$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: e4jXhvuZNz26TAdS5fU1uMsy4+1ayOajl3DOCBdodjE= Subject key identifier: C5:32:E8:28:68:12:F1:2F:96:AE:62:7A:1C:0E:BA:00:61:94:24:55 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 251C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 251C Signing time: Sun 20 Jul 2025 14:16:35 +0000 Manifest this update: Sun 20 Jul 2025 14:16:35 +0000 Manifest next update: Sun 27 Jul 2025 14:16:35 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: hMaiw3PTjNOyxt0j5k0uA0RfDIX9Neawot5yjuwU7lc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:16:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9500 (0x251c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Jul 20 14:16:35 2025 GMT Not After : Jul 27 14:16:35 2025 GMT Subject: CN=687cfa43-65ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:48:7c:42:7c:dd:af:c2:5f:3a:61:68:fb:f4: b3:31:43:9e:5c:c3:f0:4e:ff:7d:d4:49:7c:6a:76: 52:87:e9:bc:cc:a3:04:45:6d:98:23:2d:05:bd:f8: 8f:80:47:c2:8f:0c:01:02:b9:7a:13:bb:7c:91:d4: ed:f3:84:21:6f:f9:bc:71:0d:bf:86:ae:28:61:74: bf:84:ea:3e:e3:dd:be:57:fe:54:8b:a1:e5:37:df: fb:75:bb:6e:dd:91:90:e2:43:04:2d:34:b5:bb:9e: 93:69:d9:ef:d9:83:0b:04:59:46:57:3f:7d:bf:dd: 1f:8b:12:1e:58:86:6d:1a:b8:29:8e:2d:1f:62:79: e2:68:fa:cd:d3:34:e8:34:99:da:3d:e2:09:08:e3: 48:62:bc:63:39:64:40:08:5f:e7:1b:90:65:e6:e3: 5d:2b:63:3d:60:9a:07:1b:33:44:12:c5:12:1e:fb: b9:51:7c:74:10:64:72:f4:cd:67:df:81:bd:e5:9e: 62:79:1e:4d:68:f8:70:94:ac:7f:ec:84:bf:0b:cc: f8:1b:fe:17:3c:ea:67:80:f8:c1:e5:47:2b:32:97: c7:e6:93:68:8b:5f:a5:01:f8:a7:97:8d:3e:f1:39: e8:06:cd:0b:07:69:a7:81:6e:dd:64:bd:1c:d1:aa: a0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:32:E8:28:68:12:F1:2F:96:AE:62:7A:1C:0E:BA:00:61:94:24:55 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:93:0d:98:c7:02:02:f2:88:1d:27:e8:79:02:01:13:d7:5a: 59:69:24:44:ae:18:f8:3a:de:be:f0:17:11:09:91:a3:ec:10: 14:2d:a8:1f:63:b1:b5:fc:93:6c:00:a1:3e:10:2d:c6:67:26: 84:c5:96:85:47:d2:33:3c:7a:7b:03:0f:27:4d:98:e8:ae:82: b1:41:f5:5c:f1:d3:2d:07:11:41:50:91:54:b6:98:40:f4:04: d0:5e:75:40:23:92:88:c2:71:e9:b8:6e:b9:08:2b:e0:d7:f4: 4a:9d:0b:30:96:48:c3:f9:d8:d6:57:35:ac:d4:f1:40:ed:fe: 09:97:56:07:b7:91:0c:28:d4:54:45:06:54:f4:e3:40:e5:de: de:de:7d:55:4c:3c:01:37:7c:b5:c9:00:ea:63:89:c2:d3:64: 9d:42:b0:f8:87:96:3c:77:ea:98:62:6a:e4:8d:72:6a:ea:56: 64:e0:fd:6a:02:61:4b:a9:ab:5d:7e:fa:e9:e0:b7:54:9f:cf: e8:12:44:62:10:1d:01:9f:db:20:52:cb:f7:93:1f:4d:89:b8: ec:5e:68:0b:f4:2f:e9:92:3a:23:4a:e6:78:92:95:7f:7f:88: 9b:fc:42:2b:cb:9d:6d:cf:63:b1:00:3b:ec:cf:ce:2b:be:23: af:2f:f0:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUwNzIwMTQxNjM1WhcNMjUwNzI3MTQxNjM1WjAYMRYwFAYD VQQDEw02ODdjZmE0My02NWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA20h8Qnzdr8JfOmFo+/SzMUOeXMPwTv991El8anZSh+m8zKMERW2YIy0FvfiP gEfCjwwBArl6E7t8kdTt84Qhb/m8cQ2/hq4oYXS/hOo+492+V/5Ui6HlN9/7dbtu 3ZGQ4kMELTS1u56Tadnv2YMLBFlGVz99v90fixIeWIZtGrgpji0fYnniaPrN0zTo NJnaPeIJCONIYrxjOWRACF/nG5Bl5uNdK2M9YJoHGzNEEsUSHvu5UXx0EGRy9M1n 34G95Z5ieR5NaPhwlKx/7IS/C8z4G/4XPOpngPjB5UcrMpfH5pNoi1+lAfinl40+ 8TnoBs0LB2mngW7dZL0c0aqg1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMUy6Cho EvEvlq5iehwOugBhlCRVMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAskw2YxwIC8ogdJ+h5AgET11pZaSRErhj4Ot6+8BcRCZGj7BAULagf Y7G1/JNsAKE+EC3GZyaExZaFR9IzPHp7Aw8nTZjoroKxQfVc8dMtBxFBUJFUtphA 9ATQXnVAI5KIwnHpuG65CCvg1/RKnQswlkjD+djWVzWs1PFA7f4Jl1YHt5EMKNRU RQZU9ONA5d7e3n1VTDwBN3y1yQDqY4nC02SdQrD4h5Y8d+qYYmrkjXJq6lZk4P1q AmFLqatdfvrp4LdUn8/oEkRiEB0Bn9sgUsv3kx9NibjsXmgL9C/pkjojSuZ4kpV/ f4ib/EIry51tz2OxADvsz84rviOvL/BR -----END CERTIFICATE-----Generated at Mon Jul 21 07:48:26 2025 by rpki-client