$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft File: Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft (raw, json) Hash identifier: DgfuM15LIASbHln2FgWgkEgJVYQ/ct4vsjVDWlUnaq0= Subject key identifier: 94:E0:63:D1:B9:11:F4:C5:3D:25:2A:29:56:12:89:1C:C7:98:AA:12 Authority key identifier: 5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED Certificate issuer: /CN=A91275FD/serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED Certificate serial: 2517 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft Manifest number: 2509 Signing time: Thu 24 Apr 2025 15:42:36 +0000 Manifest this update: Thu 24 Apr 2025 15:42:36 +0000 Manifest next update: Thu 01 May 2025 15:42:36 +0000 Files and hashes: 1: Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl (hash: mXY2WWUu1wLXF3rzltnC6+AMXKQIod94l2yMAK0Q1Aw=) 2: C5218598F91711EDBB78FE3CC4F9AE02.roa (hash: bILzWIi7SfN0oZ29P+We7rkWjU1abIhmL+TRmVZttNg=) 3: 9461B15C144611EBA5418244C4F9AE02.roa (hash: A+fjTwtG6/7wteTJpdAw9ZNsTS7E+yeIkAmgl1S9yHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:42:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9495 (0x2517) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91275FD, serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED Validity Not Before: Apr 24 15:42:36 2025 GMT Not After : May 1 15:42:36 2025 GMT Subject: CN=680a5bec-6136 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:10:56:e0:ba:0a:18:ef:69:28:12:53:40:13: 4a:a7:1b:b3:a2:ed:c2:87:58:0f:11:55:d5:3c:18: a4:6a:d4:d8:2b:a6:6e:3f:cd:97:7e:c8:02:01:32: 12:2e:47:c1:b4:d9:4a:e5:e0:92:56:f2:b0:fb:f2: 1a:8f:ea:e4:e0:43:da:31:ed:2f:49:3a:dc:8c:e3: 31:8b:c0:90:78:18:e7:3b:eb:33:9b:3a:6e:44:b8: 9d:87:5e:d6:74:5e:39:6a:e2:e3:ef:c2:f7:99:11: 6a:b7:f9:5f:1f:ac:03:bc:6a:b2:b0:76:3e:6f:50: 65:75:ad:31:8e:10:4b:0d:10:52:ec:ba:70:75:a7: ab:21:95:8f:e0:84:1e:56:85:9f:9e:27:6e:8e:5b: 33:43:90:b6:9f:da:2c:10:cd:6b:66:14:d0:d3:1f: 53:ca:6b:2d:bd:ab:ad:3f:99:e0:4a:05:a7:bd:c0: f9:eb:e1:3e:b7:a2:c7:e6:94:97:1b:59:f0:5c:93: 99:7e:42:f9:2c:9b:98:e9:74:b3:e2:cc:79:6b:70: 9d:be:ad:f0:b6:ef:cd:f4:b1:dd:2d:26:d6:ea:d0: 4c:58:fb:08:5e:38:ae:46:9b:44:c5:ef:66:8f:1b: 06:7a:df:2a:3b:3c:8a:52:69:e5:53:a9:73:49:25: 78:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:E0:63:D1:B9:11:F4:C5:3D:25:2A:29:56:12:89:1C:C7:98:AA:12 X509v3 Authority Key Identifier: keyid:5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:eb:b8:21:4e:6f:44:03:95:85:3c:5b:12:44:13:f3:37:31: 21:a8:eb:41:b4:b7:d5:1b:4a:4f:8d:c1:8a:10:ca:70:98:57: ee:c0:0b:2f:39:c8:dc:ce:c3:1b:d8:32:08:fd:ea:87:b4:69: 46:d1:a9:38:0f:65:02:9e:4a:74:28:ae:fb:2a:0d:13:f6:2e: 92:21:3c:fe:cc:f3:2a:0d:f9:b2:be:96:2e:10:75:5c:de:c8: 21:d2:92:88:1c:08:ad:c7:07:f7:be:0f:e6:ed:d5:a9:e6:6e: 6b:b0:22:1b:5e:2b:c4:08:65:20:7d:db:8b:27:a4:90:df:bc: d9:79:fa:76:57:32:b8:0b:7a:4a:a0:10:9d:63:36:2d:06:b1: fc:a3:8c:7c:ec:6b:c3:e6:56:f8:15:cf:74:b9:8f:8c:9b:c3: 95:dd:67:13:24:b1:8d:81:7b:4c:af:aa:d3:33:ad:be:ce:a7: 80:00:eb:98:cd:8b:3f:f3:19:80:5c:36:0d:3b:29:9f:d2:6f: ca:74:b5:d3:71:6d:67:d2:21:3b:af:6a:60:66:36:c1:ac:d5: e9:54:51:9f:80:56:6c:b7:03:79:a6:26:75:4f:95:f9:77:7f: 73:9a:71:6b:ae:4d:31:ea:df:3e:77:1c:46:95:11:f3:2b:64: e9:d1:45:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1RkQxMTAvBgNVBAUTKDVFQkRENEQ1RjM2QzZBQTU5QjAxMkM5RTg5OUFBRDND MjdFQUQ4RUQwHhcNMjUwNDI0MTU0MjM2WhcNMjUwNTAxMTU0MjM2WjAYMRYwFAYD VQQDEw02ODBhNWJlYy02MTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuRBW4LoKGO9pKBJTQBNKpxuzou3Ch1gPEVXVPBikatTYK6ZuP82XfsgCATIS LkfBtNlK5eCSVvKw+/Iaj+rk4EPaMe0vSTrcjOMxi8CQeBjnO+szmzpuRLidh17W dF45auLj78L3mRFqt/lfH6wDvGqysHY+b1Blda0xjhBLDRBS7LpwdaerIZWP4IQe VoWfnidujlszQ5C2n9osEM1rZhTQ0x9TymstvautP5ngSgWnvcD56+E+t6LH5pSX G1nwXJOZfkL5LJuY6XSz4sx5a3Cdvq3wtu/N9LHdLSbW6tBMWPsIXjiuRptExe9m jxsGet8qOzyKUmnlU6lzSSV4RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJTgY9G5 EfTFPSUqKVYSiRzHmKoSMB8GA1UdIwQYMBaAFF691NXzbGqlmwEsnomarTwn6tjt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9GNDhBRDEyMjI2 RDkxMUU1QjI0REE2MzNDNEY5QUUwMi9YcjNVMWZOc2FxV2JBU3llaVpxdFBDZnEy TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hyM1UxZk5zYXFXYkFTeWVpWnF0UENmcTJPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzVGRC9GNDhBRDEyMjI2RDkxMUU1QjI0REE2MzNDNEY5QUUwMi9YcjNVMWZOc2Fx V2JBU3llaVpxdFBDZnEyTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAB67ghTm9EA5WFPFsSRBPzNzEhqOtBtLfVG0pPjcGKEMpwmFfuwAsv OcjczsMb2DII/eqHtGlG0ak4D2UCnkp0KK77Kg0T9i6SITz+zPMqDfmyvpYuEHVc 3sgh0pKIHAitxwf3vg/m7dWp5m5rsCIbXivECGUgfduLJ6SQ37zZefp2VzK4C3pK oBCdYzYtBrH8o4x87GvD5lb4Fc90uY+Mm8OV3WcTJLGNgXtMr6rTM62+zqeAAOuY zYs/8xmAXDYNOymf0m/KdLXTcW1n0iE7r2pgZjbBrNXpVFGfgFZstwN5piZ1T5X5 d39zmnFrrk0x6t8+dxxGlRHzK2Tp0UWP -----END CERTIFICATE-----Generated at Sat Apr 26 12:59:30 2025 by rpki-client