$ rpki-client -vvf rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft File: X3A2SNc_YGlFARjbom-WaC1a5so.mft (raw, json) Hash identifier: Dt1xlHIUoqigaeCjefBAJIUvVoB08XV1Pz6E80POYhs= Subject key identifier: 1F:D7:44:1B:43:21:50:C4:15:14:B3:76:DA:50:79:C6:76:22:92:16 Authority key identifier: 5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA Certificate issuer: /CN=A91508BB/serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Certificate serial: 3471 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft Manifest number: 3471 Signing time: Thu 24 Apr 2025 14:36:50 +0000 Manifest this update: Thu 24 Apr 2025 14:36:49 +0000 Manifest next update: Thu 01 May 2025 14:36:49 +0000 Files and hashes: 1: X3A2SNc_YGlFARjbom-WaC1a5so.crl (hash: Sk2PD4+LOh6c4qmVTsv3tt0TxRuXHov3kOKPaos/zRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:36:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13425 (0x3471) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91508BB, serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Validity Not Before: Apr 24 14:36:49 2025 GMT Not After : May 1 14:36:49 2025 GMT Subject: CN=680a4c81-ccb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4e:1b:a9:57:8d:97:bd:d6:3e:4a:75:49:ba: f2:42:d0:f1:93:63:bb:44:4e:23:44:19:ff:f7:0c: 21:be:4d:21:4f:bf:38:b4:ec:02:28:40:bf:95:8c: 4d:5b:9f:9b:ad:f4:e9:b2:16:bf:55:cf:89:24:23: 8a:2d:78:e0:c9:b9:0f:e0:bd:24:7a:4e:1d:a5:da: b5:94:d0:1e:0b:74:e0:14:86:38:7c:66:05:a9:10: ff:78:4b:97:86:89:b8:df:c5:f4:4a:e1:fb:bc:8c: 45:c3:96:42:d2:8f:5c:4d:60:0e:c2:dc:e1:79:3c: 68:2a:0c:77:d2:b5:02:55:a8:1e:23:11:47:65:98: ae:e6:63:89:ea:5f:d9:65:cc:a7:a6:a7:01:1d:17: 7c:04:35:72:7c:88:d0:e0:ad:38:91:5d:40:4e:fb: 0e:4d:3d:f7:03:ed:87:06:48:5d:0f:ca:ed:4c:fc: 68:ee:38:7f:eb:85:b4:60:4c:cd:41:82:b5:8f:fe: 10:6b:aa:ce:81:3c:53:44:ba:d4:48:61:78:e6:c4: 5f:c3:e3:cd:f9:a2:54:4c:84:12:b9:e9:b4:ad:63: e2:e0:92:c3:7c:c1:69:c5:55:a0:c1:d5:5d:64:10: 64:a5:d4:9c:ad:0e:30:1e:52:23:1a:42:50:8e:11: d1:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:D7:44:1B:43:21:50:C4:15:14:B3:76:DA:50:79:C6:76:22:92:16 X509v3 Authority Key Identifier: keyid:5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:8a:aa:6b:91:b4:40:d6:32:66:a3:29:1e:09:b6:f9:03:68: c1:1f:3f:2f:d4:9d:18:01:86:b7:7d:4d:91:06:ec:bc:08:1b: 6d:45:89:7e:ef:9c:0c:2d:dd:cb:c6:65:b6:06:a0:49:ee:9c: 99:83:67:9d:ad:95:c5:71:8d:24:d5:4f:29:79:50:f9:20:fe: d4:9d:0c:3b:73:34:72:cd:c2:c5:9a:00:cf:89:a5:1f:7c:06: bb:d2:95:6c:10:70:cb:17:b8:d2:e2:c4:b2:b3:d2:10:b1:46: 4b:d2:5f:a9:6f:33:bf:b8:5b:44:d5:2d:b3:a3:28:fa:b1:c7: 24:0b:a6:67:1e:0a:3b:1c:c6:ba:6f:83:42:76:79:08:e7:ff: 7e:e8:31:79:ad:18:fd:1d:1d:65:c7:bc:20:cb:a6:87:f7:16: 0d:c5:14:77:09:13:81:7b:7a:4f:95:1f:d9:06:e7:b3:48:32: da:8a:b0:a6:8a:75:b9:c2:4c:d2:92:95:9a:5b:7e:dc:a9:4b: 81:5f:ca:e7:37:e7:e3:3b:2d:4f:ec:aa:b8:ed:85:d5:42:ab: 26:70:a9:eb:8b:a2:b2:cf:32:be:ca:4c:38:93:ea:f2:ee:c9: 96:22:44:d5:c3:69:bc:a9:d7:7f:fd:de:b4:17:62:87:c9:82: 48:36:37:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA4QkIxMTAvBgNVBAUTKDVGNzAzNjQ4RDczRjYwNjk0NTAxMThEQkEyNkY5NjY4 MkQ1QUU2Q0EwHhcNMjUwNDI0MTQzNjQ5WhcNMjUwNTAxMTQzNjQ5WjAYMRYwFAYD VQQDEw02ODBhNGM4MS1jY2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtE4bqVeNl73WPkp1SbryQtDxk2O7RE4jRBn/9wwhvk0hT784tOwCKEC/lYxN W5+brfTpsha/Vc+JJCOKLXjgybkP4L0kek4dpdq1lNAeC3TgFIY4fGYFqRD/eEuX hom438X0SuH7vIxFw5ZC0o9cTWAOwtzheTxoKgx30rUCVageIxFHZZiu5mOJ6l/Z ZcynpqcBHRd8BDVyfIjQ4K04kV1ATvsOTT33A+2HBkhdD8rtTPxo7jh/64W0YEzN QYK1j/4Qa6rOgTxTRLrUSGF45sRfw+PN+aJUTIQSuem0rWPi4JLDfMFpxVWgwdVd ZBBkpdScrQ4wHlIjGkJQjhHRGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB/XRBtD IVDEFRSzdtpQecZ2IpIWMB8GA1UdIwQYMBaAFF9wNkjXP2BpRQEY26JvlmgtWubK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDhCQi81QTBEOTU4ODFE OEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lHbEZBUmpib20tV2FDMWE1 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gzQTJTTmNfWUdsRkFSamJvbS1XYUMxYTVzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDhCQi81QTBEOTU4ODFEOEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lH bEZBUmpib20tV2FDMWE1c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfiqprkbRA1jJmoykeCbb5A2jBHz8v1J0YAYa3fU2RBuy8CBttRYl+ 75wMLd3LxmW2BqBJ7pyZg2edrZXFcY0k1U8peVD5IP7UnQw7czRyzcLFmgDPiaUf fAa70pVsEHDLF7jS4sSys9IQsUZL0l+pbzO/uFtE1S2zoyj6scckC6ZnHgo7HMa6 b4NCdnkI5/9+6DF5rRj9HR1lx7wgy6aH9xYNxRR3CROBe3pPlR/ZBuezSDLairCm inW5wkzSkpWaW37cqUuBX8rnN+fjOy1P7Kq47YXVQqsmcKnri6KyzzK+ykw4k+ry 7smWIkTVw2m8qdd//d60F2KHyYJINjer -----END CERTIFICATE-----Generated at Sat Apr 26 05:01:25 2025 by rpki-client