:d2:56:c1: bf:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:6C:71:D4:FB:BF:00:88:95:81:B7:5A:19:BA:56:E7:B1:C0:18:EC X509v3 Authority Key Identifier: keyid:5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:02:ea:32:b6:46:9e:11:7d:4e:e0:3c:c8:89:70:0a:24:fd: c7:0a:2c:3b:5c:67:f0:f4:6d:ef:40:46:46:d6:a4:6f:64:1b: 54:15:d9:4c:f4:7a:1b:17:e2:d2:b7:84:27:28:16:e8:4c:c7: 6f:fe:36:45:f3:a4:2c:49:32:83:9b:4d:b0:8b:e8:1f:5c:22: 30:b4:9e:8e:8d:ef:af:1e:8c:20:bc:9b:33:c7:d6:f3:e2:4a: 09:64:c7:c0:da:1c:43:ea:4c:f9:31:28:47:a8:7c:97:66:0e: eb:94:79:99:69:d3:0c:d8:ca:45:d1:a2:4d:88:26:ff:f2:f4: 14:62:d7:14:3a:71:72:5e:bc:a9:11:94:cd:ad:e9:09:43:60: e6:f3:63:01:ae:74:58:af:9b:53:79:96:b7:86:59:ca:e3:4d: 0f:f9:f5:da:26:7c:50:7e:6b:76:a9:6c:19:82:7f:b5:a8:05: 52:0f:df:c5:37:55:ed:50:e7:64:b3:39:20:d8:78:97:64:6f: 99:ce:31:ca:07:63:62:7c:a9:04:cd:9c:23:d9:f4:08:1c:16: e6:0e:33:dc:fa:70:ef:43:4f:50:1a:c6:17:c1:e5:d9:c2:17: a5:70:5b:bb:19:4b:95:cf:9b:39:8e:4a:0e:2f:74:82:ea:77: 9e:bb:59:c7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MEY5MDExMC8GA1UEBRMoNUMwQTM1MjNGRDM2NDVBNzYzNUFGMjUxOUFEQ0QwMDJF MTMyRkJDRTAeFw0yNTA0MDMwNzEyMDZaFw0yNTA0MTAwNzEyMDZaMBgxFjAUBgNV BAMTDTY3ZWUzNGM2LTBjNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2isYhloYktwOgvRBbTA7fX0iqVXl6u9UpD3p01oInwoK16FbAQ9PbLcfTxHAq WpKTUFgHGcy3lNkHk/16MkFC13EDWFZ1Yr4eBpFwo7aZSNbHoCaqOO7PBXR5dQuW eft1nJk40uDxB1KN+A5R0q33LBotKgMFO12Ra9eideQkDkU5ty2KNLzFDHd+G8G3 FMgMpUit1KwYVj/yuSoU0mYTyVaHvyjCZsi158VlOVg+/uy7y7pu9t1XAfqz9x+S FFZVndAQmP2TW1zeDOAK4vix5SoS0OIA7GNedNcr042E+mftlnpCEuPKwxxGmVdP LknwAcO99h9QOPG9BdJWwb9lAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUgGxx1Pu/ AIiVgbdaGbpW57HAGOwwHwYDVR0jBBgwFoAUXAo1I/02RadjWvJRmtzQAuEy+84w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwRjkwLzA0Nzc5QjlDRUQ4 MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFkald2SlJtdHpRQXVFeS04 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWEFvMUlfMDJSYWRqV3ZKUm10elFBdUV5LTg0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIw RjkwLzA0Nzc5QjlDRUQ4MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFk ald2SlJtdHpRQXVFeS04NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABIC6jK2Rp4RfU7gPMiJcAok/ccKLDtcZ/D0be9ARkbWpG9kG1QV2Uz0 ehsX4tK3hCcoFuhMx2/+NkXzpCxJMoObTbCL6B9cIjC0no6N768ejCC8mzPH1vPi Sglkx8DaHEPqTPkxKEeofJdmDuuUeZlp0wzYykXRok2IJv/y9BRi1xQ6cXJevKkR lM2t6QlDYObzYwGudFivm1N5lreGWcrjTQ/59domfFB+a3apbBmCf7WoBVIP38U3 Ve1Q52SzOSDYeJdkb5nOMcoHY2J8qQTNnCPZ9AgcFuYOM9z6cO9DT1AaxhfB5dnC F6VwW7sZS5XPmzmOSg4vdILqd567Wcc= -----END CERTIFICATE-----Generated at Fri Apr 4 21:14:57 2025 by rpki-client