$ rpki-client -vvf rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft File: XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft (raw, json) Hash identifier: JzMN/r6bDxF68kNLJ98CWJZYaBFZv2yqzbM10mtmN2E= Subject key identifier: D6:2B:84:F2:A5:6B:A6:C8:CF:E4:F5:2D:7C:8D:9D:5B:31:D0:97:B4 Authority key identifier: 5F:1C:53:4A:EE:FF:4E:38:0C:E5:A0:9A:10:84:BF:8F:57:09:ED:08 Certificate issuer: /CN=A91A467D/serialNumber=5F1C534AEEFF4E380CE5A09A1084BF8F5709ED08 Certificate serial: 0AD8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft Manifest number: 0AD1 Signing time: Thu 24 Apr 2025 19:20:52 +0000 Manifest this update: Thu 24 Apr 2025 19:20:51 +0000 Manifest next update: Thu 01 May 2025 19:20:51 +0000 Files and hashes: 1: XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl (hash: 9olP3AhgD9tOFf9WzHi7W4hTz4N6mqftuWcw+1OY6JA=) 2: 43272DE249AA11EABABC8610C4F9AE02.roa (hash: ArNuSAGS500F2Au8BkBemb4Fqw5PMgC4H5tbUjnLNK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:20:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2776 (0xad8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A467D, serialNumber=5F1C534AEEFF4E380CE5A09A1084BF8F5709ED08 Validity Not Before: Apr 24 19:20:51 2025 GMT Not After : May 1 19:20:51 2025 GMT Subject: CN=680a8f13-8a9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e5:80:88:8c:e7:49:bf:27:f1:b1:75:a6:9b: 2d:d5:92:1f:b7:74:9d:49:fd:2a:3a:95:fb:4f:9b: e2:5a:18:ef:9e:c2:1c:99:4a:92:9a:ac:0e:82:6b: 7c:81:f1:72:7c:c6:3e:f3:4b:d7:63:26:e3:8c:51: da:05:03:48:c9:8c:2c:a0:66:0e:95:3b:9c:33:7d: 05:08:b3:fb:6f:18:70:5c:c2:0d:97:17:1e:2b:aa: a3:d5:44:c5:cb:f5:5b:75:ab:d7:78:3d:44:48:af: 72:12:e7:c1:ef:4e:59:74:c7:4e:0e:79:dd:48:06: 56:0c:52:28:c3:91:87:36:e8:d3:5c:eb:8f:59:ad: a7:0b:6a:82:b2:41:e6:ff:cb:83:2c:ce:ba:78:4d: aa:ad:e1:61:bc:e2:01:5c:3f:dc:7c:a2:d0:3a:6b: 59:81:80:e8:1a:a3:bc:28:1a:54:3c:87:6a:01:42: 81:eb:c5:96:d6:f7:eb:7c:bd:b6:be:1d:41:42:ac: f3:e5:83:fd:b2:b3:b2:e0:96:17:6a:ff:e1:ef:58: 28:c9:b2:b5:cd:22:e1:05:6f:d9:da:61:de:77:85: 8c:12:58:11:1c:b4:1a:ec:7a:ad:c8:89:e2:4b:7f: 86:9c:e9:9b:56:02:cc:fc:d2:3d:d0:d2:ec:e2:45: ae:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:2B:84:F2:A5:6B:A6:C8:CF:E4:F5:2D:7C:8D:9D:5B:31:D0:97:B4 X509v3 Authority Key Identifier: keyid:5F:1C:53:4A:EE:FF:4E:38:0C:E5:A0:9A:10:84:BF:8F:57:09:ED:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:d1:a7:23:ef:4f:62:1e:7f:a3:58:2a:1a:17:ba:37:f2:e2: 22:de:48:56:14:87:89:e7:5c:a8:99:d4:50:b5:f9:a3:12:c6: 36:22:05:a1:d1:04:6a:7d:b9:07:82:d2:04:ce:12:b3:30:91: 06:fb:11:f7:49:fd:89:87:64:97:b2:7f:07:f2:c8:6d:01:98: 0c:7e:0d:d7:62:af:c1:34:a6:43:da:44:52:f1:5b:ce:06:d4: 41:0a:ec:71:0d:b6:c2:22:9e:80:b8:cc:43:c6:f4:a4:b4:ca: b5:59:91:83:55:be:d2:e4:23:e2:1c:89:73:76:2b:17:0b:2b: 2f:e0:80:88:0e:0a:42:7c:0b:ba:a2:31:ee:e8:b7:13:5d:b6: 70:ed:7d:9a:59:97:70:6d:29:45:94:cf:c1:88:8b:0e:32:f9: 36:1a:34:d2:cc:b6:4a:65:75:33:e2:23:d2:4b:6a:75:cb:36: 31:6b:08:d2:12:72:e0:d1:31:38:d8:a3:95:96:e1:bd:39:5d: 4e:fa:41:9a:26:91:07:55:f5:b2:fa:d6:f0:f2:2b:b8:b7:8e: 6c:36:79:b3:a1:0d:02:61:68:5e:bf:0d:fd:2e:00:b1:12:22: a5:d1:e1:ab:0a:2c:32:a2:dd:f9:a7:87:43:0b:db:8f:46:33: 0a:4a:09:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ2N0QxMTAvBgNVBAUTKDVGMUM1MzRBRUVGRjRFMzgwQ0U1QTA5QTEwODRCRjhG NTcwOUVEMDgwHhcNMjUwNDI0MTkyMDUxWhcNMjUwNTAxMTkyMDUxWjAYMRYwFAYD VQQDEw02ODBhOGYxMy04YTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo+WAiIznSb8n8bF1ppst1ZIft3SdSf0qOpX7T5viWhjvnsIcmUqSmqwOgmt8 gfFyfMY+80vXYybjjFHaBQNIyYwsoGYOlTucM30FCLP7bxhwXMINlxceK6qj1UTF y/VbdavXeD1ESK9yEufB705ZdMdODnndSAZWDFIow5GHNujTXOuPWa2nC2qCskHm /8uDLM66eE2qreFhvOIBXD/cfKLQOmtZgYDoGqO8KBpUPIdqAUKB68WW1vfrfL22 vh1BQqzz5YP9srOy4JYXav/h71goybK1zSLhBW/Z2mHed4WMElgRHLQa7HqtyIni S3+GnOmbVgLM/NI90NLs4kWukwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNYrhPKl a6bIz+T1LXyNnVsx0Je0MB8GA1UdIwQYMBaAFF8cU0ru/044DOWgmhCEv49XCe0I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDY3RC84NDhFN0QxODQ5 QTkxMUVBQTZGREQzMEZDNEY5QUUwMi9YeHhUU3U3X1RqZ001YUNhRUlTX2oxY0o3 UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h4eFRTdTdfVGpnTTVhQ2FFSVNfajFjSjdRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDY3RC84NDhFN0QxODQ5QTkxMUVBQTZGREQzMEZDNEY5QUUwMi9YeHhUU3U3X1Rq Z001YUNhRUlTX2oxY0o3UWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQ0acj709iHn+jWCoaF7o38uIi3khWFIeJ51yomdRQtfmjEsY2IgWh 0QRqfbkHgtIEzhKzMJEG+xH3Sf2Jh2SXsn8H8shtAZgMfg3XYq/BNKZD2kRS8VvO BtRBCuxxDbbCIp6AuMxDxvSktMq1WZGDVb7S5CPiHIlzdisXCysv4ICIDgpCfAu6 ojHu6LcTXbZw7X2aWZdwbSlFlM/BiIsOMvk2GjTSzLZKZXUz4iPSS2p1yzYxawjS EnLg0TE42KOVluG9OV1O+kGaJpEHVfWy+tbw8iu4t45sNnmzoQ0CYWhevw39LgCx EiKl0eGrCiwyot35p4dDC9uPRjMKSgnl -----END CERTIFICATE-----Generated at Sat Apr 26 16:50:27 2025 by rpki-client