$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3C76/B4992D52345811EFB42F9D37C4F9AE02/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.mft File: XwIkjJxclPFTxZ9Wdyxf2n-Ncec.mft (raw, json) Hash identifier: O6U7BSjkqmvwcNxTdFe5ygrCQ2TjbNVsd5aaEcLtjkw= Subject key identifier: E5:22:AC:43:30:B3:2F:58:4F:E4:C1:90:77:62:4C:82:A3:AF:FD:76 Authority key identifier: 5F:02:24:8C:9C:5C:94:F1:53:C5:9F:56:77:2C:5F:DA:7F:8D:71:E7 Certificate issuer: /CN=A91E3C76/serialNumber=5F02248C9C5C94F153C59F56772C5FDA7F8D71E7 Certificate serial: A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3C76/B4992D52345811EFB42F9D37C4F9AE02/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.mft Manifest number: A1 Signing time: Sun 27 Apr 2025 05:06:28 +0000 Manifest this update: Sun 27 Apr 2025 05:06:27 +0000 Manifest next update: Sun 04 May 2025 05:06:27 +0000 Files and hashes: 1: XwIkjJxclPFTxZ9Wdyxf2n-Ncec.crl (hash: zjNuitpZupQ0Jli+BMOB9Piia2/Z0EaIB5lIgFe4Zqk=) 2: 51BBEE10B2BE11EFA108946DC4F9AE02.roa (hash: syHq3DbE7eogaPpFVFVsQfYoWLCn9NostuRXmVIHm9Y=) 3: 50F0AF8EB2BE11EFA108946DC4F9AE02.roa (hash: MWqHxm4EUBLTsZ0EUDg6aYtdnfWY5OwTTnXPxS3oZHM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3C76/B4992D52345811EFB42F9D37C4F9AE02/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.crl rsync://rpki.apnic.net/member_repository/A91E3C76/B4992D52345811EFB42F9D37C4F9AE02/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 167 (0xa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3C76, serialNumber=5F02248C9C5C94F153C59F56772C5FDA7F8D71E7 Validity Not Before: Apr 27 05:06:27 2025 GMT Not After : May 4 05:06:27 2025 GMT Subject: CN=680dbb54-fd51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:00:4c:c5:d6:8a:39:1f:9d:81:46:73:d6:65: 37:a6:8a:fa:bd:95:fd:4b:06:9e:14:7f:02:49:29: 84:b5:a8:8e:af:0d:6d:67:69:de:85:3e:76:35:34: 7f:e5:6a:d4:6c:95:38:65:e6:1c:f8:82:a8:c0:49: da:27:ce:bd:a9:e1:ac:7a:95:d4:a6:73:2f:44:ea: 46:af:5e:32:8c:c9:a6:4e:7d:e9:79:fe:91:8c:9b: f6:37:33:b9:0b:70:bf:a1:39:17:f4:4c:98:9a:68: 34:11:de:83:cf:43:b8:db:95:65:f6:d6:bc:4a:04: db:fb:d4:64:dc:6b:c6:17:03:cf:e0:e1:57:e9:aa: b1:e7:64:c3:e6:8a:8f:62:ad:59:39:1a:14:44:68: 57:62:c0:0e:33:87:4a:9b:a6:ea:47:f6:15:aa:e1: fc:fe:69:9a:30:30:aa:15:c1:de:73:e0:0a:b7:26: 9e:50:c1:23:2d:45:84:ea:65:6e:2f:70:02:df:51: b6:0f:1d:73:c1:ad:54:f9:d9:32:b2:14:14:96:64: aa:a1:93:7b:f2:fb:99:95:c4:56:64:8f:a6:43:76: 38:2c:33:c8:c4:df:a0:21:19:6a:e7:87:74:cc:69: c5:5c:94:89:36:26:31:97:15:9d:5b:31:9f:3c:3f: 69:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:22:AC:43:30:B3:2F:58:4F:E4:C1:90:77:62:4C:82:A3:AF:FD:76 X509v3 Authority Key Identifier: keyid:5F:02:24:8C:9C:5C:94:F1:53:C5:9F:56:77:2C:5F:DA:7F:8D:71:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3C76/B4992D52345811EFB42F9D37C4F9AE02/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3C76/B4992D52345811EFB42F9D37C4F9AE02/XwIkjJxclPFTxZ9Wdyxf2n-Ncec.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:73:da:f6:c9:41:06:64:0b:74:7d:ca:a7:f3:d4:bc:b1:38: 71:dd:6b:fb:0c:56:ec:22:6f:82:34:22:f1:58:48:03:46:75: 00:76:47:17:a1:f4:66:ce:29:da:f6:5a:09:a1:28:85:49:dc: b4:da:9a:43:48:65:27:61:31:f3:06:7e:30:26:78:b7:3d:c8: aa:1e:83:ab:2f:1a:a5:08:01:c3:fb:89:6c:77:17:7e:4b:24: c7:05:cf:1b:ed:65:4a:19:4d:47:03:33:d8:c7:d9:8d:03:55: e1:12:0b:39:f2:0a:0f:80:07:7c:a3:ba:3d:1a:f6:34:04:a5: eb:ca:82:91:04:70:08:ee:13:78:6a:b5:d1:ea:df:3b:e3:8f: 5c:fc:12:d5:25:22:00:9d:0f:e3:45:d0:31:88:3d:21:13:5c: e6:11:14:72:df:a6:a4:d3:c9:bb:6d:4e:59:cc:af:01:6b:18: 6b:c9:f1:bf:8b:b6:13:e5:a2:ca:65:77:47:75:be:a5:57:95: cc:a8:2a:9e:35:40:83:36:09:74:7b:c9:5d:de:3b:47:90:51: 93:46:fc:67:08:39:98:ac:d1:20:5e:42:4c:5a:b9:28:2c:f0: 0b:bf:ce:f2:46:7c:54:e9:e8:77:4b:62:7b:6b:c5:2a:e4:4e: e1:de:82:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNDNzYxMTAvBgNVBAUTKDVGMDIyNDhDOUM1Qzk0RjE1M0M1OUY1Njc3MkM1RkRB N0Y4RDcxRTcwHhcNMjUwNDI3MDUwNjI3WhcNMjUwNTA0MDUwNjI3WjAYMRYwFAYD VQQDEw02ODBkYmI1NC1mZDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlQBMxdaKOR+dgUZz1mU3por6vZX9SwaeFH8CSSmEtaiOrw1tZ2nehT52NTR/ 5WrUbJU4ZeYc+IKowEnaJ869qeGsepXUpnMvROpGr14yjMmmTn3pef6RjJv2NzO5 C3C/oTkX9EyYmmg0Ed6Dz0O425Vl9ta8SgTb+9Rk3GvGFwPP4OFX6aqx52TD5oqP Yq1ZORoURGhXYsAOM4dKm6bqR/YVquH8/mmaMDCqFcHec+AKtyaeUMEjLUWE6mVu L3AC31G2Dx1zwa1U+dkyshQUlmSqoZN78vuZlcRWZI+mQ3Y4LDPIxN+gIRlq54d0 zGnFXJSJNiYxlxWdWzGfPD9pewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOUirEMw sy9YT+TBkHdiTIKjr/12MB8GA1UdIwQYMBaAFF8CJIycXJTxU8WfVncsX9p/jXHn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0M3Ni9CNDk5MkQ1MjM0 NTgxMUVGQjQyRjlEMzdDNEY5QUUwMi9Yd0lrakp4Y2xQRlR4WjlXZHl4ZjJuLU5j ZWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h3SWtqSnhjbFBGVHhaOVdkeXhmMm4tTmNlYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0M3Ni9CNDk5MkQ1MjM0NTgxMUVGQjQyRjlEMzdDNEY5QUUwMi9Yd0lrakp4Y2xQ RlR4WjlXZHl4ZjJuLU5jZWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCwc9r2yUEGZAt0fcqn89S8sThx3Wv7DFbsIm+CNCLxWEgDRnUAdkcX ofRmzina9loJoSiFSdy02ppDSGUnYTHzBn4wJni3PciqHoOrLxqlCAHD+4lsdxd+ SyTHBc8b7WVKGU1HAzPYx9mNA1XhEgs58goPgAd8o7o9GvY0BKXryoKRBHAI7hN4 arXR6t87449c/BLVJSIAnQ/jRdAxiD0hE1zmERRy36ak08m7bU5ZzK8BaxhryfG/ i7YT5aLKZXdHdb6lV5XMqCqeNUCDNgl0e8ld3jtHkFGTRvxnCDmYrNEgXkJMWrko LPALv87yRnxU6eh3S2J7a8Uq5E7h3oIr -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:57 2025 by rpki-client on console.sobornost.net