$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: gZ7T3bHTVe4Px3Z4VXfDf0ZJf4mDC7FGvaonkYUAdD8= Subject key identifier: 71:6C:17:06:07:BD:5A:44:3E:D3:53:5E:1E:EF:D8:F0:0B:5F:E0:FB Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 08F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 08DE Signing time: Sat 10 May 2025 20:10:07 +0000 Manifest this update: Sat 10 May 2025 20:10:07 +0000 Manifest next update: Sat 17 May 2025 20:10:07 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: DQTB93l40TuL43GDywy1R5XvDaxNJ88PoxIiRmoFMzI=) 2: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: Del+9YrkACA6yrhYJeSPVVuh01l/16gJ82iy69S9BRo=) 3: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: PnqDvM4vjQdsVy80UhznbWoKhp/dlqh33E+GG+RU+dk=) 4: 03706138786411EC8624EB12C4F9AE02.roa (hash: qKXv165pzdK/WBxXfxqKy/V+953i+G1rFbe37yvanHk=) 5: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: Ci305f1V47fRIRqmqjLy+EIi8DLnLoGCGpVVZ48v10E=) 6: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: lvX9qWs0U9FJpaiKhdFBFudNcs3mWD37dbOmEs33Njk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:10:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2296 (0x8f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: May 10 20:10:07 2025 GMT Not After : May 17 20:10:07 2025 GMT Subject: CN=681fb29f-1a33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f8:94:00:ca:fc:71:b2:34:2d:51:d3:f5:11: d9:36:0e:6e:ad:94:1a:0c:9a:1e:9a:7c:71:25:69: 15:7f:b8:04:92:0e:9d:dd:be:e9:85:b2:6c:61:dd: ab:ea:87:9a:ce:88:69:f2:ef:05:d5:a1:90:a0:d8: 71:cf:4b:5e:8f:11:bd:38:ab:a6:cd:55:26:bd:43: c2:43:cb:65:b9:83:b2:67:0b:b5:c7:86:b9:2c:13: bb:a0:ad:b1:52:b0:da:69:11:c4:7c:ff:12:70:d1: f2:a0:b8:60:37:35:9f:60:be:30:94:bf:10:04:ad: bd:89:bb:d5:7f:b6:bc:cf:36:b7:5e:fb:e6:53:c9: 04:64:7d:5c:1f:1e:77:e7:9e:dc:b8:df:02:a2:c7: a4:e1:9d:ba:0a:fa:6d:39:e4:e6:a5:3f:06:f1:ee: de:30:84:b3:c1:9a:c7:a0:b0:9f:37:7b:68:b8:f1: a2:75:ab:04:eb:61:36:bd:ce:a6:6e:e8:af:2e:cd: a5:2a:e1:69:f5:c2:a4:56:2f:0a:4f:bd:ed:c5:7b: 9a:2a:87:27:b7:55:a0:04:03:bb:b7:c3:b7:27:2c: 46:f4:e8:69:72:56:40:6b:1e:7b:d5:b9:cb:9f:fa: ec:c6:c4:5f:c9:8f:b6:9f:da:f4:a3:69:47:ca:e7: 23:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:6C:17:06:07:BD:5A:44:3E:D3:53:5E:1E:EF:D8:F0:0B:5F:E0:FB X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:f1:dd:05:4d:e8:e4:b3:47:cc:5d:0f:f5:13:42:6b:61:3a: 17:22:73:6d:55:e7:a2:c0:66:b5:ce:07:a6:d7:68:70:7b:9f: c8:30:82:61:cc:a1:31:da:2f:84:08:dc:3c:c6:9c:7a:ad:76: c0:f5:13:fb:83:c1:95:1d:92:92:cd:49:36:9d:06:c4:bc:6a: 9e:7b:7c:a1:95:41:af:c0:ed:19:e9:de:23:8a:65:80:ec:e0: 0a:f6:19:90:18:11:a3:6f:c3:83:fe:ff:5c:79:c9:2e:d2:f2: 0c:fb:89:34:3d:da:8a:b3:8f:95:59:f9:36:f3:59:4c:b1:7c: 80:3f:a5:3c:b6:2a:20:16:2d:45:b5:1c:0d:18:ab:e0:5b:65: ac:a6:3b:3f:31:6f:cc:69:0f:f9:35:bd:e8:5e:32:d8:f3:39: 98:38:a7:02:24:ab:63:dd:1d:1e:d0:30:80:5d:d5:a8:aa:cc: 2a:70:d1:e0:21:27:94:1d:7d:e6:a9:4d:d9:45:43:55:96:93: 3e:6d:13:57:7e:f4:6c:b4:4d:11:0a:ca:09:64:c7:d9:50:01: 08:9f:c9:02:b5:de:80:f1:79:62:6a:3b:32:5c:55:5f:f4:cb: 78:bd:bb:ce:cf:a2:33:32:8f:30:5d:a1:ec:91:8b:f1:d0:6c: 33:71:e2:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCPgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjUwNTEwMjAxMDA3WhcNMjUwNTE3MjAxMDA3WjAYMRYwFAYD VQQDEw02ODFmYjI5Zi0xYTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqfiUAMr8cbI0LVHT9RHZNg5urZQaDJoemnxxJWkVf7gEkg6d3b7phbJsYd2r 6oeazohp8u8F1aGQoNhxz0tejxG9OKumzVUmvUPCQ8tluYOyZwu1x4a5LBO7oK2x UrDaaRHEfP8ScNHyoLhgNzWfYL4wlL8QBK29ibvVf7a8zza3XvvmU8kEZH1cHx53 557cuN8Cosek4Z26CvptOeTmpT8G8e7eMISzwZrHoLCfN3touPGidasE62E2vc6m buivLs2lKuFp9cKkVi8KT73txXuaKocnt1WgBAO7t8O3JyxG9OhpclZAax571bnL n/rsxsRfyY+2n9r0o2lHyucjhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHFsFwYH vVpEPtNTXh7v2PALX+D7MB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBO8d0FTejks0fMXQ/1E0JrYToXInNtVeeiwGa1zgem12hwe5/IMIJh zKEx2i+ECNw8xpx6rXbA9RP7g8GVHZKSzUk2nQbEvGqee3yhlUGvwO0Z6d4jimWA 7OAK9hmQGBGjb8OD/v9cecku0vIM+4k0PdqKs4+VWfk281lMsXyAP6U8tiogFi1F tRwNGKvgW2Wspjs/MW/MaQ/5Nb3oXjLY8zmYOKcCJKtj3R0e0DCAXdWoqswqcNHg ISeUHX3mqU3ZRUNVlpM+bRNXfvRstE0RCsoJZMfZUAEIn8kCtd6A8XliajsyXFVf 9Mt4vbvOz6IzMo8wXaHskYvx0GwzceIB -----END CERTIFICATE-----Generated at Mon May 12 19:54:30 2025 by rpki-client