$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9561/C9A8DFDADA6911EC9C815358C4F9AE02/XjzwJR2KYAa4KFvQlJ_Nm6P567g.mft File: XjzwJR2KYAa4KFvQlJ_Nm6P567g.mft (raw, json) Hash identifier: BPr41ox8m4PKdDO0zQIaVFdknBNOESAAWjwcuqnebQo= Subject key identifier: 02:08:12:89:CA:E8:72:C6:65:4D:DA:F7:1B:C1:67:D0:DF:5A:8E:A3 Authority key identifier: 5E:3C:F0:25:1D:8A:60:06:B8:28:5B:D0:94:9F:CD:9B:A3:F9:EB:B8 Certificate issuer: /CN=A91C9561/serialNumber=5E3CF0251D8A6006B8285BD0949FCD9BA3F9EBB8 Certificate serial: 02F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XjzwJR2KYAa4KFvQlJ_Nm6P567g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9561/C9A8DFDADA6911EC9C815358C4F9AE02/XjzwJR2KYAa4KFvQlJ_Nm6P567g.mft Manifest number: 02F7 Signing time: Thu 05 Jun 2025 01:06:35 +0000 Manifest this update: Thu 05 Jun 2025 01:06:34 +0000 Manifest next update: Thu 12 Jun 2025 01:06:34 +0000 Files and hashes: 1: XjzwJR2KYAa4KFvQlJ_Nm6P567g.crl (hash: C7W3NyTn3oZ1OWYsNza0nE496FPJoZVR1ByHuk1bL5Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9561/C9A8DFDADA6911EC9C815358C4F9AE02/XjzwJR2KYAa4KFvQlJ_Nm6P567g.crl rsync://rpki.apnic.net/member_repository/A91C9561/C9A8DFDADA6911EC9C815358C4F9AE02/XjzwJR2KYAa4KFvQlJ_Nm6P567g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XjzwJR2KYAa4KFvQlJ_Nm6P567g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 01:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 760 (0x2f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9561, serialNumber=5E3CF0251D8A6006B8285BD0949FCD9BA3F9EBB8 Validity Not Before: Jun 5 01:06:34 2025 GMT Not After : Jun 12 01:06:34 2025 GMT Subject: CN=6840ed9b-5f19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e6:99:a6:fc:7e:11:a5:ea:29:65:e5:fc:5a: 05:1f:2c:cf:ad:dc:e0:29:db:73:6a:af:78:8b:09: 71:f8:3b:4b:e2:c7:4d:2c:45:1e:d4:d8:97:07:fd: 43:69:fc:a9:76:ce:20:0a:4d:1c:df:49:0d:b4:e6: 50:a3:f8:74:b1:12:24:87:64:ab:8e:14:36:aa:a1: 6d:02:29:91:c6:49:ca:cd:0d:25:9d:5e:82:49:df: c5:d5:1d:ca:6c:b6:98:1d:b7:6f:72:be:0d:bf:e8: f2:e0:a8:3c:dd:8c:d2:de:07:bc:9f:b1:bd:b3:d4: 20:6a:31:43:93:69:dc:cc:aa:7d:38:ea:fd:99:2b: 56:fd:f7:5d:58:b3:f4:38:a3:3c:da:42:5d:f1:6e: 70:05:78:fd:25:2c:7d:36:fd:c9:a9:7b:ed:ed:cc: 18:76:df:8d:64:28:3e:d8:a8:b9:b4:37:0b:86:09: 00:74:a8:03:36:56:12:11:ef:d7:6e:c8:5d:5b:a6: 3d:f8:56:9b:2c:74:65:09:22:75:29:bb:c5:d7:e0: 5e:1f:01:61:c9:65:d1:ae:06:5a:ce:53:41:e8:42: 81:8f:e1:c6:24:55:b2:56:a2:e4:13:bf:cd:4b:bd: bc:f1:6e:d4:4a:1c:18:91:a1:8c:7b:6a:f9:cb:79: 54:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:08:12:89:CA:E8:72:C6:65:4D:DA:F7:1B:C1:67:D0:DF:5A:8E:A3 X509v3 Authority Key Identifier: keyid:5E:3C:F0:25:1D:8A:60:06:B8:28:5B:D0:94:9F:CD:9B:A3:F9:EB:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9561/C9A8DFDADA6911EC9C815358C4F9AE02/XjzwJR2KYAa4KFvQlJ_Nm6P567g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XjzwJR2KYAa4KFvQlJ_Nm6P567g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9561/C9A8DFDADA6911EC9C815358C4F9AE02/XjzwJR2KYAa4KFvQlJ_Nm6P567g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:ea:48:5a:78:ed:7a:c7:6c:e5:5e:e3:58:1f:df:28:ff:9b: d7:01:7d:8a:cd:3f:1f:61:47:c8:e5:8f:2a:f8:30:a4:91:ee: 8a:4d:9d:ea:3d:1a:a5:a9:10:68:9d:dc:fc:c2:10:7c:db:1e: 8c:af:51:96:d8:35:22:4d:b1:3a:c6:0e:ae:df:08:ac:b8:fc: ca:da:83:04:8d:d4:83:2e:50:1c:b3:bd:36:18:73:96:09:03: a2:2c:85:f7:fc:d7:fb:b3:30:85:7f:9b:ee:96:2c:aa:fa:92: f7:f1:41:1f:d7:9f:27:e6:1b:ac:2a:8a:91:b7:c2:b5:5e:26: aa:65:f6:ae:dc:bf:e9:a0:8b:d7:6f:71:74:48:da:8c:0f:c5: 82:04:d1:46:13:ba:01:f4:fa:7f:ee:3c:77:5f:c2:13:21:b7: 24:36:2f:c2:36:5a:f5:98:de:93:0c:13:f8:8a:92:0c:37:77: 1d:29:f1:b2:72:70:48:e2:36:6f:9b:04:d9:3b:ab:d0:ab:bd: 88:45:e4:11:ad:ed:4a:d1:c4:7e:93:56:a7:8f:69:ec:46:0e: da:5c:59:39:67:8a:7c:cb:1f:32:93:c1:d2:81:dd:83:57:13: 98:a2:e8:64:ae:14:1d:7d:ae:0c:de:32:27:e2:75:52:b7:02: 6f:57:6b:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk1NjExMTAvBgNVBAUTKDVFM0NGMDI1MUQ4QTYwMDZCODI4NUJEMDk0OUZDRDlC QTNGOUVCQjgwHhcNMjUwNjA1MDEwNjM0WhcNMjUwNjEyMDEwNjM0WjAYMRYwFAYD VQQDEw02ODQwZWQ5Yi01ZjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv+aZpvx+EaXqKWXl/FoFHyzPrdzgKdtzaq94iwlx+DtL4sdNLEUe1NiXB/1D afypds4gCk0c30kNtOZQo/h0sRIkh2SrjhQ2qqFtAimRxknKzQ0lnV6CSd/F1R3K bLaYHbdvcr4Nv+jy4Kg83YzS3ge8n7G9s9QgajFDk2nczKp9OOr9mStW/fddWLP0 OKM82kJd8W5wBXj9JSx9Nv3JqXvt7cwYdt+NZCg+2Ki5tDcLhgkAdKgDNlYSEe/X bshdW6Y9+FabLHRlCSJ1KbvF1+BeHwFhyWXRrgZazlNB6EKBj+HGJFWyVqLkE7/N S7288W7UShwYkaGMe2r5y3lUCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAIIEonK 6HLGZU3a9xvBZ9DfWo6jMB8GA1UdIwQYMBaAFF488CUdimAGuChb0JSfzZuj+eu4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTU2MS9DOUE4REZEQURB NjkxMUVDOUM4MTUzNThDNEY5QUUwMi9Yanp3SlIyS1lBYTRLRnZRbEpfTm02UDU2 N2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hqendKUjJLWUFhNEtGdlFsSl9ObTZQNTY3Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OTU2MS9DOUE4REZEQURBNjkxMUVDOUM4MTUzNThDNEY5QUUwMi9Yanp3SlIyS1lB YTRLRnZRbEpfTm02UDU2N2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAy6khaeO16x2zlXuNYH98o/5vXAX2KzT8fYUfI5Y8q+DCkke6KTZ3q PRqlqRBondz8whB82x6Mr1GW2DUiTbE6xg6u3wisuPzK2oMEjdSDLlAcs702GHOW CQOiLIX3/Nf7szCFf5vuliyq+pL38UEf158n5husKoqRt8K1XiaqZfau3L/poIvX b3F0SNqMD8WCBNFGE7oB9Pp/7jx3X8ITIbckNi/CNlr1mN6TDBP4ipIMN3cdKfGy cnBI4jZvmwTZO6vQq72IReQRre1K0cR+k1anj2nsRg7aXFk5Z4p8yx8yk8HSgd2D VxOYouhkrhQdfa4M3jIn4nVStwJvV2v3 -----END CERTIFICATE-----Generated at Thu Jun 5 18:23:40 2025 by rpki-client