$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft File: XDZbFzHKfOfbgd1XEwvU1kMBm14.mft (raw, json) Hash identifier: QWvDyzCI59csc7L+Xp0WVXK2/pV+r9JS7yK4RLkUz50= Subject key identifier: 81:C0:55:FE:EF:75:21:2E:BF:FA:2F:69:A9:14:5B:70:1C:DF:A5:2D Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 0561 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft Manifest number: 055A Signing time: Fri 30 May 2025 23:35:47 +0000 Manifest this update: Fri 30 May 2025 23:35:47 +0000 Manifest next update: Fri 06 Jun 2025 23:35:47 +0000 Files and hashes: 1: XDZbFzHKfOfbgd1XEwvU1kMBm14.crl (hash: UtcMUpvu3+FIEEHBN/jnbIURD6f3Rivi6kT461qImPQ=) 2: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (hash: QJH4AI00yRGEUDIXxzK7vr00Zj8U+JgNqRc/dr5Ast0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:35:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1377 (0x561) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB, serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: May 30 23:35:47 2025 GMT Not After : Jun 6 23:35:47 2025 GMT Subject: CN=683a40d3-60d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:7d:9e:87:d0:e4:81:fc:26:55:3e:0a:6a:7f: 2f:b7:7a:e1:3b:7d:e3:a5:22:8e:bd:d5:88:26:60: 84:cb:8d:16:05:54:09:a6:a8:54:68:e0:0b:90:4c: 1d:8b:ae:fb:e4:73:b3:2b:7d:7a:8e:7c:ec:9c:fd: 9b:7f:65:9b:f4:8c:41:03:50:9c:b3:a9:06:35:c6: 5f:95:ce:29:97:cd:09:34:51:52:80:2b:42:b2:26: 3f:3c:ec:2b:d2:83:b3:06:9b:bd:3e:3d:ac:df:08: f6:bb:64:3b:0f:6b:dd:7c:d0:cf:7b:d4:4a:b0:48: 27:9d:20:63:8e:13:69:3c:b0:9e:2a:93:89:aa:10: 3c:84:98:4d:20:9e:30:22:0c:09:29:12:71:b1:0c: 1c:35:3e:a7:99:89:b7:c3:58:95:00:5b:d0:08:2c: ff:53:9f:8c:0c:12:de:39:40:30:dc:97:c6:c5:de: 58:24:0c:8a:5d:db:8a:0f:a3:bb:c9:75:82:82:d1: 3d:64:3b:de:cd:96:37:83:10:3e:c4:3a:61:5a:00: aa:0e:79:50:fd:b2:7a:77:2d:fd:3c:44:42:d7:d8: 10:4c:10:f9:a4:bb:b2:c7:2c:f5:1f:bc:cd:ce:0a: a9:58:37:d8:fd:ed:45:28:c6:e4:27:16:36:34:b9: 4d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:C0:55:FE:EF:75:21:2E:BF:FA:2F:69:A9:14:5B:70:1C:DF:A5:2D X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:d5:56:bc:b4:b9:f9:a3:69:20:73:e9:ff:f1:e0:9d:73:02: 07:5b:30:4a:e8:3c:ad:62:2d:b0:03:f4:d0:54:ed:40:52:52: 7b:39:f9:4a:b8:3b:0f:09:83:e5:eb:52:58:b8:b2:77:35:84: 16:e9:fc:57:a0:da:b5:8c:0b:34:dd:9e:83:6a:1a:25:4d:98: 3b:a5:65:0c:95:9e:4a:bb:8a:fa:5f:d9:25:9e:50:9e:ab:ed: ab:bd:80:8c:52:af:58:26:9c:42:88:b1:82:b7:92:6e:d3:98: 3f:7b:d9:d2:65:6b:b0:e8:32:f8:d1:9f:02:da:16:b3:d5:99: 87:b4:95:d0:c3:0d:84:08:34:b2:ac:41:07:64:30:8d:b7:64: 93:fe:53:08:25:e0:e1:7b:85:06:0f:5e:c6:57:6d:fd:6e:3c: 20:07:d7:bb:05:26:d3:86:e8:17:45:9c:37:2c:95:74:5e:3b: 5f:8e:91:07:fd:fe:81:7c:6e:c7:18:f8:02:e0:0a:d0:a4:09: 86:5f:a0:85:0b:67:ae:1b:37:bf:81:46:59:58:ac:53:52:87: b8:21:b1:24:0f:e0:bd:63:8c:17:43:04:13:ea:1d:45:b3:ee: 38:c6:b7:2f:e9:49:a8:d1:2a:8d:68:49:4d:9d:ba:39:dd:98: f3:c7:fd:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjUwNTMwMjMzNTQ3WhcNMjUwNjA2MjMzNTQ3WjAYMRYwFAYD VQQDEw02ODNhNDBkMy02MGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnX2eh9DkgfwmVT4Kan8vt3rhO33jpSKOvdWIJmCEy40WBVQJpqhUaOALkEwd i6775HOzK316jnzsnP2bf2Wb9IxBA1Ccs6kGNcZflc4pl80JNFFSgCtCsiY/POwr 0oOzBpu9Pj2s3wj2u2Q7D2vdfNDPe9RKsEgnnSBjjhNpPLCeKpOJqhA8hJhNIJ4w IgwJKRJxsQwcNT6nmYm3w1iVAFvQCCz/U5+MDBLeOUAw3JfGxd5YJAyKXduKD6O7 yXWCgtE9ZDvezZY3gxA+xDphWgCqDnlQ/bJ6dy39PERC19gQTBD5pLuyxyz1H7zN zgqpWDfY/e1FKMbkJxY2NLlNiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIHAVf7v dSEuv/ovaakUW3Ac36UtMB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhFQi83NzE0OEFDNkVCMDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZP ZmJnZDFYRXd2VTFrTUJtMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB01Va8tLn5o2kgc+n/8eCdcwIHWzBK6DytYi2wA/TQVO1AUlJ7OflK uDsPCYPl61JYuLJ3NYQW6fxXoNq1jAs03Z6DaholTZg7pWUMlZ5Ku4r6X9klnlCe q+2rvYCMUq9YJpxCiLGCt5Ju05g/e9nSZWuw6DL40Z8C2haz1ZmHtJXQww2ECDSy rEEHZDCNt2ST/lMIJeDhe4UGD17GV239bjwgB9e7BSbThugXRZw3LJV0XjtfjpEH /f6BfG7HGPgC4ArQpAmGX6CFC2euGze/gUZZWKxTUoe4IbEkD+C9Y4wXQwQT6h1F s+44xrcv6Umo0SqNaElNnbo53Zjzx/2V -----END CERTIFICATE-----Generated at Sat May 31 16:34:57 2025 by rpki-client