$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft File: X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft (raw, json) Hash identifier: kKqGSc6yWIFvnvotlQNRvdwEn7NkvZQclJGZpS29fEY= Subject key identifier: 81:9A:E4:17:FA:9F:DE:20:ED:A7:48:AB:7D:4B:26:54:95:39:A3:BD Authority key identifier: 5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9 Certificate issuer: /CN=A91CE285/serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9 Certificate serial: 09BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft Manifest number: 09B4 Signing time: Fri 30 May 2025 20:13:28 +0000 Manifest this update: Fri 30 May 2025 20:13:27 +0000 Manifest next update: Fri 06 Jun 2025 20:13:27 +0000 Files and hashes: 1: X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl (hash: bTRer6C9d0ggyCC0aGybxIZCLJg6O73hWORM+9G2acQ=) 2: E5C4974689CF11EAA39AF441C4F9AE02.roa (hash: S/+GQ9LaNR6oJzl2BIn9qWcVDZWjqUHkpie5l4NiGuc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2491 (0x9bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE285, serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9 Validity Not Before: May 30 20:13:27 2025 GMT Not After : Jun 6 20:13:27 2025 GMT Subject: CN=683a1167-3e8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:70:20:6a:35:c1:15:ee:00:dc:81:8a:0e:c4: 5e:29:66:82:9f:ac:f2:78:37:e4:58:2f:23:c3:a1: 33:5a:cf:8c:fa:83:8a:bf:5b:98:15:fe:15:96:aa: 1f:a9:a3:dc:31:37:2d:11:5f:ce:50:99:ec:aa:0b: 3e:a5:14:4e:0d:49:ed:69:92:c9:27:7c:e8:f9:4c: 08:95:79:b7:90:50:36:a6:d3:94:76:53:d3:6b:3a: a5:b5:14:f2:6e:02:dd:97:13:22:0c:09:fb:78:3b: 69:2f:1d:3f:53:f8:ff:79:5e:34:fb:d6:6c:93:6f: 21:13:c7:8a:ee:2d:b3:c3:ba:d7:d3:99:c0:0d:84: bd:61:cc:05:ff:bf:57:d8:46:8d:18:2e:f4:f7:13: 7e:df:76:85:38:96:0d:70:0a:15:e9:e2:19:ec:30: ba:5b:e9:41:0d:77:ab:fa:24:5b:55:d4:d4:09:87: b4:9b:16:a0:94:53:14:ec:97:3b:7d:8c:12:53:e2: a1:ab:f8:a4:6c:c3:53:be:86:fb:f7:f2:f0:49:5a: 66:ec:70:18:8a:17:67:5e:b9:12:94:f0:c4:eb:ad: 1c:4f:37:eb:46:bd:5a:dd:df:e0:5c:97:12:91:d8: b4:4c:fa:c5:42:83:70:7e:7f:dd:19:cb:c1:b3:49: 01:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:9A:E4:17:FA:9F:DE:20:ED:A7:48:AB:7D:4B:26:54:95:39:A3:BD X509v3 Authority Key Identifier: keyid:5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:1f:74:15:0f:f7:a2:a1:9b:e9:be:35:e4:46:6b:7b:cc:60: 9d:02:38:b2:ac:c5:ef:00:d9:0b:e3:45:0a:04:50:23:7d:8c: 57:af:0c:b5:bd:78:dd:16:65:9c:f4:57:e7:3a:ca:28:ee:1e: 09:55:ed:dd:b1:1d:5b:8f:d3:3b:26:29:77:d5:5d:e3:d7:89: c6:8f:b7:d7:4b:18:57:a2:51:d5:cd:20:45:c9:06:cc:1a:ea: 04:e9:d9:12:bc:b1:35:76:ae:f8:03:0f:27:40:da:85:3c:28: c6:23:84:94:58:86:46:31:9f:9c:81:00:5a:50:ff:e7:90:9b: 24:79:7b:33:8a:76:8b:f2:dc:e8:a4:89:47:dc:1e:1d:6a:69: 1f:8d:0b:31:6b:13:ea:be:c9:2d:62:76:e2:a2:3f:16:71:3a: 40:54:dc:9f:52:3a:87:53:bb:df:f2:22:10:43:60:b9:a8:12: 3d:39:3a:e6:24:0b:89:33:bc:19:fe:35:c6:b4:9f:5a:1d:dd: d8:85:ad:49:99:0c:01:38:8e:d3:02:db:31:a0:f3:fc:4b:9a: c0:99:ea:c3:23:66:48:45:d3:a9:0d:d9:47:0d:ac:9c:ca:8a: 63:6c:16:c2:ff:6f:5c:b5:df:7e:27:b2:1c:fa:78:a5:aa:06: f0:45:88:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UyODUxMTAvBgNVBAUTKDVGOEFGMzU5NzNGRDRGQTU2M0YzM0I3Mzc2NTM0Njgy MTA3QkM4RjkwHhcNMjUwNTMwMjAxMzI3WhcNMjUwNjA2MjAxMzI3WjAYMRYwFAYD VQQDEw02ODNhMTE2Ny0zZThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy3AgajXBFe4A3IGKDsReKWaCn6zyeDfkWC8jw6EzWs+M+oOKv1uYFf4Vlqof qaPcMTctEV/OUJnsqgs+pRRODUntaZLJJ3zo+UwIlXm3kFA2ptOUdlPTazqltRTy bgLdlxMiDAn7eDtpLx0/U/j/eV40+9Zsk28hE8eK7i2zw7rX05nADYS9YcwF/79X 2EaNGC709xN+33aFOJYNcAoV6eIZ7DC6W+lBDXer+iRbVdTUCYe0mxaglFMU7Jc7 fYwSU+Khq/ikbMNTvob79/LwSVpm7HAYihdnXrkSlPDE660cTzfrRr1a3d/gXJcS kdi0TPrFQoNwfn/dGcvBs0kBcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIGa5Bf6 n94g7adIq31LJlSVOaO9MB8GA1UdIwQYMBaAFF+K81lz/U+lY/M7c3ZTRoIQe8j5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTI4NS81RTE2NDhCNjg0 QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2Vmo4enR6ZGxOR2doQjd5 UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0cnpXWFA5VDZWajh6dHpkbE5HZ2hCN3lQay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTI4NS81RTE2NDhCNjg0QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2 Vmo4enR6ZGxOR2doQjd5UGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGH3QVD/eioZvpvjXkRmt7zGCdAjiyrMXvANkL40UKBFAjfYxXrwy1 vXjdFmWc9FfnOsoo7h4JVe3dsR1bj9M7Jil31V3j14nGj7fXSxhXolHVzSBFyQbM GuoE6dkSvLE1dq74Aw8nQNqFPCjGI4SUWIZGMZ+cgQBaUP/nkJskeXszinaL8tzo pIlH3B4damkfjQsxaxPqvsktYnbioj8WcTpAVNyfUjqHU7vf8iIQQ2C5qBI9OTrm JAuJM7wZ/jXGtJ9aHd3Yha1JmQwBOI7TAtsxoPP8S5rAmerDI2ZIRdOpDdlHDayc yopjbBbC/29ctd9+J7Ic+nilqgbwRYj1 -----END CERTIFICATE-----Generated at Sat May 31 17:07:36 2025 by rpki-client