$ rpki-client -vvf rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft File: X3A2SNc_YGlFARjbom-WaC1a5so.mft (raw, json) Hash identifier: AeFqBhWatOz6AsBOf/8bIyuQXJhsqinlok+9Wyio7qs= Subject key identifier: 88:F3:79:8C:DB:C5:14:F7:D5:CA:DF:4E:21:CE:83:DB:13:44:91:29 Authority key identifier: 5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA Certificate issuer: /CN=A91508BB/serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Certificate serial: 346B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft Manifest number: 346B Signing time: Sat 12 Apr 2025 14:36:47 +0000 Manifest this update: Sat 12 Apr 2025 14:36:47 +0000 Manifest next update: Sat 19 Apr 2025 14:36:47 +0000 Files and hashes: 1: X3A2SNc_YGlFARjbom-WaC1a5so.crl (hash: hwvRoNdQawDP+DsfN3GJDVyWaMkqjnFR7juxf5TTKjI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 14:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13419 (0x346b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91508BB, serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Validity Not Before: Apr 12 14:36:47 2025 GMT Not After : Apr 19 14:36:47 2025 GMT Subject: CN=67fa7a7f-4892 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b4:e3:aa:18:d7:ce:ec:86:0c:0f:97:08:89: b5:0e:b1:8c:cc:f3:ee:6c:72:c2:98:da:36:7d:9d: d9:8b:6b:50:a4:78:4b:72:ad:bb:f5:80:3f:37:6b: f0:8d:2b:ad:e6:ef:20:ef:4b:61:48:9c:2c:32:b3: 10:f9:24:15:82:a3:cb:45:a7:b9:98:4c:a4:79:a2: 25:6b:37:e6:7b:c8:c9:e7:4d:10:ef:ab:94:64:99: 4c:27:4d:a6:ff:73:d3:3f:5f:67:2a:ef:a5:97:c3: 95:08:0d:e3:ed:ca:e7:70:8c:ba:cb:c9:65:de:77: 63:0b:a7:c7:ff:15:81:d8:70:dc:cb:9c:dc:a5:58: d6:ba:22:16:33:30:ce:b2:20:4d:1c:34:c1:8c:c5: 66:0f:2d:fe:16:ea:65:94:2e:6c:28:51:36:c5:38: 38:9a:8d:1c:20:41:9c:0b:ac:32:32:b6:25:99:3d: 8b:c8:b9:8d:0b:5d:cc:7b:e8:25:16:3e:f2:c9:5c: 75:d6:7e:31:64:89:34:38:80:f5:67:d2:86:e3:f2: 24:07:8d:ac:ee:07:ac:ac:72:66:76:a5:62:da:9e: 9c:f0:14:4d:46:7a:6e:63:3b:ee:28:61:b4:66:5e: a1:db:cb:4c:1c:a5:f7:1a:d7:12:5a:c1:17:55:13: 07:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:F3:79:8C:DB:C5:14:F7:D5:CA:DF:4E:21:CE:83:DB:13:44:91:29 X509v3 Authority Key Identifier: keyid:5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:97:66:c0:c6:17:9c:52:ea:32:2b:51:d8:6c:ba:03:b9:e4: 24:45:95:42:b9:a4:08:75:78:d7:30:38:3f:06:13:32:b6:df: 4a:f2:b1:3b:9a:41:9f:67:64:6e:a6:fd:f0:31:7b:bc:38:c4: a5:e7:2d:47:38:4c:38:54:7a:75:f8:33:1a:61:7f:07:7e:9b: b5:16:49:88:75:9d:70:6a:f1:fa:1f:26:db:f0:63:96:c2:c7: 08:44:e6:3e:8e:77:5d:90:40:4d:95:62:a6:ae:9f:6d:2b:8a: 76:40:d1:5e:43:c1:29:d1:c7:90:1b:2a:a7:4d:f4:3c:60:f1: c5:f9:b4:40:bf:b3:3c:b8:4d:7f:92:cf:9e:e5:12:1d:06:83: 59:5c:5a:67:3d:39:93:15:46:3c:97:ad:de:ab:3a:be:5b:07: 99:c8:e5:aa:c7:97:d1:d3:88:b4:cc:c7:21:37:99:3d:7a:d8: ce:b0:01:f2:32:7b:b8:40:46:35:bf:64:7a:29:12:65:8b:c3: 44:4d:e4:f5:75:e3:fd:0a:ef:3a:10:95:ea:36:5b:5a:36:54: 4b:fb:54:87:6c:ef:d8:48:6e:14:d7:35:ba:8e:3b:a0:37:3f: 14:71:eb:78:8b:c4:f0:81:3b:eb:3e:36:1b:3f:7b:4c:2c:83: 38:04:6e:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNGswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA4QkIxMTAvBgNVBAUTKDVGNzAzNjQ4RDczRjYwNjk0NTAxMThEQkEyNkY5NjY4 MkQ1QUU2Q0EwHhcNMjUwNDEyMTQzNjQ3WhcNMjUwNDE5MTQzNjQ3WjAYMRYwFAYD VQQDEw02N2ZhN2E3Zi00ODkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwrTjqhjXzuyGDA+XCIm1DrGMzPPubHLCmNo2fZ3Zi2tQpHhLcq279YA/N2vw jSut5u8g70thSJwsMrMQ+SQVgqPLRae5mEykeaIlazfme8jJ500Q76uUZJlMJ02m /3PTP19nKu+ll8OVCA3j7crncIy6y8ll3ndjC6fH/xWB2HDcy5zcpVjWuiIWMzDO siBNHDTBjMVmDy3+FupllC5sKFE2xTg4mo0cIEGcC6wyMrYlmT2LyLmNC13Me+gl Fj7yyVx11n4xZIk0OID1Z9KG4/IkB42s7gesrHJmdqVi2p6c8BRNRnpuYzvuKGG0 Zl6h28tMHKX3GtcSWsEXVRMHqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIjzeYzb xRT31crfTiHOg9sTRJEpMB8GA1UdIwQYMBaAFF9wNkjXP2BpRQEY26JvlmgtWubK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDhCQi81QTBEOTU4ODFE OEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lHbEZBUmpib20tV2FDMWE1 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gzQTJTTmNfWUdsRkFSamJvbS1XYUMxYTVzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDhCQi81QTBEOTU4ODFEOEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lH bEZBUmpib20tV2FDMWE1c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCml2bAxhecUuoyK1HYbLoDueQkRZVCuaQIdXjXMDg/BhMytt9K8rE7 mkGfZ2Rupv3wMXu8OMSl5y1HOEw4VHp1+DMaYX8Hfpu1FkmIdZ1wavH6Hybb8GOW wscIROY+jnddkEBNlWKmrp9tK4p2QNFeQ8Ep0ceQGyqnTfQ8YPHF+bRAv7M8uE1/ ks+e5RIdBoNZXFpnPTmTFUY8l63eqzq+WweZyOWqx5fR04i0zMchN5k9etjOsAHy Mnu4QEY1v2R6KRJli8NETeT1deP9Cu86EJXqNltaNlRL+1SHbO/YSG4U1zW6jjug Nz8Ucet4i8TwgTvrPjYbP3tMLIM4BG6V -----END CERTIFICATE-----Generated at Sun Apr 13 01:46:01 2025 by rpki-client