$ rpki-client -vvf rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft File: XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft (raw, json) Hash identifier: 3OcoKmYpbNNDXPuUOedpxQUMfDATWJqTOGMXNSb5IRQ= Subject key identifier: 9F:94:5D:3E:2B:1B:97:AF:DB:E0:A5:74:F6:2A:D3:40:B1:20:61:27 Authority key identifier: 5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30 Certificate issuer: /CN=A919A998/serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930 Certificate serial: 0CF4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft Manifest number: 0CCD Signing time: Wed 14 May 2025 18:17:16 +0000 Manifest this update: Wed 14 May 2025 18:17:15 +0000 Manifest next update: Wed 21 May 2025 18:17:15 +0000 Files and hashes: 1: XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl (hash: s/Z7s8lPySyTx8LqtxakUgjpMKEldOBoskszg5+BuR4=) 2: 6EA46446646511EFA9435879C4F9AE02.roa (hash: wKDEdStmrZZfi1N+sozcMYpUpj9M6UZTKjL7qa1uJ/0=) 3: 65DCB430F25A11E9937D9D73C4F9AE02.roa (hash: gaKPScXkAxsuY8VAZ/bdwS1+gAnXATdqGjlvtSNl84I=) 4: 3BC4C576426D11EFAD9E7D10C4F9AE02.roa (hash: 9VMgA4YRxMIjWK/lK97cgRReFAG7X/1dXoRMnmEvJtU=) 5: 653CF2F6F25A11E9937D9D73C4F9AE02.roa (hash: OIcrwBZfO0r9AZzqec0EZieuFLydO0IeQ37B1ozdZjo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 18:17:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3316 (0xcf4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A998, serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930 Validity Not Before: May 14 18:17:15 2025 GMT Not After : May 21 18:17:15 2025 GMT Subject: CN=6824de2c-bd96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:ba:bf:b5:e7:c8:13:04:b2:05:89:ba:12:52: 29:a5:3e:45:73:b2:75:6f:e3:4d:73:94:da:08:64: 3b:db:e4:e3:f5:9a:17:61:52:e0:1b:ef:2b:e0:7d: 9d:b1:5f:bc:e9:72:6f:26:72:ba:ed:de:f7:58:a1: 1e:13:26:ea:c7:90:fa:76:e1:e7:b0:d3:8d:da:18: 9a:64:ff:9b:00:2c:9f:45:80:fc:86:0c:f2:2e:a0: a2:c9:5c:1b:26:d5:42:40:15:d6:90:d8:08:e4:26: 9e:eb:62:45:8b:e2:f1:cc:6b:63:6c:f9:27:92:99: 7f:e3:43:c7:48:46:a0:50:81:76:50:ad:94:8f:72: a8:6c:72:32:fc:b4:7e:39:2a:07:cf:c7:2e:00:83: 96:83:79:56:12:35:ed:b1:c2:d8:59:99:b7:f0:10: c1:cc:02:13:88:b4:a0:4f:d4:20:34:81:b7:76:db: d4:33:f9:09:8e:74:81:eb:a6:2e:bd:7f:99:a0:f4: 7e:f5:f2:a4:4c:65:7c:0a:b0:24:58:5d:c7:ce:c1: f5:a2:29:1a:d6:c8:f0:2c:4b:19:ae:92:40:10:c8: aa:b6:f4:77:46:15:6f:8b:ec:68:7d:8e:42:93:71: 6b:39:1a:bd:21:5c:ea:3b:c3:21:a9:69:8f:a4:c9: 76:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:94:5D:3E:2B:1B:97:AF:DB:E0:A5:74:F6:2A:D3:40:B1:20:61:27 X509v3 Authority Key Identifier: keyid:5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:b8:8b:f2:67:d6:2b:c4:e6:e2:4f:a8:ab:61:1b:b5:9b:19: 4b:56:cc:cf:cb:d9:d8:e2:17:f0:d2:45:0a:30:41:c7:e3:dd: 86:02:34:89:85:89:9a:89:c0:38:fe:3f:59:73:d4:f0:fe:28: ca:ad:a8:e6:56:61:ac:c3:e4:59:dc:f7:f6:64:b6:c6:81:c5: 56:c9:52:45:3f:cf:f8:e3:91:15:bc:ff:18:13:10:10:d8:65: 27:67:04:4e:0d:38:18:d0:0e:8c:25:77:e1:c4:08:3e:ab:1a: d8:5b:7d:dd:1c:07:b0:f2:fd:85:13:9a:49:23:05:ca:d5:85: a2:17:ae:df:af:6e:19:3e:de:5f:27:26:dc:19:24:32:8c:de: 0d:44:6e:b4:d3:0c:c1:5e:68:b7:7a:14:bc:c5:fc:31:27:51: 53:b1:42:da:dd:d2:87:fd:8b:d6:fe:d4:f7:82:70:65:88:73: c9:02:0d:6f:f1:6d:c0:d0:7e:f1:b5:5e:94:7f:a1:a9:f6:38: 87:88:67:f4:20:bf:13:77:e7:54:2c:24:49:9d:9d:ac:68:a0: b0:eb:f4:c3:b0:03:9c:55:90:d3:7c:b9:ef:84:31:b7:13:ff: 4b:a5:53:78:ac:d2:e9:4f:0b:73:31:da:1b:df:34:41:fd:2a: 0a:ae:6a:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE5OTgxMTAvBgNVBAUTKDVFQTFBN0I4MDJFN0U3RUZDNzdDQTFBMzhFNTJGNzJB Q0Q0NjM5MzAwHhcNMjUwNTE0MTgxNzE1WhcNMjUwNTIxMTgxNzE1WjAYMRYwFAYD VQQDEw02ODI0ZGUyYy1iZDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+bq/tefIEwSyBYm6ElIppT5Fc7J1b+NNc5TaCGQ72+Tj9ZoXYVLgG+8r4H2d sV+86XJvJnK67d73WKEeEybqx5D6duHnsNON2hiaZP+bACyfRYD8hgzyLqCiyVwb JtVCQBXWkNgI5Cae62JFi+LxzGtjbPknkpl/40PHSEagUIF2UK2Uj3KobHIy/LR+ OSoHz8cuAIOWg3lWEjXtscLYWZm38BDBzAITiLSgT9QgNIG3dtvUM/kJjnSB66Yu vX+ZoPR+9fKkTGV8CrAkWF3HzsH1oika1sjwLEsZrpJAEMiqtvR3RhVvi+xofY5C k3FrORq9IVzqO8MhqWmPpMl2GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ+UXT4r G5ev2+CldPYq00CxIGEnMB8GA1UdIwQYMBaAFF6hp7gC5+fvx3yho45S9yrNRjkw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTk5OC9BQjM0RkJENEYy NTgxMUU5Qjc1RTNDNzBDNEY5QUUwMi9YcUdudUFMbjUtX0hmS0dqamxMM0tzMUdP VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hxR251QUxuNS1fSGZLR2pqbEwzS3MxR09UQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTk5OC9BQjM0RkJENEYyNTgxMUU5Qjc1RTNDNzBDNEY5QUUwMi9YcUdudUFMbjUt X0hmS0dqamxMM0tzMUdPVEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC7uIvyZ9YrxObiT6irYRu1mxlLVszPy9nY4hfw0kUKMEHH492GAjSJ hYmaicA4/j9Zc9Tw/ijKrajmVmGsw+RZ3Pf2ZLbGgcVWyVJFP8/445EVvP8YExAQ 2GUnZwRODTgY0A6MJXfhxAg+qxrYW33dHAew8v2FE5pJIwXK1YWiF67fr24ZPt5f JybcGSQyjN4NRG600wzBXmi3ehS8xfwxJ1FTsULa3dKH/YvW/tT3gnBliHPJAg1v 8W3A0H7xtV6Uf6Gp9jiHiGf0IL8Td+dULCRJnZ2saKCw6/TDsAOcVZDTfLnvhDG3 E/9LpVN4rNLpTwtzMdob3zRB/SoKrmrj -----END CERTIFICATE-----Generated at Fri May 16 06:53:48 2025 by rpki-client