$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft File: XYnzqvmxOgelsmTy3rpk1cUAZRw.mft (raw, json) Hash identifier: sfXdhsGJrd1oMuOZDtFJfVIh4QjeHK8ynMMxA7IDrQo= Subject key identifier: B2:A7:EA:2D:F2:9C:07:D3:2C:4D:23:FB:56:51:8A:92:C0:CF:7B:0B Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Certificate serial: 01D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft Manifest number: 01CE Signing time: Thu 03 Jul 2025 02:59:44 +0000 Manifest this update: Thu 03 Jul 2025 02:59:44 +0000 Manifest next update: Thu 10 Jul 2025 02:59:44 +0000 Files and hashes: 1: XYnzqvmxOgelsmTy3rpk1cUAZRw.crl (hash: za519Iqk2mdcdoMZ32xH+Cc6JOitRkLm5s1YJgpmkHY=) 2: 9EA7B7D8A63911ED874E6630C4F9AE02.roa (hash: 6o0EUZvJBerht1y6bzh1g89SRPPeQ5cLEU5AQhJzOAU=) 3: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (hash: QPGj0eJqXgnGukiRaT/QHSiAaiIAXjZCnZKqvteNQAI=) 4: 9FBA5FCCA63911ED874E6630C4F9AE02.roa (hash: lCV4Wc/C2vG49K6yvqo7KO+pzcjtBqjnxvlmY9cM+oI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:59:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 473 (0x1d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5240, serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Validity Not Before: Jul 3 02:59:44 2025 GMT Not After : Jul 10 02:59:44 2025 GMT Subject: CN=6865f220-ecf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:86:79:39:e7:b4:63:4b:3e:82:20:40:2c:69: 9f:f6:c8:e7:1a:69:c9:1a:17:cd:2c:82:b3:18:7f: 08:75:f6:ac:35:ac:3a:8e:6e:ea:55:df:76:ef:43: 3f:ff:e9:c3:7f:ff:42:af:47:08:18:01:e3:ab:64: 56:a7:b0:f5:3c:45:b8:db:6b:fe:df:18:80:c4:d1: 83:45:30:fc:04:42:ce:31:d7:7e:c6:75:92:5c:0c: ef:f7:af:e7:c2:bf:22:2a:90:03:96:4f:4b:08:67: ad:c4:e6:c6:41:6d:23:56:f1:d3:28:e8:9c:a8:8f: e3:99:55:c0:97:3e:16:ca:2d:38:36:86:80:4e:17: 19:31:d7:d1:bf:e3:09:56:c5:b5:5c:14:c3:57:e5: 8e:9b:dc:ec:dd:8c:f6:5a:61:ca:bc:56:6c:26:64: 8f:03:fb:36:84:53:82:e0:5e:fa:b7:55:51:d8:f1: c5:9f:48:b5:ba:94:53:3b:45:3f:c7:35:04:fa:6a: d5:09:41:c7:96:92:38:b0:f6:1d:0d:f2:16:10:30: 6b:3a:fb:ad:f1:f0:b5:3e:4c:72:52:48:2f:89:70: 1f:6f:4b:4d:8a:81:50:30:a7:0b:b8:67:b7:19:70: e3:25:e0:67:0e:f2:48:d3:ed:9b:e8:3f:a8:8a:48: 07:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A7:EA:2D:F2:9C:07:D3:2C:4D:23:FB:56:51:8A:92:C0:CF:7B:0B X509v3 Authority Key Identifier: keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:83:38:72:33:b3:5d:19:80:9c:d3:61:b2:26:c0:99:3a:bc: cd:82:83:8d:29:fc:db:d2:7f:c7:34:2b:eb:68:54:12:f7:e7: e3:88:9c:ad:10:0a:fe:04:8b:14:73:72:88:f1:63:7c:26:0f: c3:9c:ef:12:cd:88:d2:73:02:a2:65:5f:89:6b:f6:3e:c4:f8: 98:0c:ad:5a:54:93:34:4b:e8:68:45:b2:c6:6a:00:60:90:0b: 64:f8:ac:64:b7:04:ac:ed:4b:39:59:8f:55:02:3f:7f:8f:b3: 82:4d:1f:a5:10:d4:56:98:d3:dd:c2:ff:d1:dd:1f:8e:83:df: a6:af:7a:32:6b:94:94:64:70:50:b7:d1:8a:cf:1c:11:a4:2c: 7f:b6:67:8c:1a:bb:4e:a1:e9:54:bb:dd:d4:a5:0a:ec:b0:79: 04:2d:c3:95:30:37:42:55:2c:16:07:30:09:83:e5:3d:32:ff: aa:32:29:34:1d:ce:ee:cb:46:0b:e2:57:99:4b:72:fb:95:2a: 1b:13:b1:19:ac:62:a2:a6:0f:47:63:d7:ca:b2:aa:9d:27:c9: 41:e5:f9:f8:e9:8b:3c:4b:cc:fc:21:85:93:b6:5b:43:11:05: 09:c7:22:28:20:cc:8f:16:c1:bb:09:b4:5c:3e:fc:51:44:49: 4a:d4:a3:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1 QzUwMDY1MUMwHhcNMjUwNzAzMDI1OTQ0WhcNMjUwNzEwMDI1OTQ0WjAYMRYwFAYD VQQDEw02ODY1ZjIyMC1lY2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwYZ5Oee0Y0s+giBALGmf9sjnGmnJGhfNLIKzGH8IdfasNaw6jm7qVd9270M/ /+nDf/9Cr0cIGAHjq2RWp7D1PEW422v+3xiAxNGDRTD8BELOMdd+xnWSXAzv96/n wr8iKpADlk9LCGetxObGQW0jVvHTKOicqI/jmVXAlz4Wyi04NoaAThcZMdfRv+MJ VsW1XBTDV+WOm9zs3Yz2WmHKvFZsJmSPA/s2hFOC4F76t1VR2PHFn0i1upRTO0U/ xzUE+mrVCUHHlpI4sPYdDfIWEDBrOvut8fC1PkxyUkgviXAfb0tNioFQMKcLuGe3 GXDjJeBnDvJI0+2b6D+oikgHAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLKn6i3y nAfTLE0j+1ZRipLAz3sLMB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9n ZWxzbVR5M3JwazFjVUFaUncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhgzhyM7NdGYCc02GyJsCZOrzNgoONKfzb0n/HNCvraFQS9+fjiJyt EAr+BIsUc3KI8WN8Jg/DnO8SzYjScwKiZV+Ja/Y+xPiYDK1aVJM0S+hoRbLGagBg kAtk+KxktwSs7Us5WY9VAj9/j7OCTR+lENRWmNPdwv/R3R+Og9+mr3oya5SUZHBQ t9GKzxwRpCx/tmeMGrtOoelUu93UpQrssHkELcOVMDdCVSwWBzAJg+U9Mv+qMik0 Hc7uy0YL4leZS3L7lSobE7EZrGKipg9HY9fKsqqdJ8lB5fn46Ys8S8z8IYWTtltD EQUJxyIoIMyPFsG7CbRcPvxRRElK1KOk -----END CERTIFICATE-----Generated at Thu Jul 3 15:33:46 2025 by rpki-client