$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft File: Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft (raw, json) Hash identifier: 5huYKK6O55Xmj4tOBiYZM52F0OS8P62SIX+C0JT7jY8= Subject key identifier: 94:2A:6A:8B:1B:59:AF:01:27:73:63:76:54:BB:58:AD:1C:90:2C:76 Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC Certificate issuer: /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC Certificate serial: 03A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft Manifest number: 037F Signing time: Mon 05 May 2025 00:33:40 +0000 Manifest this update: Mon 05 May 2025 00:33:39 +0000 Manifest next update: Mon 12 May 2025 00:33:39 +0000 Files and hashes: 1: Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl (hash: M9/cwJUISKlTXzkjdrNsqUxS30rHn+elFLQ67YEJLP8=) 2: 7B6F6276E03811EFAC3C5652C4F9AE02.roa (hash: melteXR1cRharD5muHTsf70+edihxivjKNNQzAZNpLE=) 3: 79C2D638E03811EFAC3C5652C4F9AE02.roa (hash: pIl/ybOSWeNJuXyu7vI+RsUvtpL0KXP/t0jEbgQtU7I=) 4: 7AA94F3CE03811EFAC3C5652C4F9AE02.roa (hash: ImUvDtTwcm68idWdwXB7tEHKc5rG51UP9vCEMxdSyRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 00:33:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 931 (0x3a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158E8E, serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC Validity Not Before: May 5 00:33:39 2025 GMT Not After : May 12 00:33:39 2025 GMT Subject: CN=68180763-f4a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:de:62:a7:5b:f1:7e:af:bf:ba:15:30:d6:27: 8c:32:83:81:b9:bf:22:a2:64:76:36:a2:96:29:44: 93:a1:66:cb:86:9e:70:83:47:ea:b6:62:93:cc:eb: 3e:47:6e:e9:e1:2c:ba:74:cc:cc:2d:45:da:80:3e: 6e:48:cf:26:de:8b:80:3b:82:34:ba:65:92:82:6a: c4:14:f1:a4:68:1b:59:5b:b2:f5:84:cf:14:43:f3: 61:ed:f7:a0:c6:9a:b3:1f:a5:4b:ed:28:63:06:b2: f2:5a:9a:df:4b:82:27:64:b1:a4:85:f4:96:86:ee: 46:6a:d4:ea:6f:86:61:a9:75:72:c3:79:e4:9b:f6: 22:23:21:3f:6d:8b:51:b3:bf:56:03:4e:b8:a0:c3: d2:1c:24:c3:2c:66:d7:75:ff:0b:61:07:4c:59:6d: ed:ea:c3:e0:a9:99:f7:6b:63:ee:9f:74:6e:90:04: 78:75:e6:07:fe:79:1c:01:ce:bb:32:75:e0:44:f4: ef:7b:ef:35:98:4e:9d:c0:fe:13:75:48:b4:9a:b4: 15:fd:8c:27:00:20:73:2d:74:fd:d5:dc:51:cd:e2: bc:b3:3e:f6:9b:0e:3c:2f:78:42:34:e5:b5:34:db: 7c:d6:5e:7d:58:75:e9:2e:17:fa:7c:0e:94:66:58: 08:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:2A:6A:8B:1B:59:AF:01:27:73:63:76:54:BB:58:AD:1C:90:2C:76 X509v3 Authority Key Identifier: keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:d3:9c:4e:5c:5b:95:4e:14:55:92:84:f1:ca:a7:c8:ef:f8: ff:2f:69:62:ae:f3:86:16:f0:6d:e1:9f:be:fa:91:9c:a6:0e: 45:75:45:a2:53:4d:5f:b4:cf:f7:34:f3:de:f8:0a:93:18:92: 26:e5:6a:c8:75:c6:49:a9:70:a7:6b:2e:a8:36:b3:6f:d9:bf: c2:5e:bb:9b:e1:f8:1d:b3:cf:cd:c6:58:78:63:7d:dc:21:dd: c9:a0:5c:2c:96:66:00:38:50:d4:5a:9a:f1:32:3a:7f:7f:32: 8a:13:e0:af:d8:b2:87:bb:11:77:f7:0a:5a:eb:19:e0:68:22: f6:42:6c:65:d8:4e:41:c4:d7:21:72:be:4c:ca:54:15:bf:b6: 10:92:67:74:84:cb:74:9a:3d:0c:e8:3e:a8:42:c3:e6:fd:17: 54:4f:f3:74:49:88:05:bf:c2:d0:fb:32:bd:28:fc:17:6a:d7: 97:69:56:72:3f:f1:1b:28:1a:e0:2e:e0:ed:62:18:08:da:7b: b2:ce:3a:4a:39:b6:91:91:1d:14:78:c1:63:cb:0f:bf:c1:e1: 30:32:a6:d3:e0:12:52:fa:ab:e0:ef:0d:20:4f:54:15:da:8d: 32:b8:1a:db:84:c8:ca:4b:a4:be:6f:f1:62:bc:bf:c7:92:ed: d1:e4:ab:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB REQ1RjM0QUMwHhcNMjUwNTA1MDAzMzM5WhcNMjUwNTEyMDAzMzM5WjAYMRYwFAYD VQQDEw02ODE4MDc2My1mNGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuN5ip1vxfq+/uhUw1ieMMoOBub8iomR2NqKWKUSToWbLhp5wg0fqtmKTzOs+ R27p4Sy6dMzMLUXagD5uSM8m3ouAO4I0umWSgmrEFPGkaBtZW7L1hM8UQ/Nh7feg xpqzH6VL7ShjBrLyWprfS4InZLGkhfSWhu5GatTqb4ZhqXVyw3nkm/YiIyE/bYtR s79WA064oMPSHCTDLGbXdf8LYQdMWW3t6sPgqZn3a2Pun3RukAR4deYH/nkcAc67 MnXgRPTve+81mE6dwP4TdUi0mrQV/YwnACBzLXT91dxRzeK8sz72mw48L3hCNOW1 NNt81l59WHXpLhf6fA6UZlgIjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJQqaosb Wa8BJ3NjdlS7WK0ckCx2MB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OEU4RS8wNEZCQjhGMEFFMEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRR cUZfeS1hWHpHeXV0MWZOS3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBC05xOXFuVThRVkoTxyqfI7/j/L2lirvOGFvBt4Z+++pGcpg5FdUWi U01ftM/3NPPe+AqTGJIm5WrIdcZJqXCnay6oNrNv2b/CXrub4fgds8/Nxlh4Y33c Id3JoFwslmYAOFDUWprxMjp/fzKKE+Cv2LKHuxF39wpa6xngaCL2Qmxl2E5BxNch cr5MylQVv7YQkmd0hMt0mj0M6D6oQsPm/RdUT/N0SYgFv8LQ+zK9KPwXateXaVZy P/EbKBrgLuDtYhgI2nuyzjpKObaRkR0UeMFjyw+/weEwMqbT4BJS+qvg7w0gT1QV 2o0yuBrbhMjKS6S+b/FivL/Hku3R5Ksq -----END CERTIFICATE-----Generated at Mon May 5 20:50:20 2025 by rpki-client