$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: THFhNa7+YMA4SbD7bcq3JwvBjNB+JSME8J94YrtqxBY= Subject key identifier: C4:F1:32:E1:92:CC:9C:9C:E5:14:B3:0C:F4:FA:14:E1:7E:7E:19:BB Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: 0107 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: 0105 Signing time: Sat 31 May 2025 04:41:13 +0000 Manifest this update: Sat 31 May 2025 04:41:12 +0000 Manifest next update: Sat 07 Jun 2025 04:41:12 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: qy4xKZW4bJ3ZoOdqKGuYJR1kZ+6UCzYOdMeSwBZ1mYI=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:41:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 263 (0x107) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: May 31 04:41:12 2025 GMT Not After : Jun 7 04:41:12 2025 GMT Subject: CN=683a8869-eb9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:32:0b:40:61:e6:35:59:cd:f3:bc:23:e4:6e: 15:9d:59:2c:17:da:ec:e8:cd:41:96:7f:82:e0:7e: 50:cd:11:67:7e:85:03:60:d6:32:8b:54:57:00:40: a9:25:61:28:29:02:fd:55:34:a8:5b:b5:f7:bb:d4: b0:db:aa:08:e0:58:ba:11:9b:ba:f8:bc:35:9b:91: ff:69:e4:b0:39:33:a5:4b:02:2d:fa:cb:a4:6e:ad: f2:67:8d:d3:3e:5d:64:56:65:50:55:22:d2:85:78: d2:ee:d9:92:a5:fa:b4:e6:38:b3:0c:fc:30:b7:d3: d5:93:5c:b9:a7:6e:e9:32:3b:ec:96:37:88:2d:d4: 46:19:1a:72:47:b2:68:7d:82:a5:0a:32:72:17:49: 4e:d4:36:45:88:f9:e9:be:5d:c8:82:c4:4e:f3:00: fb:3c:8d:82:ba:41:f2:b9:7e:30:0a:87:b4:43:dc: b5:15:4d:1b:8f:78:53:62:60:ce:97:09:e5:f7:4e: c3:bc:57:56:c3:5c:b2:67:8f:87:f2:2f:92:00:8d: 8e:47:ac:2c:b8:43:a2:fb:02:f8:dc:72:e1:9c:1a: c0:c4:59:62:ab:0a:f5:ea:a2:ed:be:6a:5b:a2:95: 23:ca:1c:f4:fe:c4:64:15:70:cf:9f:b9:38:d7:65: 73:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:F1:32:E1:92:CC:9C:9C:E5:14:B3:0C:F4:FA:14:E1:7E:7E:19:BB X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:ec:62:1a:bd:ca:50:1b:8c:4f:bd:8f:16:7b:86:40:1d:bb: f6:4c:db:80:da:72:5f:61:4a:7a:10:7c:b5:1f:ab:23:60:02: e1:39:57:f0:f7:27:5c:bf:84:a6:94:f8:67:f9:aa:80:56:16: da:83:12:37:52:4f:24:fc:45:45:14:84:59:27:1e:a8:ac:2c: be:26:6e:7f:42:a4:b2:1f:ce:0e:c8:dd:07:09:7b:b8:f8:8a: 95:31:5a:f4:4b:91:c0:07:d4:95:9d:d7:8e:8e:9b:a7:9d:88: f7:6a:4d:26:f4:85:6b:98:9e:dd:cc:7c:0d:1c:90:39:c3:44: 52:4e:41:4f:67:3d:aa:29:77:cc:98:58:b7:18:2b:94:01:a0: a6:78:69:4a:05:5d:84:7d:9f:a5:5c:83:84:54:99:ba:93:bf: b2:c2:ea:87:29:8b:2d:05:fd:4e:31:8b:31:8d:48:fb:62:47: 03:dc:6c:73:15:ee:99:5b:bc:79:bb:f8:01:e4:1d:2c:d6:06: 17:f7:ab:c1:ff:4d:89:2a:b4:0a:be:06:f0:5d:46:46:a4:19: 09:c3:3a:a7:f5:a3:90:dd:47:b1:22:54:cb:e9:b8:3d:1c:f9: d7:08:84:94:c3:90:cc:4d:ce:1a:69:48:fc:36:b7:7a:31:a4: a4:0e:c6:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjUwNTMxMDQ0MTEyWhcNMjUwNjA3MDQ0MTEyWjAYMRYwFAYD VQQDEw02ODNhODg2OS1lYjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqjILQGHmNVnN87wj5G4VnVksF9rs6M1Bln+C4H5QzRFnfoUDYNYyi1RXAECp JWEoKQL9VTSoW7X3u9Sw26oI4Fi6EZu6+Lw1m5H/aeSwOTOlSwIt+sukbq3yZ43T Pl1kVmVQVSLShXjS7tmSpfq05jizDPwwt9PVk1y5p27pMjvsljeILdRGGRpyR7Jo fYKlCjJyF0lO1DZFiPnpvl3IgsRO8wD7PI2CukHyuX4wCoe0Q9y1FU0bj3hTYmDO lwnl907DvFdWw1yyZ4+H8i+SAI2OR6wsuEOi+wL43HLhnBrAxFliqwr16qLtvmpb opUjyhz0/sRkFXDPn7k412Vz5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMTxMuGS zJyc5RSzDPT6FOF+fhm7MB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAw7GIavcpQG4xPvY8We4ZAHbv2TNuA2nJfYUp6EHy1H6sjYALhOVfw 9ydcv4SmlPhn+aqAVhbagxI3Uk8k/EVFFIRZJx6orCy+Jm5/QqSyH84OyN0HCXu4 +IqVMVr0S5HAB9SVndeOjpunnYj3ak0m9IVrmJ7dzHwNHJA5w0RSTkFPZz2qKXfM mFi3GCuUAaCmeGlKBV2EfZ+lXIOEVJm6k7+ywuqHKYstBf1OMYsxjUj7YkcD3Gxz Fe6ZW7x5u/gB5B0s1gYX96vB/02JKrQKvgbwXUZGpBkJwzqn9aOQ3UexIlTL6bg9 HPnXCISUw5DMTc4aaUj8Nrd6MaSkDsZL -----END CERTIFICATE-----Generated at Sat May 31 17:04:55 2025 by rpki-client