$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: 0sC3QPx7/n4EoDBYhOQraF/yVe+SBnc3TheGuKIOYp4= Subject key identifier: 19:9E:C2:86:38:7D:EF:64:51:F2:95:F1:E6:31:1E:39:76:FF:B4:33 Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 029B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 0296 Signing time: Fri 11 Apr 2025 01:28:44 +0000 Manifest this update: Fri 11 Apr 2025 01:28:44 +0000 Manifest next update: Fri 18 Apr 2025 01:28:44 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: OTT0sDJ+hBr6t+blAjqJkL+n1LrmHQV+IZl0FGvpJ7o=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: jZodcyxZ4nUw78pUbwh5qrFajwuNLHaye10ReDwTgoQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 01:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 667 (0x29b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2, serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: Apr 11 01:28:44 2025 GMT Not After : Apr 18 01:28:44 2025 GMT Subject: CN=67f8704c-d2c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:0a:99:bc:16:08:7e:33:4e:5f:12:89:4e:9c: a0:b3:92:21:b0:b6:37:5a:8d:af:87:07:7b:cb:ad: 15:a1:8c:b9:42:3f:e4:c1:1e:b8:62:be:61:1e:e1: c9:b2:da:d3:42:03:76:19:0b:6c:42:e8:b6:a2:37: 64:2e:60:bd:0b:a0:8a:e5:8d:18:8a:86:7d:d0:d0: 2c:39:a9:06:ae:db:d9:49:21:e9:26:6a:77:8f:7c: 70:be:a2:a5:36:76:31:8f:9e:05:08:56:d9:a0:33: e9:21:ca:63:a6:3b:e4:0f:b8:75:5b:c6:9c:c2:a8: af:ab:0d:0a:c2:4d:04:78:0e:ae:20:1d:8d:99:89: 9a:a3:91:b2:63:15:d7:be:1a:5f:89:54:79:58:4f: 8f:95:85:54:a4:e3:ec:7b:e7:8c:11:a9:86:06:9f: 3d:e0:be:a6:ca:d5:7e:5c:dd:25:5e:83:92:3a:ba: af:39:08:80:fe:57:c6:32:65:66:b3:25:4b:0c:ec: 7f:e7:58:9c:a9:9f:97:cd:83:4a:cd:2d:85:ba:f7: 5e:92:ad:eb:d2:fa:cb:f1:78:39:41:74:f1:f7:51: 89:7a:b2:be:62:0c:5b:af:48:8c:95:f2:8b:5c:38: 73:be:38:9d:30:b5:75:61:d5:ca:68:20:31:dd:3c: 4d:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:9E:C2:86:38:7D:EF:64:51:F2:95:F1:E6:31:1E:39:76:FF:B4:33 X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:fe:f3:ee:10:26:f7:12:70:17:20:25:db:3b:19:f1:9b:0e: 0c:b1:df:2a:d9:78:d7:35:f7:83:fe:b0:4f:fd:3b:bf:05:b2: a1:8e:1c:30:c7:5f:c3:bd:23:a5:b3:47:71:f8:dd:25:21:f9: 2f:1e:bb:72:61:46:39:29:e8:f6:df:7e:1f:51:8d:b8:d6:e5: a7:04:4e:45:5c:9e:d6:6a:0b:59:29:20:d7:98:22:56:9d:7a: cc:32:99:77:a0:6e:82:25:58:f0:42:62:60:42:1a:87:15:7e: 67:74:e9:6c:d5:d3:f7:d0:08:5f:32:3f:7d:a4:87:03:7e:df: 81:ab:8d:fd:17:d1:10:29:ec:23:38:be:48:4d:ee:6c:f2:69: d0:45:9f:af:b7:98:c0:ae:fe:25:df:4f:2b:e1:ca:05:96:53: 9d:f3:98:f1:53:eb:9d:e6:18:1f:c7:b7:5f:e8:08:ea:f0:c5: 4a:c8:ae:46:08:58:56:bf:8e:6d:bb:3d:0c:76:74:14:4a:45: 9f:dd:41:34:5e:e2:f1:34:b1:3a:79:c8:27:fb:db:9d:a5:6d: a0:cc:45:c5:04:d5:ce:61:f7:10:e4:83:9e:f4:27:a9:8e:c9: 11:d6:93:d2:72:c8:35:08:d3:04:c7:e6:a7:f9:e7:fa:35:ef: d5:c0:89:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjUwNDExMDEyODQ0WhcNMjUwNDE4MDEyODQ0WjAYMRYwFAYD VQQDEw02N2Y4NzA0Yy1kMmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1gqZvBYIfjNOXxKJTpygs5IhsLY3Wo2vhwd7y60VoYy5Qj/kwR64Yr5hHuHJ strTQgN2GQtsQui2ojdkLmC9C6CK5Y0YioZ90NAsOakGrtvZSSHpJmp3j3xwvqKl NnYxj54FCFbZoDPpIcpjpjvkD7h1W8acwqivqw0Kwk0EeA6uIB2NmYmao5GyYxXX vhpfiVR5WE+PlYVUpOPse+eMEamGBp894L6mytV+XN0lXoOSOrqvOQiA/lfGMmVm syVLDOx/51icqZ+XzYNKzS2Fuvdekq3r0vrL8Xg5QXTx91GJerK+Ygxbr0iMlfKL XDhzvjidMLV1YdXKaCAx3TxN+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBmewoY4 fe9kUfKV8eYxHjl2/7QzMB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9/vPuECb3EnAXICXbOxnxmw4Msd8q2XjXNfeD/rBP/Tu/BbKhjhww x1/DvSOls0dx+N0lIfkvHrtyYUY5Kej2334fUY241uWnBE5FXJ7WagtZKSDXmCJW nXrMMpl3oG6CJVjwQmJgQhqHFX5ndOls1dP30AhfMj99pIcDft+Bq439F9EQKewj OL5ITe5s8mnQRZ+vt5jArv4l308r4coFllOd85jxU+ud5hgfx7df6Ajq8MVKyK5G CFhWv45tuz0MdnQUSkWf3UE0XuLxNLE6ecgn+9udpW2gzEXFBNXOYfcQ5IOe9Cep jskR1pPScsg1CNMEx+an+ef6Ne/VwIng -----END CERTIFICATE-----Generated at Sat Apr 12 22:53:25 2025 by rpki-client