$ rpki-client -vvf rpki.apnic.net/member_repository/A91356BA/264521D2690511EFAD230464C4F9AE02/rs-kglLctVxfHrOBKIztw-b4YnQ.mft File: rs-kglLctVxfHrOBKIztw-b4YnQ.mft (raw, json) Hash identifier: 12Ln5ZWckVow01jJ1HXriNpzL6D9dQCu6+Z0GrZIq7Y= Subject key identifier: 50:5D:1B:F5:2B:C3:97:A6:81:C9:E8:EE:AF:74:96:6A:83:BD:40:47 Authority key identifier: AE:CF:A4:82:52:DC:B5:5C:5F:1E:B3:81:28:8C:ED:C3:E6:F8:62:74 Certificate issuer: /CN=A91356BA/serialNumber=AECFA48252DCB55C5F1EB381288CEDC3E6F86274 Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rs-kglLctVxfHrOBKIztw-b4YnQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91356BA/264521D2690511EFAD230464C4F9AE02/rs-kglLctVxfHrOBKIztw-b4YnQ.mft Manifest number: 89 Signing time: Sat 17 May 2025 06:05:01 +0000 Manifest this update: Sat 17 May 2025 06:05:00 +0000 Manifest next update: Sat 24 May 2025 06:05:00 +0000 Files and hashes: 1: rs-kglLctVxfHrOBKIztw-b4YnQ.crl (hash: XTYF+0jX+DcwmYGTEchJEm4IYnu3S3x4vFUx8z4px+o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91356BA/264521D2690511EFAD230464C4F9AE02/rs-kglLctVxfHrOBKIztw-b4YnQ.crl rsync://rpki.apnic.net/member_repository/A91356BA/264521D2690511EFAD230464C4F9AE02/rs-kglLctVxfHrOBKIztw-b4YnQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rs-kglLctVxfHrOBKIztw-b4YnQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 06:05:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91356BA, serialNumber=AECFA48252DCB55C5F1EB381288CEDC3E6F86274 Validity Not Before: May 17 06:05:00 2025 GMT Not After : May 24 06:05:00 2025 GMT Subject: CN=6828270d-0708 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:96:15:f7:79:dc:7f:f8:9e:e3:c2:70:97:c5: fb:8e:71:69:4d:ef:cd:9c:90:c3:64:27:20:47:05: 0d:95:29:ba:cc:a4:14:0a:ec:18:fb:d4:b1:a7:39: 3d:f7:f5:4c:55:d4:77:90:cf:c2:77:f4:8b:df:73: 9c:cb:4c:b5:a5:cb:5a:eb:6c:19:9d:12:77:d8:50: af:47:b7:17:6a:e0:53:c9:8a:51:d2:22:79:d7:d9: d0:8b:9a:3f:2a:fb:d1:87:5f:5f:2d:68:73:95:66: 2c:a4:c4:e4:7c:2e:4e:fd:9c:5e:ba:67:80:91:bf: 09:3a:65:03:89:99:cd:36:06:bb:14:37:fa:ae:82: 5e:40:7e:65:0c:24:f0:c4:39:2a:f1:0b:8c:df:a6: 02:5f:c4:28:9d:b2:19:82:18:49:05:de:74:63:a3: 54:f2:7e:64:71:14:d5:cb:fe:17:53:bb:d8:39:ae: e9:d8:e7:e7:fa:5a:db:d1:f1:69:81:cc:a6:1d:73: fe:26:cc:21:81:c2:a2:10:3c:34:f9:4b:d9:51:cb: d6:c3:3f:c0:3d:c8:62:7b:e5:2e:ed:c4:8c:16:22: 29:ca:5c:9c:df:04:7c:5d:80:02:b2:7f:53:cf:90: 8e:ba:b7:2f:79:68:e7:6c:dd:d7:0e:8c:dd:6e:9f: ce:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:5D:1B:F5:2B:C3:97:A6:81:C9:E8:EE:AF:74:96:6A:83:BD:40:47 X509v3 Authority Key Identifier: keyid:AE:CF:A4:82:52:DC:B5:5C:5F:1E:B3:81:28:8C:ED:C3:E6:F8:62:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91356BA/264521D2690511EFAD230464C4F9AE02/rs-kglLctVxfHrOBKIztw-b4YnQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rs-kglLctVxfHrOBKIztw-b4YnQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91356BA/264521D2690511EFAD230464C4F9AE02/rs-kglLctVxfHrOBKIztw-b4YnQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:53:23:53:78:d4:31:4f:4c:83:4f:8f:81:0a:2e:94:c3:9b: 3f:e8:b4:cd:f8:c8:e4:52:98:eb:d8:04:9e:78:67:a9:bc:55: 72:be:f2:0b:a5:76:15:50:06:7b:8a:21:41:91:66:c5:49:d5: e7:14:ab:89:09:26:f7:eb:c3:1a:fc:f5:8a:24:f2:f9:54:30: 6d:67:f6:76:9e:fe:d6:45:a5:2b:d0:ae:61:18:b1:e4:87:0e: d1:22:61:4f:bd:64:25:fb:ed:a2:db:9c:17:a7:c0:d3:82:12: 2c:69:82:4c:4b:96:e1:e8:5c:59:ad:b2:8c:ee:df:aa:a1:55: b1:74:4f:a9:b1:30:f0:8e:81:5f:6c:c3:9c:d7:8e:d5:64:5d: 8e:22:ae:cd:0c:83:dc:d9:70:49:e1:0e:39:bf:c0:aa:f9:d0: 80:26:65:cc:5e:bc:b3:3c:9b:d8:e5:af:0d:0e:d1:14:07:2e: 8e:a0:80:7c:c1:74:ab:fc:ff:39:16:e2:6e:e0:fc:e8:55:38: ae:17:6e:f0:54:c3:23:6c:be:d4:63:2b:be:df:cc:58:b8:c4: 8c:8f:b2:54:3f:de:49:69:d8:bd:ca:92:01:91:02:04:5c:54: fb:c7:54:90:03:ab:15:ec:ef:e9:a2:09:42:a3:4f:8d:88:dd: ee:3e:64:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzU2QkExMTAvBgNVBAUTKEFFQ0ZBNDgyNTJEQ0I1NUM1RjFFQjM4MTI4OENFREMz RTZGODYyNzQwHhcNMjUwNTE3MDYwNTAwWhcNMjUwNTI0MDYwNTAwWjAYMRYwFAYD VQQDEw02ODI4MjcwZC0wNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyZYV93ncf/ie48Jwl8X7jnFpTe/NnJDDZCcgRwUNlSm6zKQUCuwY+9Sxpzk9 9/VMVdR3kM/Cd/SL33Ocy0y1pcta62wZnRJ32FCvR7cXauBTyYpR0iJ519nQi5o/ KvvRh19fLWhzlWYspMTkfC5O/ZxeumeAkb8JOmUDiZnNNga7FDf6roJeQH5lDCTw xDkq8QuM36YCX8QonbIZghhJBd50Y6NU8n5kcRTVy/4XU7vYOa7p2Ofn+lrb0fFp gcymHXP+JswhgcKiEDw0+UvZUcvWwz/APchie+Uu7cSMFiIpylyc3wR8XYACsn9T z5COurcveWjnbN3XDozdbp/OmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFBdG/Ur w5emgcno7q90lmqDvUBHMB8GA1UdIwQYMBaAFK7PpIJS3LVcXx6zgSiM7cPm+GJ0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTZCQS8yNjQ1MjFEMjY5 MDUxMUVGQUQyMzA0NjRDNEY5QUUwMi9ycy1rZ2xMY3RWeGZIck9CS0l6dHctYjRZ blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JzLWtnbExjdFZ4ZkhyT0JLSXp0dy1iNFluUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NTZCQS8yNjQ1MjFEMjY5MDUxMUVGQUQyMzA0NjRDNEY5QUUwMi9ycy1rZ2xMY3RW eGZIck9CS0l6dHctYjRZblEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADUyNTeNQxT0yDT4+BCi6Uw5s/6LTN+MjkUpjr2ASeeGepvFVyvvIL pXYVUAZ7iiFBkWbFSdXnFKuJCSb368Ma/PWKJPL5VDBtZ/Z2nv7WRaUr0K5hGLHk hw7RImFPvWQl++2i25wXp8DTghIsaYJMS5bh6FxZrbKM7t+qoVWxdE+psTDwjoFf bMOc147VZF2OIq7NDIPc2XBJ4Q45v8Cq+dCAJmXMXryzPJvY5a8NDtEUBy6OoIB8 wXSr/P85FuJu4PzoVTiuF27wVMMjbL7UYyu+38xYuMSMj7JUP95Jadi9ypIBkQIE XFT7x1SQA6sV7O/poglCo0+NiN3uPmSa -----END CERTIFICATE-----Generated at Sun May 18 08:09:07 2025 by rpki-client