$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft File: XhBeDvkNGLn6S4j640EMah3vcZA.mft (raw, json) Hash identifier: 7cCDnVwHolph+HNhQC+bo4zbyabEyxAFDE63ssW0zuE= Subject key identifier: 21:49:78:45:11:86:F4:E7:6D:72:11:52:1D:D5:C6:38:48:B8:B8:AA Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Certificate serial: 0BC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft Manifest number: 0A8B Signing time: Thu 24 Apr 2025 20:04:23 +0000 Manifest this update: Thu 24 Apr 2025 20:04:23 +0000 Manifest next update: Thu 01 May 2025 20:04:23 +0000 Files and hashes: 1: XhBeDvkNGLn6S4j640EMah3vcZA.crl (hash: zlbR/DIMlZRokYi0fw/gI15KWLEO7VE5vbiVIzCvt7s=) 2: CED9053CE35211EDB7F6B44EC4F9AE02.roa (hash: JmnrBzA6dJ9YsMu7pz9xXLOAQrwChmETl1tBrYYwR4o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:04:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3017 (0xbc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Validity Not Before: Apr 24 20:04:23 2025 GMT Not After : May 1 20:04:23 2025 GMT Subject: CN=680a9947-f9dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:75:28:26:d8:0a:65:42:94:fb:34:6d:e7:73: 56:88:27:17:ad:09:47:79:15:cf:f8:80:2a:ed:f0: f3:03:d7:2f:56:3d:fa:8d:fd:42:b2:c7:3c:3f:b0: ba:f2:60:c6:ad:a5:30:c6:76:e0:65:bf:2c:9a:f6: 28:65:e4:72:34:58:d1:a2:73:d4:a6:b3:22:2e:48: 44:80:65:66:1a:3d:1e:4b:bc:08:fb:12:2c:a6:38: 06:92:85:17:a5:fb:1b:c1:88:21:9f:81:c6:22:f7: 1d:b7:6b:a8:e5:1c:79:01:22:76:53:32:fb:b0:1d: d0:c4:ec:81:16:ca:2a:c7:e5:4a:bd:e6:e0:e2:9b: 7f:47:c9:f5:1a:38:92:e8:ee:9a:6a:30:5a:1a:07: 2f:53:94:f8:4a:7e:d8:de:e4:26:8b:c3:e4:93:95: d1:54:e1:ac:94:1e:08:ee:a1:e6:85:b5:83:56:8e: 03:b5:94:2d:19:07:26:97:c6:d9:a3:3c:df:a6:8c: 67:a7:64:46:9e:04:cf:c2:c7:40:96:2e:57:66:28: d6:ef:77:7c:b0:ce:9d:13:67:fd:3b:48:50:75:67: 16:0c:db:4f:e4:fe:52:5d:57:d5:3f:bd:1f:28:a6: 82:7b:61:07:d3:36:4e:ad:37:47:8f:dc:c6:65:5d: ec:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:49:78:45:11:86:F4:E7:6D:72:11:52:1D:D5:C6:38:48:B8:B8:AA X509v3 Authority Key Identifier: keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:5c:48:39:ce:4d:c0:58:cc:61:3b:bd:75:d3:06:26:78:2f: 48:0c:4c:27:54:1d:b3:e3:e8:3e:ff:69:67:0a:18:68:41:58: 2e:c2:b1:32:d2:dd:3a:d7:20:8b:d1:1e:88:a3:6d:9f:18:8e: e9:6b:0b:43:7b:41:e4:df:8a:c3:94:b9:86:6d:3f:c2:ae:90: 33:4b:45:81:50:f2:4e:ed:63:52:e8:76:95:de:db:64:da:c8: a1:bd:ae:c1:ac:4b:36:36:c0:49:e5:54:4c:6a:5b:b1:0c:08: 98:b2:1c:70:43:31:64:da:cc:6d:36:26:1f:91:6a:54:1e:27: a0:52:58:ff:b7:62:87:ec:65:e0:47:58:17:22:b5:70:0c:e9: 72:27:16:99:c8:c5:92:12:c3:97:a8:c8:48:30:35:7e:e9:5a: 97:3f:bf:53:fb:2b:d5:2d:e6:15:05:5b:c8:e7:92:69:46:93: f9:be:0f:ff:ba:2d:0f:43:09:d7:43:58:96:48:f2:dc:8c:32: 2f:7c:7d:de:eb:40:95:e1:9d:ac:6a:77:ed:43:03:77:c3:bc: 1d:b5:1d:28:f9:69:41:f6:63:5c:66:76:ad:ce:87:e2:09:a7: 24:2e:a4:cc:28:2d:2b:2f:9c:0a:48:b6:4f:1d:75:7e:9d:0f: ed:d8:a6:4f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB MURFRjcxOTAwHhcNMjUwNDI0MjAwNDIzWhcNMjUwNTAxMjAwNDIzWjAYMRYwFAYD VQQDEw02ODBhOTk0Ny1mOWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnnUoJtgKZUKU+zRt53NWiCcXrQlHeRXP+IAq7fDzA9cvVj36jf1Cssc8P7C6 8mDGraUwxnbgZb8smvYoZeRyNFjRonPUprMiLkhEgGVmGj0eS7wI+xIspjgGkoUX pfsbwYghn4HGIvcdt2uo5Rx5ASJ2UzL7sB3QxOyBFsoqx+VKvebg4pt/R8n1GjiS 6O6aajBaGgcvU5T4Sn7Y3uQmi8Pkk5XRVOGslB4I7qHmhbWDVo4DtZQtGQcml8bZ ozzfpoxnp2RGngTPwsdAli5XZijW73d8sM6dE2f9O0hQdWcWDNtP5P5SXVfVP70f KKaCe2EH0zZOrTdHj9zGZV3s/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFJeEUR hvTnbXIRUh3VxjhIuLiqMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjlFNy80NkFBRDZCMjkwNDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdM bjZTNGo2NDBFTWFoM3ZjWkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgXEg5zk3AWMxhO7110wYmeC9IDEwnVB2z4+g+/2lnChhoQVguwrEy 0t061yCL0R6Io22fGI7pawtDe0Hk34rDlLmGbT/CrpAzS0WBUPJO7WNS6HaV3ttk 2sihva7BrEs2NsBJ5VRMaluxDAiYshxwQzFk2sxtNiYfkWpUHiegUlj/t2KH7GXg R1gXIrVwDOlyJxaZyMWSEsOXqMhIMDV+6VqXP79T+yvVLeYVBVvI55JpRpP5vg// ui0PQwnXQ1iWSPLcjDIvfH3e60CV4Z2sanftQwN3w7wdtR0o+WlB9mNcZnatzofi CackLqTMKC0rL5wKSLZPHXV+nQ/t2KZP -----END CERTIFICATE-----Generated at Sat Apr 26 14:19:03 2025 by rpki-client