$ rpki-client -vvf rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft File: XHIqJhQciPfNQPObN0raf7wfmx8.mft (raw, json) Hash identifier: h+bJlDlEtuAvKnpHonlvl4dZBoO5i/TxoMwE+VP1eUU= Subject key identifier: 1B:06:01:B1:52:F1:68:1A:D4:B4:18:C1:8A:CB:02:A6:5D:24:83:B7 Authority key identifier: 5C:72:2A:26:14:1C:88:F7:CD:40:F3:9B:37:4A:DA:7F:BC:1F:9B:1F Certificate issuer: /CN=A91D824A/serialNumber=5C722A26141C88F7CD40F39B374ADA7FBC1F9B1F Certificate serial: A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft Manifest number: 9F Signing time: Sun 15 Jun 2025 05:22:57 +0000 Manifest this update: Sun 15 Jun 2025 05:22:56 +0000 Manifest next update: Sun 22 Jun 2025 05:22:56 +0000 Files and hashes: 1: XHIqJhQciPfNQPObN0raf7wfmx8.crl (hash: xozf5e9Ie6pL5l4uS9fQGf/wg0WIy/iLIi/k7C5LT4M=) 2: AA5F20585B9A11EFBB8CB141C4F9AE02.roa (hash: xwJyyBO1pg9qb2VE0/6cn7we8wuOMnw/nqF3R5gu+VU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.crl rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 162 (0xa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D824A, serialNumber=5C722A26141C88F7CD40F39B374ADA7FBC1F9B1F Validity Not Before: Jun 15 05:22:56 2025 GMT Not After : Jun 22 05:22:56 2025 GMT Subject: CN=684e58b0-0f3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8a:67:87:2d:18:9d:f0:d7:e4:f1:08:2f:f0: 7e:dd:64:3c:44:d6:cd:22:4c:0a:0d:da:d2:bc:89: a2:42:ae:b1:5b:33:d0:f6:70:ae:46:1d:f0:ee:3a: 54:47:9c:6f:43:bb:95:4a:ce:e3:4e:43:7a:ed:cf: 4e:44:cd:06:29:3f:c6:72:15:50:80:82:34:9d:fd: e2:e6:67:9e:fa:3b:55:7c:d3:a4:19:10:cf:7c:b8: bf:ed:af:59:1f:51:99:7b:f5:e6:72:03:bb:73:54: 73:27:ee:23:90:15:c1:75:21:1f:33:36:b1:b2:cf: 27:3a:e1:0c:98:a8:f7:1f:d9:a2:6f:22:a3:d7:8a: 7c:4f:a7:52:42:3b:bc:68:d6:5d:6e:58:be:58:98: 90:9c:02:1a:24:a2:fe:b0:67:b5:cc:30:a8:28:c7: 52:9d:23:98:20:96:b9:e3:bc:0f:d9:da:fe:84:6b: 62:e0:68:95:b9:a7:2d:dc:16:8d:d3:91:fe:d5:ec: 49:34:a2:e7:13:84:a8:0d:2b:f1:15:40:f6:a9:7a: ad:e5:a6:5d:c7:ad:13:3d:4e:c9:d9:a6:e9:4e:79: 16:91:24:f4:fe:07:b5:5e:63:90:b3:b7:a8:73:a0: bd:7c:65:af:de:db:24:2f:63:b6:bf:c3:51:01:a6: f6:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:06:01:B1:52:F1:68:1A:D4:B4:18:C1:8A:CB:02:A6:5D:24:83:B7 X509v3 Authority Key Identifier: keyid:5C:72:2A:26:14:1C:88:F7:CD:40:F3:9B:37:4A:DA:7F:BC:1F:9B:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:9c:fb:a6:82:3c:43:3a:0f:04:53:ab:69:e9:d5:b9:32:aa: c6:7f:e7:db:fd:a8:d0:96:61:85:2b:59:c9:2f:86:dd:e3:0d: ab:d2:21:8f:22:99:17:36:d9:c3:db:13:95:99:56:df:2f:8d: 9e:05:5e:15:0e:29:51:e5:18:a9:a5:46:82:92:b7:53:16:b8: 89:b0:97:97:c4:e5:ac:05:fd:84:33:d6:ec:c8:3d:dc:f6:a8: 87:3e:93:74:80:58:1a:d4:e8:9d:08:25:f9:f5:0e:40:63:7c: f6:02:ab:36:54:77:3c:1e:fc:6a:d1:21:25:dd:37:ea:69:5a: a2:75:a5:da:be:61:c7:bb:79:ed:bf:5c:96:db:44:aa:05:63: c5:1e:fd:b9:1d:49:11:2b:2f:73:ba:a8:3e:3c:8d:10:6f:f1: 7e:91:e0:28:5d:75:ad:11:32:ce:b4:7b:d6:96:03:9f:8b:35: 5e:32:51:78:6f:5b:2e:67:48:1e:87:2b:8a:de:bd:a6:fa:30: 73:8a:be:73:a0:86:5a:59:63:3a:a5:8d:18:e0:7d:c9:c5:af: f3:6d:d0:03:ac:2e:a3:e0:31:39:95:6b:cb:23:f4:78:92:cf: fc:00:1c:2b:29:9e:93:97:c6:70:bd:82:45:d0:4e:a5:5d:a2: 14:1b:05:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgyNEExMTAvBgNVBAUTKDVDNzIyQTI2MTQxQzg4RjdDRDQwRjM5QjM3NEFEQTdG QkMxRjlCMUYwHhcNMjUwNjE1MDUyMjU2WhcNMjUwNjIyMDUyMjU2WjAYMRYwFAYD VQQDEw02ODRlNThiMC0wZjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApIpnhy0YnfDX5PEIL/B+3WQ8RNbNIkwKDdrSvImiQq6xWzPQ9nCuRh3w7jpU R5xvQ7uVSs7jTkN67c9ORM0GKT/GchVQgII0nf3i5mee+jtVfNOkGRDPfLi/7a9Z H1GZe/XmcgO7c1RzJ+4jkBXBdSEfMzaxss8nOuEMmKj3H9mibyKj14p8T6dSQju8 aNZdbli+WJiQnAIaJKL+sGe1zDCoKMdSnSOYIJa547wP2dr+hGti4GiVuact3BaN 05H+1exJNKLnE4SoDSvxFUD2qXqt5aZdx60TPU7J2abpTnkWkST0/ge1XmOQs7eo c6C9fGWv3tskL2O2v8NRAab2tQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBsGAbFS 8Wga1LQYwYrLAqZdJIO3MB8GA1UdIwQYMBaAFFxyKiYUHIj3zUDzmzdK2n+8H5sf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODI0QS80QURGMzNGQzVC OUExMUVGODMwN0Y1NDBDNEY5QUUwMi9YSElxSmhRY2lQZk5RUE9iTjByYWY3d2Zt eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hISXFKaFFjaVBmTlFQT2JOMHJhZjd3Zm14OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODI0QS80QURGMzNGQzVCOUExMUVGODMwN0Y1NDBDNEY5QUUwMi9YSElxSmhRY2lQ Zk5RUE9iTjByYWY3d2ZteDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCanPumgjxDOg8EU6tp6dW5MqrGf+fb/ajQlmGFK1nJL4bd4w2r0iGP IpkXNtnD2xOVmVbfL42eBV4VDilR5RippUaCkrdTFriJsJeXxOWsBf2EM9bsyD3c 9qiHPpN0gFga1OidCCX59Q5AY3z2Aqs2VHc8Hvxq0SEl3TfqaVqidaXavmHHu3nt v1yW20SqBWPFHv25HUkRKy9zuqg+PI0Qb/F+keAoXXWtETLOtHvWlgOfizVeMlF4 b1suZ0gehyuK3r2m+jBzir5zoIZaWWM6pY0Y4H3Jxa/zbdADrC6j4DE5lWvLI/R4 ks/8ABwrKZ6Tl8ZwvYJF0E6lXaIUGwXy -----END CERTIFICATE-----Generated at Sun Jun 15 08:28:01 2025 by rpki-client