$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: uZ9kxTq8iZuRiyjbPq/WHM74mTV2a8Kh5a0L757ztzk= Subject key identifier: 2C:96:CC:12:2B:81:D7:87:05:E0:F0:76:06:B4:F1:60:19:DB:8B:48 Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 02A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 029D Signing time: Fri 25 Apr 2025 01:16:08 +0000 Manifest this update: Fri 25 Apr 2025 01:16:08 +0000 Manifest next update: Fri 02 May 2025 01:16:08 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: 7ndo6Qa+yCCfM4kCc0BbDBDVSJPJoM3s08GvFhQmWtE=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: jZodcyxZ4nUw78pUbwh5qrFajwuNLHaye10ReDwTgoQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:16:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 674 (0x2a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2, serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: Apr 25 01:16:08 2025 GMT Not After : May 2 01:16:08 2025 GMT Subject: CN=680ae258-2f27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:96:ab:b7:7a:0e:0c:b9:ad:54:e3:b5:06:4b: 97:56:42:39:e5:78:0d:8a:ec:0e:bc:7a:af:d2:03: 1b:bf:90:c7:9f:84:da:9a:c1:14:e4:fc:3b:2b:ad: e5:ab:52:ec:8e:f6:98:55:fc:78:48:79:bf:f5:79: 5b:36:2e:55:4d:55:44:b3:36:0b:aa:e9:04:28:a0: f5:ce:64:86:85:a4:8b:9d:e5:ac:8f:00:da:53:7b: e4:db:56:2d:d1:0b:b1:b9:5f:ec:0d:2f:a7:47:4b: 8b:9e:e9:df:e2:4a:83:99:42:16:ab:dd:15:01:11: d7:0c:1d:9d:5c:1a:99:04:b1:93:fd:77:2b:75:bc: a0:1f:e2:1e:ef:f2:af:1f:fe:19:f2:9a:10:4c:a1: ac:70:48:8e:84:51:8f:1a:26:42:e9:e5:76:a9:8c: c0:9c:55:36:94:7a:07:24:09:4b:04:77:57:bb:91: f1:b5:ed:ac:b2:83:67:31:3d:11:53:0b:6d:bf:d5: b5:13:01:40:11:dd:63:ef:b0:94:ef:bd:ab:e2:d4: c6:d0:7d:2b:3e:ac:ce:fe:c6:c2:1b:72:4c:c4:58: 6a:90:1e:56:eb:bd:63:9b:26:7c:4f:c0:37:24:55: 9c:fa:e4:2a:6c:42:c2:31:2f:ed:ba:f6:b9:4e:0d: 8d:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:96:CC:12:2B:81:D7:87:05:E0:F0:76:06:B4:F1:60:19:DB:8B:48 X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:96:05:d9:d7:a7:60:05:97:b8:95:08:47:8b:7c:a8:2a:8c: 55:ab:5d:ee:8c:17:63:d3:10:7e:c0:77:fc:bc:a4:f3:af:71: 9e:f6:2b:e0:a3:3c:e0:e4:16:c9:f2:89:0a:79:fe:b9:ac:98: 8a:5f:b5:19:70:8c:6d:1b:c3:4f:13:9b:eb:2a:c8:d6:fe:62: a4:c5:e6:f3:c3:94:61:c7:24:e2:94:5d:ad:6c:81:e7:90:ac: 12:f0:6e:03:45:57:0a:32:ac:5d:5f:b1:9a:ae:83:86:81:1d: 0c:bb:e4:87:60:5a:3c:24:da:04:31:76:6b:33:25:2f:7a:0d: ed:9f:7c:a8:39:cb:c0:ac:fe:01:74:48:00:cd:a8:a5:f4:b0: a7:dc:69:f2:df:6d:1f:6c:96:c3:85:c8:30:4f:f2:37:0c:79: 66:33:4d:d6:f0:33:2b:6c:bd:55:b6:66:8d:00:42:c0:3e:08: 1f:b3:56:fe:94:59:fd:af:2e:83:11:65:c5:98:29:56:49:a9: 4a:c8:c9:db:52:ae:d3:c7:f4:14:9f:d4:ab:a2:84:68:49:f0: 4c:58:e6:f0:11:d4:54:59:d9:64:6c:10:e1:3f:70:74:ea:9b: 19:81:5d:2a:bf:09:dd:c5:65:33:69:fb:d9:f0:2b:eb:b2:cf: 74:b5:50:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjUwNDI1MDExNjA4WhcNMjUwNTAyMDExNjA4WjAYMRYwFAYD VQQDEw02ODBhZTI1OC0yZjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1part3oODLmtVOO1BkuXVkI55XgNiuwOvHqv0gMbv5DHn4TamsEU5Pw7K63l q1LsjvaYVfx4SHm/9XlbNi5VTVVEszYLqukEKKD1zmSGhaSLneWsjwDaU3vk21Yt 0QuxuV/sDS+nR0uLnunf4kqDmUIWq90VARHXDB2dXBqZBLGT/XcrdbygH+Ie7/Kv H/4Z8poQTKGscEiOhFGPGiZC6eV2qYzAnFU2lHoHJAlLBHdXu5Hxte2ssoNnMT0R Uwttv9W1EwFAEd1j77CU772r4tTG0H0rPqzO/sbCG3JMxFhqkB5W671jmyZ8T8A3 JFWc+uQqbELCMS/tuva5Tg2NEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCyWzBIr gdeHBeDwdga08WAZ24tIMB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVlgXZ16dgBZe4lQhHi3yoKoxVq13ujBdj0xB+wHf8vKTzr3Ge9ivg ozzg5BbJ8okKef65rJiKX7UZcIxtG8NPE5vrKsjW/mKkxebzw5RhxyTilF2tbIHn kKwS8G4DRVcKMqxdX7GaroOGgR0Mu+SHYFo8JNoEMXZrMyUveg3tn3yoOcvArP4B dEgAzail9LCn3Gny320fbJbDhcgwT/I3DHlmM03W8DMrbL1VtmaNAELAPggfs1b+ lFn9ry6DEWXFmClWSalKyMnbUq7Tx/QUn9SrooRoSfBMWObwEdRUWdlkbBDhP3B0 6psZgV0qvwndxWUzafvZ8Cvrss90tVAg -----END CERTIFICATE-----Generated at Sat Apr 26 12:34:45 2025 by rpki-client