$ rpki-client -vvf rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft File: X3A2SNc_YGlFARjbom-WaC1a5so.mft (raw, json) Hash identifier: fvfhLONYQOPHniL0jgC0h+ziKjenbvlYTauN2yc6iOk= Subject key identifier: C4:2D:37:DF:6B:30:A1:6B:1E:A3:6B:C6:B9:7D:C4:7A:46:53:6D:88 Authority key identifier: 5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA Certificate issuer: /CN=A91508BB/serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Certificate serial: 3494 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft Manifest number: 3494 Signing time: Mon 30 Jun 2025 14:42:09 +0000 Manifest this update: Mon 30 Jun 2025 14:42:09 +0000 Manifest next update: Mon 07 Jul 2025 14:42:09 +0000 Files and hashes: 1: X3A2SNc_YGlFARjbom-WaC1a5so.crl (hash: QbCnEjfHgo/0YqO+a1h7a/ZQJo6YmHRhxPzH+wPy6/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:42:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13460 (0x3494) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91508BB, serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Validity Not Before: Jun 30 14:42:09 2025 GMT Not After : Jul 7 14:42:09 2025 GMT Subject: CN=6862a241-a93b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:42:a4:34:65:ec:35:b2:b7:eb:3d:7e:65:3a: d1:31:20:0d:b5:16:fd:66:c0:0d:17:a4:d8:5c:a7: 6e:eb:3d:59:55:6c:75:59:39:c4:0a:00:27:4c:b1: 61:b0:0a:a7:46:0c:96:4b:7e:40:a9:28:3a:0d:7c: ea:7f:5a:f3:33:dd:d8:42:29:89:b8:5c:be:01:eb: 38:09:c2:36:97:ec:7d:59:c6:22:b0:3f:60:f3:84: 2d:ca:9a:99:ff:43:70:ba:35:a1:6e:51:87:aa:fd: 3b:29:ea:62:2f:6f:0c:f6:c0:72:c3:23:41:5c:36: 70:d3:86:71:a8:41:8f:49:29:d4:d6:51:a5:0b:ec: ba:c9:6c:f1:46:08:91:e2:96:4d:85:b7:09:e2:10: 08:8a:c9:26:50:9f:b2:ae:93:5d:e7:45:fe:f1:f2: 7e:46:4a:21:d3:51:f4:37:2b:41:61:30:4d:02:9f: 7e:fd:d9:a0:da:42:3b:dd:79:4e:8f:dd:94:92:68: df:8f:9d:d5:86:9c:c6:11:3b:32:72:2a:70:7c:79: d9:39:39:64:27:b1:a4:f6:9b:6b:76:85:66:0a:54: 89:f4:07:71:59:99:1c:19:77:6e:ad:0c:35:3a:97: 60:86:3a:c9:de:12:9d:a3:6f:8c:02:12:04:4f:b5: 9b:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:2D:37:DF:6B:30:A1:6B:1E:A3:6B:C6:B9:7D:C4:7A:46:53:6D:88 X509v3 Authority Key Identifier: keyid:5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:f8:92:48:cf:d5:57:68:73:51:3c:57:94:cb:85:e3:36:b1: e8:a7:ef:45:02:51:cc:92:ae:5c:9e:5c:8a:82:9c:76:f9:7b: b8:6b:1d:79:61:46:37:51:51:fe:78:52:30:2b:42:ea:5d:27: c2:cc:5f:25:db:36:cc:ab:df:32:df:6d:a7:cf:8a:74:be:1c: e6:83:56:f9:b1:7c:7d:a6:9d:ec:f0:ca:f2:6e:17:36:8d:6b: 63:62:03:68:41:74:44:45:95:d2:ae:7d:02:b4:a1:8b:46:8e: a9:fc:b1:37:ce:b2:57:90:fc:6a:3b:fc:a1:d2:72:54:93:e1: f1:23:08:b7:4b:3a:b7:e7:69:23:b8:93:27:27:34:fb:45:7d: 45:20:61:d2:d9:cd:aa:d6:06:c8:ad:af:ea:1c:4b:bb:fd:5b: 3f:38:57:12:2f:9a:41:70:f7:28:cd:00:a0:4f:12:09:bd:4c: 71:09:a2:3e:f0:fd:5b:01:41:ff:65:a9:73:0f:53:d9:d9:ca: 9b:fe:84:d9:f1:36:98:31:9d:5b:4a:f2:92:dc:90:d1:1b:b9: ba:89:22:49:12:61:a2:6b:10:69:16:15:e3:cf:e9:14:8b:5f: 63:e2:3f:1d:ef:c1:4e:a0:a0:9a:75:fb:06:62:7e:ed:63:13: fd:21:ac:bb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA4QkIxMTAvBgNVBAUTKDVGNzAzNjQ4RDczRjYwNjk0NTAxMThEQkEyNkY5NjY4 MkQ1QUU2Q0EwHhcNMjUwNjMwMTQ0MjA5WhcNMjUwNzA3MTQ0MjA5WjAYMRYwFAYD VQQDEw02ODYyYTI0MS1hOTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArUKkNGXsNbK36z1+ZTrRMSANtRb9ZsANF6TYXKdu6z1ZVWx1WTnECgAnTLFh sAqnRgyWS35AqSg6DXzqf1rzM93YQimJuFy+Aes4CcI2l+x9WcYisD9g84QtypqZ /0NwujWhblGHqv07KepiL28M9sBywyNBXDZw04ZxqEGPSSnU1lGlC+y6yWzxRgiR 4pZNhbcJ4hAIiskmUJ+yrpNd50X+8fJ+Rkoh01H0NytBYTBNAp9+/dmg2kI73XlO j92Ukmjfj53VhpzGETsycipwfHnZOTlkJ7Gk9ptrdoVmClSJ9AdxWZkcGXdurQw1 OpdghjrJ3hKdo2+MAhIET7Wb4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMQtN99r MKFrHqNrxrl9xHpGU22IMB8GA1UdIwQYMBaAFF9wNkjXP2BpRQEY26JvlmgtWubK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDhCQi81QTBEOTU4ODFE OEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lHbEZBUmpib20tV2FDMWE1 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gzQTJTTmNfWUdsRkFSamJvbS1XYUMxYTVzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDhCQi81QTBEOTU4ODFEOEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lH bEZBUmpib20tV2FDMWE1c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAN+JJIz9VXaHNRPFeUy4XjNrHop+9FAlHMkq5cnlyKgpx2+Xu4ax15 YUY3UVH+eFIwK0LqXSfCzF8l2zbMq98y322nz4p0vhzmg1b5sXx9pp3s8Mrybhc2 jWtjYgNoQXRERZXSrn0CtKGLRo6p/LE3zrJXkPxqO/yh0nJUk+HxIwi3Szq352kj uJMnJzT7RX1FIGHS2c2q1gbIra/qHEu7/Vs/OFcSL5pBcPcozQCgTxIJvUxxCaI+ 8P1bAUH/ZalzD1PZ2cqb/oTZ8TaYMZ1bSvKS3JDRG7m6iSJJEmGiaxBpFhXjz+kU i19j4j8d78FOoKCadfsGYn7tYxP9Iay7 -----END CERTIFICATE-----Generated at Tue Jul 1 13:56:52 2025 by rpki-client