$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft File: XAo1I_02RadjWvJRmtzQAuEy-84.mft (raw, json) Hash identifier: 7pVvn/4KG1mRRblDZaVZCWNRmj6rII66ciPGOw/8Wgk= Subject key identifier: 49:26:54:FE:0E:8F:54:04:C0:88:74:F4:7E:65:A1:12:36:8B:0C:5E Authority key identifier: 5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE Certificate issuer: /CN=A91B0F90/serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE Certificate serial: 76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft Manifest number: 6C Signing time: Sat 23 Aug 2025 07:19:02 +0000 Manifest this update: Sat 23 Aug 2025 07:19:01 +0000 Manifest next update: Sat 30 Aug 2025 07:19:01 +0000 Files and hashes: 1: XAo1I_02RadjWvJRmtzQAuEy-84.crl (hash: DanB3XlK2ZVvWlDOOy1QYmoQ8YMv7pDMIbTufYNR/l8=) 2: 304DD002EFAB11EF97C9610FC4F9AE02.roa (hash: nY9SnH3XV0jBQtfc+UOqx27pO7JEzdlFPgYbBdgEcrs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:19:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 118 (0x76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0F90, serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE Validity Not Before: Aug 23 07:19:01 2025 GMT Not After : Aug 30 07:19:01 2025 GMT Subject: CN=68a96b65-9e7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:eb:80:0e:55:03:d0:51:c7:ff:b4:c3:4f:6b: 21:45:67:b6:50:a4:9a:d6:2f:e2:a5:02:ed:df:61: 0c:6d:5b:6c:62:35:f3:96:bc:75:be:ae:e5:14:d3: e5:c0:5b:85:df:0f:36:ca:81:7a:cc:52:9e:17:26: e8:c7:2b:8a:25:f2:fd:ec:bf:2a:d8:8c:ac:cc:50: be:ad:0e:e7:97:e3:82:e5:ff:ba:ad:c1:43:d9:b2: a6:3a:57:3f:b4:f9:52:30:1d:77:7b:18:9c:54:51: c6:54:ff:5d:57:53:a2:dc:99:90:5c:42:5b:28:7a: 47:f4:e8:f9:cd:31:1b:e2:a6:e5:0e:01:c6:fb:50: 61:ad:67:38:fa:17:84:cd:cf:68:9d:aa:54:6b:28: 25:e7:6d:7e:31:77:fc:02:2f:b2:9e:9d:7a:64:31: ee:7b:c4:52:6d:71:fc:31:48:94:c9:62:14:a2:3d: 2c:96:99:8d:ff:22:0f:43:7f:05:bb:9c:32:00:9a: cd:12:b2:fd:71:7c:32:97:c2:9a:19:aa:af:e3:08: 67:ec:69:91:cb:9d:9c:6f:84:98:1c:94:2c:4c:ff: 59:d0:dd:1d:90:cd:e8:79:d6:f4:9f:c5:51:2a:65: 0e:d9:27:0c:5a:9a:61:ab:c0:d0:5b:5d:6f:23:6c: 68:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:26:54:FE:0E:8F:54:04:C0:88:74:F4:7E:65:A1:12:36:8B:0C:5E X509v3 Authority Key Identifier: keyid:5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:e0:34:1e:de:9a:4b:31:53:59:a6:4d:98:20:d9:06:90:c5: 3c:60:f5:7a:4e:d1:00:19:0c:6c:67:07:de:19:2d:dc:9d:40: 90:47:55:31:1c:a1:6f:8c:8c:98:68:02:21:84:25:c3:0a:50: a6:3e:c6:b1:4c:73:64:fa:1d:f7:2d:27:26:14:46:5e:ad:8e: f3:fc:b8:d8:96:d8:ee:ea:1b:39:e1:45:e6:0f:b6:51:16:28: 93:00:df:33:2a:8f:f4:40:21:81:84:f8:26:0e:94:e5:15:f0: 8d:f8:b9:49:92:66:a5:cc:31:6e:90:3c:be:c9:b3:16:af:8c: a0:d8:0a:93:03:2c:33:62:a5:74:cf:20:11:41:fa:8e:61:20: 25:94:c3:35:2b:87:23:fe:d1:b0:20:90:93:1c:e0:4c:eb:88: 6e:36:6e:46:93:20:27:50:1c:70:b1:71:a1:1a:93:92:a5:6f: d1:f5:87:a2:5a:d0:92:72:16:00:e1:84:bd:5a:84:80:75:c1: 21:f1:66:ca:fc:8f:4b:af:82:7a:6f:99:99:f4:3d:09:ff:b8: 33:5c:0e:7a:fe:f9:d5:7e:33:5d:84:04:e5:d1:a3:dd:80:6b: c6:0c:21:22:be:24:c5:c3:19:a9:19:1b:84:d9:67:b5:92:91: 2b:8f:dd:a5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MEY5MDExMC8GA1UEBRMoNUMwQTM1MjNGRDM2NDVBNzYzNUFGMjUxOUFEQ0QwMDJF MTMyRkJDRTAeFw0yNTA4MjMwNzE5MDFaFw0yNTA4MzAwNzE5MDFaMBgxFjAUBgNV BAMTDTY4YTk2YjY1LTllN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDc64AOVQPQUcf/tMNPayFFZ7ZQpJrWL+KlAu3fYQxtW2xiNfOWvHW+ruUU0+XA W4XfDzbKgXrMUp4XJujHK4ol8v3svyrYjKzMUL6tDueX44Ll/7qtwUPZsqY6Vz+0 +VIwHXd7GJxUUcZU/11XU6LcmZBcQlsoekf06PnNMRvipuUOAcb7UGGtZzj6F4TN z2idqlRrKCXnbX4xd/wCL7KenXpkMe57xFJtcfwxSJTJYhSiPSyWmY3/Ig9DfwW7 nDIAms0Ssv1xfDKXwpoZqq/jCGfsaZHLnZxvhJgclCxM/1nQ3R2Qzeh51vSfxVEq ZQ7ZJwxammGrwNBbXW8jbGjRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSSZU/g6P VATAiHT0fmWhEjaLDF4wHwYDVR0jBBgwFoAUXAo1I/02RadjWvJRmtzQAuEy+84w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwRjkwLzA0Nzc5QjlDRUQ4 MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFkald2SlJtdHpRQXVFeS04 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWEFvMUlfMDJSYWRqV3ZKUm10elFBdUV5LTg0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIw RjkwLzA0Nzc5QjlDRUQ4MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFk ald2SlJtdHpRQXVFeS04NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAELgNB7emksxU1mmTZgg2QaQxTxg9XpO0QAZDGxnB94ZLdydQJBHVTEc oW+MjJhoAiGEJcMKUKY+xrFMc2T6HfctJyYURl6tjvP8uNiW2O7qGznhReYPtlEW KJMA3zMqj/RAIYGE+CYOlOUV8I34uUmSZqXMMW6QPL7JsxavjKDYCpMDLDNipXTP IBFB+o5hICWUwzUrhyP+0bAgkJMc4EzriG42bkaTICdQHHCxcaEak5Klb9H1h6Ja 0JJyFgDhhL1ahIB1wSHxZsr8j0uvgnpvmZn0PQn/uDNcDnr++dV+M12EBOXRo92A a8YMISK+JMXDGakZG4TZZ7WSkSuP3aU= -----END CERTIFICATE-----Generated at Sat Aug 23 16:24:41 2025 by rpki-client