$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: T3pSeGXka7c9XV92SdHcqf8HOuFe1nd9/WzZ76/rlRE= Subject key identifier: BA:C5:31:5E:F7:41:96:87:FA:4D:C6:B2:C8:09:B2:4F:27:F9:AC:CF Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 2504 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 2504 Signing time: Mon 02 Jun 2025 14:16:30 +0000 Manifest this update: Mon 02 Jun 2025 14:16:29 +0000 Manifest next update: Mon 09 Jun 2025 14:16:29 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: r0020EV7kUNB77OepB0orbiGqu49grx+z9bs+druStE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 05:53:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9476 (0x2504) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Jun 2 14:16:29 2025 GMT Not After : Jun 9 14:16:29 2025 GMT Subject: CN=683db23e-7fb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f8:81:77:45:51:5f:85:1d:36:3d:fb:55:f6: 1f:d2:ba:fe:9f:2b:c6:4d:c5:bd:57:c5:32:de:12: 3b:18:0a:45:2e:d1:47:b7:ef:93:c2:f3:65:30:4f: bf:6a:f6:49:5e:8e:09:03:bc:a1:44:3b:18:cc:5b: 65:e2:3e:59:2b:97:c7:54:f1:6c:49:00:ea:6b:c0: 3e:fb:43:72:c8:7d:6c:1b:6a:04:75:bd:ca:7b:b2: b4:0c:f8:48:34:8b:6e:3e:56:a3:30:a0:e9:af:8b: 2b:a6:79:69:47:9c:60:0d:e7:33:6b:9f:74:7d:47: a6:57:00:71:54:e4:cc:21:f3:7c:f5:4c:2b:f8:a8: 96:ee:31:5b:a8:1b:a6:62:51:11:39:26:9a:e8:8f: e9:0d:e6:1d:a8:c3:73:7b:a1:9b:13:3e:71:9a:9c: fe:56:f9:0c:33:95:f6:c8:2b:71:73:9e:d0:b0:c7: 10:69:d1:36:0b:3a:64:ca:6c:f4:62:b0:91:6b:09: 5f:46:d7:f1:b9:86:57:3a:27:0c:d0:15:df:d6:06: 11:c3:76:5b:bc:6d:e8:b0:ff:64:55:3a:88:8f:cb: cc:3f:e5:6a:b4:2f:a5:92:30:32:64:95:e1:85:be: 67:0d:f6:e0:ee:67:b5:68:50:5c:78:67:b6:a8:18: 1c:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:C5:31:5E:F7:41:96:87:FA:4D:C6:B2:C8:09:B2:4F:27:F9:AC:CF X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:97:a3:1e:b7:d7:77:19:17:99:a3:10:35:37:8a:6b:b3:e9: ae:0c:94:ec:47:73:9e:d6:be:f6:78:e2:d4:82:3a:63:f6:39: 8c:d0:cb:56:11:1f:a6:37:ec:6b:ea:45:c5:87:03:f6:a3:a9: ad:90:5c:7c:46:18:80:b4:5c:72:68:62:41:5e:53:80:d3:0e: f9:c7:3d:c1:ff:81:63:2b:ab:d2:e9:53:27:62:a7:f9:ef:2c: b0:28:91:30:a9:34:51:e4:f8:67:a6:7f:64:8b:33:13:61:1a: bc:b3:4e:2a:79:2d:40:a5:8a:97:36:73:68:e2:28:38:bf:d8: 6a:f9:cf:88:4e:4d:bc:92:f5:e3:21:15:6c:32:91:c6:b4:e7: a6:38:7e:03:4b:f2:d2:e5:44:2e:27:7a:53:3d:ec:93:29:0d: dc:42:8c:87:48:cb:38:46:10:20:5c:77:38:c1:6d:6b:b8:14: 14:3f:a7:3a:30:ef:f9:d2:f2:53:0d:6d:a0:13:14:5a:7a:82: 29:73:f0:24:55:35:c8:56:c1:43:16:55:9b:6e:7e:b1:1c:19: 3d:7f:88:e5:d9:9b:fc:42:86:a3:3a:80:1e:3a:f7:f7:75:4f: ce:e2:43:0b:e8:e1:24:84:40:81:46:be:f4:7a:6f:e4:85:ff: 2a:df:25:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUwNjAyMTQxNjI5WhcNMjUwNjA5MTQxNjI5WjAYMRYwFAYD VQQDEw02ODNkYjIzZS03ZmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3PiBd0VRX4UdNj37VfYf0rr+nyvGTcW9V8Uy3hI7GApFLtFHt++TwvNlME+/ avZJXo4JA7yhRDsYzFtl4j5ZK5fHVPFsSQDqa8A++0NyyH1sG2oEdb3Ke7K0DPhI NItuPlajMKDpr4srpnlpR5xgDecza590fUemVwBxVOTMIfN89Uwr+KiW7jFbqBum YlEROSaa6I/pDeYdqMNze6GbEz5xmpz+VvkMM5X2yCtxc57QsMcQadE2Czpkymz0 YrCRawlfRtfxuYZXOicM0BXf1gYRw3ZbvG3osP9kVTqIj8vMP+VqtC+lkjAyZJXh hb5nDfbg7me1aFBceGe2qBgcZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLrFMV73 QZaH+k3GssgJsk8n+azPMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6l6Met9d3GReZoxA1N4prs+muDJTsR3Oe1r72eOLUgjpj9jmM0MtW ER+mN+xr6kXFhwP2o6mtkFx8RhiAtFxyaGJBXlOA0w75xz3B/4FjK6vS6VMnYqf5 7yywKJEwqTRR5Phnpn9kizMTYRq8s04qeS1ApYqXNnNo4ig4v9hq+c+ITk28kvXj IRVsMpHGtOemOH4DS/LS5UQuJ3pTPeyTKQ3cQoyHSMs4RhAgXHc4wW1ruBQUP6c6 MO/50vJTDW2gExRaeoIpc/AkVTXIVsFDFlWbbn6xHBk9f4jl2Zv8QoajOoAeOvf3 dU/O4kML6OEkhECBRr70em/khf8q3yVz -----END CERTIFICATE-----Generated at Mon Jun 2 20:24:34 2025 by rpki-client