$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: 027bCaSX1TSzqMpL8uSNOuY9GZjGVvSJt1N9ikJl6hI= Subject key identifier: 45:2B:1B:BE:5D:5E:73:B0:00:99:8E:0B:AC:76:21:9C:F3:28:F9:EB Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 07E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07AD Signing time: Fri 30 May 2025 21:39:28 +0000 Manifest this update: Fri 30 May 2025 21:39:27 +0000 Manifest next update: Fri 06 Jun 2025 21:39:27 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: mfo1UB3ENzjFg4NIA0xVo1d6hzzTteIB4lsbTcInRN4=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: Z0HHcyxz7rmGLBYwcIWDSL9D03AdZbtYiS469aOTikg=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: AOyufc93Chw9bEWHvFa0LDI+LOdW3FqSZFo43ILQvd0=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: ZpHbYhB9ExSCJ+11c8ap/OdAIsKxszdOCjimKJQDTek=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: ftDRlCPQKF+Ib5B7VJZrq540hqlVUdTm8Q2C4Ih+cM8=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HxA8u7nmZWUr6BPYIZAwMw8J3pQQtwxfZZvWeTi7tWI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: YABaqUWE/JPdcjinbFv0PWoHHYymCq6aO+ylU5Xzjo0=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: XhE6x9E/aZ957HcPZHgLlj7Fv56GEXE7hy1IWMNgX6M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:39:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2019 (0x7e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: May 30 21:39:27 2025 GMT Not After : Jun 6 21:39:27 2025 GMT Subject: CN=683a258f-fc00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:58:2f:d3:b8:7d:f5:01:a1:48:06:6f:a5:44: f9:81:96:07:78:a7:4d:ef:93:e6:ef:7b:16:db:2a: 31:1b:73:02:d6:64:4d:40:f7:81:00:26:fb:b4:64: b5:d0:9f:d5:a2:76:60:83:54:38:7d:88:4f:9a:5c: 21:ba:9e:2c:db:15:b1:97:82:eb:a8:7c:12:e2:92: a8:14:41:90:2f:f6:37:98:d9:ad:7c:ec:32:cb:52: 09:f0:dd:52:74:28:a5:24:98:cc:17:72:df:5a:a8: 68:18:b2:95:7c:1e:20:0f:08:75:fd:68:f1:47:6d: 8a:b7:08:7c:57:87:aa:a2:d4:fc:bd:ae:75:e8:10: b6:4a:6d:e5:bb:eb:88:08:07:4b:8b:fe:93:2c:00: 2b:86:36:04:47:35:dc:03:9b:09:88:12:4d:cf:99: 61:2d:48:70:16:67:01:02:ca:77:9e:c4:eb:9e:7b: a8:d4:38:af:f5:ea:a1:f2:12:ba:41:15:c5:01:88: c5:e6:98:0b:94:0e:12:10:1d:7d:7a:a0:0a:3e:4a: 5b:4c:38:d6:71:76:92:8d:62:50:f5:c6:90:8a:51: 95:61:9e:21:4f:c5:7b:4a:97:0e:dc:9c:c8:9e:14: e2:87:71:80:bb:e5:9a:66:d9:c7:77:7a:bf:4f:97: 68:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:2B:1B:BE:5D:5E:73:B0:00:99:8E:0B:AC:76:21:9C:F3:28:F9:EB X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:80:6e:9a:64:d6:92:a0:0f:e6:48:ce:1b:c3:e9:00:ce:75: 70:7a:43:3b:60:b1:04:d1:7c:7f:4b:fe:33:48:e4:a8:5a:0c: 50:48:4c:4f:2f:fd:a0:91:e7:0f:b7:06:49:2f:ac:61:c5:e1: f1:db:2b:8b:9d:a9:65:82:d5:ae:4f:bd:3d:ca:aa:a3:06:72: 82:81:74:ed:7f:8c:93:30:7c:54:d7:fb:df:cd:50:d6:18:3d: bd:c9:85:13:a9:1e:94:61:6a:65:a4:15:21:a9:af:5e:8e:1e: 96:a2:da:44:90:3b:dd:e5:b0:c6:af:d5:54:19:b9:5d:6c:77: bc:ad:76:02:f5:03:0a:00:c3:87:66:e4:8f:8b:b0:cc:90:64: 02:e1:70:b5:d9:b1:c9:63:f1:ac:df:7e:17:df:75:e9:d3:24: e2:3c:1b:88:07:7c:5e:8e:4f:23:30:a5:9f:df:dd:e4:51:6f: af:24:02:46:71:a9:b6:44:f1:ea:ef:64:f6:ce:c1:07:da:19: c8:f7:80:9a:79:7f:24:8c:97:ec:8f:bb:80:79:bf:d1:f0:f7: c7:b7:50:77:9b:4b:41:50:a0:c7:c5:e8:b6:47:a9:9e:48:83: f7:2a:0b:36:01:70:5c:b5:1a:26:18:1c:6a:1c:2d:9c:9b:10: d7:ec:90:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwNTMwMjEzOTI3WhcNMjUwNjA2MjEzOTI3WjAYMRYwFAYD VQQDEw02ODNhMjU4Zi1mYzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzVgv07h99QGhSAZvpUT5gZYHeKdN75Pm73sW2yoxG3MC1mRNQPeBACb7tGS1 0J/VonZgg1Q4fYhPmlwhup4s2xWxl4LrqHwS4pKoFEGQL/Y3mNmtfOwyy1IJ8N1S dCilJJjMF3LfWqhoGLKVfB4gDwh1/WjxR22Ktwh8V4eqotT8va516BC2Sm3lu+uI CAdLi/6TLAArhjYERzXcA5sJiBJNz5lhLUhwFmcBAsp3nsTrnnuo1Div9eqh8hK6 QRXFAYjF5pgLlA4SEB19eqAKPkpbTDjWcXaSjWJQ9caQilGVYZ4hT8V7SpcO3JzI nhTih3GAu+WaZtnHd3q/T5do7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEUrG75d XnOwAJmOC6x2IZzzKPnrMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRgG6aZNaSoA/mSM4bw+kAznVwekM7YLEE0Xx/S/4zSOSoWgxQSExP L/2gkecPtwZJL6xhxeHx2yuLnallgtWuT709yqqjBnKCgXTtf4yTMHxU1/vfzVDW GD29yYUTqR6UYWplpBUhqa9ejh6WotpEkDvd5bDGr9VUGbldbHe8rXYC9QMKAMOH ZuSPi7DMkGQC4XC12bHJY/Gs334X33Xp0yTiPBuIB3xejk8jMKWf393kUW+vJAJG cam2RPHq72T2zsEH2hnI94CaeX8kjJfsj7uAeb/R8PfHt1B3m0tBUKDHxei2R6me SIP3Kgs2AXBctRomGBxqHC2cmxDX7JDU -----END CERTIFICATE-----Generated at Sat May 31 17:28:51 2025 by rpki-client