$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft File: Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft (raw, json) Hash identifier: JwJwZb9tkE/3kTJN91Cgd97H/ay5dqs8kZRBX/CO3IA= Subject key identifier: 08:71:70:77:04:75:43:0A:65:23:23:3D:46:A0:5E:6F:77:C0:0A:68 Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC Certificate issuer: /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC Certificate serial: 03AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft Manifest number: 038B Signing time: Sat 31 May 2025 01:07:08 +0000 Manifest this update: Sat 31 May 2025 01:07:07 +0000 Manifest next update: Sat 07 Jun 2025 01:07:07 +0000 Files and hashes: 1: Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl (hash: f1zumD2JrjDFAcO9qWcJ0BPKByY1FfngW4//gY+JieI=) 2: 7B6F6276E03811EFAC3C5652C4F9AE02.roa (hash: melteXR1cRharD5muHTsf70+edihxivjKNNQzAZNpLE=) 3: 79C2D638E03811EFAC3C5652C4F9AE02.roa (hash: pIl/ybOSWeNJuXyu7vI+RsUvtpL0KXP/t0jEbgQtU7I=) 4: 7AA94F3CE03811EFAC3C5652C4F9AE02.roa (hash: ImUvDtTwcm68idWdwXB7tEHKc5rG51UP9vCEMxdSyRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:07:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 943 (0x3af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158E8E, serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC Validity Not Before: May 31 01:07:07 2025 GMT Not After : Jun 7 01:07:07 2025 GMT Subject: CN=683a563c-2bbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6d:4f:6e:32:e1:ce:80:e0:41:b6:36:c4:77: bf:56:37:db:0d:b0:fc:bb:49:03:b0:5f:d2:dd:7f: 96:60:35:3c:04:7d:32:38:f4:53:18:98:c2:b2:7b: 6d:44:2d:fd:94:fc:d4:c4:ba:4f:1d:05:de:73:c9: eb:d8:4f:13:89:43:3d:15:c4:43:7d:be:b8:61:eb: 1e:c0:df:62:7b:7d:a6:9c:34:03:7d:c2:ec:7c:0b: 31:a8:bf:10:a5:1f:19:5e:26:8a:c4:27:68:30:86: 66:ed:38:33:7c:a7:85:d9:0a:98:a7:93:81:37:b6: eb:0e:76:02:45:ab:0e:3f:be:92:29:f8:4f:9e:dc: ec:2b:09:3e:aa:c9:d6:19:a7:74:09:47:57:89:39: b9:e4:ff:3b:8b:8e:ff:ee:72:47:53:eb:c6:24:cb: d5:1c:72:e8:43:02:58:32:bb:af:38:c7:3b:cb:da: ab:e6:cf:ec:dd:cc:09:b6:60:8f:32:df:21:6c:f9: 76:04:c1:65:1a:2d:6f:e9:df:76:ad:65:58:89:36: 20:17:78:58:29:1d:c4:79:85:1f:e7:65:30:1f:f0: 82:9e:70:d8:e1:ba:bf:eb:c2:f4:28:87:9f:cd:6d: 0a:ec:19:b2:81:60:4d:d1:ed:df:91:08:33:70:74: 0d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:71:70:77:04:75:43:0A:65:23:23:3D:46:A0:5E:6F:77:C0:0A:68 X509v3 Authority Key Identifier: keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:af:1f:4f:21:a6:4a:a1:f5:b4:9f:e0:37:ec:03:74:fc:9a: f6:ba:d4:35:53:1c:45:21:18:cd:39:76:68:ac:c0:e4:c1:5c: e1:47:46:f7:9a:6e:56:56:8e:40:00:63:6f:40:a4:f9:0c:63: c9:12:5f:94:55:f1:c6:88:a4:08:1d:1c:66:c9:0e:c1:23:62: a6:67:24:82:0e:23:47:b3:54:5d:5a:d7:08:7c:7c:a6:bd:d5: 38:6a:44:09:90:98:e4:d7:01:26:8f:d6:95:f9:34:0f:d7:cf: 01:98:51:e8:9e:14:1b:fd:da:21:a7:0b:4d:7b:38:d8:71:a3: 41:f5:b1:21:69:b7:93:3d:f9:b0:09:06:b6:f5:94:50:d3:e3: 53:64:aa:92:67:e9:16:80:20:17:32:5f:12:64:7f:0f:28:19: 53:67:d6:2c:d3:52:d9:54:30:19:5c:3a:e3:07:79:a5:c0:dd: 03:74:78:2b:3f:a5:a2:f3:0f:e8:08:6f:d1:ef:bb:65:24:b3: 4e:c1:d6:70:f3:e8:ac:e4:f4:4d:46:f9:ca:30:b7:63:dc:93: f1:c5:3e:02:9b:5c:5a:95:1c:fe:3a:cb:b9:d2:e1:bc:26:00: 97:8a:e7:84:09:80:7c:cf:84:42:7a:ef:f7:2c:23:a5:9a:07: 01:9b:f2:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB REQ1RjM0QUMwHhcNMjUwNTMxMDEwNzA3WhcNMjUwNjA3MDEwNzA3WjAYMRYwFAYD VQQDEw02ODNhNTYzYy0yYmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwG1PbjLhzoDgQbY2xHe/VjfbDbD8u0kDsF/S3X+WYDU8BH0yOPRTGJjCsntt RC39lPzUxLpPHQXec8nr2E8TiUM9FcRDfb64YesewN9ie32mnDQDfcLsfAsxqL8Q pR8ZXiaKxCdoMIZm7TgzfKeF2QqYp5OBN7brDnYCRasOP76SKfhPntzsKwk+qsnW Gad0CUdXiTm55P87i47/7nJHU+vGJMvVHHLoQwJYMruvOMc7y9qr5s/s3cwJtmCP Mt8hbPl2BMFlGi1v6d92rWVYiTYgF3hYKR3EeYUf52UwH/CCnnDY4bq/68L0KIef zW0K7BmygWBN0e3fkQgzcHQNQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAhxcHcE dUMKZSMjPUagXm93wApoMB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OEU4RS8wNEZCQjhGMEFFMEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRR cUZfeS1hWHpHeXV0MWZOS3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgrx9PIaZKofW0n+A37AN0/Jr2utQ1UxxFIRjNOXZorMDkwVzhR0b3 mm5WVo5AAGNvQKT5DGPJEl+UVfHGiKQIHRxmyQ7BI2KmZySCDiNHs1RdWtcIfHym vdU4akQJkJjk1wEmj9aV+TQP188BmFHonhQb/dohpwtNezjYcaNB9bEhabeTPfmw CQa29ZRQ0+NTZKqSZ+kWgCAXMl8SZH8PKBlTZ9Ys01LZVDAZXDrjB3mlwN0DdHgr P6Wi8w/oCG/R77tlJLNOwdZw8+is5PRNRvnKMLdj3JPxxT4Cm1xalRz+Osu50uG8 JgCXiueECYB8z4RCeu/3LCOlmgcBm/Ii -----END CERTIFICATE-----Generated at Sat May 31 17:50:35 2025 by rpki-client