$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft File: XhBeDvkNGLn6S4j640EMah3vcZA.mft (raw, json) Hash identifier: hQhmTbXj40XvJSIZcEEKpSCkHxxP788s8cvgzOiuI+g= Subject key identifier: 30:58:A5:44:E9:4F:C4:8C:36:74:57:F4:FB:44:4E:4C:AC:3B:95:28 Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Certificate serial: 0BF6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft Manifest number: 0AB8 Signing time: Tue 22 Jul 2025 20:20:34 +0000 Manifest this update: Tue 22 Jul 2025 20:20:34 +0000 Manifest next update: Tue 29 Jul 2025 20:20:34 +0000 Files and hashes: 1: XhBeDvkNGLn6S4j640EMah3vcZA.crl (hash: mB4j2s3cg8zzzk2lFEsufW+fyXiSxVQUKw2qRtDWnIk=) 2: CED9053CE35211EDB7F6B44EC4F9AE02.roa (hash: JmnrBzA6dJ9YsMu7pz9xXLOAQrwChmETl1tBrYYwR4o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 20:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3062 (0xbf6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Validity Not Before: Jul 22 20:20:34 2025 GMT Not After : Jul 29 20:20:34 2025 GMT Subject: CN=687ff292-f747 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ec:12:c2:61:c9:b8:1b:b9:f8:1c:f1:88:80: a9:3c:5d:63:81:44:e8:37:08:59:51:e2:53:78:d5: ca:9b:82:5c:fb:ee:10:94:a3:f1:fa:4c:42:b4:e3: e5:3a:fc:f3:28:63:63:53:53:b8:92:f3:fc:d2:67: 59:4f:4c:4f:c6:cc:b9:b6:2c:b3:90:17:ca:90:8a: 9a:52:e2:9b:cc:c4:d1:6e:95:e6:32:9c:3c:5f:1c: 1a:ca:d1:05:4f:56:70:da:5d:19:62:82:1e:67:01: 4b:76:20:e0:22:4c:0f:2b:a5:78:6d:0f:4f:e7:4c: 00:89:0e:13:3f:02:d7:cc:d4:59:1e:f6:ca:b6:3f: 46:87:30:58:7f:08:9b:25:9c:c6:13:a8:2b:bf:38: 1c:af:2f:27:9e:85:14:7b:39:ab:23:53:83:b0:ac: a0:e0:18:0e:92:0d:19:44:e7:e4:92:d4:64:d4:6b: 29:3e:16:61:1e:7e:9d:49:0f:88:f2:bc:c6:d2:94: 7b:b5:13:2c:43:60:0c:2e:b7:9f:65:60:9e:2c:a7: 1d:8b:39:e5:b0:79:d0:75:9c:27:0e:2d:2f:05:4f: 5d:67:b7:6f:6f:9f:63:c0:49:7f:bc:e6:fb:cc:68: 9b:87:c6:bb:1b:98:39:c0:9b:f8:3f:9d:e7:90:47: 09:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:58:A5:44:E9:4F:C4:8C:36:74:57:F4:FB:44:4E:4C:AC:3B:95:28 X509v3 Authority Key Identifier: keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:c8:50:54:00:45:c6:19:35:49:6f:5d:f3:69:bb:a0:c5:74: 91:a5:56:86:e2:9a:1e:0f:3b:98:93:64:0d:a0:a6:d8:18:8e: 9f:a5:8e:06:fb:1d:46:1b:9d:cb:99:1f:50:6c:d9:8b:ca:87: 82:56:e6:76:69:01:52:6a:e4:1b:68:0a:8d:3e:c3:d0:a6:d9: 40:06:20:74:7e:30:bf:79:f3:ab:bd:d4:81:49:9f:cc:37:b4: bc:2e:13:8f:ea:e9:7c:81:a0:a0:8c:1c:4e:7b:d9:36:98:e2: c3:b7:04:4b:29:0d:f2:78:5b:8e:cb:76:c5:fd:9b:d7:36:80: 37:44:a0:75:d8:59:61:26:e7:ce:ae:22:35:ae:40:ad:bb:2b: f2:8f:ed:09:c8:57:89:a4:6f:50:61:19:86:2e:d1:51:f3:42: 87:f0:e3:69:0d:b8:93:56:ca:2a:2f:2c:09:1a:e3:2c:e4:ee: 6f:05:c4:9a:43:87:fc:d0:b9:e0:cf:41:df:cf:af:f0:c5:4e: b8:c0:1c:a5:4a:82:df:a2:ac:3e:c9:45:54:c6:b7:46:7f:3b: c3:6c:e8:1c:8d:80:fe:5d:3b:6c:da:db:a9:bc:8f:c9:dd:4d: f6:42:30:90:9e:c6:94:9e:f4:17:29:52:0c:88:72:e3:0b:60: f7:1e:e4:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB MURFRjcxOTAwHhcNMjUwNzIyMjAyMDM0WhcNMjUwNzI5MjAyMDM0WjAYMRYwFAYD VQQDEw02ODdmZjI5Mi1mNzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAruwSwmHJuBu5+BzxiICpPF1jgUToNwhZUeJTeNXKm4Jc++4QlKPx+kxCtOPl OvzzKGNjU1O4kvP80mdZT0xPxsy5tiyzkBfKkIqaUuKbzMTRbpXmMpw8XxwaytEF T1Zw2l0ZYoIeZwFLdiDgIkwPK6V4bQ9P50wAiQ4TPwLXzNRZHvbKtj9GhzBYfwib JZzGE6grvzgcry8nnoUUezmrI1ODsKyg4BgOkg0ZROfkktRk1GspPhZhHn6dSQ+I 8rzG0pR7tRMsQ2AMLrefZWCeLKcdiznlsHnQdZwnDi0vBU9dZ7dvb59jwEl/vOb7 zGibh8a7G5g5wJv4P53nkEcJfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDBYpUTp T8SMNnRX9PtETkysO5UoMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjlFNy80NkFBRDZCMjkwNDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdM bjZTNGo2NDBFTWFoM3ZjWkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyyFBUAEXGGTVJb13zabugxXSRpVaG4poeDzuYk2QNoKbYGI6fpY4G +x1GG53LmR9QbNmLyoeCVuZ2aQFSauQbaAqNPsPQptlABiB0fjC/efOrvdSBSZ/M N7S8LhOP6ul8gaCgjBxOe9k2mOLDtwRLKQ3yeFuOy3bF/ZvXNoA3RKB12FlhJufO riI1rkCtuyvyj+0JyFeJpG9QYRmGLtFR80KH8ONpDbiTVsoqLywJGuMs5O5vBcSa Q4f80Lngz0Hfz6/wxU64wBylSoLfoqw+yUVUxrdGfzvDbOgcjYD+XTts2tupvI/J 3U32QjCQnsaUnvQXKVIMiHLjC2D3HuRF -----END CERTIFICATE-----Generated at Wed Jul 23 02:23:28 2025 by rpki-client