$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft File: XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft (raw, json) Hash identifier: FuGzotEbkby2SwlPiMcXnW4a2yxwKlHgCJevJCPzMp0= Subject key identifier: DA:F1:5E:30:78:FD:55:11:DB:1B:64:54:5F:D8:2A:A7:E6:7B:67:E4 Authority key identifier: 5F:30:7E:62:74:AC:39:E5:4E:99:86:6D:AB:B8:5C:2C:9E:FD:16:B1 Certificate issuer: /CN=A91E9F89/serialNumber=5F307E6274AC39E54E99866DABB85C2C9EFD16B1 Certificate serial: 0878 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft Manifest number: 0872 Signing time: Wed 02 Jul 2025 20:55:37 +0000 Manifest this update: Wed 02 Jul 2025 20:55:36 +0000 Manifest next update: Wed 09 Jul 2025 20:55:36 +0000 Files and hashes: 1: XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl (hash: kVbL7hh6D2aga47YIM9JkVZeNyPjyI7jy8XGFcmZuBQ=) 2: 05B67AF8C6A011EAA70D183FC4F9AE02.roa (hash: 04/HwV26/Fx1bZoGuRdSyRLiYV06aFK5mycaJ+/tqsU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:55:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2168 (0x878) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9F89, serialNumber=5F307E6274AC39E54E99866DABB85C2C9EFD16B1 Validity Not Before: Jul 2 20:55:36 2025 GMT Not After : Jul 9 20:55:36 2025 GMT Subject: CN=68659cc8-b877 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:88:f5:1b:9b:fb:c5:d8:59:1f:b1:6a:a4:6a: 42:1a:71:0b:c6:69:08:77:d1:a8:c2:5a:f7:a5:f6: 99:6e:e2:92:7e:31:05:3a:35:67:da:8e:70:45:1d: c6:c7:12:52:97:f6:9d:46:f4:79:6e:06:ca:03:fd: 87:dd:d2:ef:41:5c:28:84:90:01:92:80:5b:a3:bb: 63:9b:f0:e1:db:32:d9:0b:76:ce:03:f5:d2:33:97: 65:0e:4e:0a:ca:6d:76:12:57:be:73:7e:15:43:4c: 6b:61:92:75:13:99:22:b1:ae:6b:2a:21:fb:1e:5f: b3:7c:63:8e:5f:51:e9:59:a6:37:45:5e:ff:c3:fe: 04:60:0d:16:f5:39:f1:1a:26:e9:b4:3d:07:51:8b: d8:26:1c:b3:8c:3c:3c:8c:76:df:8a:65:34:2e:12: 9a:a5:df:92:a9:c5:99:31:2a:aa:a0:91:b9:96:3a: a7:89:7f:6d:ba:43:51:1d:26:b4:da:02:33:57:41: d1:1f:ee:c0:c2:75:3e:39:be:6f:de:ed:aa:7b:14: b2:dd:9b:40:fc:e1:a6:9b:71:cb:78:0e:48:31:5b: cf:9a:42:d3:24:15:5f:de:4b:17:1b:32:f8:58:65: cc:c7:a8:66:b1:31:78:8f:a7:9b:cb:dc:3f:53:b8: d9:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:F1:5E:30:78:FD:55:11:DB:1B:64:54:5F:D8:2A:A7:E6:7B:67:E4 X509v3 Authority Key Identifier: keyid:5F:30:7E:62:74:AC:39:E5:4E:99:86:6D:AB:B8:5C:2C:9E:FD:16:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:d6:fa:05:27:22:9e:ed:c3:1e:a8:61:10:8f:2b:5e:ae:2d: 9a:4d:eb:bd:bb:35:a1:21:86:7f:53:10:32:3c:32:03:ae:b4: 60:f2:29:b7:88:b2:4c:c0:8d:1f:4b:c7:be:63:d5:45:48:0d: 71:5c:94:98:9e:22:10:41:29:24:59:f2:23:6e:37:c2:58:89: 6f:33:37:9e:eb:fe:41:c1:cb:64:d5:b2:d7:fa:f1:10:99:7c: dc:df:d6:2e:e0:24:e1:ac:e6:a8:59:4f:d0:df:53:44:d4:7a: 51:8f:ff:d1:66:1d:33:1e:21:38:07:0a:89:7a:10:36:eb:31: 22:fa:99:0c:95:2b:88:3d:39:74:88:ae:73:5b:21:43:d6:13: eb:b0:25:20:36:33:56:dd:da:78:26:9a:c8:9c:4a:d5:d9:06: ed:4f:93:11:71:a3:56:bf:e0:c2:17:8a:c5:80:0a:a1:f3:0a: d4:1a:d6:c7:5c:4d:f8:db:ae:ec:04:9e:37:23:b6:0d:81:87: 64:fb:32:cb:97:4c:51:1c:1f:b7:22:b4:72:4b:bb:0e:99:cf: 12:42:51:92:e7:b8:e4:b0:38:50:59:6e:3b:0f:97:eb:52:9c: 48:ed:b2:70:d6:10:5e:79:20:a0:c5:a8:29:1b:00:cf:b4:4a: d8:1b:77:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlGODkxMTAvBgNVBAUTKDVGMzA3RTYyNzRBQzM5RTU0RTk5ODY2REFCQjg1QzJD OUVGRDE2QjEwHhcNMjUwNzAyMjA1NTM2WhcNMjUwNzA5MjA1NTM2WjAYMRYwFAYD VQQDEw02ODY1OWNjOC1iODc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7Ij1G5v7xdhZH7FqpGpCGnELxmkId9Gowlr3pfaZbuKSfjEFOjVn2o5wRR3G xxJSl/adRvR5bgbKA/2H3dLvQVwohJABkoBbo7tjm/Dh2zLZC3bOA/XSM5dlDk4K ym12Ele+c34VQ0xrYZJ1E5kisa5rKiH7Hl+zfGOOX1HpWaY3RV7/w/4EYA0W9Tnx GibptD0HUYvYJhyzjDw8jHbfimU0LhKapd+SqcWZMSqqoJG5ljqniX9tukNRHSa0 2gIzV0HRH+7AwnU+Ob5v3u2qexSy3ZtA/OGmm3HLeA5IMVvPmkLTJBVf3ksXGzL4 WGXMx6hmsTF4j6eby9w/U7jZ8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNrxXjB4 /VUR2xtkVF/YKqfme2fkMB8GA1UdIwQYMBaAFF8wfmJ0rDnlTpmGbau4XCye/Rax MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUY4OS81QkU3NDg3OEM2 OUUxMUVBOUJGOEEzM0NDNEY5QUUwMi9YekItWW5Tc09lVk9tWVp0cTdoY0xKNzlG ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h6Qi1ZblNzT2VWT21ZWnRxN2hjTEo3OUZyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUY4OS81QkU3NDg3OEM2OUUxMUVBOUJGOEEzM0NDNEY5QUUwMi9YekItWW5Tc09l Vk9tWVp0cTdoY0xKNzlGckUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDB1voFJyKe7cMeqGEQjyteri2aTeu9uzWhIYZ/UxAyPDIDrrRg8im3 iLJMwI0fS8e+Y9VFSA1xXJSYniIQQSkkWfIjbjfCWIlvMzee6/5Bwctk1bLX+vEQ mXzc39Yu4CThrOaoWU/Q31NE1HpRj//RZh0zHiE4BwqJehA26zEi+pkMlSuIPTl0 iK5zWyFD1hPrsCUgNjNW3dp4JprInErV2QbtT5MRcaNWv+DCF4rFgAqh8wrUGtbH XE34267sBJ43I7YNgYdk+zLLl0xRHB+3IrRyS7sOmc8SQlGS57jksDhQWW47D5fr UpxI7bJw1hBeeSCgxagpGwDPtErYG3fk -----END CERTIFICATE-----Generated at Fri Jul 4 08:20:52 2025 by rpki-client