$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: +2iLpMfvNBmmkOjb0taQVmRuUckCWQCsRekN2YLXaL4= Subject key identifier: B7:F4:21:EB:8E:AE:5B:AC:62:3C:09:DD:36:55:D4:D7:60:15:10:12 Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 02B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 02AE Signing time: Sat 31 May 2025 01:39:02 +0000 Manifest this update: Sat 31 May 2025 01:39:01 +0000 Manifest next update: Sat 07 Jun 2025 01:39:01 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: izGY9cNFOyVM+5BldkJTsQk+KZZ0NpnzwP1bEXI2GbE=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: jZodcyxZ4nUw78pUbwh5qrFajwuNLHaye10ReDwTgoQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:39:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 691 (0x2b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2, serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: May 31 01:39:01 2025 GMT Not After : Jun 7 01:39:01 2025 GMT Subject: CN=683a5db5-e64a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c7:23:cb:f1:f7:08:94:45:43:3c:cb:c6:ad: cd:2c:8b:09:e3:aa:60:7b:e5:42:ca:84:82:33:4f: 69:22:b7:0d:44:94:75:a4:06:04:ac:de:a7:b9:2f: 29:b4:d8:5f:66:43:94:a9:5f:49:eb:ae:9f:25:dc: b4:90:9e:8b:c0:9c:a5:53:f7:0e:7c:c6:9e:0b:b3: 8d:00:df:2f:66:04:68:fe:21:a8:33:89:2d:b4:86: bc:ef:e1:59:2b:09:ef:d2:8a:02:fd:96:b2:91:5f: ed:da:f1:e0:a4:2d:43:a1:9a:b1:64:75:76:67:0b: 80:ee:dc:3e:e4:6f:4f:24:bc:45:30:7a:2b:5d:5f: df:b5:5f:73:6d:6e:76:24:fb:e7:8b:3b:f8:31:24: be:ef:11:7e:e5:4f:4f:5b:fd:b4:b4:22:06:82:61: 26:2a:11:b9:08:e6:e9:4d:58:11:50:e9:1a:f3:93: fc:1e:68:cf:12:9f:6b:43:9f:df:30:3a:4c:8c:ca: 75:ae:26:60:90:df:4c:85:ba:ce:b1:3e:a3:ae:98: 75:a2:f0:78:92:03:2f:08:d1:9b:f3:ea:ce:78:23: 02:1f:5e:01:a1:ad:76:6d:51:f7:5d:46:8f:37:d7: 7e:6f:d9:02:81:bd:c4:4f:9c:f1:9c:2a:e6:d8:80: 8b:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:F4:21:EB:8E:AE:5B:AC:62:3C:09:DD:36:55:D4:D7:60:15:10:12 X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:d4:20:f3:42:64:b0:b3:26:21:89:81:12:3c:7a:50:a0:47: d2:52:0e:e1:6d:da:4f:ff:2f:77:d9:67:98:99:93:64:9b:2b: c3:30:9a:39:9d:76:dc:fa:55:34:84:d9:f3:e1:29:78:ae:45: 69:d0:49:62:c2:45:ae:79:b0:60:53:ce:62:04:bb:22:9f:eb: 80:02:07:10:3e:09:78:4a:ed:7b:82:dc:f0:02:f7:47:07:d9: a0:5c:fa:6a:37:4e:a9:48:02:b6:36:ac:4b:b3:73:d6:bc:09: 66:5e:6d:38:33:61:7e:de:b2:2c:a4:0b:3c:9d:47:45:59:ac: 46:94:85:ea:34:b2:d9:14:05:6c:9a:1c:76:ee:8c:f1:1c:5e: b2:a2:d5:46:31:fa:99:cb:a2:c6:c3:18:09:c5:75:cd:7c:3e: 04:f0:fb:b7:99:85:44:4b:57:63:8c:d5:04:46:ce:86:4e:74: 17:d5:87:e3:db:8b:fa:b9:13:45:4f:a0:82:0c:03:67:1f:84: a7:2c:ef:66:5c:47:6c:ba:10:2a:cc:de:27:af:34:dd:08:75: e8:9e:fe:91:71:95:78:b6:4f:51:12:6d:49:3a:44:99:25:ab: 11:49:19:8d:7a:29:af:62:90:55:87:1d:2a:1a:a6:3c:95:8d: cc:a4:46:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjUwNTMxMDEzOTAxWhcNMjUwNjA3MDEzOTAxWjAYMRYwFAYD VQQDEw02ODNhNWRiNS1lNjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwscjy/H3CJRFQzzLxq3NLIsJ46pge+VCyoSCM09pIrcNRJR1pAYErN6nuS8p tNhfZkOUqV9J666fJdy0kJ6LwJylU/cOfMaeC7ONAN8vZgRo/iGoM4kttIa87+FZ Kwnv0ooC/ZaykV/t2vHgpC1DoZqxZHV2ZwuA7tw+5G9PJLxFMHorXV/ftV9zbW52 JPvnizv4MSS+7xF+5U9PW/20tCIGgmEmKhG5CObpTVgRUOka85P8HmjPEp9rQ5/f MDpMjMp1riZgkN9MhbrOsT6jrph1ovB4kgMvCNGb8+rOeCMCH14Boa12bVH3XUaP N9d+b9kCgb3ET5zxnCrm2ICLDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLf0IeuO rlusYjwJ3TZV1NdgFRASMB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCL1CDzQmSwsyYhiYESPHpQoEfSUg7hbdpP/y932WeYmZNkmyvDMJo5 nXbc+lU0hNnz4Sl4rkVp0EliwkWuebBgU85iBLsin+uAAgcQPgl4Su17gtzwAvdH B9mgXPpqN06pSAK2NqxLs3PWvAlmXm04M2F+3rIspAs8nUdFWaxGlIXqNLLZFAVs mhx27ozxHF6yotVGMfqZy6LGwxgJxXXNfD4E8Pu3mYVES1djjNUERs6GTnQX1Yfj 24v6uRNFT6CCDANnH4SnLO9mXEdsuhAqzN4nrzTdCHXonv6RcZV4tk9REm1JOkSZ JasRSRmNeimvYpBVhx0qGqY8lY3MpEYg -----END CERTIFICATE-----Generated at Sat May 31 17:24:49 2025 by rpki-client