$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft File: XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft (raw, json) Hash identifier: mkWotZ1SkMgjXLS6MbZT7Qv+agzswIrVIAYtw7nO4KM= Subject key identifier: FD:3D:CE:8D:BE:8E:A0:28:A7:47:54:96:D6:41:F7:11:45:9C:95:61 Authority key identifier: 5D:CA:45:28:B9:E4:0C:88:E4:67:A4:3F:DC:12:B7:8F:2B:35:45:E3 Certificate issuer: /CN=A91E4BD2/serialNumber=5DCA4528B9E40C88E467A43FDC12B78F2B3545E3 Certificate serial: 08DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft Manifest number: 08D8 Signing time: Sun 06 Apr 2025 20:09:45 +0000 Manifest this update: Sun 06 Apr 2025 20:09:44 +0000 Manifest next update: Sun 13 Apr 2025 20:09:44 +0000 Files and hashes: 1: XcpFKLnkDIjkZ6Q_3BK3jys1ReM.crl (hash: HRucTbW86esZPlOGIoPPI1fuCtzuMnbodCOJR865aX8=) 2: A862F866AA3111EA9E08C324C4F9AE02.roa (hash: 3Ir1IuKRfOTCPGTcqkNhUsK0tdvw53ia+7U41pr4LNw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.crl rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2270 (0x8de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4BD2 Validity Not Before: Apr 6 20:09:44 2025 GMT Not After : Apr 13 20:09:44 2025 GMT Subject: CN=67f2df89-280b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:14:ac:9f:ce:07:e3:d2:f9:92:d6:94:73:b1: 98:01:00:e4:fc:b1:70:d5:bd:05:f6:87:9b:93:82: 3e:b1:00:99:9f:bf:bc:7f:e7:13:91:01:77:72:b9: d2:36:f1:43:53:22:a4:1d:a1:20:76:b2:da:75:cd: ab:68:68:23:26:da:6d:a7:82:5d:bb:aa:f2:ed:bd: fa:ad:8a:6c:76:6b:98:bf:44:34:8d:55:d9:07:9f: 31:a3:a9:a2:25:a0:db:b3:4a:27:d0:5c:82:2d:a4: 77:4b:ad:15:3b:f6:ae:b3:02:ec:29:a7:03:a8:23: f1:41:bd:d8:eb:0b:dc:ad:4a:2a:77:56:02:2c:cf: 4c:60:c1:75:f5:8f:57:74:58:83:58:60:95:92:aa: 0f:c1:2c:8c:02:60:3f:76:69:7c:85:d7:ba:f5:24: 4d:a7:ac:c0:db:d8:d6:d6:20:e0:7a:af:d3:6c:59: e2:a1:c5:f6:12:7e:18:3b:1d:48:7a:36:59:27:e0: a1:5c:be:1f:d8:35:77:35:1f:74:9b:01:30:1a:d0: 59:35:d7:db:ff:c7:30:da:2c:cc:49:04:b5:81:f6: 05:42:86:33:6e:70:45:f5:10:af:24:ed:7d:77:c0: 17:93:a1:56:9c:41:93:14:fd:04:38:01:67:0f:38: a0:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:3D:CE:8D:BE:8E:A0:28:A7:47:54:96:D6:41:F7:11:45:9C:95:61 X509v3 Authority Key Identifier: keyid:5D:CA:45:28:B9:E4:0C:88:E4:67:A4:3F:DC:12:B7:8F:2B:35:45:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:f6:5e:ad:e5:be:98:6e:2a:9c:49:aa:0e:ac:5c:52:7a:83: b4:6a:57:f6:16:e7:11:8f:6e:2d:34:25:b6:29:58:69:00:5e: 13:fc:03:41:a5:87:9b:ed:2c:7f:5a:5b:5f:1d:51:0d:74:78: d9:85:08:44:ad:b1:67:f7:74:a7:68:ed:95:ef:b9:49:37:5e: 73:d6:1c:4c:00:9b:0d:ef:67:7f:be:a3:08:98:9f:f0:a3:51: 45:32:26:7a:4c:30:5c:31:46:74:3d:8e:7f:1d:f8:58:02:f6: d3:79:3a:b0:fc:66:b1:70:eb:74:59:27:f5:cb:d7:12:10:f1: 97:6b:ae:ff:98:78:0c:38:d5:0c:b8:88:ad:fa:44:e1:ea:20: cb:f4:2d:5c:7c:cd:b3:dc:1b:b8:85:c6:08:75:37:f4:11:2b: 15:12:26:30:dd:01:22:30:c8:db:d1:9b:33:76:c6:3e:a5:23: 39:61:60:7a:f7:26:a0:8d:f1:a8:a2:ac:1e:ee:2b:6c:04:0c: 0c:50:95:ce:f9:5b:06:a2:70:ce:94:bb:52:68:9c:63:fa:b7: 5b:81:0c:67:fc:31:be:f9:cb:0a:c1:97:a6:08:63:95:20:a0: 67:14:db:2b:61:06:74:1d:be:0a:ab:53:86:1c:8d:cb:d1:97: 5e:a9:46:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRCRDIxMTAvBgNVBAUTKDVEQ0E0NTI4QjlFNDBDODhFNDY3QTQzRkRDMTJCNzhG MkIzNTQ1RTMwHhcNMjUwNDA2MjAwOTQ0WhcNMjUwNDEzMjAwOTQ0WjAYMRYwFAYD VQQDEw02N2YyZGY4OS0yODBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0xSsn84H49L5ktaUc7GYAQDk/LFw1b0F9oebk4I+sQCZn7+8f+cTkQF3crnS NvFDUyKkHaEgdrLadc2raGgjJtptp4Jdu6ry7b36rYpsdmuYv0Q0jVXZB58xo6mi JaDbs0on0FyCLaR3S60VO/auswLsKacDqCPxQb3Y6wvcrUoqd1YCLM9MYMF19Y9X dFiDWGCVkqoPwSyMAmA/dml8hde69SRNp6zA29jW1iDgeq/TbFniocX2En4YOx1I ejZZJ+ChXL4f2DV3NR90mwEwGtBZNdfb/8cw2izMSQS1gfYFQoYzbnBF9RCvJO19 d8AXk6FWnEGTFP0EOAFnDzig0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP09zo2+ jqAop0dUltZB9xFFnJVhMB8GA1UdIwQYMBaAFF3KRSi55AyI5GekP9wSt48rNUXj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEJEMi9GNDBCMTE2QUFB MkYxMUVBOUMyOTU5MUVDNEY5QUUwMi9YY3BGS0xua0RJamtaNlFfM0JLM2p5czFS ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hjcEZLTG5rRElqa1o2UV8zQkszanlzMVJlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEJEMi9GNDBCMTE2QUFBMkYxMUVBOUMyOTU5MUVDNEY5QUUwMi9YY3BGS0xua0RJ amtaNlFfM0JLM2p5czFSZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBs9l6t5b6YbiqcSaoOrFxSeoO0alf2FucRj24tNCW2KVhpAF4T/ANB pYeb7Sx/WltfHVENdHjZhQhErbFn93SnaO2V77lJN15z1hxMAJsN72d/vqMImJ/w o1FFMiZ6TDBcMUZ0PY5/HfhYAvbTeTqw/GaxcOt0WSf1y9cSEPGXa67/mHgMONUM uIit+kTh6iDL9C1cfM2z3Bu4hcYIdTf0ESsVEiYw3QEiMMjb0ZszdsY+pSM5YWB6 9yagjfGooqwe7itsBAwMUJXO+VsGonDOlLtSaJxj+rdbgQxn/DG++csKwZemCGOV IKBnFNsrYQZ0Hb4Kq1OGHI3L0ZdeqUZk -----END CERTIFICATE-----Generated at Mon Apr 7 19:22:24 2025 by rpki-client