$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft File: XmtaBob1a6DA93-zvzGzhWMiCCQ.mft (raw, json) Hash identifier: usBeXClrkjyJBreFzdZ1a0L0/RxRnzd+tDmvxdRwwvw= Subject key identifier: 88:46:37:A3:1C:AA:F2:29:A1:74:BA:AF:6D:EC:FC:41:65:E2:4D:B3 Authority key identifier: 5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 Certificate issuer: /CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Certificate serial: 22D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft Manifest number: 22B8 Signing time: Thu 24 Apr 2025 15:52:51 +0000 Manifest this update: Thu 24 Apr 2025 15:52:51 +0000 Manifest next update: Thu 01 May 2025 15:52:51 +0000 Files and hashes: 1: XmtaBob1a6DA93-zvzGzhWMiCCQ.crl (hash: jCZ2Y3+nOopw3t2jf6qpQIdSQgcJWsrB1mLLU/i88WM=) 2: 44C007B0A0D611EDA2603C4EC4F9AE02.roa (hash: 0vCf/xwV9KMenpxoQYxOfrnjClEJSXbTz5F/3QVeMUQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:52:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8913 (0x22d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FE107, serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Validity Not Before: Apr 24 15:52:51 2025 GMT Not After : May 1 15:52:51 2025 GMT Subject: CN=680a5e53-9061 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:68:bd:6b:10:5f:bf:d8:24:fe:07:4b:5a:e0: 44:17:8b:ed:a3:03:8c:19:9b:ba:6b:58:85:89:fb: 62:f9:0e:f9:8f:3d:0d:3a:6a:b8:10:a7:0a:b1:d7: af:89:80:e7:cc:51:7b:ed:37:66:5e:3e:4b:cd:09: e8:81:97:72:b1:c9:b2:8d:db:96:56:e3:ac:02:e8: 2f:f1:7a:e1:90:69:45:aa:8a:b4:da:77:7a:f3:d7: 25:e4:d5:8e:6e:88:ee:77:54:fc:a9:7d:0b:50:d5: 6b:e8:26:89:9e:ca:51:d0:b9:99:60:b3:3b:fe:22: 7c:e6:00:ee:d4:4b:7e:47:6b:19:8b:8a:2a:7b:6a: 67:da:88:f4:2f:46:6e:65:38:88:89:ab:a2:a8:f3: 1e:68:dc:b0:86:19:5b:0a:41:22:44:ee:20:0a:45: 8e:bc:9e:55:f6:4e:d4:7a:4e:3f:d5:a8:e9:0d:6a: b5:91:cf:4d:2c:6f:51:51:37:40:35:0a:c8:bf:32: 64:ee:34:88:c7:f2:dd:c8:60:95:f5:2e:74:83:86: 0d:68:6b:d5:c6:56:d3:22:17:9c:eb:ec:0e:3c:e1: 6f:aa:0b:2e:b2:a6:0b:f8:04:7d:66:05:77:1d:3f: 89:61:c1:22:44:7a:4e:f3:9d:ee:bb:58:2e:d5:41: 26:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:46:37:A3:1C:AA:F2:29:A1:74:BA:AF:6D:EC:FC:41:65:E2:4D:B3 X509v3 Authority Key Identifier: keyid:5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:cf:44:c8:fd:fd:05:8e:8d:63:84:fd:a5:b9:92:fb:28:73: 39:af:3d:5d:0c:94:71:35:83:2a:48:39:20:65:44:94:2a:fd: 66:df:30:8b:87:88:3f:99:86:27:67:a2:78:d9:7e:df:39:82: cd:28:a8:3e:68:e4:39:7f:85:ee:85:4d:c9:0f:a6:19:4b:63: 97:ed:09:17:70:2d:6f:f9:e7:e4:d2:ff:7f:11:d7:0d:9f:44: 12:cc:f8:29:78:6a:24:48:23:ec:62:75:f5:6e:d4:87:30:a5: ed:d5:ad:fc:ce:9e:0a:51:3e:9c:21:7b:e3:9e:fb:77:58:7e: 7b:bb:ed:db:e0:a1:68:bc:a9:a1:fb:43:c4:08:19:60:cc:47: f7:45:05:dd:b0:01:6f:70:ad:b7:1c:ca:69:8f:a8:62:ff:9f: e3:20:c5:a4:00:cb:ed:36:ed:e3:ce:0c:0e:c4:5f:7b:9c:08: d9:30:19:64:ce:57:56:94:bb:1e:de:99:37:ab:22:0f:a4:a8: 38:a0:39:89:29:52:8d:71:14:40:24:5a:44:d8:19:91:4f:f7: 3f:24:24:58:f6:28:b6:d0:51:da:60:dd:0b:85:cb:f9:6e:e5: d4:3a:d0:4d:74:8b:20:77:1e:fd:25:d6:cc:e3:5c:a2:7f:82: 38:d9:b7:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICItEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkUxMDcxMTAvBgNVBAUTKDVFNkI1QTA2ODZGNTZCQTBDMEY3N0ZCM0JGMzFCMzg1 NjMyMjA4MjQwHhcNMjUwNDI0MTU1MjUxWhcNMjUwNTAxMTU1MjUxWjAYMRYwFAYD VQQDEw02ODBhNWU1My05MDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyWi9axBfv9gk/gdLWuBEF4vtowOMGZu6a1iFifti+Q75jz0NOmq4EKcKsdev iYDnzFF77TdmXj5LzQnogZdyscmyjduWVuOsAugv8XrhkGlFqoq02nd689cl5NWO bojud1T8qX0LUNVr6CaJnspR0LmZYLM7/iJ85gDu1Et+R2sZi4oqe2pn2oj0L0Zu ZTiIiauiqPMeaNywhhlbCkEiRO4gCkWOvJ5V9k7Uek4/1ajpDWq1kc9NLG9RUTdA NQrIvzJk7jSIx/LdyGCV9S50g4YNaGvVxlbTIhec6+wOPOFvqgsusqYL+AR9ZgV3 HT+JYcEiRHpO853uu1gu1UEmyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhGN6Mc qvIpoXS6r23s/EFl4k2zMB8GA1UdIwQYMBaAFF5rWgaG9WugwPd/s78xs4VjIggk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTEwNy9FRTM1QzQ0NjlF NjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2REE5My16dnpHemhXTWlD Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1htdGFCb2IxYTZEQTkzLXp2ekd6aFdNaUNDUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RTEwNy9FRTM1QzQ0NjlFNjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2 REE5My16dnpHemhXTWlDQ1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdz0TI/f0Fjo1jhP2luZL7KHM5rz1dDJRxNYMqSDkgZUSUKv1m3zCL h4g/mYYnZ6J42X7fOYLNKKg+aOQ5f4XuhU3JD6YZS2OX7QkXcC1v+efk0v9/EdcN n0QSzPgpeGokSCPsYnX1btSHMKXt1a38zp4KUT6cIXvjnvt3WH57u+3b4KFovKmh +0PECBlgzEf3RQXdsAFvcK23HMppj6hi/5/jIMWkAMvtNu3jzgwOxF97nAjZMBlk zldWlLse3pk3qyIPpKg4oDmJKVKNcRRAJFpE2BmRT/c/JCRY9ii20FHaYN0Lhcv5 buXUOtBNdIsgdx79JdbM41yif4I42bew -----END CERTIFICATE-----Generated at Sat Apr 26 12:33:36 2025 by rpki-client