$ rpki-client -vvf rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft File: XpnXCH3VTqLn519cgIcHE4Posp4.mft (raw, json) Hash identifier: H4ru+ZhY5RHzy+kXyBS0IljaUNpZMmOe1qfNrPqUA/8= Subject key identifier: 8A:C8:78:CB:04:D5:9C:75:BE:17:8A:73:6A:F8:DB:EE:03:FC:8B:1D Authority key identifier: 5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E Certificate issuer: /CN=A91F81D3/serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Certificate serial: 0AC2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft Manifest number: 0AA7 Signing time: Fri 04 Apr 2025 19:40:40 +0000 Manifest this update: Fri 04 Apr 2025 19:40:40 +0000 Manifest next update: Fri 11 Apr 2025 19:40:40 +0000 Files and hashes: 1: XpnXCH3VTqLn519cgIcHE4Posp4.crl (hash: v2TDeUWimyuja9DlncgcXIsp1Ho6yvYlPymUjuz5seI=) 2: 79BBD5780A3511EB93ACB11CC4F9AE02.roa (hash: p3Evu360d8sJaOIhPj+V+IcCcGPKVkKX45bmHYZFDuU=) 3: E4A8C1240A3611F08B9CFD4FC4F9AE02.roa (hash: B/yqgTTm04esQLkgoKxLOii6Uu8YrCTw+XoGrHSRapo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:40:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2754 (0xac2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F81D3 Validity Not Before: Apr 4 19:40:40 2025 GMT Not After : Apr 11 19:40:40 2025 GMT Subject: CN=67f035b8-57db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:80:c1:c3:5a:08:3f:34:ef:8a:58:16:51:07: 1c:66:f8:79:94:fd:7f:cb:ee:b8:9f:4f:05:6d:a2: 9d:e5:72:83:7b:73:90:9b:98:68:5e:75:32:38:7c: 50:ec:05:dc:81:cc:8b:b4:06:23:5b:b4:f4:1f:c4: cf:b4:a3:a2:c5:c9:a0:d3:67:36:5d:94:dc:28:3f: 45:c0:3c:df:48:5f:9c:a9:36:09:f4:bf:d2:2f:09: 40:d9:50:10:0e:97:f3:83:1b:8d:04:59:86:0a:f9: cb:ae:0c:f6:78:bc:e1:2c:7b:34:a1:e9:39:cd:39: 1d:c6:ef:f3:0b:4d:34:c9:e6:b6:e5:50:1c:1c:ca: 55:44:51:33:3a:f7:a2:ae:5d:18:cd:36:4d:c0:90: d1:2f:29:6a:11:51:e6:6c:54:22:63:60:8f:23:3e: f3:15:1e:c7:aa:c1:58:82:c1:24:37:86:5b:5d:96: 47:58:b1:b5:50:6e:d0:0e:2b:9c:f9:c4:15:71:60: f4:1e:03:ce:61:5b:6e:fd:fc:0d:ae:d2:24:a7:91: 76:3d:30:3e:c1:1f:b1:e2:84:1a:4b:66:a3:8f:5e: c1:8a:9d:e7:3c:2a:81:f4:d2:af:e4:40:c6:0a:48: 9c:0a:45:ae:c7:23:30:80:07:c2:1f:94:ff:57:30: 5f:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:C8:78:CB:04:D5:9C:75:BE:17:8A:73:6A:F8:DB:EE:03:FC:8B:1D X509v3 Authority Key Identifier: keyid:5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:da:76:fc:75:db:b0:ae:30:59:2f:98:e5:51:f7:4b:74:d1: 04:fa:b6:ff:6f:9d:55:40:67:3f:e3:52:e6:61:6b:c7:aa:8a: 35:d4:f7:13:bf:20:62:97:0f:32:4e:dc:f8:05:eb:7b:66:e7: 40:8b:be:f1:49:71:66:15:06:e4:f3:05:e2:aa:3f:ef:41:91: 9f:71:0d:7f:64:8e:0e:8e:ef:c1:78:7b:9c:b9:00:42:f1:fd: 8a:de:a0:58:eb:69:37:92:74:ad:0c:e1:bc:17:b2:aa:c5:e6: e1:64:da:ba:50:a0:31:05:24:18:76:b2:4b:26:29:34:ee:e3: 94:07:f0:f8:c2:6b:57:4a:a6:db:5b:44:d3:d7:74:c7:bd:63: 4b:44:ea:38:b2:50:82:59:54:32:3a:98:ac:4e:56:89:81:d8: ea:29:0c:e7:39:9d:f9:bd:fc:e6:64:c3:7d:4a:51:a5:70:cf: ef:20:c6:db:5d:7f:c3:2e:cf:53:3a:79:fd:2f:e6:bb:f6:74: a2:e7:57:65:53:b2:fc:bf:4b:85:cb:b5:6b:04:86:47:d8:e9: fe:48:45:16:c3:4a:1f:ee:95:1e:3e:77:d8:8d:e0:0a:e9:87: e3:b5:6e:5e:da:9f:4d:39:31:57:b9:85:6b:7b:f5:95:d7:ca: be:ff:86:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCsIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxRDMxMTAvBgNVBAUTKDVFOTlENzA4N0RENTRFQTJFN0U3NUY1QzgwODcwNzEz ODNFOEIyOUUwHhcNMjUwNDA0MTk0MDQwWhcNMjUwNDExMTk0MDQwWjAYMRYwFAYD VQQDEw02N2YwMzViOC01N2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxoDBw1oIPzTvilgWUQccZvh5lP1/y+64n08FbaKd5XKDe3OQm5hoXnUyOHxQ 7AXcgcyLtAYjW7T0H8TPtKOixcmg02c2XZTcKD9FwDzfSF+cqTYJ9L/SLwlA2VAQ DpfzgxuNBFmGCvnLrgz2eLzhLHs0oek5zTkdxu/zC000yea25VAcHMpVRFEzOvei rl0YzTZNwJDRLylqEVHmbFQiY2CPIz7zFR7HqsFYgsEkN4ZbXZZHWLG1UG7QDiuc +cQVcWD0HgPOYVtu/fwNrtIkp5F2PTA+wR+x4oQaS2ajj17Bip3nPCqB9NKv5EDG CkicCkWuxyMwgAfCH5T/VzBf7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIrIeMsE 1Zx1vheKc2r42+4D/IsdMB8GA1UdIwQYMBaAFF6Z1wh91U6i5+dfXICHBxOD6LKe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODFEMy8wQTg0NTlGNDUy MzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRxTG41MTljZ0ljSEU0UG9z cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hwblhDSDNWVHFMbjUxOWNnSWNIRTRQb3NwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODFEMy8wQTg0NTlGNDUyMzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRx TG41MTljZ0ljSEU0UG9zcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAc2nb8dduwrjBZL5jlUfdLdNEE+rb/b51VQGc/41LmYWvHqoo11PcT vyBilw8yTtz4Bet7ZudAi77xSXFmFQbk8wXiqj/vQZGfcQ1/ZI4Oju/BeHucuQBC 8f2K3qBY62k3knStDOG8F7KqxebhZNq6UKAxBSQYdrJLJik07uOUB/D4wmtXSqbb W0TT13THvWNLROo4slCCWVQyOpisTlaJgdjqKQznOZ35vfzmZMN9SlGlcM/vIMbb XX/DLs9TOnn9L+a79nSi51dlU7L8v0uFy7VrBIZH2On+SEUWw0of7pUePnfYjeAK 6YfjtW5e2p9NOTFXuYVre/WV18q+/4aC -----END CERTIFICATE-----Generated at Sun Apr 6 02:17:43 2025 by rpki-client