$ rpki-client -vvf rpki.apnic.net/member_repository/A9192BCF/3052CCA63B4D11EE9E1B0772C4F9AE02/XaSteg0ZJFUV5aLYSgxnRwCkP80.mft File: XaSteg0ZJFUV5aLYSgxnRwCkP80.mft (raw, json) Hash identifier: lVXotUMv/MPqPa2SsXlsJ02CSHjjNt4yGnUxBL67k2o= Subject key identifier: CB:95:77:5E:1E:8E:E1:2C:9A:B3:1B:BD:48:46:C8:11:57:0E:30:FB Authority key identifier: 5D:A4:AD:7A:0D:19:24:55:15:E5:A2:D8:4A:0C:67:47:00:A4:3F:CD Certificate issuer: /CN=A9192BCF/serialNumber=5DA4AD7A0D19245515E5A2D84A0C674700A43FCD Certificate serial: 0144 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XaSteg0ZJFUV5aLYSgxnRwCkP80.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9192BCF/3052CCA63B4D11EE9E1B0772C4F9AE02/XaSteg0ZJFUV5aLYSgxnRwCkP80.mft Manifest number: 0141 Signing time: Fri 25 Apr 2025 03:27:52 +0000 Manifest this update: Fri 25 Apr 2025 03:27:52 +0000 Manifest next update: Fri 02 May 2025 03:27:51 +0000 Files and hashes: 1: XaSteg0ZJFUV5aLYSgxnRwCkP80.crl (hash: biaeBz7LujQU8ix1ojtzzK8GEASLsZ24but3IB9pIc4=) 2: 9062BB863C3F11EE8DA7781AC4F9AE02.roa (hash: 40lvaLr1gKHAad8xOy7yfS2hh56AhlCYkcilzIpf0Sg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9192BCF/3052CCA63B4D11EE9E1B0772C4F9AE02/XaSteg0ZJFUV5aLYSgxnRwCkP80.crl rsync://rpki.apnic.net/member_repository/A9192BCF/3052CCA63B4D11EE9E1B0772C4F9AE02/XaSteg0ZJFUV5aLYSgxnRwCkP80.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XaSteg0ZJFUV5aLYSgxnRwCkP80.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:27:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 324 (0x144) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9192BCF, serialNumber=5DA4AD7A0D19245515E5A2D84A0C674700A43FCD Validity Not Before: Apr 25 03:27:52 2025 GMT Not After : May 2 03:27:51 2025 GMT Subject: CN=680b0138-3600 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:f3:d1:7c:60:bd:79:3d:42:a7:b7:42:52:41: 78:79:e9:e4:8b:a2:e6:21:93:8e:37:34:09:ac:35: 13:00:83:32:62:b7:96:c8:34:b7:d1:22:55:16:9c: fc:36:02:8b:12:20:46:9b:29:0e:0e:79:80:e6:4d: 91:04:7f:d6:ab:7f:b9:4c:2a:cc:61:8d:1a:fa:b1: ae:0d:b3:01:86:4f:67:6b:66:94:2e:9b:43:d5:b8: d4:18:94:88:d0:e5:e3:87:a6:cc:fb:34:71:46:6c: 69:ac:7d:aa:df:db:97:e4:e3:ed:f7:08:e3:14:b7: e9:50:69:2b:bf:ed:07:d4:ea:bc:c1:80:92:b5:25: 72:df:cb:30:87:ae:59:85:8a:52:0b:cf:0f:c2:8d: ec:7c:ee:e9:41:0b:ea:07:63:7f:cf:43:4b:4e:e7: 7e:cf:3d:0d:41:a9:6a:48:f4:b0:fd:87:41:00:b2: 79:8d:bd:73:48:28:0f:1e:cb:39:34:dd:4a:c1:67: 81:c1:bb:f3:93:81:f0:a1:f1:fb:6d:a2:f8:b1:f3: 8c:f5:a5:db:3d:5c:f2:64:13:27:87:11:48:94:5b: ec:1d:3d:bb:3d:99:33:b9:56:50:70:15:bf:e0:bf: 5e:85:8c:3f:b7:0f:5a:43:3e:b0:ce:0c:06:ce:48: d4:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:95:77:5E:1E:8E:E1:2C:9A:B3:1B:BD:48:46:C8:11:57:0E:30:FB X509v3 Authority Key Identifier: keyid:5D:A4:AD:7A:0D:19:24:55:15:E5:A2:D8:4A:0C:67:47:00:A4:3F:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9192BCF/3052CCA63B4D11EE9E1B0772C4F9AE02/XaSteg0ZJFUV5aLYSgxnRwCkP80.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XaSteg0ZJFUV5aLYSgxnRwCkP80.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192BCF/3052CCA63B4D11EE9E1B0772C4F9AE02/XaSteg0ZJFUV5aLYSgxnRwCkP80.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:4a:cc:f9:2c:99:86:aa:0d:a0:07:8c:e8:21:e3:0c:34:dc: 59:80:f1:19:90:17:90:f3:2a:7a:f7:82:0c:cc:4d:78:f4:a4: 57:ed:d5:f8:4f:7c:c8:30:ad:51:67:fc:5c:79:b6:a3:2f:ed: cb:ae:0b:19:e8:08:0b:d9:0f:ee:37:90:3e:c2:20:19:42:c5: 70:94:fc:6b:f5:a0:0c:95:ba:f0:d8:20:e4:7f:6b:65:75:26: b0:67:83:47:46:51:1c:e7:da:5d:0e:8a:c9:8d:48:c5:9d:8b: a7:14:47:24:4a:40:ea:d7:61:26:05:69:41:37:60:8c:82:36: 60:55:7b:3e:0d:9b:22:c0:2d:9a:e6:66:76:bd:cb:61:ef:64: e0:d7:d9:8c:3f:2c:ff:ca:12:ad:18:2d:0a:b6:8d:32:a9:90: f1:bb:ad:71:2b:cd:63:fd:0d:d1:75:be:94:1c:2f:55:87:f9: a6:17:4f:42:ab:07:84:35:d0:49:57:db:4f:85:dd:f9:e0:90: 51:96:3b:e9:90:e7:e6:fa:cc:e4:85:9a:d2:67:b9:ad:3d:b5: 12:c8:e5:ad:cf:ee:de:01:df:45:c1:96:3e:2b:76:91:f3:f3: 6f:cc:d1:e5:0d:49:4a:95:57:b6:bd:d2:8c:d0:24:22:4f:ff: 24:0a:0c:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTJCQ0YxMTAvBgNVBAUTKDVEQTRBRDdBMEQxOTI0NTUxNUU1QTJEODRBMEM2NzQ3 MDBBNDNGQ0QwHhcNMjUwNDI1MDMyNzUyWhcNMjUwNTAyMDMyNzUxWjAYMRYwFAYD VQQDEw02ODBiMDEzOC0zNjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2PPRfGC9eT1Cp7dCUkF4eenki6LmIZOONzQJrDUTAIMyYreWyDS30SJVFpz8 NgKLEiBGmykODnmA5k2RBH/Wq3+5TCrMYY0a+rGuDbMBhk9na2aULptD1bjUGJSI 0OXjh6bM+zRxRmxprH2q39uX5OPt9wjjFLfpUGkrv+0H1Oq8wYCStSVy38swh65Z hYpSC88Pwo3sfO7pQQvqB2N/z0NLTud+zz0NQalqSPSw/YdBALJ5jb1zSCgPHss5 NN1KwWeBwbvzk4HwofH7baL4sfOM9aXbPVzyZBMnhxFIlFvsHT27PZkzuVZQcBW/ 4L9ehYw/tw9aQz6wzgwGzkjUcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMuVd14e juEsmrMbvUhGyBFXDjD7MB8GA1UdIwQYMBaAFF2krXoNGSRVFeWi2EoMZ0cApD/N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkJDRi8zMDUyQ0NBNjNC NEQxMUVFOUUxQjA3NzJDNEY5QUUwMi9YYVN0ZWcwWkpGVVY1YUxZU2d4blJ3Q2tQ ODAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hhU3RlZzBaSkZVVjVhTFlTZ3huUndDa1A4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MkJDRi8zMDUyQ0NBNjNCNEQxMUVFOUUxQjA3NzJDNEY5QUUwMi9YYVN0ZWcwWkpG VVY1YUxZU2d4blJ3Q2tQODAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoSsz5LJmGqg2gB4zoIeMMNNxZgPEZkBeQ8yp694IMzE149KRX7dX4 T3zIMK1RZ/xcebajL+3LrgsZ6AgL2Q/uN5A+wiAZQsVwlPxr9aAMlbrw2CDkf2tl dSawZ4NHRlEc59pdDorJjUjFnYunFEckSkDq12EmBWlBN2CMgjZgVXs+DZsiwC2a 5mZ2vcth72Tg19mMPyz/yhKtGC0Kto0yqZDxu61xK81j/Q3Rdb6UHC9Vh/mmF09C qweENdBJV9tPhd354JBRljvpkOfm+szkhZrSZ7mtPbUSyOWtz+7eAd9FwZY+K3aR 8/NvzNHlDUlKlVe2vdKM0CQiT/8kCgyw -----END CERTIFICATE-----Generated at Sat Apr 26 04:24:46 2025 by rpki-client