$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft File: xvdY7N3EybD3LwZcNa1UaXQycRs.mft (raw, json) Hash identifier: UB6FA3uLNvNADG4jKxFxoHKEwR2/iHPyoluSmCK1ZSY= Subject key identifier: 1A:4C:13:1A:0A:2E:9F:B0:FF:06:27:70:2C:88:7C:80:35:BB:00:AE Authority key identifier: C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B Certificate issuer: /CN=A91E8DF5/serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft Manifest number: 1C Signing time: Fri 25 Apr 2025 06:52:57 +0000 Manifest this update: Fri 25 Apr 2025 06:52:57 +0000 Manifest next update: Fri 02 May 2025 06:52:57 +0000 Files and hashes: 1: xvdY7N3EybD3LwZcNa1UaXQycRs.crl (hash: zCd6QdQwAQ1FTAX04ZQQM7IZMD2ANRibVfF6L/+MzVk=) 2: 8F9B067EF96011EF89D9E37DC4F9AE02.roa (hash: 4xicYTfIpBlcbT4bo30LC6Nm4HBJiuCMbWamLoO1Mxw=) 3: 8F350932F96011EF89D9E37DC4F9AE02.roa (hash: QrMwRSBguV4orNsh3cQZbQ07gQlvv90Dwbi2fjX1Q5w=) 4: 8EB1E9BCF96011EF89D9E37DC4F9AE02.roa (hash: uACmOb3DyJDXLeU+cbuId37JJps39u5/fEOUHNceFpo=) 5: 8E321A2AF96011EF89D9E37DC4F9AE02.roa (hash: c/khpR0D5Q+6xT3VzBLeSnoQ2dSS6+k6yToKP9EsAdg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:52:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8DF5, serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Validity Not Before: Apr 25 06:52:57 2025 GMT Not After : May 2 06:52:57 2025 GMT Subject: CN=680b3149-0960 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:03:f2:69:68:c4:4d:ff:62:1f:9a:04:c6:ce: d2:06:86:5b:24:82:5f:04:03:7e:b8:c5:95:65:59: 35:ff:ba:5d:df:4b:21:89:37:6e:d7:20:b3:79:c5: 5d:ef:56:8b:5c:49:e5:23:e7:6c:dc:59:d8:1e:36: f0:f7:98:21:64:80:2a:15:4f:2b:bb:55:1e:ab:7d: c4:4b:68:f9:91:5a:38:27:ee:1b:c5:4b:61:c3:14: c3:27:64:c7:b9:d8:7d:30:af:04:73:73:4c:38:f1: 3a:56:cb:01:7d:4c:26:3a:00:60:88:e1:8d:69:5d: fe:e2:c0:a1:84:9b:a2:a5:d1:9a:25:45:cd:91:ae: ee:e0:e0:0f:bc:a9:9f:c8:36:34:ba:a2:39:16:81: 99:78:a3:9b:06:d9:f0:8f:27:18:2d:0b:be:f6:ba: e7:33:d4:54:8b:ea:f5:fc:46:0f:fd:23:ef:85:04: 39:dd:da:27:a8:2c:e1:df:c2:4f:d2:5c:4e:10:01: fa:ff:d1:de:78:41:18:1b:c5:8e:4c:5c:3f:35:19: 77:c8:2f:5a:4e:35:86:8f:73:7a:2e:c8:ea:f3:cb: a5:fd:0b:3a:b2:f7:ef:dc:62:29:cc:ae:87:63:51: c9:dc:5b:5b:45:15:69:20:b2:e9:b8:95:bf:33:00: 70:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:4C:13:1A:0A:2E:9F:B0:FF:06:27:70:2C:88:7C:80:35:BB:00:AE X509v3 Authority Key Identifier: keyid:C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:b9:5b:87:bf:aa:ae:3b:0a:e0:68:13:f4:10:36:10:9e:0b: 20:d1:65:a4:78:6b:ee:d9:30:71:58:6b:47:1e:68:6d:6c:1a: 33:37:5b:e8:08:dd:55:af:35:ca:0f:b2:f9:ad:9d:40:76:ac: ef:ea:88:25:e8:26:9f:ed:b9:9c:19:b5:8c:d4:12:44:8e:50: b4:d3:55:2b:a0:5e:97:45:fb:dd:2d:99:36:d4:ca:11:fa:59: e3:b0:99:e2:65:00:68:5b:3e:4c:9a:41:d1:97:0c:aa:91:3e: fe:f1:c6:62:3b:1f:ce:96:60:e4:03:41:07:61:3b:b8:d2:19: ea:1a:cb:33:98:7d:81:9e:e6:8a:dd:da:6d:7a:4d:8f:a5:6a: 6e:70:02:e3:85:a2:0c:c0:0a:d5:77:78:c7:e1:51:a6:b3:5d: c4:0a:f3:a4:a5:a1:3f:68:77:85:f0:1c:b0:23:1f:24:8a:42: ef:b4:b2:35:2d:df:54:03:c6:5f:4d:f2:b7:61:3c:0c:df:3d: 77:68:d9:15:2b:ff:7c:15:96:98:cb:52:87:f6:5e:04:bd:d2: 80:57:57:43:cd:b3:15:a4:58:b5:a9:1a:86:5e:09:84:2f:1d: 65:a4:8d:49:30:07:8a:02:22:06:31:14:1e:47:e6:35:a3:9c: 8a:62:a1:81 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OERGNTExMC8GA1UEBRMoQzZGNzU4RUNEREM0QzlCMEY3MkYwNjVDMzVBRDU0Njk3 NDMyNzExQjAeFw0yNTA0MjUwNjUyNTdaFw0yNTA1MDIwNjUyNTdaMBgxFjAUBgNV BAMTDTY4MGIzMTQ5LTA5NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+A/JpaMRN/2IfmgTGztIGhlskgl8EA364xZVlWTX/ul3fSyGJN27XILN5xV3v VotcSeUj52zcWdgeNvD3mCFkgCoVTyu7VR6rfcRLaPmRWjgn7hvFS2HDFMMnZMe5 2H0wrwRzc0w48TpWywF9TCY6AGCI4Y1pXf7iwKGEm6Kl0ZolRc2Rru7g4A+8qZ/I NjS6ojkWgZl4o5sG2fCPJxgtC772uucz1FSL6vX8Rg/9I++FBDnd2ieoLOHfwk/S XE4QAfr/0d54QRgbxY5MXD81GXfIL1pONYaPc3ouyOrzy6X9Czqy9+/cYinMrodj UcncW1tFFWkgsum4lb8zAHBpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGkwTGgou n7D/BidwLIh8gDW7AK4wHwYDVR0jBBgwFoAUxvdY7N3EybD3LwZcNa1UaXQycRsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1LzMxRTBGMTZBRjk2 MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJEM0x3WmNOYTFVYVhReWNS cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveHZkWTdOM0V5YkQzTHdaY05hMVVhWFF5Y1JzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 REY1LzMxRTBGMTZBRjk2MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJE M0x3WmNOYTFVYVhReWNScy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKa5W4e/qq47CuBoE/QQNhCeCyDRZaR4a+7ZMHFYa0ceaG1sGjM3W+gI 3VWvNcoPsvmtnUB2rO/qiCXoJp/tuZwZtYzUEkSOULTTVSugXpdF+90tmTbUyhH6 WeOwmeJlAGhbPkyaQdGXDKqRPv7xxmI7H86WYOQDQQdhO7jSGeoayzOYfYGe5ord 2m16TY+lam5wAuOFogzACtV3eMfhUaazXcQK86SloT9od4XwHLAjHySKQu+0sjUt 31QDxl9N8rdhPAzfPXdo2RUr/3wVlpjLUof2XgS90oBXV0PNsxWkWLWpGoZeCYQv HWWkjUkwB4oCIgYxFB5H5jWjnIpioYE= -----END CERTIFICATE-----Generated at Sat Apr 26 15:04:35 2025 by rpki-client