$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft File: XDlbosoKv2WIhyaHTHgktpt4mZU.mft (raw, json) Hash identifier: EAdTZ9mz2UmWzwzWnrmSV7sZwBtBSl3vgaq/3+2gaXM= Subject key identifier: 98:52:B4:7A:17:79:16:30:77:AC:15:10:1A:37:BF:16:18:B3:78:C9 Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 Certificate issuer: /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Certificate serial: 0E57 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft Manifest number: 0E4A Signing time: Mon 30 Jun 2025 17:57:59 +0000 Manifest this update: Mon 30 Jun 2025 17:57:59 +0000 Manifest next update: Mon 07 Jul 2025 17:57:59 +0000 Files and hashes: 1: XDlbosoKv2WIhyaHTHgktpt4mZU.crl (hash: bzY3vofQdu1qQ3qKoZtDuf2vNnl02tmYBU9EAOZsh04=) 2: AECDA1B0448F11EDACC30815C4F9AE02.roa (hash: xirIMjuaHIPZj6jpdJVKaFKfHlsVW3gI4qvEhU2Je88=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 17:57:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3671 (0xe57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E66E5, serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Validity Not Before: Jun 30 17:57:59 2025 GMT Not After : Jul 7 17:57:59 2025 GMT Subject: CN=6862d027-103b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:86:f7:84:b1:b7:33:73:e8:c0:f4:6f:70:0e: d5:8f:17:35:9f:79:6c:f9:41:ce:5a:ec:7d:04:2c: 95:11:c3:7d:7f:12:36:d3:49:30:2d:ce:f0:5f:52: 85:64:09:be:7c:e7:cc:f6:db:7b:42:90:1f:17:d3: 1f:a5:55:b2:95:10:2a:07:1b:5d:24:77:9a:89:c9: 76:3e:2a:9c:86:55:c0:31:b6:6e:6c:30:fe:7f:b8: 15:c9:11:08:06:e6:77:8d:ed:07:3f:6a:8a:4a:e2: 7f:10:20:71:48:cc:62:9d:27:d2:61:4f:90:f4:bc: 43:48:19:cc:86:04:e8:5b:ac:85:d7:c5:06:24:c7: 2a:25:c6:be:d0:b6:01:db:d4:60:24:91:fb:78:95: 0a:1f:8a:d6:11:7c:a7:08:68:27:e3:ff:e4:fe:ad: d6:8c:bf:e2:ba:97:c9:99:ba:04:ab:b1:57:44:03: d8:b0:be:4f:50:d2:36:64:c7:66:ae:fc:f0:98:78: fa:b2:10:b9:a1:e6:f1:71:5f:28:0b:68:e1:f9:fa: 95:da:16:4d:09:6f:4b:b3:ea:78:1e:fe:93:dd:aa: a0:09:ad:ca:8c:37:d3:5f:cd:b2:8d:1f:6f:80:ae: 0d:a3:c8:3f:1f:bd:5a:fc:1e:4d:ba:e0:d3:69:49: e5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:52:B4:7A:17:79:16:30:77:AC:15:10:1A:37:BF:16:18:B3:78:C9 X509v3 Authority Key Identifier: keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:52:c1:20:cf:5b:2f:75:23:32:57:6b:5d:5e:2d:27:9e:37: e5:61:e4:8c:62:e8:7f:a3:a6:3e:e7:63:31:9c:84:61:05:f8: 70:37:67:74:84:f6:d2:66:15:d3:fe:bf:a9:b0:32:77:e3:1e: c2:cc:0d:31:d9:ce:21:87:d0:3f:09:4b:e6:6d:15:9a:76:eb: 70:53:cf:f8:83:2f:1b:cb:92:e1:34:90:ad:07:a4:13:11:b9: 05:98:2c:86:2a:d2:96:cf:ed:f6:c8:02:ec:58:0f:16:88:2c: 35:5c:60:91:d1:70:a1:c5:ed:2b:20:d8:83:d8:85:1a:dc:53: 89:e1:0c:da:47:f3:85:61:c9:a7:ae:42:52:18:99:61:68:7f: ce:b4:73:c9:a8:32:f2:96:0e:d9:2d:15:2b:35:d1:a1:1e:4f: 97:71:49:a4:58:ed:6a:48:f1:f0:6d:2c:49:69:c0:c9:ae:3b: 17:bb:f8:22:40:d2:ef:fa:1a:7d:ff:4f:3b:70:01:f3:1e:84: 42:66:82:69:01:87:22:a2:6b:0b:c4:30:75:2d:4d:07:a8:97: 05:6c:ce:5e:2a:82:2d:59:9a:46:d3:29:05:80:6a:d2:9c:b4: 59:15:96:ad:b9:ff:b2:bf:59:d4:27:4e:d3:d0:c4:ec:27:ca: e9:b1:5f:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2 OUI3ODk5OTUwHhcNMjUwNjMwMTc1NzU5WhcNMjUwNzA3MTc1NzU5WjAYMRYwFAYD VQQDEw02ODYyZDAyNy0xMDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4Ib3hLG3M3PowPRvcA7Vjxc1n3ls+UHOWux9BCyVEcN9fxI200kwLc7wX1KF ZAm+fOfM9tt7QpAfF9MfpVWylRAqBxtdJHeaicl2PiqchlXAMbZubDD+f7gVyREI BuZ3je0HP2qKSuJ/ECBxSMxinSfSYU+Q9LxDSBnMhgToW6yF18UGJMcqJca+0LYB 29RgJJH7eJUKH4rWEXynCGgn4//k/q3WjL/iupfJmboEq7FXRAPYsL5PUNI2ZMdm rvzwmHj6shC5oebxcV8oC2jh+fqV2hZNCW9Ls+p4Hv6T3aqgCa3KjDfTX82yjR9v gK4No8g/H71a/B5NuuDTaUnlnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJhStHoX eRYwd6wVEBo3vxYYs3jJMB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NjZFNS81NjQzMDU4NkEyNzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3Yy V0loeWFIVEhna3RwdDRtWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUUsEgz1svdSMyV2tdXi0nnjflYeSMYuh/o6Y+52MxnIRhBfhwN2d0 hPbSZhXT/r+psDJ34x7CzA0x2c4hh9A/CUvmbRWadutwU8/4gy8by5LhNJCtB6QT EbkFmCyGKtKWz+32yALsWA8WiCw1XGCR0XChxe0rINiD2IUa3FOJ4QzaR/OFYcmn rkJSGJlhaH/OtHPJqDLylg7ZLRUrNdGhHk+XcUmkWO1qSPHwbSxJacDJrjsXu/gi QNLv+hp9/087cAHzHoRCZoJpAYciomsLxDB1LU0HqJcFbM5eKoItWZpG0ykFgGrS nLRZFZatuf+yv1nUJ07T0MTsJ8rpsV+3 -----END CERTIFICATE-----Generated at Tue Jul 1 09:24:10 2025 by rpki-client