$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft File: XYnzqvmxOgelsmTy3rpk1cUAZRw.mft (raw, json) Hash identifier: ET1cDCJwV1DpZZO3d11PBWG2Veu6naOibUvcU9eXxdI= Subject key identifier: 0C:3C:7D:E9:9B:EF:C8:9F:56:D7:14:F1:D2:CA:95:34:A7:7F:64:4B Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Certificate serial: 01C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft Manifest number: 01B7 Signing time: Sat 17 May 2025 02:50:34 +0000 Manifest this update: Sat 17 May 2025 02:50:33 +0000 Manifest next update: Sat 24 May 2025 02:50:33 +0000 Files and hashes: 1: XYnzqvmxOgelsmTy3rpk1cUAZRw.crl (hash: zX2UTEMrgTP+G/e7zJTTKy4Ubpr4guZQ63c3vVZfs/A=) 2: 9EA7B7D8A63911ED874E6630C4F9AE02.roa (hash: 6o0EUZvJBerht1y6bzh1g89SRPPeQ5cLEU5AQhJzOAU=) 3: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (hash: QPGj0eJqXgnGukiRaT/QHSiAaiIAXjZCnZKqvteNQAI=) 4: 9FBA5FCCA63911ED874E6630C4F9AE02.roa (hash: lCV4Wc/C2vG49K6yvqo7KO+pzcjtBqjnxvlmY9cM+oI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 02:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 450 (0x1c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5240, serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Validity Not Before: May 17 02:50:33 2025 GMT Not After : May 24 02:50:33 2025 GMT Subject: CN=6827f979-8a26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:3e:a4:fe:40:9d:29:5e:e7:87:f5:5f:e9:80: f0:34:b7:ec:c3:38:0e:d4:e4:94:77:2f:e7:e6:6c: 5b:80:8d:be:43:98:7a:17:55:44:46:a8:e0:d1:73: c2:89:12:3b:de:18:10:d9:9d:b0:d1:fb:a1:5c:25: 05:6c:10:ae:5a:11:f9:ab:df:7d:3d:0e:0a:b3:40: f6:f6:4d:df:1e:5f:55:54:02:9c:9f:97:3b:8c:67: f8:fb:df:a2:5a:49:df:eb:df:ca:65:cc:fb:2d:8c: ba:71:02:84:13:5e:33:49:bb:7e:f3:33:66:e2:f6: c0:c8:7d:45:a5:41:b1:25:65:b6:0f:99:1f:51:03: f4:45:9c:5b:97:81:eb:5f:1a:39:0b:5a:c6:d3:76: af:f4:39:35:c6:57:7e:60:7e:ed:ad:6e:07:ce:8b: 36:73:8e:f9:84:30:5b:1d:83:4a:09:07:4b:1c:93: 14:45:b6:1d:f5:c9:8d:d2:16:2c:6a:13:36:74:90: 35:08:e5:ef:f9:8b:d5:21:a2:57:eb:56:cb:32:eb: 70:d4:6e:f5:da:b4:b1:e8:ca:6f:c0:c6:a5:af:19: 6e:e8:a3:5a:42:9c:23:fe:4c:9a:b4:c4:ac:d2:32: 07:5f:a4:29:c3:67:42:49:a7:22:6c:c2:69:91:33: b0:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:3C:7D:E9:9B:EF:C8:9F:56:D7:14:F1:D2:CA:95:34:A7:7F:64:4B X509v3 Authority Key Identifier: keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:1b:3c:03:0b:cf:f5:cd:c2:3b:a0:47:f5:45:92:ee:aa:d8: 6c:b2:73:d9:f0:8a:ea:7d:66:45:e1:e0:19:b0:3b:50:a1:9f: 2f:bc:91:dd:39:f5:b7:a5:84:39:19:0c:5f:fb:17:14:ce:36: 3c:62:0a:ed:b8:e7:75:65:93:a4:46:cb:15:81:7a:9a:1c:de: 8a:dc:17:9a:7b:56:ae:eb:70:2d:f3:79:41:60:2f:0e:b8:13: f9:4c:6f:ea:bf:32:b3:da:b8:7a:5e:f6:85:42:f7:cb:76:8c: a5:18:04:11:e9:4c:cb:51:47:45:67:79:7c:1c:ee:84:bf:2a: 04:ef:26:2a:c9:7d:ff:5c:42:46:dc:fd:53:64:29:d7:10:33: e1:d9:88:ef:44:7b:0f:c5:2c:f8:e0:09:94:3e:4a:52:fc:7e: 24:47:82:2f:e0:d8:74:f6:e0:85:62:66:3c:f7:5e:22:be:b9: 90:38:d8:47:9c:6c:94:8f:d6:7b:af:74:f0:33:47:33:44:dc: 04:30:1c:de:b7:25:ba:0a:ed:96:5c:49:25:5c:36:e3:39:9d: 4b:75:43:15:95:c5:40:bc:c0:d2:0a:7d:44:01:dc:e4:d8:ca: 7c:c3:88:3a:10:a5:5e:00:be:5e:2b:c5:f7:ff:2d:6d:f1:20: eb:2c:d8:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1 QzUwMDY1MUMwHhcNMjUwNTE3MDI1MDMzWhcNMjUwNTI0MDI1MDMzWjAYMRYwFAYD VQQDEw02ODI3Zjk3OS04YTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoj6k/kCdKV7nh/Vf6YDwNLfswzgO1OSUdy/n5mxbgI2+Q5h6F1VERqjg0XPC iRI73hgQ2Z2w0fuhXCUFbBCuWhH5q999PQ4Ks0D29k3fHl9VVAKcn5c7jGf4+9+i Wknf69/KZcz7LYy6cQKEE14zSbt+8zNm4vbAyH1FpUGxJWW2D5kfUQP0RZxbl4Hr Xxo5C1rG03av9Dk1xld+YH7trW4Hzos2c475hDBbHYNKCQdLHJMURbYd9cmN0hYs ahM2dJA1COXv+YvVIaJX61bLMutw1G712rSx6MpvwMalrxlu6KNaQpwj/kyatMSs 0jIHX6Qpw2dCSacibMJpkTOwZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAw8femb 78ifVtcU8dLKlTSnf2RLMB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9n ZWxzbVR5M3JwazFjVUFaUncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCyGzwDC8/1zcI7oEf1RZLuqthssnPZ8IrqfWZF4eAZsDtQoZ8vvJHd OfW3pYQ5GQxf+xcUzjY8YgrtuOd1ZZOkRssVgXqaHN6K3Beae1au63At83lBYC8O uBP5TG/qvzKz2rh6XvaFQvfLdoylGAQR6UzLUUdFZ3l8HO6EvyoE7yYqyX3/XEJG 3P1TZCnXEDPh2YjvRHsPxSz44AmUPkpS/H4kR4Iv4Nh09uCFYmY8914ivrmQONhH nGyUj9Z7r3TwM0czRNwEMBzetyW6Cu2WXEklXDbjOZ1LdUMVlcVAvMDSCn1EAdzk 2Mp8w4g6EKVeAL5eK8X3/y1t8SDrLNh7 -----END CERTIFICATE-----Generated at Sat May 17 15:24:28 2025 by rpki-client