$ rpki-client -vvf rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft File: xl_8-yz82bzWja6waX0xbPNbI_A.mft (raw, json) Hash identifier: 3bP46zNjSSx34WLcMZL4rN0kUflVZ1GBm/dXVGAKNw4= Subject key identifier: 75:8A:9A:FE:12:A9:CD:39:78:30:FC:00:56:B9:3B:43:00:02:49:8F Authority key identifier: C6:5F:FC:FB:2C:FC:D9:BC:D6:8D:AE:B0:69:7D:31:6C:F3:5B:23:F0 Certificate issuer: /CN=A91472E2/serialNumber=C65FFCFB2CFCD9BCD68DAEB0697D316CF35B23F0 Certificate serial: 02A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft Manifest number: 0295 Signing time: Tue 01 Jul 2025 02:18:16 +0000 Manifest this update: Tue 01 Jul 2025 02:18:15 +0000 Manifest next update: Tue 08 Jul 2025 02:18:15 +0000 Files and hashes: 1: xl_8-yz82bzWja6waX0xbPNbI_A.crl (hash: kR7G4mtB3A+NUEZwmOxoJWxZpH9/gy5CXsp2Q9uc5xw=) 2: 216EE802F87A11EDAAE56C0DC4F9AE02.roa (hash: GNWLaVT5bvTFzhKfPjl/RaZJainXlieK9QJZ8Ys4PmE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.crl rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:18:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 672 (0x2a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91472E2, serialNumber=C65FFCFB2CFCD9BCD68DAEB0697D316CF35B23F0 Validity Not Before: Jul 1 02:18:15 2025 GMT Not After : Jul 8 02:18:15 2025 GMT Subject: CN=68634567-554b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:09:3c:d9:bd:03:30:b5:90:0a:e6:46:d7:16: fa:43:9d:8e:8b:12:c5:31:4a:c3:ad:db:b0:d1:5b: 5a:a3:48:ae:31:f9:36:8d:20:d4:14:49:0d:e7:9e: 0a:2e:94:a4:8b:d1:da:34:9b:c7:77:da:c6:7a:ee: f0:b3:0d:7e:6f:0d:b6:e9:64:c1:4f:a7:d5:65:f4: e8:0d:98:20:ea:d7:3e:77:4b:5a:3d:b7:d6:14:e7: cf:94:11:65:38:dc:20:bb:6c:e6:42:4b:c1:76:82: 01:7a:96:30:8a:4a:72:38:3c:70:e6:99:a7:ec:e4: 72:72:16:21:3d:13:5c:ff:4b:92:fc:b1:22:cc:a9: 12:5f:17:bf:dd:ff:52:f5:cb:d7:b5:64:11:90:ef: 19:08:9f:67:d1:3b:02:7d:0c:ea:de:e4:bd:4c:42: a9:4d:33:a3:1a:09:e8:62:03:f7:82:04:b7:ea:82: 19:01:b1:9b:c9:c7:b7:4d:11:95:57:aa:e7:6a:39: 89:d8:b5:08:b2:1c:74:49:1a:91:e2:68:f6:c5:fd: 8f:f9:72:a0:d5:63:13:17:2d:ea:ed:3d:cc:63:b4: 82:f7:2c:5b:81:01:c9:ee:ca:8a:8b:12:2a:fd:6c: 81:93:05:a1:f4:f8:2b:42:d6:c2:43:ce:c0:17:00: 1a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:8A:9A:FE:12:A9:CD:39:78:30:FC:00:56:B9:3B:43:00:02:49:8F X509v3 Authority Key Identifier: keyid:C6:5F:FC:FB:2C:FC:D9:BC:D6:8D:AE:B0:69:7D:31:6C:F3:5B:23:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:d1:4d:cb:a3:ca:7e:f1:d5:96:5d:3f:af:58:37:17:9a:f0: c5:7a:db:50:ff:84:d4:e1:d6:86:ce:60:db:63:93:a3:02:99: 9e:6d:df:64:a1:d5:bb:db:2d:81:ca:a3:e7:6d:18:36:33:e7: 6a:5e:12:61:44:94:6b:a6:1f:5d:95:15:3c:d2:9d:28:0d:e9: 0d:98:d6:64:a7:05:70:4d:17:93:04:74:37:31:14:6a:3e:5c: 69:f8:ba:b8:48:c4:51:d7:4f:f7:3a:b0:b2:c5:51:73:93:47: 42:28:f3:b5:f1:e1:a5:85:cd:d2:50:6c:53:ec:ee:4c:77:fc: d1:10:f5:eb:ac:4e:91:87:03:f4:1f:43:6b:bc:43:99:2f:19: 54:72:50:c0:d2:42:74:d1:57:99:f4:a7:9b:77:44:73:1d:46: e5:bd:8e:06:8f:12:00:36:bb:9f:5d:34:58:a0:d4:2f:c1:22: 49:2e:f2:f4:29:cc:38:43:26:f5:3c:db:4d:91:43:3c:72:cf: 96:36:ac:ee:c8:66:82:4c:a8:58:e9:5e:2d:57:d4:09:87:45: 42:3b:0d:d2:8d:16:84:d0:5e:d3:ba:12:0d:7e:22:95:a7:80: 48:02:59:23:79:52:d3:6a:fd:91:c4:17:eb:e0:52:74:a3:ea: ce:2f:1f:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDcyRTIxMTAvBgNVBAUTKEM2NUZGQ0ZCMkNGQ0Q5QkNENjhEQUVCMDY5N0QzMTZD RjM1QjIzRjAwHhcNMjUwNzAxMDIxODE1WhcNMjUwNzA4MDIxODE1WjAYMRYwFAYD VQQDEw02ODYzNDU2Ny01NTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtgk82b0DMLWQCuZG1xb6Q52OixLFMUrDrduw0Vtao0iuMfk2jSDUFEkN554K LpSki9HaNJvHd9rGeu7wsw1+bw226WTBT6fVZfToDZgg6tc+d0taPbfWFOfPlBFl ONwgu2zmQkvBdoIBepYwikpyODxw5pmn7ORychYhPRNc/0uS/LEizKkSXxe/3f9S 9cvXtWQRkO8ZCJ9n0TsCfQzq3uS9TEKpTTOjGgnoYgP3ggS36oIZAbGbyce3TRGV V6rnajmJ2LUIshx0SRqR4mj2xf2P+XKg1WMTFy3q7T3MY7SC9yxbgQHJ7sqKixIq /WyBkwWh9PgrQtbCQ87AFwAaqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHWKmv4S qc05eDD8AFa5O0MAAkmPMB8GA1UdIwQYMBaAFMZf/Pss/Nm81o2usGl9MWzzWyPw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzJFMi8yRjE5NTM1QzBD QjIxMUVEOTVDRUM5NUNDNEY5QUUwMi94bF84LXl6ODJieldqYTZ3YVgweGJQTmJJ X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hsXzgteXo4MmJ6V2phNndhWDB4YlBOYklfQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzJFMi8yRjE5NTM1QzBDQjIxMUVEOTVDRUM5NUNDNEY5QUUwMi94bF84LXl6ODJi eldqYTZ3YVgweGJQTmJJX0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZ0U3Lo8p+8dWWXT+vWDcXmvDFettQ/4TU4daGzmDbY5OjApmebd9k odW72y2ByqPnbRg2M+dqXhJhRJRrph9dlRU80p0oDekNmNZkpwVwTReTBHQ3MRRq Plxp+Lq4SMRR10/3OrCyxVFzk0dCKPO18eGlhc3SUGxT7O5Md/zREPXrrE6RhwP0 H0NrvEOZLxlUclDA0kJ00VeZ9Kebd0RzHUblvY4GjxIANrufXTRYoNQvwSJJLvL0 Kcw4Qyb1PNtNkUM8cs+WNqzuyGaCTKhY6V4tV9QJh0VCOw3SjRaE0F7TuhINfiKV p4BIAlkjeVLTav2RxBfr4FJ0o+rOLx+I -----END CERTIFICATE-----Generated at Tue Jul 1 12:24:47 2025 by rpki-client