$ rpki-client -vvf rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft File: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft (raw, json) Hash identifier: 3Xwi7MXUvZZjPIjAgRZ3HJ1UBdhvoExR7Si/sTnvaU0= Subject key identifier: 40:94:16:2E:9F:10:57:2C:ED:00:63:99:CF:D1:AF:7C:A7:97:AF:CA Authority key identifier: 5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 Certificate issuer: /CN=A918B0B9/serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Certificate serial: 09A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft Manifest number: 098A Signing time: Fri 30 May 2025 21:00:32 +0000 Manifest this update: Fri 30 May 2025 21:00:32 +0000 Manifest next update: Fri 06 Jun 2025 21:00:32 +0000 Files and hashes: 1: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl (hash: JfFikm7cRcT3GxEeSTJMySHNc3ne45oYamh4J+ePx+4=) 2: 52F955A89B1511EA9BEFA53BC4F9AE02.roa (hash: 5fp5xPdrf28AzhElrO+JWN/gejEYqnFXoStD/HGk1zI=) 3: BED54F1A9B1611EA939F5A3FC4F9AE02.roa (hash: sHHQTYQ4Ee+qL1FSRc7R4PCypgoLoQnfR9k5950BZKI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2464 (0x9a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B0B9, serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Validity Not Before: May 30 21:00:32 2025 GMT Not After : Jun 6 21:00:32 2025 GMT Subject: CN=683a1c70-40f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:17:37:a2:39:05:d8:8c:a7:d9:63:c3:00:97: da:b2:01:50:57:77:f6:7e:eb:ce:ca:44:6b:9e:cf: e1:de:bc:1a:ba:c8:af:78:3d:eb:cc:26:c1:98:31: 31:3d:ff:7b:68:44:6b:c6:f6:ee:82:d6:a9:ee:92: 8d:61:5b:02:3f:63:5b:b8:3d:94:05:f1:9e:d9:db: 1f:40:0d:bf:96:41:97:3b:2c:8e:ec:34:d3:bb:32: 58:f0:e3:0d:3f:a7:52:b6:68:9f:85:49:3d:b9:8c: bd:99:a5:22:af:86:f4:a1:94:8f:1e:53:db:c1:c5: 13:14:6a:e4:c2:ba:f7:e2:6f:4d:cc:53:78:a9:d2: 68:31:36:03:e4:21:3c:58:0a:f8:19:5f:48:73:95: 1e:f7:33:b0:94:27:de:6f:07:c1:34:1c:7b:10:6e: fb:a1:60:3a:8a:0d:e9:fd:8c:33:c6:29:ed:58:f1: ff:a2:a3:11:8f:0a:94:46:ed:45:c0:f7:8e:bb:b8: fa:df:5a:32:0d:0f:a0:38:c9:a7:98:4e:a2:c0:31: 09:a8:d8:a2:4b:63:80:4f:bc:f6:ff:65:cc:90:50: e4:7e:80:33:be:44:96:20:fe:f6:bb:a5:11:4d:87: 32:7d:6b:fc:9c:85:92:d7:29:79:72:88:d4:a2:7c: c6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:94:16:2E:9F:10:57:2C:ED:00:63:99:CF:D1:AF:7C:A7:97:AF:CA X509v3 Authority Key Identifier: keyid:5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:80:9e:c3:66:2e:44:97:18:40:18:d0:0f:9a:96:8d:cb:a0: 59:6a:fa:7f:2d:bc:0d:29:38:db:c9:76:92:77:2a:6b:c4:44: 7f:67:31:e5:23:ae:3a:dd:32:41:3d:6a:42:ca:49:56:8d:03: 01:a8:48:65:c6:85:d2:dc:50:3e:76:74:7e:db:00:5d:b0:99: ef:0c:5e:ec:2a:d5:8f:bb:18:8b:8a:58:ff:ff:64:91:63:a2: f3:8e:e1:71:d2:33:74:f9:84:28:72:1b:f3:01:b9:46:8d:68: 35:62:ea:94:de:9f:18:a7:5d:ef:7a:cd:f3:ea:2c:d4:5a:37: c4:e7:08:fe:6b:81:61:a5:a4:27:52:5a:2a:34:79:d1:6d:25: 26:b1:71:30:81:cc:fc:41:d5:85:14:26:45:d4:15:13:c6:5e: 84:b9:6c:df:9d:b4:0b:a4:e8:4a:a2:bc:d2:12:bb:3e:d1:0a: 70:f3:f5:80:a4:44:09:9a:1c:8e:50:64:91:8b:3f:34:fe:d8: bf:ff:30:3e:77:14:89:de:10:20:c0:d9:a4:fa:f5:f1:e8:ee: ef:1a:3b:b9:fe:7f:3a:45:0e:18:10:13:65:90:c0:65:1e:02: 34:61:ab:98:a5:97:39:af:9c:ef:90:f3:3b:2f:4b:3b:76:6b: e7:bb:fd:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEIwQjkxMTAvBgNVBAUTKDVDNUE0RkFFNEFGMDFGRkRDOTI3NTM1NUNDQkFCOEM4 MTAxODlGNTQwHhcNMjUwNTMwMjEwMDMyWhcNMjUwNjA2MjEwMDMyWjAYMRYwFAYD VQQDEw02ODNhMWM3MC00MGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApxc3ojkF2Iyn2WPDAJfasgFQV3f2fuvOykRrns/h3rwausiveD3rzCbBmDEx Pf97aERrxvbugtap7pKNYVsCP2NbuD2UBfGe2dsfQA2/lkGXOyyO7DTTuzJY8OMN P6dStmifhUk9uYy9maUir4b0oZSPHlPbwcUTFGrkwrr34m9NzFN4qdJoMTYD5CE8 WAr4GV9Ic5Ue9zOwlCfebwfBNBx7EG77oWA6ig3p/YwzxintWPH/oqMRjwqURu1F wPeOu7j631oyDQ+gOMmnmE6iwDEJqNiiS2OAT7z2/2XMkFDkfoAzvkSWIP72u6UR TYcyfWv8nIWS1yl5cojUonzG2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFECUFi6f EFcs7QBjmc/Rr3ynl6/KMB8GA1UdIwQYMBaAFFxaT65K8B/9ySdTVcy6uMgQGJ9U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjBCOS85Q0JGM0Q5MDhG QTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hfM0pKMU5WekxxNHlCQVlu MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hGcFBya3J3SF8zSkoxTlZ6THE0eUJBWW4xUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QjBCOS85Q0JGM0Q5MDhGQTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hf M0pKMU5WekxxNHlCQVluMVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBygJ7DZi5ElxhAGNAPmpaNy6BZavp/LbwNKTjbyXaSdyprxER/ZzHl I6463TJBPWpCyklWjQMBqEhlxoXS3FA+dnR+2wBdsJnvDF7sKtWPuxiLilj//2SR Y6LzjuFx0jN0+YQochvzAblGjWg1YuqU3p8Yp13ves3z6izUWjfE5wj+a4FhpaQn UloqNHnRbSUmsXEwgcz8QdWFFCZF1BUTxl6EuWzfnbQLpOhKorzSErs+0Qpw8/WA pEQJmhyOUGSRiz80/ti//zA+dxSJ3hAgwNmk+vXx6O7vGju5/n86RQ4YEBNlkMBl HgI0YauYpZc5r5zvkPM7L0s7dmvnu/2l -----END CERTIFICATE-----Generated at Sat May 31 17:29:00 2025 by rpki-client