$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft File: XcAwMzGJiu_bheTZFABriTdr7-E.mft (raw, json) Hash identifier: ruMUY+zpr4rGmmZaFtHkt9Qym9WsEec5KPbpZ82qiwA= Subject key identifier: 8A:C4:3C:FC:05:E3:4D:2D:54:7A:B0:C5:CF:FC:20:E4:45:F7:45:4E Authority key identifier: 5D:C0:30:33:31:89:8A:EF:DB:85:E4:D9:14:00:6B:89:37:6B:EF:E1 Certificate issuer: /CN=A91E7BD4/serialNumber=5DC0303331898AEFDB85E4D914006B89376BEFE1 Certificate serial: 065B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcAwMzGJiu_bheTZFABriTdr7-E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft Manifest number: 0652 Signing time: Sat 10 May 2025 22:09:24 +0000 Manifest this update: Sat 10 May 2025 22:09:24 +0000 Manifest next update: Sat 17 May 2025 22:09:24 +0000 Files and hashes: 1: XcAwMzGJiu_bheTZFABriTdr7-E.crl (hash: zDl/7yHO8NRahvFKHGeHVgvqeyPdhbIUUnoaMd9Lc48=) 2: 81E3F4ACBBDA11ED8FDB4E45C4F9AE02.roa (hash: zRXwtVciA3XUq61vGPC3fC7y/rZPmZqFfk9/8k9uEj4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.crl rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcAwMzGJiu_bheTZFABriTdr7-E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:09:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1627 (0x65b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BD4, serialNumber=5DC0303331898AEFDB85E4D914006B89376BEFE1 Validity Not Before: May 10 22:09:24 2025 GMT Not After : May 17 22:09:24 2025 GMT Subject: CN=681fce94-3f4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bb:99:55:98:21:4d:84:cf:00:85:1f:c6:8d: 03:27:89:39:7d:e5:25:01:04:45:22:08:a4:c9:91: 83:ba:4a:27:2f:53:f8:ae:17:2a:ce:30:d9:5c:4c: 29:fa:c7:08:09:69:fc:fd:cf:52:1d:0c:e6:95:2c: ff:ff:2e:0a:18:81:10:64:54:7e:53:07:2b:a6:a9: 0b:dc:0a:81:1e:00:de:5a:d0:6d:58:5a:b5:5e:7a: c0:61:3a:a8:69:85:9e:ff:a0:53:54:fb:95:34:95: 85:ef:81:cc:9c:c9:68:41:ad:b5:e5:e3:d6:a1:df: 08:d5:2a:0a:92:5e:9e:b1:04:65:fa:95:e0:8d:e3: 59:df:be:00:be:c1:8e:f3:87:5b:23:e9:35:07:42: 1b:78:ae:eb:cf:7a:5f:50:c2:bd:4c:7b:27:35:ab: d9:4f:9e:a1:30:cd:41:a5:6b:1a:b2:b7:bb:90:28: 87:ad:89:e4:08:51:a6:27:bd:18:02:da:8c:4b:67: 71:60:0b:48:df:13:70:56:ec:23:ac:86:56:44:c1: 07:06:e2:6b:32:5e:a1:28:39:54:b6:cb:e9:51:e8: af:b0:cd:04:fc:29:ca:fc:10:79:40:a5:dc:3d:3e: a8:74:4b:ed:a9:83:6b:ed:71:7a:17:bf:27:c9:d8: 3d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:C4:3C:FC:05:E3:4D:2D:54:7A:B0:C5:CF:FC:20:E4:45:F7:45:4E X509v3 Authority Key Identifier: keyid:5D:C0:30:33:31:89:8A:EF:DB:85:E4:D9:14:00:6B:89:37:6B:EF:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcAwMzGJiu_bheTZFABriTdr7-E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d3:38:d8:6d:97:8c:7e:1c:19:c3:2f:62:ea:d6:c4:d2:21:d3: c5:05:28:16:b0:f4:de:e6:f9:d1:02:4b:fe:11:fb:dc:ad:e6: 83:91:19:86:f0:57:37:76:cb:85:83:4d:52:19:e3:d6:c6:80: a5:77:f5:25:71:3b:2d:b9:97:b0:f6:d3:05:4a:62:fc:cb:0b: 27:a5:c5:f1:cd:b5:35:30:34:b5:cc:02:e6:e6:ba:2c:4f:2d: 32:57:30:64:8a:4e:d5:0d:69:10:09:b5:a8:49:e6:d0:30:57: 78:49:09:b4:be:15:96:04:41:90:e1:a6:3e:df:60:f0:ed:22: b1:e6:6d:d0:e3:18:aa:77:7a:5e:c5:31:da:29:74:04:81:e9: 1d:6e:c0:44:94:d4:b0:4a:7e:96:fa:b4:0a:8e:ff:a9:5b:71: 05:1f:76:e5:c3:61:21:c3:6e:7b:ab:cb:bc:ec:da:1d:bf:c4: 78:a1:54:89:08:eb:9d:cc:97:02:7c:78:4c:fb:86:58:06:eb: 86:ed:ae:6c:34:01:aa:f9:e6:3b:d9:1d:f8:f8:e9:c4:2e:ed: aa:07:74:73:e9:16:c7:f7:dd:27:c7:d5:0c:36:3d:13:4b:c3: 74:2e:8b:2d:ed:52:53:2b:a1:29:14:7e:35:b6:f7:9e:88:37: c4:c3:e5:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCRDQxMTAvBgNVBAUTKDVEQzAzMDMzMzE4OThBRUZEQjg1RTREOTE0MDA2Qjg5 Mzc2QkVGRTEwHhcNMjUwNTEwMjIwOTI0WhcNMjUwNTE3MjIwOTI0WjAYMRYwFAYD VQQDEw02ODFmY2U5NC0zZjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvbuZVZghTYTPAIUfxo0DJ4k5feUlAQRFIgikyZGDukonL1P4rhcqzjDZXEwp +scICWn8/c9SHQzmlSz//y4KGIEQZFR+UwcrpqkL3AqBHgDeWtBtWFq1XnrAYTqo aYWe/6BTVPuVNJWF74HMnMloQa215ePWod8I1SoKkl6esQRl+pXgjeNZ374AvsGO 84dbI+k1B0IbeK7rz3pfUMK9THsnNavZT56hMM1BpWsasre7kCiHrYnkCFGmJ70Y AtqMS2dxYAtI3xNwVuwjrIZWRMEHBuJrMl6hKDlUtsvpUeivsM0E/CnK/BB5QKXc PT6odEvtqYNr7XF6F78nydg9ewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIrEPPwF 400tVHqwxc/8IORF90VOMB8GA1UdIwQYMBaAFF3AMDMxiYrv24Xk2RQAa4k3a+/h MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JENC80RTg3QTQ2QTg2 QjExMUVCQjhCRTIxN0NDNEY5QUUwMi9YY0F3TXpHSml1X2JoZVRaRkFCcmlUZHI3 LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hjQXdNekdKaXVfYmhlVFpGQUJyaVRkcjctRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JENC80RTg3QTQ2QTg2QjExMUVCQjhCRTIxN0NDNEY5QUUwMi9YY0F3TXpHSml1 X2JoZVRaRkFCcmlUZHI3LUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDTONhtl4x+HBnDL2Lq1sTSIdPFBSgWsPTe5vnRAkv+EfvcreaDkRmG 8Fc3dsuFg01SGePWxoCld/UlcTstuZew9tMFSmL8ywsnpcXxzbU1MDS1zALm5ros Ty0yVzBkik7VDWkQCbWoSebQMFd4SQm0vhWWBEGQ4aY+32Dw7SKx5m3Q4xiqd3pe xTHaKXQEgekdbsBElNSwSn6W+rQKjv+pW3EFH3blw2Ehw257q8u87Nodv8R4oVSJ COudzJcCfHhM+4ZYBuuG7a5sNAGq+eY72R34+OnELu2qB3Rz6RbH990nx9UMNj0T S8N0Lost7VJTK6EpFH41tveeiDfEw+Wy -----END CERTIFICATE-----Generated at Mon May 12 22:53:55 2025 by rpki-client