$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: M7qnW6yyLF8d270RPuKkXWa7LDRVwHy71piOfwV3L8A= Subject key identifier: 3B:72:51:ED:DE:BC:58:BA:2E:FC:14:2B:A8:63:41:97:8D:3A:E1:69 Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 01E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 01E2 Signing time: Sat 31 May 2025 02:23:29 +0000 Manifest this update: Sat 31 May 2025 02:23:28 +0000 Manifest next update: Sat 07 Jun 2025 02:23:28 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: za+3AowMthDRzR4uLBhxKH3ZBb2OeyQpNoW9MLCADSM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:23:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 485 (0x1e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0, serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: May 31 02:23:28 2025 GMT Not After : Jun 7 02:23:28 2025 GMT Subject: CN=683a6821-eb3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:1b:da:48:d2:27:dd:5d:b1:f6:89:1c:49:37: c2:db:b7:08:35:76:9a:79:b3:f1:4b:ae:23:09:d5: 12:84:b2:78:a8:cf:c8:49:b0:6a:cb:9d:a7:d3:5a: 25:9c:9f:36:6b:8c:a2:70:fe:55:b0:df:ea:f9:98: 13:d4:04:95:de:3e:78:d4:c5:cd:db:79:b7:bf:1e: 2f:8a:cc:98:59:c2:48:10:01:dc:6b:64:d7:5c:3b: 9d:e9:97:50:a8:fd:a5:a7:6b:93:a3:68:5e:af:9e: 85:58:47:77:f9:d3:4b:2c:81:91:8e:1b:3a:75:2b: f5:3e:fc:31:2c:86:55:9f:64:f2:c8:6b:95:e4:39: 00:23:44:ea:1c:f5:06:77:9d:90:d8:cf:a9:89:4f: c9:1b:97:60:f3:7d:4e:05:fa:3d:f7:73:ab:11:cb: 80:fd:49:a3:5d:63:3c:ee:1a:2f:3b:e1:a1:f5:de: 78:79:69:70:67:5d:df:23:67:6e:4b:f7:10:5d:1c: dc:55:c5:e6:08:8a:bc:59:10:e5:ed:b9:b0:78:18: 15:9c:f1:3f:22:1a:6a:e7:ee:52:c6:c9:ad:33:3d: 6d:02:21:49:13:4a:84:a8:20:94:f6:61:ef:8d:dd: 88:dc:fd:4d:1a:d5:cc:fa:3c:f0:6f:9d:67:bd:b2: a2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:72:51:ED:DE:BC:58:BA:2E:FC:14:2B:A8:63:41:97:8D:3A:E1:69 X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:ae:7a:cd:ce:4b:95:8b:95:10:7c:04:3e:f3:ae:16:ae:a7: 3f:98:85:9b:fd:34:a3:5a:b1:1d:08:0a:cd:29:93:ed:ef:0d: 3f:e1:86:b9:f8:22:87:61:2d:2a:2e:ca:1a:51:06:2a:f1:8f: 10:85:64:91:e9:26:46:14:58:ba:a3:82:31:1c:4f:92:b9:74: 24:f6:9f:6f:2e:86:23:f0:f8:01:b1:fc:1f:aa:4c:62:a9:1e: e7:f7:66:6e:ec:47:44:68:55:be:b1:55:9d:d1:59:24:85:95: 2f:27:f5:58:91:28:3c:0c:2f:65:17:ea:68:99:f5:38:68:7a: f8:a7:4a:b5:da:ea:23:51:2c:dc:72:bb:4f:26:7d:39:e9:e2: 47:5d:64:ad:fc:d3:8f:e8:ab:47:7f:fa:24:12:95:78:03:5f: e7:1d:9e:cc:cd:15:75:f1:c3:c4:fc:00:28:68:41:1b:1c:42: 9b:96:d9:09:ee:37:5b:4e:bc:64:5c:37:a0:6b:fe:b6:8f:e3: 2c:f9:16:92:a8:49:5b:0d:a5:da:54:a4:6a:c8:87:68:89:42: dd:5b:70:18:f5:01:1c:85:75:25:70:8f:d5:44:b5:b4:bb:2b: 9e:7f:2a:a7:b8:04:66:bd:f3:b9:69:73:6e:58:57:9e:35:f2: 27:23:56:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjUwNTMxMDIyMzI4WhcNMjUwNjA3MDIyMzI4WjAYMRYwFAYD VQQDEw02ODNhNjgyMS1lYjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5hvaSNIn3V2x9okcSTfC27cINXaaebPxS64jCdUShLJ4qM/ISbBqy52n01ol nJ82a4yicP5VsN/q+ZgT1ASV3j541MXN23m3vx4visyYWcJIEAHca2TXXDud6ZdQ qP2lp2uTo2her56FWEd3+dNLLIGRjhs6dSv1PvwxLIZVn2TyyGuV5DkAI0TqHPUG d52Q2M+piU/JG5dg831OBfo993OrEcuA/UmjXWM87hovO+Gh9d54eWlwZ13fI2du S/cQXRzcVcXmCIq8WRDl7bmweBgVnPE/Ihpq5+5SxsmtMz1tAiFJE0qEqCCU9mHv jd2I3P1NGtXM+jzwb51nvbKi2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDtyUe3e vFi6LvwUK6hjQZeNOuFpMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGrnrNzkuVi5UQfAQ+864Wrqc/mIWb/TSjWrEdCArNKZPt7w0/4Ya5 +CKHYS0qLsoaUQYq8Y8QhWSR6SZGFFi6o4IxHE+SuXQk9p9vLoYj8PgBsfwfqkxi qR7n92Zu7EdEaFW+sVWd0VkkhZUvJ/VYkSg8DC9lF+pomfU4aHr4p0q12uojUSzc crtPJn056eJHXWSt/NOP6KtHf/okEpV4A1/nHZ7MzRV18cPE/AAoaEEbHEKbltkJ 7jdbTrxkXDega/62j+Ms+RaSqElbDaXaVKRqyIdoiULdW3AY9QEchXUlcI/VRLW0 uyuefyqnuARmvfO5aXNuWFeeNfInI1ZB -----END CERTIFICATE-----Generated at Sat May 31 17:45:08 2025 by rpki-client