$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft File: X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft (raw, json) Hash identifier: AcK8yWqHKT83ndPaMqVToDOYlhcYSAct+YuM851tzwI= Subject key identifier: F5:04:E5:7B:E6:63:8F:EF:C1:88:53:C3:DF:F2:02:6E:C1:E3:51:D1 Authority key identifier: 5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9 Certificate issuer: /CN=A91CE285/serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9 Certificate serial: 09A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft Manifest number: 09A1 Signing time: Thu 24 Apr 2025 19:57:08 +0000 Manifest this update: Thu 24 Apr 2025 19:57:08 +0000 Manifest next update: Thu 01 May 2025 19:57:08 +0000 Files and hashes: 1: X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl (hash: cv4rXAQ4hHd0Ds+K/Hh4NxAxKbWa/B6ZFVB+bLhD6Ek=) 2: E5C4974689CF11EAA39AF441C4F9AE02.roa (hash: FJBYOIrltpRMrNwPrut4yj3xc+CpMT9AOJtC+2kI31Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:57:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2471 (0x9a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE285, serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9 Validity Not Before: Apr 24 19:57:08 2025 GMT Not After : May 1 19:57:08 2025 GMT Subject: CN=680a9794-3032 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:0e:d0:1c:8c:94:82:6b:5d:c9:2f:d6:2a:ec: fc:21:48:72:58:3c:d9:1e:f9:4a:9c:50:09:47:55: 51:66:80:bc:c6:38:ee:4a:21:08:ef:1c:c3:cc:da: 8e:57:ab:1e:5b:00:a4:ab:11:a6:17:d8:59:68:61: b4:a6:d1:28:b7:f4:ec:85:6f:b9:ae:1c:fc:ec:6f: 17:d7:7f:19:32:d3:b7:90:2e:aa:0d:d8:8a:f4:1c: da:eb:12:51:8b:14:e3:66:4d:aa:ce:5e:32:3a:35: 01:4b:58:af:dc:04:e3:30:8e:97:6b:7c:15:4b:ef: b5:c7:c8:29:8e:bc:e1:5e:2e:94:ff:88:68:eb:1d: 3b:f9:d5:e7:42:25:1d:0a:43:00:65:5f:93:f0:e7: 9d:65:dd:e9:01:65:81:01:5a:b5:50:0d:cd:08:b3: 67:07:28:58:65:6e:0a:0e:b7:c8:e6:ca:10:11:9e: 44:ac:99:20:57:2b:89:ac:2b:30:00:12:25:4c:50: 35:21:9e:bd:82:88:63:83:c9:a7:a8:05:0c:e8:9e: 89:dd:7d:86:75:a3:32:58:34:c4:de:3d:08:52:d1: c3:5e:33:f9:1f:27:50:e0:46:23:f9:98:b6:3d:3e: de:66:4a:63:23:31:b0:01:66:d7:61:e7:96:ce:40: dd:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:04:E5:7B:E6:63:8F:EF:C1:88:53:C3:DF:F2:02:6E:C1:E3:51:D1 X509v3 Authority Key Identifier: keyid:5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:76:10:8d:77:aa:92:a3:d7:c7:94:99:85:a9:9b:87:83:89: 16:92:15:56:96:57:3a:59:4c:6d:02:a0:7d:a9:bc:35:38:10: fb:49:9f:84:46:4a:08:05:89:90:a1:a7:8a:72:0a:ab:f1:16: ab:86:87:c5:04:cb:53:63:43:dd:0b:91:12:f6:92:66:fc:70: 30:95:ba:1f:da:e4:23:b9:d1:f3:a9:a2:59:ec:be:28:5a:67: 4f:cf:f1:da:b9:2a:cf:5c:37:9e:12:aa:1c:de:53:c5:ae:47: b0:18:83:2d:df:da:48:a5:6f:75:03:30:f1:8b:a4:19:fd:e4: ce:e7:c5:e7:3b:5f:4a:ef:e1:85:19:72:e5:63:d0:29:f3:b8: 96:9a:08:c1:f4:fe:bd:a9:74:98:87:08:4f:80:39:2a:04:15: bc:66:f5:36:79:bd:65:fb:7a:5a:96:c3:c3:01:a8:85:05:2b: f1:df:c2:d8:e2:da:f0:57:78:18:a1:b0:ee:da:7a:b0:c1:59: 5f:8e:8b:50:63:b5:1c:95:7d:58:a4:9b:d3:45:29:eb:a9:a6: 01:7e:d7:c5:b8:96:26:26:26:18:f8:21:e3:f2:41:cd:86:48: 8c:0c:82:ef:84:3a:fb:55:47:26:7f:0b:48:13:5f:53:f1:6f: c5:07:4a:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UyODUxMTAvBgNVBAUTKDVGOEFGMzU5NzNGRDRGQTU2M0YzM0I3Mzc2NTM0Njgy MTA3QkM4RjkwHhcNMjUwNDI0MTk1NzA4WhcNMjUwNTAxMTk1NzA4WjAYMRYwFAYD VQQDEw02ODBhOTc5NC0zMDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApA7QHIyUgmtdyS/WKuz8IUhyWDzZHvlKnFAJR1VRZoC8xjjuSiEI7xzDzNqO V6seWwCkqxGmF9hZaGG0ptEot/TshW+5rhz87G8X138ZMtO3kC6qDdiK9Bza6xJR ixTjZk2qzl4yOjUBS1iv3ATjMI6Xa3wVS++1x8gpjrzhXi6U/4ho6x07+dXnQiUd CkMAZV+T8OedZd3pAWWBAVq1UA3NCLNnByhYZW4KDrfI5soQEZ5ErJkgVyuJrCsw ABIlTFA1IZ69gohjg8mnqAUM6J6J3X2GdaMyWDTE3j0IUtHDXjP5HydQ4EYj+Zi2 PT7eZkpjIzGwAWbXYeeWzkDdHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPUE5Xvm Y4/vwYhTw9/yAm7B41HRMB8GA1UdIwQYMBaAFF+K81lz/U+lY/M7c3ZTRoIQe8j5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTI4NS81RTE2NDhCNjg0 QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2Vmo4enR6ZGxOR2doQjd5 UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0cnpXWFA5VDZWajh6dHpkbE5HZ2hCN3lQay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTI4NS81RTE2NDhCNjg0QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2 Vmo4enR6ZGxOR2doQjd5UGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGdhCNd6qSo9fHlJmFqZuHg4kWkhVWllc6WUxtAqB9qbw1OBD7SZ+E RkoIBYmQoaeKcgqr8RarhofFBMtTY0PdC5ES9pJm/HAwlbof2uQjudHzqaJZ7L4o WmdPz/HauSrPXDeeEqoc3lPFrkewGIMt39pIpW91AzDxi6QZ/eTO58XnO19K7+GF GXLlY9Ap87iWmgjB9P69qXSYhwhPgDkqBBW8ZvU2eb1l+3palsPDAaiFBSvx38LY 4trwV3gYobDu2nqwwVlfjotQY7UclX1YpJvTRSnrqaYBftfFuJYmJiYY+CHj8kHN hkiMDILvhDr7VUcmfwtIE19T8W/FB0rS -----END CERTIFICATE-----Generated at Sat Apr 26 14:01:36 2025 by rpki-client