$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft File: XDlbosoKv2WIhyaHTHgktpt4mZU.mft (raw, json) Hash identifier: kOfBUeEoBAaBOV1VoJg6theFozeuaj6CgKAC+MMkygg= Subject key identifier: F0:3D:39:CE:62:DE:13:79:43:18:56:3B:D0:E2:B4:8C:01:1C:1E:7D Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 Certificate issuer: /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Certificate serial: 0E47 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft Manifest number: 0E3A Signing time: Fri 30 May 2025 17:57:12 +0000 Manifest this update: Fri 30 May 2025 17:57:11 +0000 Manifest next update: Fri 06 Jun 2025 17:57:11 +0000 Files and hashes: 1: XDlbosoKv2WIhyaHTHgktpt4mZU.crl (hash: zMF1e+u5P8Q7Q/GQyDmsDCGcgfLLEwc+vOw9sPwTxTQ=) 2: AECDA1B0448F11EDACC30815C4F9AE02.roa (hash: xirIMjuaHIPZj6jpdJVKaFKfHlsVW3gI4qvEhU2Je88=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:57:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3655 (0xe47) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E66E5, serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Validity Not Before: May 30 17:57:11 2025 GMT Not After : Jun 6 17:57:11 2025 GMT Subject: CN=6839f178-cb9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:94:08:67:7f:f7:5e:82:bc:4d:af:60:1a:ae: 1e:8f:59:11:8f:4c:32:bb:ee:77:c4:6a:cf:31:e6: 27:b6:e3:05:a6:89:65:a3:19:d0:6b:10:3b:02:dd: 93:0c:58:15:66:76:b5:19:96:9e:7b:bc:07:80:31: e1:18:3a:96:3c:bc:bf:c4:d6:24:1b:94:1c:b3:77: c5:54:b8:d2:3c:33:8e:b5:8c:d0:a4:fc:bb:a9:d6: 03:a9:ca:5c:4d:cb:49:cd:e0:17:58:bb:86:04:47: be:e6:c8:95:27:79:cb:ad:14:6f:2d:51:ab:7b:57: 21:db:cf:aa:27:50:92:89:03:c2:5b:7f:2b:99:f1: bd:f1:76:34:14:4b:89:d4:36:17:65:de:5d:0a:ff: 6a:ad:e3:fe:72:1a:b7:69:4c:65:7a:fc:5d:95:e2: ac:25:45:06:0e:27:25:3b:22:e2:7e:9e:86:6d:8c: 4f:e4:df:57:df:b5:c2:69:3a:f6:a7:89:bb:e5:a0: e1:cd:76:1d:54:30:86:f3:21:50:dc:b6:44:ff:5d: 98:1d:e8:62:8e:8a:f4:2d:cb:e5:9d:2d:3b:2f:88: 3b:f8:2e:b5:0d:6f:af:4e:b1:ec:59:02:c3:2f:c0: e1:f1:00:98:c3:a6:15:20:55:f3:08:50:09:08:a7: 37:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:3D:39:CE:62:DE:13:79:43:18:56:3B:D0:E2:B4:8C:01:1C:1E:7D X509v3 Authority Key Identifier: keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:54:6d:04:af:fa:06:3d:85:95:fe:bf:cb:2d:8f:6d:c2:c6: f0:5a:aa:ba:fa:38:83:7e:26:e4:e2:e5:f9:04:b5:6c:31:4d: e6:dd:22:21:9a:eb:2f:99:e3:04:f5:17:b5:ca:b5:56:97:36: b1:54:ad:77:f5:b2:22:ae:e8:90:37:30:7b:cb:80:fb:f2:68: f1:2d:f2:b7:18:f8:11:bd:4e:57:00:25:ca:5a:6e:87:03:3d: 03:b0:3f:2d:c7:42:ce:4b:09:3c:4b:54:d1:b2:d6:8c:b7:0a: 28:d3:0f:01:a1:3f:5a:73:9e:22:69:af:ed:de:e9:8a:d1:2a: 76:d0:c8:45:b2:d1:89:ec:e4:b7:7f:34:d2:92:41:3c:4d:01: 15:ea:1b:db:f7:79:5c:a4:1f:9c:83:44:f7:36:78:8d:6d:a5: 55:d9:9c:0c:bf:ea:3e:c0:d0:5c:7e:31:e0:1b:0d:d9:49:0e: 8b:d6:b1:4e:5e:60:b0:2d:e0:8f:b5:c5:c6:f0:6e:66:1d:28: cf:3c:9b:2d:45:db:a6:75:5f:99:3c:e4:ce:28:36:d9:21:ec: 36:21:48:ce:61:09:2e:3c:19:58:db:db:e1:a6:44:bf:9a:76: c4:78:a4:86:7a:a9:e3:7c:b8:1b:a7:95:4c:dd:87:1b:4e:eb: e9:cb:92:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2 OUI3ODk5OTUwHhcNMjUwNTMwMTc1NzExWhcNMjUwNjA2MTc1NzExWjAYMRYwFAYD VQQDEw02ODM5ZjE3OC1jYjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv5QIZ3/3XoK8Ta9gGq4ej1kRj0wyu+53xGrPMeYntuMFpolloxnQaxA7At2T DFgVZna1GZaee7wHgDHhGDqWPLy/xNYkG5Qcs3fFVLjSPDOOtYzQpPy7qdYDqcpc TctJzeAXWLuGBEe+5siVJ3nLrRRvLVGre1ch28+qJ1CSiQPCW38rmfG98XY0FEuJ 1DYXZd5dCv9qreP+chq3aUxlevxdleKsJUUGDiclOyLifp6GbYxP5N9X37XCaTr2 p4m75aDhzXYdVDCG8yFQ3LZE/12YHehijor0LcvlnS07L4g7+C61DW+vTrHsWQLD L8Dh8QCYw6YVIFXzCFAJCKc3IQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPA9Oc5i 3hN5QxhWO9DitIwBHB59MB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NjZFNS81NjQzMDU4NkEyNzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3Yy V0loeWFIVEhna3RwdDRtWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCTVG0Er/oGPYWV/r/LLY9twsbwWqq6+jiDfibk4uX5BLVsMU3m3SIh musvmeME9Re1yrVWlzaxVK139bIiruiQNzB7y4D78mjxLfK3GPgRvU5XACXKWm6H Az0DsD8tx0LOSwk8S1TRstaMtwoo0w8BoT9ac54iaa/t3umK0Sp20MhFstGJ7OS3 fzTSkkE8TQEV6hvb93lcpB+cg0T3NniNbaVV2ZwMv+o+wNBcfjHgGw3ZSQ6L1rFO XmCwLeCPtcXG8G5mHSjPPJstRdumdV+ZPOTOKDbZIew2IUjOYQkuPBlY29vhpkS/ mnbEeKSGeqnjfLgbp5VM3YcbTuvpy5IS -----END CERTIFICATE-----Generated at Sat May 31 16:35:06 2025 by rpki-client