$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.mft File: xIoOQPt_45dbEsI-AwrFTFIFcWM.mft (raw, json) Hash identifier: Yr5RqHtNMuo1w91ZtaKflGrBfhqa1o1hUX/P4KZ09H4= Subject key identifier: 62:33:05:3C:70:48:83:25:7B:F9:BE:85:96:B7:9B:52:EB:45:E9:BC Authority key identifier: C4:8A:0E:40:FB:7F:E3:97:5B:12:C2:3E:03:0A:C5:4C:52:05:71:63 Certificate issuer: /CN=A91D28BC/serialNumber=C48A0E40FB7FE3975B12C23E030AC54C52057163 Certificate serial: 055C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIoOQPt_45dbEsI-AwrFTFIFcWM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.mft Manifest number: 0557 Signing time: Fri 30 May 2025 23:35:40 +0000 Manifest this update: Fri 30 May 2025 23:35:40 +0000 Manifest next update: Fri 06 Jun 2025 23:35:40 +0000 Files and hashes: 1: xIoOQPt_45dbEsI-AwrFTFIFcWM.crl (hash: I+wQgu+pnuo2gobDFhQ2oQJEHDbGLz77RmpLXD36T4E=) 2: 2B07FA82EADC11EBBE430B5EC4F9AE02.roa (hash: jxQWNR1P8sYKVza0W/49c3uTybsGhMQmKrsxrcNc/xk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.crl rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIoOQPt_45dbEsI-AwrFTFIFcWM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:35:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1372 (0x55c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28BC, serialNumber=C48A0E40FB7FE3975B12C23E030AC54C52057163 Validity Not Before: May 30 23:35:40 2025 GMT Not After : Jun 6 23:35:40 2025 GMT Subject: CN=683a40cc-32a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:3b:9b:01:c1:83:49:e8:3c:73:22:9c:79:2a: 48:6b:e8:0f:13:ce:06:0d:56:95:c7:91:49:db:37: 2a:04:47:39:61:9e:78:23:3a:46:de:15:47:c5:ba: 68:19:2c:54:6d:ca:1e:1b:cc:f9:dd:12:b7:b0:c1: fc:c6:d9:a4:ca:9e:1c:30:1d:8d:f9:dd:bb:63:e0: 1c:41:82:7e:41:89:13:bf:8b:32:c9:dc:a6:5e:9f: 12:28:1d:92:c2:ef:c2:f4:b8:ae:34:75:62:2c:da: 7a:50:59:69:40:4a:c0:f7:12:a3:dc:dd:8c:fd:89: 9c:b7:6a:71:59:a1:d2:0f:b1:65:69:f3:ea:e7:cf: 49:17:90:c9:b3:13:c7:e3:89:89:c3:9c:58:f5:16: 4d:ec:40:a1:6f:a8:4d:b5:65:4c:2c:ea:cb:d0:96: 22:37:55:09:78:10:ef:3f:c6:6e:aa:27:14:97:4c: ce:95:83:ab:c5:ac:b0:f6:f2:d2:c8:45:d1:2c:3d: 4f:c1:2f:33:b1:a7:12:c9:cc:f6:37:19:75:41:32: f2:32:59:87:44:1c:fb:f1:a2:53:66:76:4c:71:a4: 88:ef:9c:da:67:b2:64:92:96:06:50:9b:b3:4d:69: 76:46:00:64:8b:9d:c9:76:c2:62:30:17:e0:96:6c: be:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:33:05:3C:70:48:83:25:7B:F9:BE:85:96:B7:9B:52:EB:45:E9:BC X509v3 Authority Key Identifier: keyid:C4:8A:0E:40:FB:7F:E3:97:5B:12:C2:3E:03:0A:C5:4C:52:05:71:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIoOQPt_45dbEsI-AwrFTFIFcWM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:c0:b4:b0:30:c1:94:87:50:9f:fe:b8:01:bd:ab:5b:bd:5f: b7:01:fd:9a:3c:ae:02:33:1f:77:6b:c4:66:04:26:9a:07:27: 8f:59:88:68:43:17:48:46:93:2a:90:fa:76:54:53:de:a2:0e: fd:e4:80:96:0f:66:16:2d:44:5c:66:7b:fc:df:4a:99:c7:e5: b8:cd:30:77:9a:6c:c3:eb:5d:30:4c:fd:71:62:19:b3:e2:43: 9f:19:70:43:da:0c:65:a4:42:fc:d0:a6:32:1c:12:89:e0:6c: e6:60:80:25:9d:20:d6:d9:e3:62:26:f3:c8:36:ff:c1:ab:b0: 82:ca:85:f2:19:c7:e6:7c:e4:d2:b7:79:5a:56:1f:43:a9:29: 2e:7e:4a:87:73:a2:73:b0:34:ab:b6:37:4e:e7:f0:68:a7:fd: b9:64:c7:ae:d8:87:17:15:b3:e0:2b:1e:64:ac:82:3b:d9:d5: 22:18:80:ae:4e:a1:4a:a7:b5:5c:6d:23:da:4c:e1:1b:e5:4a: 6a:a1:0e:7e:03:86:7d:8e:b7:b1:82:86:5d:a4:ea:e1:fa:59: e6:a0:d7:fd:ff:25:9b:db:c9:34:0f:0d:73:47:19:ff:d3:95: a1:5c:1b:22:cf:d3:a0:dc:3d:64:ec:cb:cb:2b:f1:c8:d6:80: 65:d3:b2:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4QkMxMTAvBgNVBAUTKEM0OEEwRTQwRkI3RkUzOTc1QjEyQzIzRTAzMEFDNTRD NTIwNTcxNjMwHhcNMjUwNTMwMjMzNTQwWhcNMjUwNjA2MjMzNTQwWjAYMRYwFAYD VQQDEw02ODNhNDBjYy0zMmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0jubAcGDSeg8cyKceSpIa+gPE84GDVaVx5FJ2zcqBEc5YZ54IzpG3hVHxbpo GSxUbcoeG8z53RK3sMH8xtmkyp4cMB2N+d27Y+AcQYJ+QYkTv4syydymXp8SKB2S wu/C9LiuNHViLNp6UFlpQErA9xKj3N2M/Ymct2pxWaHSD7FlafPq589JF5DJsxPH 44mJw5xY9RZN7EChb6hNtWVMLOrL0JYiN1UJeBDvP8ZuqicUl0zOlYOrxayw9vLS yEXRLD1PwS8zsacSycz2Nxl1QTLyMlmHRBz78aJTZnZMcaSI75zaZ7JkkpYGUJuz TWl2RgBki53JdsJiMBfglmy+cwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGIzBTxw SIMle/m+hZa3m1LrRem8MB8GA1UdIwQYMBaAFMSKDkD7f+OXWxLCPgMKxUxSBXFj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhCQy85MjA5MjM5MEVB RDgxMUVCQkQyQ0M3NThDNEY5QUUwMi94SW9PUVB0XzQ1ZGJFc0ktQXdyRlRGSUZj V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hJb09RUHRfNDVkYkVzSS1Bd3JGVEZJRmNXTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhCQy85MjA5MjM5MEVBRDgxMUVCQkQyQ0M3NThDNEY5QUUwMi94SW9PUVB0XzQ1 ZGJFc0ktQXdyRlRGSUZjV00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8wLSwMMGUh1Cf/rgBvatbvV+3Af2aPK4CMx93a8RmBCaaByePWYho QxdIRpMqkPp2VFPeog795ICWD2YWLURcZnv830qZx+W4zTB3mmzD610wTP1xYhmz 4kOfGXBD2gxlpEL80KYyHBKJ4GzmYIAlnSDW2eNiJvPINv/Bq7CCyoXyGcfmfOTS t3laVh9DqSkufkqHc6JzsDSrtjdO5/Bop/25ZMeu2IcXFbPgKx5krII72dUiGICu TqFKp7VcbSPaTOEb5UpqoQ5+A4Z9jrexgoZdpOrh+lnmoNf9/yWb28k0Dw1zRxn/ 05WhXBsiz9Og3D1k7MvLK/HI1oBl07J3 -----END CERTIFICATE-----Generated at Sat May 31 15:42:05 2025 by rpki-client