$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft File: XmtaBob1a6DA93-zvzGzhWMiCCQ.mft (raw, json) Hash identifier: 1umaJitoyEMOc8yhcJWyi6BiZBgo+3eChkKmKhXNEl4= Subject key identifier: E3:3F:5B:F1:C1:EC:5C:D7:C3:11:D2:19:5B:17:87:24:B8:C0:BB:F5 Authority key identifier: 5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 Certificate issuer: /CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Certificate serial: 2311 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft Manifest number: 22F7 Signing time: Fri 22 Aug 2025 15:53:52 +0000 Manifest this update: Fri 22 Aug 2025 15:53:51 +0000 Manifest next update: Fri 29 Aug 2025 15:53:51 +0000 Files and hashes: 1: XmtaBob1a6DA93-zvzGzhWMiCCQ.crl (hash: LiQJXmNv4Qm6wIpzOMAbJ3VN8NmUZZbW5UvihPAAuNI=) 2: 44C007B0A0D611EDA2603C4EC4F9AE02.roa (hash: MAOIki/mm/t0sbRkALRqm8AR2/Jy8UBEI5Awsr4aYLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:53:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8977 (0x2311) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FE107, serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Validity Not Before: Aug 22 15:53:51 2025 GMT Not After : Aug 29 15:53:51 2025 GMT Subject: CN=68a8928f-d5ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:4c:60:90:87:95:93:91:85:5c:8b:f4:e4:65: 8e:9c:36:20:16:28:ea:62:85:55:51:bd:39:94:1f: 1e:a8:43:cd:7d:32:ce:0b:e8:10:bc:5e:b1:5f:41: b1:c6:5d:34:8a:d6:c3:76:97:ed:5c:3b:04:fa:36: 5f:77:e3:87:56:23:96:17:fc:38:76:6f:33:cc:32: 94:b1:f8:18:32:6b:93:04:ed:17:00:e6:3e:f5:ad: ac:b1:64:3c:03:a5:da:c0:61:ce:3b:dd:94:bd:b2: b2:31:38:74:35:07:fd:c3:8d:57:87:3c:e4:25:e1: 60:76:b5:b1:f7:f4:06:b7:3c:6d:b8:e2:94:67:5b: ee:2a:f1:e1:16:8f:fd:ad:62:4d:5c:55:be:c2:a5: 5c:a7:fc:1d:48:1e:13:50:41:cd:0c:fb:7c:d8:ba: 7a:23:86:73:06:06:c3:53:21:96:9d:e9:9c:3c:f8: d1:6c:e3:ea:2e:fe:28:b8:8b:35:ce:e1:be:43:31: 91:4a:7b:db:b3:e9:90:87:9d:2d:c2:fb:c4:34:4a: c9:55:9c:0f:42:65:d4:2c:f0:58:27:c5:d6:08:1e: 7e:5b:59:fd:52:6f:d5:71:9d:3b:83:75:2d:d8:4a: 99:7c:33:5b:a0:85:45:45:18:5f:5c:3a:31:87:b5: 9c:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:3F:5B:F1:C1:EC:5C:D7:C3:11:D2:19:5B:17:87:24:B8:C0:BB:F5 X509v3 Authority Key Identifier: keyid:5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:17:04:32:a4:83:f0:82:b8:e8:58:21:90:bb:07:91:6c:0a: 2c:32:bc:d3:8c:df:d1:51:04:80:06:a2:cd:d4:55:1c:57:56: a8:10:78:77:e4:a9:1f:f6:74:5e:40:bf:7e:d0:df:d5:21:77: 06:63:df:d2:12:44:5a:5a:44:e1:27:65:a4:c0:00:f4:22:35: 2b:35:cc:19:e8:fe:c9:68:d8:2f:d5:fe:1a:50:2f:90:f4:a0: 0d:c9:03:b7:5e:95:33:b7:6b:fa:a3:50:6d:e3:dd:df:13:3a: 03:a1:11:44:9a:13:e1:ef:7d:80:3a:9d:91:35:4f:d8:41:11: ed:40:fd:4f:9a:84:2e:0f:03:f3:f7:8c:57:45:0d:fc:88:ab: 54:9c:8f:4c:6a:36:86:dc:98:42:af:fe:75:57:72:19:db:4f: 7b:30:66:fa:4f:95:67:62:0f:f1:7a:27:5d:fb:cf:4f:78:94: 17:c5:2a:87:36:a5:68:1d:30:15:55:9c:74:cb:ad:43:2e:aa: 4e:20:d5:86:fe:72:a6:f8:28:ef:7e:6a:7c:5e:60:15:1b:a8: 19:d3:20:96:51:aa:d3:fc:b3:0f:c5:73:83:8c:fa:76:74:ae: b2:47:52:88:9a:5d:26:98:5c:95:ff:ba:9c:c8:c7:8c:9f:b0: cf:16:0c:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkUxMDcxMTAvBgNVBAUTKDVFNkI1QTA2ODZGNTZCQTBDMEY3N0ZCM0JGMzFCMzg1 NjMyMjA4MjQwHhcNMjUwODIyMTU1MzUxWhcNMjUwODI5MTU1MzUxWjAYMRYwFAYD VQQDEw02OGE4OTI4Zi1kNWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA50xgkIeVk5GFXIv05GWOnDYgFijqYoVVUb05lB8eqEPNfTLOC+gQvF6xX0Gx xl00itbDdpftXDsE+jZfd+OHViOWF/w4dm8zzDKUsfgYMmuTBO0XAOY+9a2ssWQ8 A6XawGHOO92UvbKyMTh0NQf9w41XhzzkJeFgdrWx9/QGtzxtuOKUZ1vuKvHhFo/9 rWJNXFW+wqVcp/wdSB4TUEHNDPt82Lp6I4ZzBgbDUyGWnemcPPjRbOPqLv4ouIs1 zuG+QzGRSnvbs+mQh50twvvENErJVZwPQmXULPBYJ8XWCB5+W1n9Um/VcZ07g3Ut 2EqZfDNboIVFRRhfXDoxh7WchwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOM/W/HB 7FzXwxHSGVsXhyS4wLv1MB8GA1UdIwQYMBaAFF5rWgaG9WugwPd/s78xs4VjIggk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTEwNy9FRTM1QzQ0NjlF NjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2REE5My16dnpHemhXTWlD Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1htdGFCb2IxYTZEQTkzLXp2ekd6aFdNaUNDUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RTEwNy9FRTM1QzQ0NjlFNjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2 REE5My16dnpHemhXTWlDQ1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2FwQypIPwgrjoWCGQuweRbAosMrzTjN/RUQSABqLN1FUcV1aoEHh3 5Kkf9nReQL9+0N/VIXcGY9/SEkRaWkThJ2WkwAD0IjUrNcwZ6P7JaNgv1f4aUC+Q 9KANyQO3XpUzt2v6o1Bt493fEzoDoRFEmhPh732AOp2RNU/YQRHtQP1PmoQuDwPz 94xXRQ38iKtUnI9MajaG3JhCr/51V3IZ2097MGb6T5VnYg/xeidd+89PeJQXxSqH NqVoHTAVVZx0y61DLqpOINWG/nKm+Cjvfmp8XmAVG6gZ0yCWUarT/LMPxXODjPp2 dK6yR1KIml0mmFyV/7qcyMeMn7DPFgxB -----END CERTIFICATE-----Generated at Sun Aug 24 00:18:34 2025 by rpki-client