$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: wHyTRYaE9jphYrTUpAcyWYM7GdQE7sDMiz0nv8mljZw= Subject key identifier: D2:8A:C8:54:82:2B:E8:4E:66:C8:BB:D0:5A:7D:3A:BF:F7:9A:74:41 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 07EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07B5 Signing time: Sat 14 Jun 2025 21:10:27 +0000 Manifest this update: Sat 14 Jun 2025 21:10:27 +0000 Manifest next update: Sat 21 Jun 2025 21:10:27 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: 14PDHn8kZOL2o2NvIVuYGK4FFL4q2WATx+qSQlefsnY=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: Z0HHcyxz7rmGLBYwcIWDSL9D03AdZbtYiS469aOTikg=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: AOyufc93Chw9bEWHvFa0LDI+LOdW3FqSZFo43ILQvd0=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: ZpHbYhB9ExSCJ+11c8ap/OdAIsKxszdOCjimKJQDTek=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: ftDRlCPQKF+Ib5B7VJZrq540hqlVUdTm8Q2C4Ih+cM8=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HxA8u7nmZWUr6BPYIZAwMw8J3pQQtwxfZZvWeTi7tWI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: YABaqUWE/JPdcjinbFv0PWoHHYymCq6aO+ylU5Xzjo0=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: XhE6x9E/aZ957HcPZHgLlj7Fv56GEXE7hy1IWMNgX6M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 21:10:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2027 (0x7eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Jun 14 21:10:27 2025 GMT Not After : Jun 21 21:10:27 2025 GMT Subject: CN=684de543-73db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7b:95:2d:50:54:ee:d7:1f:45:13:2f:c0:83: b9:4b:84:84:03:81:a0:8e:e5:f9:66:15:c3:dd:e0: f1:1c:fe:ec:bd:38:58:a1:50:97:85:e0:2e:6e:c0: 3a:60:81:84:9d:92:40:cf:66:26:1a:c8:f4:b8:02: a6:47:7c:27:59:2b:d1:09:ae:1d:6e:c5:a5:20:00: 1d:10:a0:44:00:69:73:50:18:39:c5:88:52:9a:44: 9c:c1:21:50:33:3b:75:62:22:6b:eb:6b:66:6d:dd: f4:d0:96:40:57:e7:7f:af:6c:d0:53:66:e3:f8:c1: ba:4d:d9:d4:f7:70:35:6f:fa:6c:c8:13:59:04:a7: 86:54:0e:28:cb:e7:a1:5f:4c:4b:f2:9d:a7:e2:8a: 33:d2:68:9a:f1:29:6f:70:06:ae:4f:70:be:fa:83: 2f:3a:dc:7b:ba:34:78:15:de:b6:31:82:48:3d:86: b5:4c:40:b9:23:87:29:c7:1b:1d:8e:f7:e0:cc:e8: a9:09:ab:95:15:89:b7:cd:86:7a:77:3d:55:b2:6f: 7f:59:90:98:a2:16:81:2c:18:46:c1:a1:18:4e:0f: 52:f3:5a:c4:05:63:06:2f:2c:7d:36:5e:7f:7c:9c: 35:98:2d:2a:51:fb:ec:ec:e2:d3:8d:17:f5:c9:e5: b5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:8A:C8:54:82:2B:E8:4E:66:C8:BB:D0:5A:7D:3A:BF:F7:9A:74:41 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:40:34:e5:86:48:c9:94:b0:91:dd:43:5b:63:bd:02:22:31: 13:a8:57:85:83:0d:01:a1:a3:c6:9c:76:64:b4:66:f5:46:77: fd:eb:55:14:ea:2a:88:39:fc:55:e0:2a:91:53:5b:ac:9d:8a: bd:b9:1f:ed:4f:5a:46:52:89:a2:11:0c:cf:c5:ab:38:22:08: df:f2:05:d8:b7:47:db:5d:fe:5a:36:bc:60:0c:0e:ba:75:3e: 46:b3:ce:14:7a:df:d2:81:4b:4a:3b:40:be:00:05:28:d3:5f: fb:26:bd:66:d3:bd:1f:e3:9f:02:0b:46:7d:67:38:13:6a:7e: e3:89:29:d2:39:df:2d:42:ef:e5:81:08:a6:5c:bb:66:cb:4b: 63:dd:1f:94:c1:d2:b6:7a:76:62:57:b2:e1:91:3e:8c:47:d4: 41:68:29:64:c7:3e:90:94:67:77:cb:7c:1c:b0:c5:0d:7e:58: cc:5a:71:e0:38:ea:9c:be:73:17:1c:4b:6c:4f:c0:d0:dd:dd: c7:04:eb:33:7e:97:dc:8a:20:60:8e:97:3f:c5:c7:66:c6:71: 3c:37:dd:4a:73:54:67:64:aa:ce:c7:cb:a6:b5:35:c3:05:df: 34:5c:bd:dc:c7:d7:76:05:34:f5:d4:14:88:e5:df:51:d2:e3: 7a:0c:ce:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwNjE0MjExMDI3WhcNMjUwNjIxMjExMDI3WjAYMRYwFAYD VQQDEw02ODRkZTU0My03M2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsXuVLVBU7tcfRRMvwIO5S4SEA4GgjuX5ZhXD3eDxHP7svThYoVCXheAubsA6 YIGEnZJAz2YmGsj0uAKmR3wnWSvRCa4dbsWlIAAdEKBEAGlzUBg5xYhSmkScwSFQ Mzt1YiJr62tmbd300JZAV+d/r2zQU2bj+MG6TdnU93A1b/psyBNZBKeGVA4oy+eh X0xL8p2n4ooz0mia8SlvcAauT3C++oMvOtx7ujR4Fd62MYJIPYa1TEC5I4cpxxsd jvfgzOipCauVFYm3zYZ6dz1Vsm9/WZCYohaBLBhGwaEYTg9S81rEBWMGLyx9Nl5/ fJw1mC0qUfvs7OLTjRf1yeW10wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNKKyFSC K+hOZsi70Fp9Or/3mnRBMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKQDTlhkjJlLCR3UNbY70CIjETqFeFgw0BoaPGnHZktGb1Rnf961UU 6iqIOfxV4CqRU1usnYq9uR/tT1pGUomiEQzPxas4Igjf8gXYt0fbXf5aNrxgDA66 dT5Gs84Uet/SgUtKO0C+AAUo01/7Jr1m070f458CC0Z9ZzgTan7jiSnSOd8tQu/l gQimXLtmy0tj3R+UwdK2enZiV7LhkT6MR9RBaClkxz6QlGd3y3wcsMUNfljMWnHg OOqcvnMXHEtsT8DQ3d3HBOszfpfciiBgjpc/xcdmxnE8N91Kc1RnZKrOx8umtTXD Bd80XL3cx9d2BTT11BSI5d9R0uN6DM7S -----END CERTIFICATE-----Generated at Sun Jun 15 10:03:27 2025 by rpki-client