$ rpki-client -vvf rpki.apnic.net/member_repository/A91186C2/1D2F0724D17F11EFB3846928C4F9AE02/xiZYMphXjR1K9yc-vXkccjCjdEk.mft File: xiZYMphXjR1K9yc-vXkccjCjdEk.mft (raw, json) Hash identifier: JL6eSjGJmLAevhAobdkgiGabv2vDmmuyeoq/8lvIKQ0= Subject key identifier: F9:92:40:41:84:89:FD:A9:A9:0D:AC:2E:E3:66:F0:28:C4:F4:A1:6F Authority key identifier: C6:26:58:32:98:57:8D:1D:4A:F7:27:3E:BD:79:1C:72:30:A3:74:49 Certificate issuer: /CN=A91186C2/serialNumber=C626583298578D1D4AF7273EBD791C7230A37449 Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiZYMphXjR1K9yc-vXkccjCjdEk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91186C2/1D2F0724D17F11EFB3846928C4F9AE02/xiZYMphXjR1K9yc-vXkccjCjdEk.mft Manifest number: 36 Signing time: Fri 25 Apr 2025 06:34:34 +0000 Manifest this update: Fri 25 Apr 2025 06:34:34 +0000 Manifest next update: Fri 02 May 2025 06:34:34 +0000 Files and hashes: 1: xiZYMphXjR1K9yc-vXkccjCjdEk.crl (hash: cRB0q6qOeJHydy3fk445lE0QyaFhL++YRuTflSs4k20=) 2: 7DFFCDA4D17F11EF8FAE452BC4F9AE02.roa (hash: 8Wzv5veel/E+M5qspAlwBsfA0pAvjm21LyceiyRo5cA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91186C2/1D2F0724D17F11EFB3846928C4F9AE02/xiZYMphXjR1K9yc-vXkccjCjdEk.crl rsync://rpki.apnic.net/member_repository/A91186C2/1D2F0724D17F11EFB3846928C4F9AE02/xiZYMphXjR1K9yc-vXkccjCjdEk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiZYMphXjR1K9yc-vXkccjCjdEk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:34:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91186C2, serialNumber=C626583298578D1D4AF7273EBD791C7230A37449 Validity Not Before: Apr 25 06:34:34 2025 GMT Not After : May 2 06:34:34 2025 GMT Subject: CN=680b2cfa-0db7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3a:6a:cd:aa:08:fc:92:48:c6:29:c2:a9:c8: a8:df:50:b4:57:13:07:d4:77:16:66:67:1f:20:7e: 14:b5:1f:cb:ab:fc:77:17:38:e8:ac:b0:81:fc:ed: 5c:cc:20:72:d6:92:a5:66:b5:3c:5a:03:f8:8d:94: 24:84:92:5d:7b:c8:51:db:f9:80:7b:8e:3b:b7:bd: 2e:dc:39:05:3b:8f:13:6b:20:3a:0f:ed:de:77:21: d4:2b:b4:2d:59:41:29:82:0b:94:e4:a5:04:bc:2c: ea:f5:ec:61:1d:00:f0:a1:36:3c:75:4c:f9:26:fb: 40:64:2d:4e:e4:3c:dc:fb:80:09:16:7e:b2:41:5e: 03:90:89:a6:68:ec:45:1b:12:ca:52:59:01:dd:f0: 1d:2a:ac:c1:2c:10:ad:34:5f:29:32:f2:73:76:6f: ea:26:37:76:c1:e3:d0:a9:1b:c0:eb:4c:67:a2:56: 72:47:60:be:d8:af:fd:74:4b:9d:24:07:2d:2c:92: 4f:ef:13:38:f4:61:7c:07:f8:1c:86:57:83:ac:ca: 4d:ad:8f:ed:fb:28:fb:38:f0:5c:f6:b1:f7:ef:8f: 0a:0a:4a:42:78:11:32:9f:26:cd:a1:57:a5:27:d2: 48:6e:1d:60:f2:f6:a4:19:e5:c6:56:2e:40:27:88: 43:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:92:40:41:84:89:FD:A9:A9:0D:AC:2E:E3:66:F0:28:C4:F4:A1:6F X509v3 Authority Key Identifier: keyid:C6:26:58:32:98:57:8D:1D:4A:F7:27:3E:BD:79:1C:72:30:A3:74:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91186C2/1D2F0724D17F11EFB3846928C4F9AE02/xiZYMphXjR1K9yc-vXkccjCjdEk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiZYMphXjR1K9yc-vXkccjCjdEk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91186C2/1D2F0724D17F11EFB3846928C4F9AE02/xiZYMphXjR1K9yc-vXkccjCjdEk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:21:84:2d:b5:96:83:71:47:6f:21:f2:52:30:6d:ab:ed:10: a4:d3:d9:ec:66:67:bb:9f:e3:5b:53:92:4a:c2:4f:6b:fe:4a: ad:49:e0:49:08:d5:17:b8:e1:2f:a4:23:c2:22:d5:8e:5d:c7: 91:33:6d:7b:d7:5a:e1:52:a2:d0:5f:3e:fd:80:41:c0:1f:a3: 87:e5:25:79:aa:29:b9:ea:8d:fa:d2:88:20:db:a1:d1:4f:47: 07:94:17:00:b7:89:8c:eb:d4:0f:f5:fa:d2:94:0e:32:a1:1d: 95:ae:25:0d:7d:ce:35:8a:44:94:a3:a7:41:9b:c4:5b:35:cb: a1:34:49:5d:7e:ee:34:c4:9a:91:4d:05:25:6a:75:58:66:69: 67:aa:69:6c:99:be:36:7c:45:49:37:2b:82:5b:ea:01:20:5b: 2b:34:1f:13:cd:d3:b3:9b:37:49:75:2d:a1:32:8e:94:9d:d6: 8b:fb:50:eb:d6:75:3a:5c:f0:05:17:ae:3f:35:c2:4f:cc:fc: 0a:a1:f2:d4:96:17:5d:52:a5:3e:a0:1f:34:43:c7:55:15:4e: ed:f8:32:b7:fb:9d:24:55:27:a8:0c:ee:ef:4a:6d:9c:94:19: 3f:fd:62:1e:93:2f:62:b1:73:13:e6:cf:8d:ee:b7:92:76:9c: 5f:2a:c7:04 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx ODZDMjExMC8GA1UEBRMoQzYyNjU4MzI5ODU3OEQxRDRBRjcyNzNFQkQ3OTFDNzIz MEEzNzQ0OTAeFw0yNTA0MjUwNjM0MzRaFw0yNTA1MDIwNjM0MzRaMBgxFjAUBgNV BAMTDTY4MGIyY2ZhLTBkYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoOmrNqgj8kkjGKcKpyKjfULRXEwfUdxZmZx8gfhS1H8ur/HcXOOissIH87VzM IHLWkqVmtTxaA/iNlCSEkl17yFHb+YB7jju3vS7cOQU7jxNrIDoP7d53IdQrtC1Z QSmCC5TkpQS8LOr17GEdAPChNjx1TPkm+0BkLU7kPNz7gAkWfrJBXgOQiaZo7EUb EspSWQHd8B0qrMEsEK00Xyky8nN2b+omN3bB49CpG8DrTGeiVnJHYL7Yr/10S50k By0skk/vEzj0YXwH+ByGV4Osyk2tj+37KPs48Fz2sffvjwoKSkJ4ETKfJs2hV6Un 0khuHWDy9qQZ5cZWLkAniEPZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU+ZJAQYSJ /ampDawu42bwKMT0oW8wHwYDVR0jBBgwFoAUxiZYMphXjR1K9yc+vXkccjCjdEkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4NkMyLzFEMkYwNzI0RDE3 RjExRUZCMzg0NjkyOEM0RjlBRTAyL3hpWllNcGhYalIxSzl5Yy12WGtjY2pDamRF ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveGlaWU1waFhqUjFLOXljLXZYa2NjakNqZEVrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4 NkMyLzFEMkYwNzI0RDE3RjExRUZCMzg0NjkyOEM0RjlBRTAyL3hpWllNcGhYalIx Szl5Yy12WGtjY2pDamRFay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAL8hhC21loNxR28h8lIwbavtEKTT2exmZ7uf41tTkkrCT2v+Sq1J4EkI 1Re44S+kI8Ii1Y5dx5EzbXvXWuFSotBfPv2AQcAfo4flJXmqKbnqjfrSiCDbodFP RweUFwC3iYzr1A/1+tKUDjKhHZWuJQ19zjWKRJSjp0GbxFs1y6E0SV1+7jTEmpFN BSVqdVhmaWeqaWyZvjZ8RUk3K4Jb6gEgWys0HxPN07ObN0l1LaEyjpSd1ov7UOvW dTpc8AUXrj81wk/M/Aqh8tSWF11SpT6gHzRDx1UVTu34Mrf7nSRVJ6gM7u9KbZyU GT/9Yh6TL2KxcxPmz43ut5J2nF8qxwQ= -----END CERTIFICATE-----Generated at Sat Apr 26 12:31:17 2025 by rpki-client