$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft File: XhBeDvkNGLn6S4j640EMah3vcZA.mft (raw, json) Hash identifier: djtLYmZLm2P0omvBcOqwjwpYADTugpiHiatlCijLl0w= Subject key identifier: A6:D9:99:4B:0C:23:22:B1:60:E5:0A:CE:5B:7C:89:D5:4F:AB:22:C3 Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Certificate serial: 0BE3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft Manifest number: 0AA5 Signing time: Sat 14 Jun 2025 19:57:14 +0000 Manifest this update: Sat 14 Jun 2025 19:57:14 +0000 Manifest next update: Sat 21 Jun 2025 19:57:14 +0000 Files and hashes: 1: XhBeDvkNGLn6S4j640EMah3vcZA.crl (hash: PrJa8EeXRgHLaKpckgCxz+98Z6TvGyCdLvmnXF/NQJk=) 2: CED9053CE35211EDB7F6B44EC4F9AE02.roa (hash: JmnrBzA6dJ9YsMu7pz9xXLOAQrwChmETl1tBrYYwR4o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:57:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3043 (0xbe3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Validity Not Before: Jun 14 19:57:14 2025 GMT Not After : Jun 21 19:57:14 2025 GMT Subject: CN=684dd41a-9fe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:52:a4:86:39:3d:ff:0a:c7:1e:4e:ff:a2:ae: 2c:30:d2:fa:75:3e:56:ed:03:be:2e:5f:90:74:e1: ed:6a:e0:53:28:e1:8f:42:0d:da:b6:ea:73:c7:bc: 56:77:2a:95:ee:b2:2d:b1:15:e1:36:af:53:0e:db: 69:10:26:c9:10:74:a3:e3:e2:2e:2f:34:eb:12:0d: 38:ed:19:77:9f:ac:70:94:ff:6a:2d:87:08:84:98: 9e:5d:bf:c2:96:0d:b9:30:4b:97:45:1e:63:bd:08: db:08:ff:92:55:39:1b:c7:21:63:0a:39:71:61:ae: 81:4e:cb:b9:af:95:99:88:c3:d7:ff:a1:ca:83:a0: e4:97:e6:eb:67:51:98:f9:6b:5e:6d:fe:52:37:1f: 67:1c:d9:54:20:bf:71:b2:0d:b7:73:25:98:9e:8a: 8f:c8:c2:7d:28:ba:5d:9d:9a:c2:8c:6b:02:c2:d5: d3:bb:67:32:8e:69:18:aa:ad:33:a4:ba:31:31:94: 65:72:18:a2:f1:15:b1:b4:1e:9b:7a:3c:6e:02:b5: 52:3a:88:aa:d6:62:8a:e8:55:d9:3e:6f:ef:08:f2: f3:bf:e9:7c:b7:72:13:81:9b:7d:1c:15:51:5c:51: dd:62:8b:16:76:42:d3:9d:23:79:bf:a8:e0:82:7c: 12:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:D9:99:4B:0C:23:22:B1:60:E5:0A:CE:5B:7C:89:D5:4F:AB:22:C3 X509v3 Authority Key Identifier: keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:85:29:c0:a2:33:8f:c9:41:99:9e:e5:6d:a8:73:74:9e:9b: 84:b2:e8:ff:ec:25:8a:5c:62:09:0d:b2:4b:8f:44:0f:6f:96: 89:78:8d:e8:f2:06:6f:8f:2b:48:67:93:45:11:92:c8:c7:8b: 37:24:56:7b:4d:31:9b:d7:04:6c:52:99:cd:b6:0d:11:b4:e8: 0e:15:76:a8:1e:59:6b:77:c9:ec:55:4c:88:7e:65:52:3f:ff: 94:ff:30:d8:01:d2:8c:94:1e:80:cb:48:b5:70:7e:e9:34:07: 8a:e5:1b:eb:7d:5d:ed:eb:4b:dc:e0:02:9e:ff:9e:79:7c:26: cf:f6:5b:2e:9f:1b:2e:3d:b5:62:d0:73:82:9c:e3:13:90:3d: 16:4a:c1:c2:b1:e4:3a:5c:75:c3:ff:22:9a:c3:be:50:4c:fb: 31:80:26:ca:af:c0:bd:bc:38:e4:82:fd:25:95:a7:fc:72:1e: cd:b9:d5:ae:73:b1:54:ae:e7:db:77:ab:38:6c:ec:cd:53:c8: 8c:e0:b5:58:57:09:53:29:9a:32:9f:96:c1:e7:21:14:6a:07: 22:6d:26:9a:f3:0e:13:0b:21:d5:40:00:71:56:fb:04:aa:05: 6c:12:8f:13:04:41:13:40:7c:7e:1c:e5:75:f9:b7:8f:be:50: bb:b5:d1:2f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB MURFRjcxOTAwHhcNMjUwNjE0MTk1NzE0WhcNMjUwNjIxMTk1NzE0WjAYMRYwFAYD VQQDEw02ODRkZDQxYS05ZmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmlKkhjk9/wrHHk7/oq4sMNL6dT5W7QO+Ll+QdOHtauBTKOGPQg3atupzx7xW dyqV7rItsRXhNq9TDttpECbJEHSj4+IuLzTrEg047Rl3n6xwlP9qLYcIhJieXb/C lg25MEuXRR5jvQjbCP+SVTkbxyFjCjlxYa6BTsu5r5WZiMPX/6HKg6Dkl+brZ1GY +Wtebf5SNx9nHNlUIL9xsg23cyWYnoqPyMJ9KLpdnZrCjGsCwtXTu2cyjmkYqq0z pLoxMZRlchii8RWxtB6bejxuArVSOoiq1mKK6FXZPm/vCPLzv+l8t3ITgZt9HBVR XFHdYosWdkLTnSN5v6jggnwSwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKbZmUsM IyKxYOUKzlt8idVPqyLDMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjlFNy80NkFBRDZCMjkwNDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdM bjZTNGo2NDBFTWFoM3ZjWkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmhSnAojOPyUGZnuVtqHN0npuEsuj/7CWKXGIJDbJLj0QPb5aJeI3o 8gZvjytIZ5NFEZLIx4s3JFZ7TTGb1wRsUpnNtg0RtOgOFXaoHllrd8nsVUyIfmVS P/+U/zDYAdKMlB6Ay0i1cH7pNAeK5RvrfV3t60vc4AKe/555fCbP9lsunxsuPbVi 0HOCnOMTkD0WSsHCseQ6XHXD/yKaw75QTPsxgCbKr8C9vDjkgv0llaf8ch7NudWu c7FUrufbd6s4bOzNU8iM4LVYVwlTKZoyn5bB5yEUagcibSaa8w4TCyHVQABxVvsE qgVsEo8TBEETQHx+HOV1+bePvlC7tdEv -----END CERTIFICATE-----Generated at Sun Jun 15 09:41:42 2025 by rpki-client