$ rpki-client -vvf rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft File: xl_8-yz82bzWja6waX0xbPNbI_A.mft (raw, json) Hash identifier: 6FmaS+1547jvXBPv321eoZlTZS5WR4oMB42qOLNxkLA= Subject key identifier: B7:86:FD:5F:35:71:11:FE:57:27:DF:4A:55:96:58:3D:34:77:63:69 Authority key identifier: C6:5F:FC:FB:2C:FC:D9:BC:D6:8D:AE:B0:69:7D:31:6C:F3:5B:23:F0 Certificate issuer: /CN=A91472E2/serialNumber=C65FFCFB2CFCD9BCD68DAEB0697D316CF35B23F0 Certificate serial: 0284 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft Manifest number: 0279 Signing time: Mon 05 May 2025 01:16:53 +0000 Manifest this update: Mon 05 May 2025 01:16:53 +0000 Manifest next update: Mon 12 May 2025 01:16:53 +0000 Files and hashes: 1: xl_8-yz82bzWja6waX0xbPNbI_A.crl (hash: DSDo1BGQaF718kciaxrtY0l5/B6xXlJCWC7NeyepkHk=) 2: 216EE802F87A11EDAAE56C0DC4F9AE02.roa (hash: GNWLaVT5bvTFzhKfPjl/RaZJainXlieK9QJZ8Ys4PmE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.crl rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 00:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 644 (0x284) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91472E2, serialNumber=C65FFCFB2CFCD9BCD68DAEB0697D316CF35B23F0 Validity Not Before: May 5 01:16:53 2025 GMT Not After : May 12 01:16:53 2025 GMT Subject: CN=68181185-5419 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:37:12:bf:17:21:c3:87:be:c1:ed:09:bd:fb: 80:ba:b0:8c:24:8a:ac:55:e2:0e:18:17:b9:6e:49: f7:e5:d6:b4:69:4f:ab:aa:dc:6d:e6:cc:a9:98:e2: 35:c0:7b:1f:0b:0f:a0:f3:c2:67:8e:76:38:35:39: 26:ae:00:82:63:25:44:3f:45:eb:df:ea:0a:73:63: 5c:1d:40:c5:af:87:6c:9e:21:35:89:b9:6d:c8:69: 3e:5c:7a:32:f6:f8:77:f3:db:c0:48:97:fd:62:0e: e9:38:8b:10:d7:af:d5:a5:00:97:32:b4:36:86:df: 75:20:98:2e:00:72:03:01:fa:aa:cc:33:dc:49:df: de:b4:41:c1:54:89:9e:27:cf:60:7d:70:e0:f3:73: 65:b3:01:18:de:65:f1:71:03:84:31:c7:a3:0b:4a: c6:cc:51:65:00:bc:26:05:88:76:1c:7d:17:6d:7e: 36:b4:9d:42:c3:90:dc:c3:45:c2:53:4d:49:66:75: 36:31:aa:83:c3:1b:48:97:c4:54:b4:32:48:26:ce: ed:63:02:33:b6:c6:73:f2:26:98:dd:71:df:cb:46: 8d:84:8c:88:0b:13:a4:d2:d8:a5:a8:3f:2b:57:33: 47:09:fd:bd:48:31:b2:90:e5:a4:31:3d:a2:de:e1: d2:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:86:FD:5F:35:71:11:FE:57:27:DF:4A:55:96:58:3D:34:77:63:69 X509v3 Authority Key Identifier: keyid:C6:5F:FC:FB:2C:FC:D9:BC:D6:8D:AE:B0:69:7D:31:6C:F3:5B:23:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:8a:5c:77:62:35:f3:44:f3:d0:72:54:65:00:3a:9a:d3:0c: 0a:84:8a:65:f1:86:3a:fe:d2:d1:e1:72:c2:3b:63:77:53:9e: f8:eb:23:50:71:db:87:45:be:6f:0e:d3:7a:b5:d3:2a:6b:c4: bf:d4:79:11:95:3b:8c:02:a4:ea:ad:89:72:84:e2:f2:86:93: 1c:59:16:1b:a2:42:4d:eb:ca:aa:06:18:79:f9:62:5e:f2:02: 16:ee:88:e5:c1:71:32:ee:ec:2b:4c:d3:91:d1:09:ea:50:54: da:1f:eb:06:15:2b:90:57:7d:08:f2:3e:e5:46:ec:39:42:92: de:66:c2:a7:55:b7:8c:62:1a:96:a4:09:c0:b7:4b:6d:e0:e2: 09:d2:dc:5f:4f:e1:a6:fc:06:ef:e6:14:51:06:53:29:31:dc: 47:c0:4f:36:e2:77:2d:43:bb:15:5b:4a:bf:53:fe:30:1a:1d: 25:2b:7f:0f:40:6a:01:89:51:56:6a:ae:c6:11:b8:7d:a3:79: fe:10:9b:3f:02:35:ef:c9:00:0d:f6:4f:88:4a:cf:73:8f:32: 38:2c:fa:73:5f:da:e6:a1:1a:20:80:9a:4e:52:fb:1a:0c:0b: 4a:41:08:f9:bd:fb:4c:57:0f:1c:b3:25:1a:33:80:51:23:59: ad:20:de:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDcyRTIxMTAvBgNVBAUTKEM2NUZGQ0ZCMkNGQ0Q5QkNENjhEQUVCMDY5N0QzMTZD RjM1QjIzRjAwHhcNMjUwNTA1MDExNjUzWhcNMjUwNTEyMDExNjUzWjAYMRYwFAYD VQQDEw02ODE4MTE4NS01NDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1TcSvxchw4e+we0JvfuAurCMJIqsVeIOGBe5bkn35da0aU+rqtxt5sypmOI1 wHsfCw+g88JnjnY4NTkmrgCCYyVEP0Xr3+oKc2NcHUDFr4dsniE1ibltyGk+XHoy 9vh389vASJf9Yg7pOIsQ16/VpQCXMrQ2ht91IJguAHIDAfqqzDPcSd/etEHBVIme J89gfXDg83NlswEY3mXxcQOEMcejC0rGzFFlALwmBYh2HH0XbX42tJ1Cw5Dcw0XC U01JZnU2MaqDwxtIl8RUtDJIJs7tYwIztsZz8iaY3XHfy0aNhIyICxOk0tilqD8r VzNHCf29SDGykOWkMT2i3uHSoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLeG/V81 cRH+VyffSlWWWD00d2NpMB8GA1UdIwQYMBaAFMZf/Pss/Nm81o2usGl9MWzzWyPw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzJFMi8yRjE5NTM1QzBD QjIxMUVEOTVDRUM5NUNDNEY5QUUwMi94bF84LXl6ODJieldqYTZ3YVgweGJQTmJJ X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hsXzgteXo4MmJ6V2phNndhWDB4YlBOYklfQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzJFMi8yRjE5NTM1QzBDQjIxMUVEOTVDRUM5NUNDNEY5QUUwMi94bF84LXl6ODJi eldqYTZ3YVgweGJQTmJJX0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUilx3YjXzRPPQclRlADqa0wwKhIpl8YY6/tLR4XLCO2N3U5746yNQ cduHRb5vDtN6tdMqa8S/1HkRlTuMAqTqrYlyhOLyhpMcWRYbokJN68qqBhh5+WJe 8gIW7ojlwXEy7uwrTNOR0QnqUFTaH+sGFSuQV30I8j7lRuw5QpLeZsKnVbeMYhqW pAnAt0tt4OIJ0txfT+Gm/Abv5hRRBlMpMdxHwE824nctQ7sVW0q/U/4wGh0lK38P QGoBiVFWaq7GEbh9o3n+EJs/AjXvyQAN9k+ISs9zjzI4LPpzX9rmoRoggJpOUvsa DAtKQQj5vftMVw8csyUaM4BRI1mtIN45 -----END CERTIFICATE-----Generated at Mon May 5 02:57:25 2025 by rpki-client