$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft File: XmtaBob1a6DA93-zvzGzhWMiCCQ.mft (raw, json) Hash identifier: KHoyMCi82vZ2Ba9c0pzgmm8z7XQVFnFTroxk6D7JYUU= Subject key identifier: 2E:3D:FF:AD:BC:7C:85:99:96:FF:6E:A8:2D:49:EB:0A:0E:BD:B4:FE Authority key identifier: 5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 Certificate issuer: /CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Certificate serial: 22F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft Manifest number: 22DD Signing time: Wed 02 Jul 2025 15:57:54 +0000 Manifest this update: Wed 02 Jul 2025 15:57:54 +0000 Manifest next update: Wed 09 Jul 2025 15:57:54 +0000 Files and hashes: 1: XmtaBob1a6DA93-zvzGzhWMiCCQ.crl (hash: BLJiFw+A8ndm7PEIq2QYxozhF0JyrSgFvZIUBa+BlCo=) 2: 44C007B0A0D611EDA2603C4EC4F9AE02.roa (hash: MAOIki/mm/t0sbRkALRqm8AR2/Jy8UBEI5Awsr4aYLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:57:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8951 (0x22f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FE107, serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Validity Not Before: Jul 2 15:57:54 2025 GMT Not After : Jul 9 15:57:54 2025 GMT Subject: CN=68655702-1a06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c3:67:85:af:bb:32:81:7b:a9:9a:68:56:b9: 0f:d3:c8:50:4d:0e:38:9d:32:ac:12:e9:2e:f5:65: fb:39:e1:f9:cd:3f:7a:a7:90:ab:8a:6d:96:b3:44: e2:d0:e8:c9:21:a5:79:f4:30:df:28:32:1f:18:26: a8:aa:b5:39:2a:3a:0c:f6:0b:cc:2c:79:c4:94:cf: b3:ec:aa:ff:06:12:9f:c5:5d:d5:54:45:28:3a:0f: 26:77:27:ab:c6:51:d3:16:1f:cc:b9:00:69:96:ed: 75:2a:5b:0c:4f:a9:67:1a:35:87:f2:2d:db:20:5c: 99:e6:d6:0f:b2:7b:75:5e:52:3c:85:dc:86:3a:89: ac:ff:4a:d3:f0:08:47:74:a3:6c:7c:bf:94:35:ac: 1b:fd:79:f5:56:6b:21:81:05:90:9e:ea:cb:a8:d0: 53:c5:ec:a2:62:e7:d1:e5:0b:cf:68:79:ab:2f:09: 4d:3d:27:3a:e4:70:b8:17:cf:b8:08:d5:49:a9:be: 79:99:cb:a6:6e:8b:7e:78:90:61:ab:07:0e:82:c8: 0a:37:f2:68:c0:c8:6b:ab:5a:0f:f7:62:28:0b:da: 6e:96:df:98:4d:03:f5:04:60:03:d4:8a:6b:42:dc: 2d:88:8c:83:1a:d1:09:bc:3f:1e:18:84:81:a4:f1: 0c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:3D:FF:AD:BC:7C:85:99:96:FF:6E:A8:2D:49:EB:0A:0E:BD:B4:FE X509v3 Authority Key Identifier: keyid:5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:38:0f:5b:13:c9:17:6e:29:5b:c3:3f:ce:8f:a0:d0:9a:58: ba:b0:ee:94:ca:98:65:e3:1c:88:9c:6d:2d:f0:67:2d:aa:20: 53:41:a7:8d:2a:c3:46:46:5b:41:ba:17:d4:b1:b5:c9:44:db: 07:a4:c3:b5:d8:6a:b3:a3:a2:25:b8:31:5a:88:94:79:32:07: b0:6b:2b:df:ec:87:fa:ca:76:3d:59:63:e5:cf:d3:61:95:d0: 60:27:bd:b7:e4:a8:98:30:2b:76:33:2d:78:de:97:7b:34:66: a6:28:ca:7b:d2:52:97:2d:72:51:78:33:7b:1c:f1:02:55:50: c5:86:83:ed:2e:ea:94:f7:e1:80:83:73:f4:b6:23:57:cd:ff: 4a:71:33:ea:eb:8e:8d:38:37:49:66:78:cd:11:2b:39:a8:04: b2:cd:02:c6:6c:86:91:31:f4:46:74:5c:09:aa:d6:e5:20:e0: f7:09:64:d2:8a:11:56:ed:f5:15:89:40:91:2b:36:52:f6:6c: 4f:d2:3a:61:9f:00:df:7f:f5:da:5b:13:a0:cc:ff:de:25:08: 44:11:39:59:81:83:1d:fb:5c:7e:d0:eb:b0:da:5e:42:a3:05: cc:b5:af:8a:30:09:7f:67:0a:d2:c3:00:70:26:c4:19:f7:db: 2d:ba:f0:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIvcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkUxMDcxMTAvBgNVBAUTKDVFNkI1QTA2ODZGNTZCQTBDMEY3N0ZCM0JGMzFCMzg1 NjMyMjA4MjQwHhcNMjUwNzAyMTU1NzU0WhcNMjUwNzA5MTU1NzU0WjAYMRYwFAYD VQQDEw02ODY1NTcwMi0xYTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzMNnha+7MoF7qZpoVrkP08hQTQ44nTKsEuku9WX7OeH5zT96p5Crim2Ws0Ti 0OjJIaV59DDfKDIfGCaoqrU5KjoM9gvMLHnElM+z7Kr/BhKfxV3VVEUoOg8mdyer xlHTFh/MuQBplu11KlsMT6lnGjWH8i3bIFyZ5tYPsnt1XlI8hdyGOoms/0rT8AhH dKNsfL+UNawb/Xn1VmshgQWQnurLqNBTxeyiYufR5QvPaHmrLwlNPSc65HC4F8+4 CNVJqb55mcumbot+eJBhqwcOgsgKN/JowMhrq1oP92IoC9pult+YTQP1BGAD1Ipr QtwtiIyDGtEJvD8eGISBpPEMKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC49/628 fIWZlv9uqC1J6woOvbT+MB8GA1UdIwQYMBaAFF5rWgaG9WugwPd/s78xs4VjIggk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTEwNy9FRTM1QzQ0NjlF NjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2REE5My16dnpHemhXTWlD Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1htdGFCb2IxYTZEQTkzLXp2ekd6aFdNaUNDUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RTEwNy9FRTM1QzQ0NjlFNjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2 REE5My16dnpHemhXTWlDQ1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+OA9bE8kXbilbwz/Oj6DQmli6sO6Uyphl4xyInG0t8GctqiBTQaeN KsNGRltBuhfUsbXJRNsHpMO12Gqzo6IluDFaiJR5Mgewayvf7If6ynY9WWPlz9Nh ldBgJ7235KiYMCt2My143pd7NGamKMp70lKXLXJReDN7HPECVVDFhoPtLuqU9+GA g3P0tiNXzf9KcTPq646NODdJZnjNESs5qASyzQLGbIaRMfRGdFwJqtblIOD3CWTS ihFW7fUViUCRKzZS9mxP0jphnwDff/XaWxOgzP/eJQhEETlZgYMd+1x+0Ouw2l5C owXMta+KMAl/ZwrSwwBwJsQZ99stuvBb -----END CERTIFICATE-----Generated at Thu Jul 3 10:49:53 2025 by rpki-client