$ rpki-client -vvf rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft File: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft (raw, json) Hash identifier: MFx8hA0r3Ngv+jhFEl3EX81LPGEEHIhxFkMLqyNw9d0= Subject key identifier: F0:3D:68:CD:A2:5B:F4:8A:D1:03:6B:4B:FF:69:19:2C:30:AA:D9:17 Authority key identifier: 5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 Certificate issuer: /CN=A918B0B9/serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Certificate serial: 098D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft Manifest number: 0977 Signing time: Thu 24 Apr 2025 20:03:39 +0000 Manifest this update: Thu 24 Apr 2025 20:03:38 +0000 Manifest next update: Thu 01 May 2025 20:03:38 +0000 Files and hashes: 1: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl (hash: 2UesumPTJIdQd/hUMcJr4ML7tfe6WGTvEw7VFZEhs1A=) 2: 52F955A89B1511EA9BEFA53BC4F9AE02.roa (hash: 5fp5xPdrf28AzhElrO+JWN/gejEYqnFXoStD/HGk1zI=) 3: BED54F1A9B1611EA939F5A3FC4F9AE02.roa (hash: sHHQTYQ4Ee+qL1FSRc7R4PCypgoLoQnfR9k5950BZKI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:03:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2445 (0x98d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B0B9, serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Validity Not Before: Apr 24 20:03:38 2025 GMT Not After : May 1 20:03:38 2025 GMT Subject: CN=680a991a-5123 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6e:9e:23:cd:9b:5c:c3:fd:83:9e:bf:91:31: c2:7a:58:cd:11:b7:d8:3a:13:1c:1d:ca:8d:9e:43: 5a:1b:01:f3:23:cc:69:8c:f2:c2:64:4d:9a:ce:f9: 75:6b:c2:1c:0c:38:71:6f:f8:e8:ae:67:f6:db:48: ad:73:c2:63:fc:e8:bc:90:88:e5:89:ce:ea:b4:24: 76:41:42:41:71:40:76:f4:c9:f2:ef:de:e4:b0:a7: f9:0f:6a:94:35:46:4f:33:f1:49:36:ab:62:4a:32: 29:fd:bf:3c:40:7a:df:26:e8:ba:9a:88:2b:72:4e: 52:52:d0:68:9c:f5:45:ff:d2:41:b1:e1:69:d2:b3: 90:84:52:03:b6:f0:c9:8f:c7:0c:64:c1:f6:02:e6: 92:68:bc:92:23:d4:5d:bf:65:3b:83:d3:64:43:af: 0a:5a:21:9a:25:f4:56:76:93:52:1a:f6:a1:cd:de: 15:cf:00:82:6e:f3:ad:99:44:69:ee:ae:a8:b0:a7: 5a:f2:bc:8e:65:0a:f9:fd:8a:da:81:81:30:6f:9b: c5:df:4e:92:79:ea:d3:cb:e7:86:0e:ca:1f:90:5a: 29:5d:4c:b8:bc:7e:c0:38:a8:aa:1f:a9:15:dd:da: f6:b6:17:53:9b:d3:49:21:a2:a8:38:7d:62:51:e9: 2b:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:3D:68:CD:A2:5B:F4:8A:D1:03:6B:4B:FF:69:19:2C:30:AA:D9:17 X509v3 Authority Key Identifier: keyid:5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:69:40:aa:2d:17:5b:38:01:4c:b4:bf:76:00:06:3f:41:ab: 1e:f6:6c:6a:f9:07:c7:84:25:97:e7:c6:39:ec:30:3c:37:ca: e0:3d:38:2b:62:7a:66:d9:4a:6b:60:94:7d:a8:97:40:f1:9f: 32:79:bb:ec:68:de:20:aa:35:81:11:3e:9d:41:b3:64:f6:49: 7e:a4:ac:fe:23:1a:33:5a:15:6b:b5:95:35:f3:f1:a5:5f:c1: 4b:0a:2b:df:14:99:5a:dd:a7:0c:38:a3:4c:f4:55:04:18:16: ec:90:fe:62:07:c5:1c:52:b5:e0:20:a0:08:30:f5:a5:1a:53: 7b:e9:b6:fe:0c:b2:44:71:3c:56:62:26:72:6e:f9:d1:08:6d: 9c:ca:13:21:b7:0b:d9:aa:a8:d1:b3:e4:2a:97:0c:45:6c:a6: 14:89:9e:79:6f:71:6b:3a:19:08:8d:4d:e5:2a:87:05:ed:05: 49:8a:e4:e0:02:2f:0d:78:5e:7e:1d:09:cb:56:e4:20:d4:6c: e6:0c:e4:3c:1e:15:23:92:84:d9:d6:d4:67:72:ee:5b:e3:58: 93:e1:8b:cb:6c:c9:b4:1f:d7:3d:b3:73:f7:89:63:1d:45:f4: ba:ad:49:bc:46:fc:14:91:2e:8d:e8:b1:dc:ca:eb:79:b8:b6: f8:c5:e9:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEIwQjkxMTAvBgNVBAUTKDVDNUE0RkFFNEFGMDFGRkRDOTI3NTM1NUNDQkFCOEM4 MTAxODlGNTQwHhcNMjUwNDI0MjAwMzM4WhcNMjUwNTAxMjAwMzM4WjAYMRYwFAYD VQQDEw02ODBhOTkxYS01MTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAym6eI82bXMP9g56/kTHCeljNEbfYOhMcHcqNnkNaGwHzI8xpjPLCZE2azvl1 a8IcDDhxb/jormf220itc8Jj/Oi8kIjlic7qtCR2QUJBcUB29Mny797ksKf5D2qU NUZPM/FJNqtiSjIp/b88QHrfJui6mogrck5SUtBonPVF/9JBseFp0rOQhFIDtvDJ j8cMZMH2AuaSaLySI9Rdv2U7g9NkQ68KWiGaJfRWdpNSGvahzd4VzwCCbvOtmURp 7q6osKda8ryOZQr5/YragYEwb5vF306SeerTy+eGDsofkFopXUy4vH7AOKiqH6kV 3dr2thdTm9NJIaKoOH1iUekrgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPA9aM2i W/SK0QNrS/9pGSwwqtkXMB8GA1UdIwQYMBaAFFxaT65K8B/9ySdTVcy6uMgQGJ9U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjBCOS85Q0JGM0Q5MDhG QTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hfM0pKMU5WekxxNHlCQVlu MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hGcFBya3J3SF8zSkoxTlZ6THE0eUJBWW4xUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QjBCOS85Q0JGM0Q5MDhGQTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hf M0pKMU5WekxxNHlCQVluMVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyaUCqLRdbOAFMtL92AAY/Qase9mxq+QfHhCWX58Y57DA8N8rgPTgr Ynpm2UprYJR9qJdA8Z8yebvsaN4gqjWBET6dQbNk9kl+pKz+IxozWhVrtZU18/Gl X8FLCivfFJla3acMOKNM9FUEGBbskP5iB8UcUrXgIKAIMPWlGlN76bb+DLJEcTxW YiZybvnRCG2cyhMhtwvZqqjRs+QqlwxFbKYUiZ55b3FrOhkIjU3lKocF7QVJiuTg Ai8NeF5+HQnLVuQg1GzmDOQ8HhUjkoTZ1tRncu5b41iT4YvLbMm0H9c9s3P3iWMd RfS6rUm8RvwUkS6N6LHcyut5uLb4xekj -----END CERTIFICATE-----Generated at Sat Apr 26 17:02:22 2025 by rpki-client