$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft File: XDZbFzHKfOfbgd1XEwvU1kMBm14.mft (raw, json) Hash identifier: NzekbfrxI9INDChFWxWj/8o5rCeYpXyfqgzBVnGVKrc= Subject key identifier: 96:16:BD:B6:24:73:2A:94:CC:00:30:BD:1F:6E:D5:34:A7:F6:5F:FE Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 0571 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft Manifest number: 056A Signing time: Mon 30 Jun 2025 23:44:37 +0000 Manifest this update: Mon 30 Jun 2025 23:44:37 +0000 Manifest next update: Mon 07 Jul 2025 23:44:36 +0000 Files and hashes: 1: XDZbFzHKfOfbgd1XEwvU1kMBm14.crl (hash: 6cywHh41QljKRWNOx0n5I79oborTaN1XGuPr6ncR7PM=) 2: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (hash: QJH4AI00yRGEUDIXxzK7vr00Zj8U+JgNqRc/dr5Ast0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 23:44:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1393 (0x571) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB, serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: Jun 30 23:44:37 2025 GMT Not After : Jul 7 23:44:36 2025 GMT Subject: CN=68632165-4188 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:22:0f:9a:0f:ca:a7:67:c7:55:4c:15:1d:7e: 19:a3:0d:86:9e:e3:1c:c7:21:03:17:67:72:cb:9d: c2:fc:a7:1b:dc:c2:f3:77:21:02:04:45:d8:d9:15: 0e:46:a7:c7:78:c8:8d:e1:50:ef:7e:96:53:0f:7b: 76:bd:64:55:37:69:c9:79:e8:08:22:44:97:d6:b6: 30:cc:12:c0:70:4c:63:a6:db:70:8a:4a:33:3a:7b: 53:db:0d:0e:07:0f:3f:d6:86:d2:f3:30:cc:92:4a: 02:da:62:99:cb:18:c0:a5:64:04:08:dc:0c:d1:52: 71:83:ae:67:47:90:2d:8e:51:0f:45:5c:74:a6:97: 4b:b0:7e:7d:b5:9f:9b:a7:64:89:40:a1:d6:5c:8c: f1:2c:b4:a8:70:66:69:28:f7:18:cf:c5:5c:df:54: 99:40:70:30:40:0f:56:90:75:14:b7:d9:19:eb:20: 49:0d:ad:52:69:69:22:d2:d2:2b:3c:49:b0:41:94: e9:b7:b4:28:2b:54:8a:a4:b9:c5:b6:a1:20:9a:8f: d0:a5:43:8a:ce:ef:28:b1:6c:1b:fa:44:5f:c0:65: d8:a9:5a:e8:67:11:09:82:3e:30:99:f6:ca:71:67: 4d:d6:a3:d1:b8:ea:00:59:5e:b6:7d:9a:4a:a7:7b: 58:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:16:BD:B6:24:73:2A:94:CC:00:30:BD:1F:6E:D5:34:A7:F6:5F:FE X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:78:82:4c:1f:4f:48:c3:ba:ab:52:e2:94:74:8e:de:11:fe: eb:b8:82:ee:d3:b8:c8:25:ed:90:e1:d7:9d:be:ab:47:f5:1e: 57:c8:05:b5:09:40:ea:e6:2d:02:89:7e:57:dd:cd:63:a3:12: 24:db:f0:a1:5b:3f:b0:36:a7:ba:b6:45:50:5a:ad:49:a1:98: 3f:ee:31:e6:f2:26:ff:fa:68:cc:4d:40:c1:ab:58:81:e2:bf: f7:ce:20:99:f7:c0:2b:0b:ec:3c:89:91:cf:69:f8:40:9c:84: 04:c7:f9:dc:99:c7:ca:62:c9:e5:0b:c9:9f:0a:c2:5f:98:8b: 69:27:c6:ce:a5:b1:49:bf:18:6c:51:33:b0:41:68:e0:f7:43: f3:5c:dd:47:16:d5:0e:31:eb:d2:4f:e8:0d:82:76:5d:f0:35: 7e:e7:f9:7a:7c:6c:0a:35:d6:d8:a5:40:de:43:3a:71:c7:59: 5e:09:14:77:c1:76:ad:31:69:cb:b5:24:64:d0:e2:40:ce:ee: c8:0e:02:5b:ee:c7:43:71:3a:33:1d:27:fd:5b:b2:48:46:03: 5e:0e:bd:cf:6c:db:53:d5:d8:61:a7:ec:6f:51:b2:eb:8e:0a: d2:9d:6f:27:be:fa:20:b0:e7:85:c0:47:df:a4:6f:ae:07:db: d1:2a:c6:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjUwNjMwMjM0NDM3WhcNMjUwNzA3MjM0NDM2WjAYMRYwFAYD VQQDEw02ODYzMjE2NS00MTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApCIPmg/Kp2fHVUwVHX4Zow2GnuMcxyEDF2dyy53C/Kcb3MLzdyECBEXY2RUO RqfHeMiN4VDvfpZTD3t2vWRVN2nJeegIIkSX1rYwzBLAcExjpttwikozOntT2w0O Bw8/1obS8zDMkkoC2mKZyxjApWQECNwM0VJxg65nR5AtjlEPRVx0ppdLsH59tZ+b p2SJQKHWXIzxLLSocGZpKPcYz8Vc31SZQHAwQA9WkHUUt9kZ6yBJDa1SaWki0tIr PEmwQZTpt7QoK1SKpLnFtqEgmo/QpUOKzu8osWwb+kRfwGXYqVroZxEJgj4wmfbK cWdN1qPRuOoAWV62fZpKp3tYJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJYWvbYk cyqUzAAwvR9u1TSn9l/+MB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhFQi83NzE0OEFDNkVCMDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZP ZmJnZDFYRXd2VTFrTUJtMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEeIJMH09Iw7qrUuKUdI7eEf7ruILu07jIJe2Q4dedvqtH9R5XyAW1 CUDq5i0CiX5X3c1joxIk2/ChWz+wNqe6tkVQWq1JoZg/7jHm8ib/+mjMTUDBq1iB 4r/3ziCZ98ArC+w8iZHPafhAnIQEx/ncmcfKYsnlC8mfCsJfmItpJ8bOpbFJvxhs UTOwQWjg90PzXN1HFtUOMevST+gNgnZd8DV+5/l6fGwKNdbYpUDeQzpxx1leCRR3 wXatMWnLtSRk0OJAzu7IDgJb7sdDcTozHSf9W7JIRgNeDr3PbNtT1dhhp+xvUbLr jgrSnW8nvvogsOeFwEffpG+uB9vRKsZs -----END CERTIFICATE-----Generated at Wed Jul 2 14:41:55 2025 by rpki-client