$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft File: XAo1I_02RadjWvJRmtzQAuEy-84.mft (raw, json) Hash identifier: licpYRPlHwlFH/7FbZFbHnVQZZCzm6TDS8ziZkdcC9o= Subject key identifier: CA:E9:45:59:32:FB:CB:FC:81:BB:CB:60:01:E7:FD:EF:DC:F2:1C:41 Authority key identifier: 5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE Certificate issuer: /CN=A91B0F90/serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft Manifest number: 51 Signing time: Tue 01 Jul 2025 08:10:45 +0000 Manifest this update: Tue 01 Jul 2025 08:10:44 +0000 Manifest next update: Tue 08 Jul 2025 08:10:44 +0000 Files and hashes: 1: XAo1I_02RadjWvJRmtzQAuEy-84.crl (hash: 4K4f8PcSLYMEQX2aYOiIYFvD59V5CzKDAFN2ZAxNRBY=) 2: 304DD002EFAB11EF97C9610FC4F9AE02.roa (hash: nY9SnH3XV0jBQtfc+UOqx27pO7JEzdlFPgYbBdgEcrs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:10:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0F90, serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE Validity Not Before: Jul 1 08:10:44 2025 GMT Not After : Jul 8 08:10:44 2025 GMT Subject: CN=68639805-9491 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:30:b4:c1:94:df:eb:b1:82:fe:c7:de:32:66: 2e:67:22:41:95:83:ca:de:28:cb:97:c8:7d:7e:15: 06:87:99:72:6e:3a:6d:6d:f6:76:64:c1:bc:f4:31: 6d:30:93:c2:12:df:6b:e0:49:14:20:c4:b3:06:17: 36:25:55:cb:f4:f1:f6:c8:cb:d2:e2:bf:13:ba:1d: a0:54:4d:72:18:e7:af:62:c4:54:ee:e9:71:84:a6: fe:a5:c3:f6:90:d1:90:1a:e6:1c:2b:c2:a7:35:76: 53:70:a5:29:51:3b:4e:5e:a6:af:5c:95:be:21:ed: 2c:2c:dd:84:19:08:35:28:74:d7:b1:b3:ef:c2:37: a5:16:b5:9c:8e:09:a6:5d:0f:fa:23:6e:96:3d:25: 9a:54:6f:42:94:4f:14:20:a3:9f:22:61:3a:42:13: 26:49:ec:76:55:10:7b:ea:03:28:e7:09:da:83:e6: 01:1c:9b:9e:81:24:d1:34:aa:d9:ab:96:62:5e:5e: 85:70:30:af:ca:ca:86:b6:b5:cc:47:db:95:e7:f7: 12:45:98:e2:5b:00:b9:5f:90:d8:43:e2:4d:b1:6d: 1a:32:91:2f:fa:1c:cd:47:55:83:64:8b:2b:f2:32: 56:69:96:26:e5:a2:d9:b9:cb:32:99:c4:28:11:93: 4e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:E9:45:59:32:FB:CB:FC:81:BB:CB:60:01:E7:FD:EF:DC:F2:1C:41 X509v3 Authority Key Identifier: keyid:5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:55:e9:76:f1:13:a0:2e:0e:a7:db:8f:aa:ae:f4:b3:0a:91: c2:30:a7:22:e6:62:b6:bd:cc:c8:25:a6:11:e0:ce:b3:e8:b8: be:38:4d:67:c8:61:96:18:be:5b:e9:b0:22:ab:80:b2:97:77: 5f:57:89:c8:e3:2a:66:bb:7a:ea:da:1b:e1:a1:b5:95:66:fe: 07:72:9b:a4:53:fa:f9:98:8e:17:bc:30:5c:24:4d:4b:b8:d8: 59:33:d6:c9:7e:19:2b:24:75:5a:79:7e:93:9e:bf:c7:51:84: 71:ca:b2:79:8c:d2:96:77:9b:23:78:5f:56:22:80:66:ab:2b: c3:9e:88:bc:0d:00:c8:ba:df:5b:a8:7a:82:50:c1:2d:ac:f7: df:24:2a:e0:cc:a8:a1:2c:37:3f:37:d4:a3:c2:53:23:ae:e2: cb:3a:d1:3e:9c:ab:e2:a0:13:a8:3c:29:6a:d9:a3:1a:60:12: f1:b8:fd:81:78:9e:8f:37:b3:9f:21:72:9a:7d:c2:ff:22:56: c3:96:41:d3:35:10:5e:2a:69:02:ca:6f:c2:f2:c7:e0:ec:70: 53:97:ad:e4:a2:b3:50:a7:2d:fe:c0:11:0e:4b:02:bc:bb:2a: f6:6e:6a:06:b5:0c:b9:cc:7e:83:01:80:b6:c8:42:ba:63:72: 7f:a9:32:69 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MEY5MDExMC8GA1UEBRMoNUMwQTM1MjNGRDM2NDVBNzYzNUFGMjUxOUFEQ0QwMDJF MTMyRkJDRTAeFw0yNTA3MDEwODEwNDRaFw0yNTA3MDgwODEwNDRaMBgxFjAUBgNV BAMTDTY4NjM5ODA1LTk0OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVMLTBlN/rsYL+x94yZi5nIkGVg8reKMuXyH1+FQaHmXJuOm1t9nZkwbz0MW0w k8IS32vgSRQgxLMGFzYlVcv08fbIy9LivxO6HaBUTXIY569ixFTu6XGEpv6lw/aQ 0ZAa5hwrwqc1dlNwpSlRO05epq9clb4h7Sws3YQZCDUodNexs+/CN6UWtZyOCaZd D/ojbpY9JZpUb0KUTxQgo58iYTpCEyZJ7HZVEHvqAyjnCdqD5gEcm56BJNE0qtmr lmJeXoVwMK/Kyoa2tcxH25Xn9xJFmOJbALlfkNhD4k2xbRoykS/6HM1HVYNkiyvy MlZpliblotm5yzKZxCgRk05jAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUyulFWTL7 y/yBu8tgAef979zyHEEwHwYDVR0jBBgwFoAUXAo1I/02RadjWvJRmtzQAuEy+84w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwRjkwLzA0Nzc5QjlDRUQ4 MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFkald2SlJtdHpRQXVFeS04 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWEFvMUlfMDJSYWRqV3ZKUm10elFBdUV5LTg0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIw RjkwLzA0Nzc5QjlDRUQ4MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFk ald2SlJtdHpRQXVFeS04NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABxV6XbxE6AuDqfbj6qu9LMKkcIwpyLmYra9zMglphHgzrPouL44TWfI YZYYvlvpsCKrgLKXd19XicjjKma7euraG+GhtZVm/gdym6RT+vmYjhe8MFwkTUu4 2Fkz1sl+GSskdVp5fpOev8dRhHHKsnmM0pZ3myN4X1YigGarK8OeiLwNAMi631uo eoJQwS2s998kKuDMqKEsNz831KPCUyOu4ss60T6cq+KgE6g8KWrZoxpgEvG4/YF4 no83s58hcpp9wv8iVsOWQdM1EF4qaQLKb8Lyx+DscFOXreSis1CnLf7AEQ5LAry7 KvZuaga1DLnMfoMBgLbIQrpjcn+pMmk= -----END CERTIFICATE-----Generated at Thu Jul 3 00:43:12 2025 by rpki-client