$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD088/44BA7CA2FD9D11EAA04EB87DC4F9AE02/xbajYOSK75Kf3CcpbR1S9b9umRY.mft File: xbajYOSK75Kf3CcpbR1S9b9umRY.mft (raw, json) Hash identifier: 7WZDSCdbcHbZoSdPvcWBQiCnUufTUGimUE7ng6Rbl3I= Subject key identifier: 61:D0:46:7B:7C:B7:AF:73:E3:5C:62:22:A2:79:2D:84:5F:FE:CB:F0 Authority key identifier: C5:B6:A3:60:E4:8A:EF:92:9F:DC:27:29:6D:1D:52:F5:BF:6E:99:16 Certificate issuer: /CN=A91FD088/serialNumber=C5B6A360E48AEF929FDC27296D1D52F5BF6E9916 Certificate serial: 07AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xbajYOSK75Kf3CcpbR1S9b9umRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FD088/44BA7CA2FD9D11EAA04EB87DC4F9AE02/xbajYOSK75Kf3CcpbR1S9b9umRY.mft Manifest number: 07A8 Signing time: Sun 04 May 2025 20:55:57 +0000 Manifest this update: Sun 04 May 2025 20:55:56 +0000 Manifest next update: Sun 11 May 2025 20:55:56 +0000 Files and hashes: 1: xbajYOSK75Kf3CcpbR1S9b9umRY.crl (hash: boJfxk+wBKUx4654PtveFf2Vwlbi/tYoAsZrIEPZvQk=) 2: 423EA4CC039B11EBB3C1465CC4F9AE02.roa (hash: LsVQKkTp9V5mDiVUJekj0bvUgPf5aQfKDpRqhhkjvWs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FD088/44BA7CA2FD9D11EAA04EB87DC4F9AE02/xbajYOSK75Kf3CcpbR1S9b9umRY.crl rsync://rpki.apnic.net/member_repository/A91FD088/44BA7CA2FD9D11EAA04EB87DC4F9AE02/xbajYOSK75Kf3CcpbR1S9b9umRY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xbajYOSK75Kf3CcpbR1S9b9umRY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 20:55:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1967 (0x7af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD088, serialNumber=C5B6A360E48AEF929FDC27296D1D52F5BF6E9916 Validity Not Before: May 4 20:55:56 2025 GMT Not After : May 11 20:55:56 2025 GMT Subject: CN=6817d45d-b7fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4c:de:02:c0:f4:61:56:1c:bc:90:18:7c:4b: 61:75:a2:1c:34:5a:03:da:7f:20:d9:ca:b8:e6:2f: d0:00:de:35:53:5b:af:47:65:e5:17:56:d5:e6:ff: 6f:9c:a0:b6:7e:90:b6:fc:2d:47:70:a8:b0:56:92: 3c:42:fb:0e:de:db:df:61:3d:b7:d7:41:66:be:43: 6b:47:15:5e:98:d9:91:aa:8e:63:3e:31:33:d3:1f: 64:8e:5e:6f:c0:9a:6b:a7:37:68:ef:04:16:38:2a: dc:ab:cd:25:c4:1a:76:14:c2:79:d8:42:ea:00:4a: 7d:89:d1:dd:06:aa:5a:4e:dd:3a:30:ab:3e:73:bb: 0d:39:61:23:92:60:11:d0:01:6c:59:03:2e:e5:59: c5:98:94:11:de:2f:b7:ea:e4:21:d1:cd:5c:11:75: d2:b4:6d:de:2d:e8:df:3d:62:20:08:d4:64:ff:65: 0a:ac:76:b0:a8:43:8f:bb:56:00:ef:64:ef:41:e0: 10:85:a7:22:ad:87:8a:42:f6:50:9d:a2:a6:53:0e: 34:00:96:a0:18:27:f6:54:7a:ad:34:99:ed:5f:ed: 92:d8:db:87:47:0c:12:90:08:ba:4b:9b:4d:77:fe: ba:63:6b:3e:60:74:3c:9e:73:ce:27:2d:90:81:ee: 3d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:D0:46:7B:7C:B7:AF:73:E3:5C:62:22:A2:79:2D:84:5F:FE:CB:F0 X509v3 Authority Key Identifier: keyid:C5:B6:A3:60:E4:8A:EF:92:9F:DC:27:29:6D:1D:52:F5:BF:6E:99:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FD088/44BA7CA2FD9D11EAA04EB87DC4F9AE02/xbajYOSK75Kf3CcpbR1S9b9umRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xbajYOSK75Kf3CcpbR1S9b9umRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD088/44BA7CA2FD9D11EAA04EB87DC4F9AE02/xbajYOSK75Kf3CcpbR1S9b9umRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:b7:bf:ae:a5:60:a4:a5:8c:e5:09:ae:13:ca:31:5b:a1:bd: d4:00:a7:8b:81:47:0d:b3:43:d8:ad:46:10:0d:bd:62:c8:7d: 7d:4e:cf:b7:e5:4c:30:79:0a:b6:d0:04:a8:d9:27:2c:7b:6a: 4d:b7:e4:db:ed:8e:b9:9a:5a:f4:5a:9c:48:8e:8f:ea:ad:82: fb:ce:9c:d1:04:33:c9:b3:20:f3:1c:7e:b4:08:9f:0c:5d:74: 3b:6a:8c:79:26:60:b4:33:ab:b8:93:67:15:7f:68:4e:a3:f1: ca:22:a5:f6:70:1c:34:c1:1d:c3:c6:d2:20:b0:80:bf:9a:4e: 68:d6:66:ee:33:9d:49:3e:b1:27:d4:68:ef:fa:1a:b2:80:ca: 80:5c:33:48:ee:2c:e5:82:99:58:7c:a6:e0:db:93:32:93:49: b1:2a:c8:a8:a6:8c:f3:1e:08:14:54:f0:65:2f:c6:1c:e1:b4: ae:9e:2b:15:b3:aa:1a:f0:b4:7b:39:b6:44:82:5b:65:cf:43: 03:f2:2a:2a:32:1f:cf:64:77:38:99:33:dc:6c:d6:db:95:e3: b5:c1:fd:27:c6:b1:4c:f9:16:79:0a:62:40:65:e8:c6:e4:22: af:65:e6:d5:a2:a7:6e:6d:45:d6:ef:ea:13:4d:ad:44:03:55: 39:1d:98:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkQwODgxMTAvBgNVBAUTKEM1QjZBMzYwRTQ4QUVGOTI5RkRDMjcyOTZEMUQ1MkY1 QkY2RTk5MTYwHhcNMjUwNTA0MjA1NTU2WhcNMjUwNTExMjA1NTU2WjAYMRYwFAYD VQQDEw02ODE3ZDQ1ZC1iN2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkzeAsD0YVYcvJAYfEthdaIcNFoD2n8g2cq45i/QAN41U1uvR2XlF1bV5v9v nKC2fpC2/C1HcKiwVpI8QvsO3tvfYT2310FmvkNrRxVemNmRqo5jPjEz0x9kjl5v wJprpzdo7wQWOCrcq80lxBp2FMJ52ELqAEp9idHdBqpaTt06MKs+c7sNOWEjkmAR 0AFsWQMu5VnFmJQR3i+36uQh0c1cEXXStG3eLejfPWIgCNRk/2UKrHawqEOPu1YA 72TvQeAQhacirYeKQvZQnaKmUw40AJagGCf2VHqtNJntX+2S2NuHRwwSkAi6S5tN d/66Y2s+YHQ8nnPOJy2Qge49pQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGHQRnt8 t69z41xiIqJ5LYRf/svwMB8GA1UdIwQYMBaAFMW2o2Dkiu+Sn9wnKW0dUvW/bpkW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDA4OC80NEJBN0NBMkZE OUQxMUVBQTA0RUI4N0RDNEY5QUUwMi94YmFqWU9TSzc1S2YzQ2NwYlIxUzliOXVt UlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hiYWpZT1NLNzVLZjNDY3BiUjFTOWI5dW1SWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RDA4OC80NEJBN0NBMkZEOUQxMUVBQTA0RUI4N0RDNEY5QUUwMi94YmFqWU9TSzc1 S2YzQ2NwYlIxUzliOXVtUlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZt7+upWCkpYzlCa4TyjFbob3UAKeLgUcNs0PYrUYQDb1iyH19Ts+3 5UwweQq20ASo2Scse2pNt+Tb7Y65mlr0WpxIjo/qrYL7zpzRBDPJsyDzHH60CJ8M XXQ7aox5JmC0M6u4k2cVf2hOo/HKIqX2cBw0wR3DxtIgsIC/mk5o1mbuM51JPrEn 1Gjv+hqygMqAXDNI7izlgplYfKbg25Myk0mxKsiopozzHggUVPBlL8Yc4bSunisV s6oa8LR7ObZEgltlz0MD8ioqMh/PZHc4mTPcbNbbleO1wf0nxrFM+RZ5CmJAZejG 5CKvZebVoqdubUXW7+oTTa1EA1U5HZhE -----END CERTIFICATE-----Generated at Mon May 5 02:57:51 2025 by rpki-client