$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: ELtNmu4vZ54bX8SJMW2PVqjiExUWtxjAnK43sMO0TsI= Subject key identifier: 7B:1A:8A:4C:28:79:2B:CC:2C:CF:B2:78:52:25:72:D9:66:8D:BA:95 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 07F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07BE Signing time: Wed 02 Jul 2025 21:39:23 +0000 Manifest this update: Wed 02 Jul 2025 21:39:22 +0000 Manifest next update: Wed 09 Jul 2025 21:39:22 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: y7kYn6C+CE4yx/elyZ+KLxrVpeUKsB9yA6ujwg1muKE=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: Z0HHcyxz7rmGLBYwcIWDSL9D03AdZbtYiS469aOTikg=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: AOyufc93Chw9bEWHvFa0LDI+LOdW3FqSZFo43ILQvd0=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: ZpHbYhB9ExSCJ+11c8ap/OdAIsKxszdOCjimKJQDTek=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: ftDRlCPQKF+Ib5B7VJZrq540hqlVUdTm8Q2C4Ih+cM8=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HxA8u7nmZWUr6BPYIZAwMw8J3pQQtwxfZZvWeTi7tWI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: YABaqUWE/JPdcjinbFv0PWoHHYymCq6aO+ylU5Xzjo0=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: XhE6x9E/aZ957HcPZHgLlj7Fv56GEXE7hy1IWMNgX6M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 21:39:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2036 (0x7f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Jul 2 21:39:22 2025 GMT Not After : Jul 9 21:39:22 2025 GMT Subject: CN=6865a70a-ecf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:01:e0:af:b9:28:41:a9:fb:9e:84:2b:0b:4c: f6:dd:e2:fd:93:2f:9f:55:a6:f7:2a:d8:dd:84:67: 93:21:39:4c:14:85:29:72:15:44:c1:47:58:ca:f9: 3f:5a:4d:b0:0d:d6:77:ee:8b:a8:5e:f9:fb:70:d2: d0:86:33:a5:d5:6e:80:18:09:df:fa:71:58:27:da: 4e:65:d3:92:8e:83:07:08:d4:4d:9b:36:2e:a5:14: 27:23:9f:16:02:ef:4e:ca:bb:31:e4:6c:a4:79:c0: 92:35:c9:39:76:f6:f3:bd:a4:4a:d3:50:7c:b1:13: be:4d:5d:a4:b2:f3:91:85:5d:5c:8b:ab:b1:06:d6: 46:d3:c8:00:83:2f:d3:13:3d:b2:51:1b:6d:8c:07: b4:6b:18:d6:a6:81:0d:4e:26:1e:77:fe:cf:18:59: 44:6f:28:2a:76:3c:d4:f3:d4:c8:39:e9:6f:cc:cf: 84:f4:30:24:4d:b8:b5:60:42:db:96:21:7f:08:df: 5e:b6:96:54:41:d9:48:6e:60:3c:19:51:6e:77:7b: f4:7f:88:4d:12:13:57:c1:50:a1:ad:82:6f:16:89: 68:3d:e8:da:c0:0a:5c:57:2f:7e:7e:f1:fa:20:6f: d6:c9:81:e7:c2:91:19:29:fd:3c:2f:8f:6b:e2:55: 61:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:1A:8A:4C:28:79:2B:CC:2C:CF:B2:78:52:25:72:D9:66:8D:BA:95 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:f9:c0:0d:dd:c4:8f:2d:0a:fc:6d:56:f3:38:23:9c:1d:6e: 6b:87:b3:73:eb:c6:6a:0d:a2:a3:93:59:2d:32:75:db:fb:c8: 8e:06:bc:08:86:d2:4e:e2:b9:78:54:b9:0c:cd:de:31:b6:b1: 8a:83:fd:75:5f:db:d8:d1:a7:f4:10:b5:20:f6:72:b1:4c:cb: 6c:77:65:38:71:87:37:51:69:f8:02:83:0d:f5:74:59:fa:40: 8a:1f:1f:33:31:af:7c:e8:60:6f:c2:fd:16:0e:fb:c6:95:9c: 0d:70:03:f9:5a:d0:6e:33:5f:5d:10:28:5e:98:5c:3a:14:06: 44:98:d3:dc:c4:c6:61:fb:b5:cc:f0:05:84:c4:3f:41:4b:af: 15:9d:ec:05:86:56:f4:e0:bf:ff:4e:c5:97:56:bd:3b:da:a3: d8:6a:70:9e:3a:d8:34:52:ee:9c:e9:9b:34:1e:aa:52:bb:5e: f5:9d:cf:2e:28:02:f0:61:f0:53:53:5a:84:0d:02:26:f2:22: e1:99:9c:bd:6c:15:f0:4a:50:46:3a:5b:a6:2d:a7:d9:c4:ad: dd:7b:2f:e7:99:1b:69:e6:3d:54:ba:35:e5:45:d3:9c:3e:0b: a1:76:9b:df:cc:26:01:dd:1b:cb:55:a7:c5:89:32:91:5e:bb: a1:e6:78:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwNzAyMjEzOTIyWhcNMjUwNzA5MjEzOTIyWjAYMRYwFAYD VQQDEw02ODY1YTcwYS1lY2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxwHgr7koQan7noQrC0z23eL9ky+fVab3KtjdhGeTITlMFIUpchVEwUdYyvk/ Wk2wDdZ37ouoXvn7cNLQhjOl1W6AGAnf+nFYJ9pOZdOSjoMHCNRNmzYupRQnI58W Au9Oyrsx5GykecCSNck5dvbzvaRK01B8sRO+TV2ksvORhV1ci6uxBtZG08gAgy/T Ez2yURttjAe0axjWpoENTiYed/7PGFlEbygqdjzU89TIOelvzM+E9DAkTbi1YELb liF/CN9etpZUQdlIbmA8GVFud3v0f4hNEhNXwVChrYJvFoloPejawApcVy9+fvH6 IG/WyYHnwpEZKf08L49r4lVhbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHsaikwo eSvMLM+yeFIlctlmjbqVMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBd+cAN3cSPLQr8bVbzOCOcHW5rh7Nz68ZqDaKjk1ktMnXb+8iOBrwI htJO4rl4VLkMzd4xtrGKg/11X9vY0af0ELUg9nKxTMtsd2U4cYc3UWn4AoMN9XRZ +kCKHx8zMa986GBvwv0WDvvGlZwNcAP5WtBuM19dEChemFw6FAZEmNPcxMZh+7XM 8AWExD9BS68VnewFhlb04L//TsWXVr072qPYanCeOtg0Uu6c6Zs0HqpSu171nc8u KALwYfBTU1qEDQIm8iLhmZy9bBXwSlBGOlumLafZxK3dey/nmRtp5j1UujXlRdOc PguhdpvfzCYB3RvLVafFiTKRXruh5ngS -----END CERTIFICATE-----Generated at Thu Jul 3 14:13:18 2025 by rpki-client