$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft File: X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft (raw, json) Hash identifier: KvcMxuk7xx1iybpL/5WTYJcFs8ZPENeummjRMwZXmIc= Subject key identifier: F5:30:8F:05:A6:1D:20:23:9D:FB:24:74:70:11:C6:71:F6:3C:4C:06 Authority key identifier: 5F:69:91:86:A2:EB:CD:45:B1:FF:6A:0A:4A:F6:06:06:F3:B3:D0:8D Certificate issuer: /CN=A91DF856/serialNumber=5F699186A2EBCD45B1FF6A0A4AF60606F3B3D08D Certificate serial: 17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft Manifest number: 16 Signing time: Sat 31 May 2025 07:32:53 +0000 Manifest this update: Sat 31 May 2025 07:32:53 +0000 Manifest next update: Sat 07 Jun 2025 07:32:53 +0000 Files and hashes: 1: X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl (hash: +P0jwn05N2nNr/9VO1QmF7AtTPgVyJ9+WbeEzbnzqDU=) 2: B245BA601C4311F08254DE40C4F9AE02.roa (hash: cR1hA1Kx4PPiBeW49KPuxZm4E1WoNdgwAMLfYPZP980=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:32:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF856, serialNumber=5F699186A2EBCD45B1FF6A0A4AF60606F3B3D08D Validity Not Before: May 31 07:32:53 2025 GMT Not After : Jun 7 07:32:53 2025 GMT Subject: CN=683ab0a5-fa55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d4:7c:0a:70:e0:5b:56:ea:d9:92:aa:4f:20: 2b:24:98:6d:c7:d5:f5:94:7b:0e:6a:d5:c0:23:9d: 8c:6f:02:10:63:a4:14:f8:39:34:0b:ce:ad:ac:58: 28:2e:ed:5f:3c:56:4e:99:91:21:9b:59:f7:74:bb: df:02:b9:fd:37:92:b2:4f:b6:ca:c9:87:29:f1:07: 1b:57:57:62:39:9a:a4:50:14:12:a4:92:3a:cb:27: 9e:40:f6:23:40:b6:ce:90:cb:0f:45:13:b4:52:35: 83:f2:72:93:e5:af:95:82:10:3b:6e:85:cd:79:1d: 46:a5:1c:dc:83:fb:6b:c8:79:aa:87:c2:98:7c:ee: c3:9f:3a:3a:87:5a:a0:b7:c4:6c:79:78:5c:ce:0f: 5c:d3:4b:ca:6d:e2:61:60:3d:7d:19:e3:0d:ce:69: 89:03:4f:63:bd:ba:f9:5c:53:1a:8c:7f:53:cd:f7: f1:09:41:11:3f:b6:7f:b8:c7:2e:d2:b2:4c:2f:3f: d2:f9:26:5a:26:b0:a5:e0:77:11:10:ad:86:b2:81: 75:51:cf:6c:63:53:5a:a1:7e:03:6f:6e:45:23:27: 93:71:3e:a3:89:22:b9:16:8d:17:fc:e3:be:e1:56: 77:5d:02:a2:fa:54:d6:4e:e6:45:c9:c5:a6:a4:6b: 85:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:30:8F:05:A6:1D:20:23:9D:FB:24:74:70:11:C6:71:F6:3C:4C:06 X509v3 Authority Key Identifier: keyid:5F:69:91:86:A2:EB:CD:45:B1:FF:6A:0A:4A:F6:06:06:F3:B3:D0:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:3d:0d:72:b0:41:6c:28:c1:80:b5:18:f4:74:41:46:ed:95: 2b:f0:23:5a:c5:7f:47:0d:0a:6b:6d:2e:22:ce:68:7c:ab:e1: f1:cd:6c:6c:b0:1b:71:08:48:52:aa:bb:bb:27:a9:f8:7c:44: b6:f1:7e:b8:5e:82:88:cb:c6:2e:1f:e9:2d:5a:89:14:56:ec: 73:a0:7f:51:ac:00:d6:dc:e7:bd:ac:4b:73:b2:2d:59:cc:9f: 83:c7:75:3a:d7:70:60:96:67:b5:d9:38:5e:70:db:67:b1:fc: d4:2f:fc:dc:40:07:13:3b:3f:4c:20:77:61:52:1d:3f:23:f2: 25:38:ce:6d:b4:af:30:80:5f:71:b1:4e:55:62:69:28:2d:73: 34:6a:66:b5:49:10:8b:7c:33:ab:d3:7d:8a:92:25:2d:3f:a2: 3e:8d:cd:4e:65:77:e2:b6:9c:7a:51:91:41:25:0b:13:8d:22: e7:2e:db:8a:da:36:29:d0:a2:64:bc:94:97:4f:5e:87:0d:3c: ce:7f:2e:c2:24:a0:28:f6:b1:dc:81:d0:9c:bb:ce:92:8c:e3: 2c:aa:07:51:bc:c0:07:98:65:a8:e7:2b:ff:a3:3a:b2:71:68: 46:5e:3b:a2:80:9b:1b:d2:85:da:00:d3:de:1d:8e:58:56:89: 05:d2:36:60 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE Rjg1NjExMC8GA1UEBRMoNUY2OTkxODZBMkVCQ0Q0NUIxRkY2QTBBNEFGNjA2MDZG M0IzRDA4RDAeFw0yNTA1MzEwNzMyNTNaFw0yNTA2MDcwNzMyNTNaMBgxFjAUBgNV BAMTDTY4M2FiMGE1LWZhNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCq1HwKcOBbVurZkqpPICskmG3H1fWUew5q1cAjnYxvAhBjpBT4OTQLzq2sWCgu 7V88Vk6ZkSGbWfd0u98Cuf03krJPtsrJhynxBxtXV2I5mqRQFBKkkjrLJ55A9iNA ts6Qyw9FE7RSNYPycpPlr5WCEDtuhc15HUalHNyD+2vIeaqHwph87sOfOjqHWqC3 xGx5eFzOD1zTS8pt4mFgPX0Z4w3OaYkDT2O9uvlcUxqMf1PN9/EJQRE/tn+4xy7S skwvP9L5JlomsKXgdxEQrYaygXVRz2xjU1qhfgNvbkUjJ5NxPqOJIrkWjRf8477h VnddAqL6VNZO5kXJxaaka4WxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU9TCPBaYd ICOd+yR0cBHGcfY8TAYwHwYDVR0jBBgwFoAUX2mRhqLrzUWx/2oKSvYGBvOz0I0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGODU2L0VGRjJBMEEwMUM0 MTExRjBBOTgyMUYzRUM0RjlBRTAyL1gybVJocUxyelVXeF8yb0tTdllHQnZPejBJ MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWDJtUmhxTHJ6VVd4XzJvS1N2WUdCdk96MEkwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURG ODU2L0VGRjJBMEEwMUM0MTExRjBBOTgyMUYzRUM0RjlBRTAyL1gybVJocUxyelVX eF8yb0tTdllHQnZPejBJMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALU9DXKwQWwowYC1GPR0QUbtlSvwI1rFf0cNCmttLiLOaHyr4fHNbGyw G3EISFKqu7snqfh8RLbxfrhegojLxi4f6S1aiRRW7HOgf1GsANbc572sS3OyLVnM n4PHdTrXcGCWZ7XZOF5w22ex/NQv/NxABxM7P0wgd2FSHT8j8iU4zm20rzCAX3Gx TlViaSgtczRqZrVJEIt8M6vTfYqSJS0/oj6NzU5ld+K2nHpRkUElCxONIucu24ra NinQomS8lJdPXocNPM5/LsIkoCj2sdyB0Jy7zpKM4yyqB1G8wAeYZajnK/+jOrJx aEZeO6KAmxvShdoA094djlhWiQXSNmA= -----END CERTIFICATE-----Generated at Sat May 31 15:38:32 2025 by rpki-client