$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft File: XnKqfVsdVjLl0z_scvp0M_Sc4po.mft (raw, json) Hash identifier: 1QdxZ3wRXUMfR7c2hIf3FtUYz6vtSrYdshRHSjnWLKM= Subject key identifier: 04:A1:44:1D:73:06:53:82:9A:D4:E6:0B:8A:E3:A0:FE:4A:83:26:5D Authority key identifier: 5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A Certificate issuer: /CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Certificate serial: 015A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft Manifest number: 013D Signing time: Fri 25 Apr 2025 03:45:56 +0000 Manifest this update: Fri 25 Apr 2025 03:45:55 +0000 Manifest next update: Fri 02 May 2025 03:45:55 +0000 Files and hashes: 1: XnKqfVsdVjLl0z_scvp0M_Sc4po.crl (hash: 2CxjS74HYwSzKDc5+dOibn0edYnkNELQp7gRw1coSp8=) 2: 36C31E00637111EEA51CA05EC4F9AE02.roa (hash: VRlasPmFdnGQ7jXmsGRiZ9YkkvB4UEQJbRXUpRC4bL8=) 3: 00E626A4A57611EF98285E5FC4F9AE02.roa (hash: ebTeaPrWBlAg+bHK7CkBFu5kiy7GaQn9QlJ0VdT4JzQ=) 4: 98BE8828663D11EE8CBBAE7CC4F9AE02.roa (hash: qOQvPOfqQOexW3Sxvhsqmm5W1KEN72YTFSt5Z0QktXg=) 5: 99341DD6663D11EE8CBBAE7CC4F9AE02.roa (hash: pidH+xtb8OXyN3SlmzLiBUdr0SQho8QbaXQpLP6w5rQ=) 6: 678C24C0663F11EEBD955D43C4F9AE02.roa (hash: LMxslHx0hj+eRPegweO/Q77RiY35syFR40MU3J+sT8s=) 7: 9830B6D8663D11EE8CBBAE7CC4F9AE02.roa (hash: Wa8VD0lmDOwdth5KoUIOfMLBdB57aoMl1cYAfCOjMXs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:45:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 346 (0x15a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E82, serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Validity Not Before: Apr 25 03:45:55 2025 GMT Not After : May 2 03:45:55 2025 GMT Subject: CN=680b0574-48bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ee:9f:8c:c9:c8:38:62:a3:3a:30:59:8b:2a: 2f:a8:73:19:a1:2e:d9:f5:60:42:23:01:04:71:c2: a0:81:b4:8c:6e:1b:09:9f:19:59:df:07:93:16:aa: 1a:5e:b7:b1:13:1c:85:3b:79:73:14:32:2f:d2:1c: 06:67:63:4b:bf:d1:ca:91:18:66:c2:ee:54:9a:9c: c9:16:48:01:10:1d:89:0f:ff:ab:2d:30:59:c5:e1: 55:2f:f7:2a:04:03:5d:30:b5:dc:10:32:c0:0c:98: f0:f3:00:a4:65:6d:15:5c:3c:64:8d:99:e2:a3:f0: 5b:76:13:7d:57:77:15:c2:e2:fb:af:3b:ed:fc:9c: 5b:42:b3:37:ff:d2:b5:47:f2:4e:d8:2c:48:51:63: a4:b0:e9:4a:96:ce:80:8a:62:7c:92:6c:ce:84:2a: 70:b8:24:8d:1d:b3:f5:c5:a8:7c:42:6d:be:5f:7c: e3:8a:ad:04:b0:84:a4:a5:4b:da:23:b2:c5:44:f1: ab:fc:a5:b2:76:d2:4b:6d:1b:7d:75:0e:6d:e9:72: 1b:cf:aa:31:68:28:a5:aa:93:fa:da:9d:f6:ae:0b: 1f:ec:3e:40:f0:03:32:d8:21:8d:88:58:3b:2f:c8: e4:27:10:32:f9:ce:ca:1f:4b:e9:57:ec:48:31:c2: 5c:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:A1:44:1D:73:06:53:82:9A:D4:E6:0B:8A:E3:A0:FE:4A:83:26:5D X509v3 Authority Key Identifier: keyid:5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:c8:3d:96:a2:ba:95:84:66:03:21:3c:94:62:8e:66:30:48: c5:31:dd:4d:9c:13:77:9d:b1:8c:87:94:1f:11:b7:bd:5c:2a: 67:3b:52:6d:b2:7b:82:8f:49:8f:8a:76:ef:b9:7b:1f:f7:aa: 66:94:6a:c0:aa:11:8c:c2:27:1a:e6:a3:4b:c2:67:b0:95:c0: 54:15:fa:01:75:57:57:3f:d0:94:74:a1:f9:81:37:c7:6d:20: b9:13:d6:3e:8a:aa:ba:21:93:72:69:1f:84:07:56:61:61:9f: 66:62:13:28:4f:06:dd:a9:2a:84:7d:11:00:35:05:2c:ff:1b: e3:60:c3:f3:f7:7c:f6:6d:91:0e:a3:13:8e:e0:2e:ef:d2:c2: 95:d1:5a:83:c4:9c:2d:6c:b2:e2:71:dd:54:7e:2a:73:d9:38: 2e:73:7d:3c:b5:09:03:af:ff:97:21:2f:2c:f7:a8:cb:96:a6: 81:ab:13:a8:00:84:04:a0:f5:19:6c:79:e8:d9:73:00:fb:6d: 14:b7:ed:85:88:63:ed:fa:4f:23:9e:09:8b:f4:72:64:6c:99: 08:d9:73:ef:58:e9:ec:aa:47:cd:5d:cc:95:c5:6c:d2:3b:f6: 34:67:5a:3a:93:66:68:c5:bb:f3:79:16:af:95:30:5b:1a:45: a2:35:aa:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlFODIxMTAvBgNVBAUTKDVFNzJBQTdENUIxRDU2MzJFNUQzM0ZFQzcyRkE3NDMz RjQ5Q0UyOUEwHhcNMjUwNDI1MDM0NTU1WhcNMjUwNTAyMDM0NTU1WjAYMRYwFAYD VQQDEw02ODBiMDU3NC00OGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuO6fjMnIOGKjOjBZiyovqHMZoS7Z9WBCIwEEccKggbSMbhsJnxlZ3weTFqoa XrexExyFO3lzFDIv0hwGZ2NLv9HKkRhmwu5UmpzJFkgBEB2JD/+rLTBZxeFVL/cq BANdMLXcEDLADJjw8wCkZW0VXDxkjZnio/BbdhN9V3cVwuL7rzvt/JxbQrM3/9K1 R/JO2CxIUWOksOlKls6AimJ8kmzOhCpwuCSNHbP1xah8Qm2+X3zjiq0EsISkpUva I7LFRPGr/KWydtJLbRt9dQ5t6XIbz6oxaCilqpP62p32rgsf7D5A8AMy2CGNiFg7 L8jkJxAy+c7KH0vpV+xIMcJcbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAShRB1z BlOCmtTmC4rjoP5KgyZdMB8GA1UdIwQYMBaAFF5yqn1bHVYy5dM/7HL6dDP0nOKa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU4Mi9FQTdFNUZBNjYz NkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZqTGwwel9zY3ZwME1fU2M0 cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1huS3FmVnNkVmpMbDB6X3NjdnAwTV9TYzRwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUU4Mi9FQTdFNUZBNjYzNkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZq TGwwel9zY3ZwME1fU2M0cG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATyD2WorqVhGYDITyUYo5mMEjFMd1NnBN3nbGMh5QfEbe9XCpnO1Jt snuCj0mPinbvuXsf96pmlGrAqhGMwica5qNLwmewlcBUFfoBdVdXP9CUdKH5gTfH bSC5E9Y+iqq6IZNyaR+EB1ZhYZ9mYhMoTwbdqSqEfREANQUs/xvjYMPz93z2bZEO oxOO4C7v0sKV0VqDxJwtbLLicd1Ufipz2Tguc308tQkDr/+XIS8s96jLlqaBqxOo AIQEoPUZbHno2XMA+20Ut+2FiGPt+k8jngmL9HJkbJkI2XPvWOnsqkfNXcyVxWzS O/Y0Z1o6k2ZoxbvzeRavlTBbGkWiNarK -----END CERTIFICATE-----Generated at Sat Apr 26 05:10:51 2025 by rpki-client