$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft File: XDfN_Mjp6QxBFko5HukDtN5U37E.mft (raw, json) Hash identifier: JlYqwgHZCwqe1E0KAohV+Er7TSs+5CHKWKYW61mEC1g= Subject key identifier: 4B:91:2B:BF:F2:49:93:AA:5E:22:E3:DA:B3:F1:53:9A:C1:F6:6C:FD Authority key identifier: 5C:37:CD:FC:C8:E9:E9:0C:41:16:4A:39:1E:E9:03:B4:DE:54:DF:B1 Certificate issuer: /CN=A91D1EBA/serialNumber=5C37CDFCC8E9E90C41164A391EE903B4DE54DFB1 Certificate serial: 062F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDfN_Mjp6QxBFko5HukDtN5U37E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft Manifest number: 062A Signing time: Thu 24 Apr 2025 22:30:42 +0000 Manifest this update: Thu 24 Apr 2025 22:30:42 +0000 Manifest next update: Thu 01 May 2025 22:30:42 +0000 Files and hashes: 1: XDfN_Mjp6QxBFko5HukDtN5U37E.crl (hash: pNTHBELliog7ce6o6BaLRhPx4kjlRcZcEjS+YL408OU=) 2: A14BDCE491EB11EBAD7A1530C4F9AE02.roa (hash: oheVgwgcc5IUYSIleOKjSz3O1d0TWSDn9p0tlk0co7w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.crl rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDfN_Mjp6QxBFko5HukDtN5U37E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:30:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1583 (0x62f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1EBA, serialNumber=5C37CDFCC8E9E90C41164A391EE903B4DE54DFB1 Validity Not Before: Apr 24 22:30:42 2025 GMT Not After : May 1 22:30:42 2025 GMT Subject: CN=680abb92-8425 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:6c:b7:c0:f0:ad:c7:f7:8d:e5:2d:8b:3d:61: e8:e0:ca:d7:3a:4a:15:26:80:74:d9:9b:f7:a1:8a: c5:9b:9d:7c:0b:ba:74:fc:52:4a:96:84:a6:2b:6f: 20:16:ef:6a:99:1d:0a:f2:4b:ae:64:ab:4f:ec:a6: dd:4f:93:0d:5a:d3:73:13:92:e0:30:99:2d:8a:80: 73:e8:37:c1:be:cd:b2:16:b4:8e:0f:47:d1:24:01: 6b:3d:a0:ec:3d:6c:26:da:a5:b3:f5:1f:d0:28:3b: bc:f0:d3:94:31:73:f3:7a:28:4b:bf:4d:12:ce:b2: 36:6b:48:d5:93:3d:60:85:a9:d2:04:f5:0b:82:b2: 95:5d:1f:a6:66:c5:f1:ce:3f:63:15:d7:7e:84:b9: 99:f7:db:19:01:07:d1:fe:16:bf:15:33:ed:7e:dd: 0e:0b:88:18:2f:69:fc:f6:71:6d:3f:97:98:47:3c: 74:98:4f:71:84:ee:c1:96:c5:f6:b1:5a:f0:4e:38: 4c:3d:05:ec:35:82:1e:b7:b7:f4:6d:bb:fd:ba:2f: 0e:70:e8:73:d8:78:48:be:5b:78:97:24:12:19:16: fb:8d:19:37:37:77:ad:13:45:ce:0f:12:03:17:b3: 4a:48:ea:f6:42:a5:a5:50:b1:80:8e:6d:14:36:45: de:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:91:2B:BF:F2:49:93:AA:5E:22:E3:DA:B3:F1:53:9A:C1:F6:6C:FD X509v3 Authority Key Identifier: keyid:5C:37:CD:FC:C8:E9:E9:0C:41:16:4A:39:1E:E9:03:B4:DE:54:DF:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDfN_Mjp6QxBFko5HukDtN5U37E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:62:f3:b6:4a:af:2b:ee:0c:3a:03:99:31:f4:5c:60:63:a6: cf:64:46:92:fd:77:ea:ae:d1:ee:2b:74:bd:94:9a:ca:5f:c7: 63:d7:3e:5d:a5:95:04:45:1a:9e:2f:c3:2c:8e:fe:ff:25:5b: c3:91:a7:8f:1d:a1:cd:b5:cf:eb:3d:50:64:54:14:31:8d:4b: 3b:d2:d5:9d:5f:9d:9d:c8:bf:ef:49:1b:63:9c:7c:1d:03:46: 4b:e1:16:ab:12:7d:86:8e:cb:5a:35:d0:63:75:12:ed:16:76: 6b:10:dd:a5:bf:dd:84:b7:e4:98:e2:28:ba:0c:79:d3:1d:1b: 34:fc:90:05:26:4a:d3:7d:1b:97:70:01:67:fe:97:4b:64:e1: 3c:0c:d0:bd:e5:08:48:82:53:c8:cd:88:4e:2a:de:c0:55:4a: b5:04:40:d5:88:01:0d:14:fd:62:79:a5:c8:87:d2:a8:a3:c2: 51:c2:a5:67:3d:ed:13:52:33:48:c3:c2:10:91:6c:18:14:e6: a3:c7:7c:4e:3f:05:d3:9a:87:9f:82:c7:c8:aa:05:cb:9e:ce: 32:16:68:fc:7d:a4:6d:e4:d6:e1:c2:21:01:7c:79:29:4b:6f: 73:3f:ef:16:a4:54:e5:c6:3f:73:36:ec:15:7b:71:c9:b8:6e: 79:e8:3e:3a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDFFQkExMTAvBgNVBAUTKDVDMzdDREZDQzhFOUU5MEM0MTE2NEEzOTFFRTkwM0I0 REU1NERGQjEwHhcNMjUwNDI0MjIzMDQyWhcNMjUwNTAxMjIzMDQyWjAYMRYwFAYD VQQDEw02ODBhYmI5Mi04NDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA22y3wPCtx/eN5S2LPWHo4MrXOkoVJoB02Zv3oYrFm518C7p0/FJKloSmK28g Fu9qmR0K8kuuZKtP7KbdT5MNWtNzE5LgMJktioBz6DfBvs2yFrSOD0fRJAFrPaDs PWwm2qWz9R/QKDu88NOUMXPzeihLv00SzrI2a0jVkz1ghanSBPULgrKVXR+mZsXx zj9jFdd+hLmZ99sZAQfR/ha/FTPtft0OC4gYL2n89nFtP5eYRzx0mE9xhO7BlsX2 sVrwTjhMPQXsNYIet7f0bbv9ui8OcOhz2HhIvlt4lyQSGRb7jRk3N3etE0XODxID F7NKSOr2QqWlULGAjm0UNkXeDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEuRK7/y SZOqXiLj2rPxU5rB9mz9MB8GA1UdIwQYMBaAFFw3zfzI6ekMQRZKOR7pA7TeVN+x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUVCQS84Mzk0RTI1MDkx RUExMUVCQUFEQkY5MkZDNEY5QUUwMi9YRGZOX01qcDZReEJGa281SHVrRHRONVUz N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEZk5fTWpwNlF4QkZrbzVIdWtEdE41VTM3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MUVCQS84Mzk0RTI1MDkxRUExMUVCQUFEQkY5MkZDNEY5QUUwMi9YRGZOX01qcDZR eEJGa281SHVrRHRONVUzN0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0YvO2Sq8r7gw6A5kx9FxgY6bPZEaS/XfqrtHuK3S9lJrKX8dj1z5d pZUERRqeL8Msjv7/JVvDkaePHaHNtc/rPVBkVBQxjUs70tWdX52dyL/vSRtjnHwd A0ZL4RarEn2GjstaNdBjdRLtFnZrEN2lv92Et+SY4ii6DHnTHRs0/JAFJkrTfRuX cAFn/pdLZOE8DNC95QhIglPIzYhOKt7AVUq1BEDViAENFP1ieaXIh9Koo8JRwqVn Pe0TUjNIw8IQkWwYFOajx3xOPwXTmoefgsfIqgXLns4yFmj8faRt5NbhwiEBfHkp S29zP+8WpFTlxj9zNuwVe3HJuG556D46 -----END CERTIFICATE-----Generated at Sat Apr 26 14:21:22 2025 by rpki-client