$ rpki-client -vvf rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft File: XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft (raw, json) Hash identifier: RENwhhqAwWFQc0PCcRmWh6d9gOqAJ6OmHbDLSB5j70g= Subject key identifier: 10:52:E5:D0:21:D2:34:43:CF:61:CB:B3:D7:99:C5:BF:3F:A8:20:1F Authority key identifier: 5F:1C:53:4A:EE:FF:4E:38:0C:E5:A0:9A:10:84:BF:8F:57:09:ED:08 Certificate issuer: /CN=A91A467D/serialNumber=5F1C534AEEFF4E380CE5A09A1084BF8F5709ED08 Certificate serial: 0AF3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft Manifest number: 0AEC Signing time: Wed 18 Jun 2025 19:16:56 +0000 Manifest this update: Wed 18 Jun 2025 19:16:55 +0000 Manifest next update: Wed 25 Jun 2025 19:16:55 +0000 Files and hashes: 1: XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl (hash: 0p0CMlitnzEz9El3vz5VWy1uaY8cnoEeQHYj73mJDS0=) 2: 43272DE249AA11EABABC8610C4F9AE02.roa (hash: ArNuSAGS500F2Au8BkBemb4Fqw5PMgC4H5tbUjnLNK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 19:16:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2803 (0xaf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A467D, serialNumber=5F1C534AEEFF4E380CE5A09A1084BF8F5709ED08 Validity Not Before: Jun 18 19:16:55 2025 GMT Not After : Jun 25 19:16:55 2025 GMT Subject: CN=685310a8-80c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d2:a7:70:ac:b4:78:62:49:a8:49:bb:ae:d4: 7b:68:f7:d1:ea:71:a0:81:66:18:fb:cf:1a:47:25: 69:4c:ff:fc:57:99:34:8a:38:11:7a:4a:8d:fc:d5: ef:32:49:5a:90:97:c4:66:8b:2c:6b:8c:d8:70:56: 33:da:cd:18:a1:e9:58:08:ef:64:c2:cd:b3:00:68: 2c:54:d3:62:bc:b1:74:36:5b:ca:7f:e8:5e:15:e2: e1:c9:ba:6d:9f:56:61:b5:da:cb:1b:09:e0:74:86: 4d:33:74:64:b3:8a:5d:e9:40:33:50:67:7a:b9:b8: b6:df:a0:30:d6:f9:b4:89:f1:de:06:0d:aa:48:0b: 17:27:75:37:fb:6a:05:9f:2e:d4:39:bf:a9:cf:88: c2:8d:80:29:e5:c5:30:00:98:0a:a0:a6:17:fb:24: 6a:e2:b2:85:e6:4b:49:62:de:ad:c5:78:40:74:28: c3:be:bd:6a:8c:e0:d6:96:bf:21:cc:d1:e3:2b:3e: e6:e7:1c:b8:82:36:00:a8:bd:eb:28:38:5e:98:19: 1b:41:07:ee:91:7d:8f:81:50:02:4e:a3:4a:6e:a3: a3:17:8e:9f:53:26:aa:19:dd:e8:69:9e:dd:37:60: 88:3a:fa:c3:6b:dc:40:32:23:fa:58:02:37:1a:b8: f8:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:52:E5:D0:21:D2:34:43:CF:61:CB:B3:D7:99:C5:BF:3F:A8:20:1F X509v3 Authority Key Identifier: keyid:5F:1C:53:4A:EE:FF:4E:38:0C:E5:A0:9A:10:84:BF:8F:57:09:ED:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:3f:6e:72:42:f3:8d:9a:e3:21:01:7b:ec:ae:3a:76:a0:0a: 76:6b:e4:20:2f:31:81:19:22:64:e8:26:2f:0d:10:b0:b5:8b: 84:83:40:c6:4c:a4:cf:02:c4:52:a9:c8:2b:ea:7a:ab:6d:5e: f3:00:43:b5:5b:09:a8:23:15:8a:64:9b:eb:52:8c:9e:74:aa: f5:ac:aa:6f:a9:80:22:68:43:70:5c:d2:6b:b8:52:40:ae:2e: dc:b4:f5:9f:b4:0b:80:0d:af:5c:30:d6:57:c1:dc:0a:ba:ea: 5a:1f:78:be:32:4e:78:6f:6f:a9:1f:57:7f:b7:82:cb:81:9c: 86:07:c2:86:66:bb:b4:2a:a7:94:a2:d7:7e:f8:ee:57:4f:6c: 59:ac:47:b9:6a:1e:fe:34:50:29:7f:04:ba:19:dd:ed:c9:88: 3a:8f:e0:84:07:8a:6e:64:a5:cb:71:bb:4b:7c:e8:a5:5f:58: d2:c0:2d:f0:42:82:9a:30:12:dd:07:13:a4:4b:43:f4:fd:a3: 05:c2:93:90:c0:e3:68:a0:73:ec:28:31:77:3a:50:ca:1d:cb: e2:3c:95:d5:a3:e3:64:5c:25:4f:84:68:90:c5:05:8e:d8:04: ae:fc:d4:b3:ff:73:37:a7:f3:7d:f2:e8:5c:d9:22:91:b6:c7: 0d:b4:45:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ2N0QxMTAvBgNVBAUTKDVGMUM1MzRBRUVGRjRFMzgwQ0U1QTA5QTEwODRCRjhG NTcwOUVEMDgwHhcNMjUwNjE4MTkxNjU1WhcNMjUwNjI1MTkxNjU1WjAYMRYwFAYD VQQDEw02ODUzMTBhOC04MGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzdKncKy0eGJJqEm7rtR7aPfR6nGggWYY+88aRyVpTP/8V5k0ijgRekqN/NXv MklakJfEZossa4zYcFYz2s0YoelYCO9kws2zAGgsVNNivLF0NlvKf+heFeLhybpt n1ZhtdrLGwngdIZNM3Rks4pd6UAzUGd6ubi236Aw1vm0ifHeBg2qSAsXJ3U3+2oF ny7UOb+pz4jCjYAp5cUwAJgKoKYX+yRq4rKF5ktJYt6txXhAdCjDvr1qjODWlr8h zNHjKz7m5xy4gjYAqL3rKDhemBkbQQfukX2PgVACTqNKbqOjF46fUyaqGd3oaZ7d N2CIOvrDa9xAMiP6WAI3Grj4xwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBBS5dAh 0jRDz2HLs9eZxb8/qCAfMB8GA1UdIwQYMBaAFF8cU0ru/044DOWgmhCEv49XCe0I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDY3RC84NDhFN0QxODQ5 QTkxMUVBQTZGREQzMEZDNEY5QUUwMi9YeHhUU3U3X1RqZ001YUNhRUlTX2oxY0o3 UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h4eFRTdTdfVGpnTTVhQ2FFSVNfajFjSjdRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDY3RC84NDhFN0QxODQ5QTkxMUVBQTZGREQzMEZDNEY5QUUwMi9YeHhUU3U3X1Rq Z001YUNhRUlTX2oxY0o3UWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3P25yQvONmuMhAXvsrjp2oAp2a+QgLzGBGSJk6CYvDRCwtYuEg0DG TKTPAsRSqcgr6nqrbV7zAEO1WwmoIxWKZJvrUoyedKr1rKpvqYAiaENwXNJruFJA ri7ctPWftAuADa9cMNZXwdwKuupaH3i+Mk54b2+pH1d/t4LLgZyGB8KGZru0KqeU otd++O5XT2xZrEe5ah7+NFApfwS6Gd3tyYg6j+CEB4puZKXLcbtLfOilX1jSwC3w QoKaMBLdBxOkS0P0/aMFwpOQwONooHPsKDF3OlDKHcviPJXVo+NkXCVPhGiQxQWO 2ASu/NSz/3M3p/N98uhc2SKRtscNtEX0 -----END CERTIFICATE-----Generated at Wed Jun 18 21:31:12 2025 by rpki-client