$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: AQ00JClssWKK/lM3V3jLBH44QC5NWGlBvM61NGPmyuc= Subject key identifier: 59:2A:9B:62:17:2C:62:1C:A6:DD:55:4B:74:E6:6C:FF:F8:55:10:A9 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: C0 Signing time: Wed 17 Sep 2025 06:37:48 +0000 Manifest this update: Wed 17 Sep 2025 06:37:47 +0000 Manifest next update: Wed 24 Sep 2025 06:37:47 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: jzeaBo6q8T6kHwFq22Uv+ZptkPlrhgZqf0ajSG2tQ5s=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: 0W2/njWu/4NeHHOITSUzSzI4ic/vgB1fnauNrzPM4sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 06:37:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 197 (0xc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Sep 17 06:37:47 2025 GMT Not After : Sep 24 06:37:47 2025 GMT Subject: CN=68ca573b-dc8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f4:12:16:f2:a0:0b:4b:e5:cd:ea:dc:7f:41: 2a:45:14:2a:dc:0a:74:e3:a0:5f:4a:0c:bf:3a:37: 6c:ba:b6:93:64:8d:a0:89:5c:46:16:60:47:ce:dd: 0a:9d:5c:2a:86:dc:ff:6b:c7:eb:40:ba:2d:44:44: 0a:65:29:c7:7f:11:99:7a:89:2a:a6:fd:d0:e3:61: 4b:44:cc:23:96:f5:b7:ff:98:b1:ca:3e:b7:c0:f9: 47:8e:a0:b4:da:19:f7:3a:53:74:3c:c1:08:d7:75: 25:68:13:dd:d0:d7:34:76:03:0e:2d:e9:f3:7b:75: fd:01:07:eb:fb:10:7a:bb:01:5e:03:fd:80:93:9f: 92:d0:d2:87:0a:91:78:73:c5:2e:18:cc:16:b5:e8: f4:ca:9f:85:8a:bc:cf:71:87:0f:71:78:3b:ba:92: a5:56:5f:4c:93:59:36:f4:a5:cb:e8:57:20:ae:62: 59:8e:31:5b:ce:86:50:a0:1f:44:1d:45:0f:26:dd: 88:3f:3d:98:52:84:c5:e4:47:1f:b1:a0:d8:94:f5: 77:bc:11:8f:61:e6:4c:5b:2b:7d:76:eb:d4:4d:b4: 33:94:8a:d5:0f:7c:ea:b2:03:79:44:4f:51:12:53: c9:55:01:ee:6a:01:1e:91:a9:77:b8:38:d7:15:d8: db:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:2A:9B:62:17:2C:62:1C:A6:DD:55:4B:74:E6:6C:FF:F8:55:10:A9 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:ac:12:5f:ed:2f:ba:e8:54:3c:2a:b0:99:22:8b:39:0c:54: 0d:64:30:a6:c7:80:a8:c9:c5:2d:a3:a4:86:60:5c:0c:b0:b8: 51:11:8f:b0:57:66:30:29:19:e4:09:a0:89:12:c5:ff:97:1e: 4a:99:9a:f3:46:7c:9c:26:a9:88:7d:7a:65:27:7c:de:7d:c5: 5c:da:a7:c1:75:fe:03:3d:8f:f7:95:47:23:6f:a8:4b:03:af: 60:5d:f1:f0:9b:eb:d2:33:eb:16:da:43:40:0b:15:64:42:97: 80:e4:44:a6:4a:8c:ca:1a:f8:f4:92:81:a2:3b:96:5b:e1:7c: 92:a7:82:1e:28:cd:60:2b:eb:ed:92:38:a8:4d:17:17:f6:a0: ed:72:d6:7c:0f:5a:db:e5:38:8b:4a:69:b5:7b:2b:9f:50:f6: 4b:39:86:c0:42:9e:3f:da:4e:29:7c:55:2b:5a:8f:0e:fc:f0: 8b:fd:99:36:93:5d:e8:1a:15:fc:42:b6:99:9a:cf:b2:c4:e4: ad:fc:e1:44:0c:27:f3:52:7a:49:03:65:41:58:ba:97:56:d9: 39:bf:31:28:67:c6:31:77:e7:7c:70:59:47:6b:bd:bd:c3:c5: bb:ad:24:e2:39:27:24:7d:6b:b5:67:f1:8b:2b:a6:5d:75:75: 98:47:49:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUwOTE3MDYzNzQ3WhcNMjUwOTI0MDYzNzQ3WjAYMRYwFAYD VQQDEw02OGNhNTczYi1kYzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx/QSFvKgC0vlzercf0EqRRQq3Ap046BfSgy/OjdsuraTZI2giVxGFmBHzt0K nVwqhtz/a8frQLotREQKZSnHfxGZeokqpv3Q42FLRMwjlvW3/5ixyj63wPlHjqC0 2hn3OlN0PMEI13UlaBPd0Nc0dgMOLenze3X9AQfr+xB6uwFeA/2Ak5+S0NKHCpF4 c8UuGMwWtej0yp+FirzPcYcPcXg7upKlVl9Mk1k29KXL6FcgrmJZjjFbzoZQoB9E HUUPJt2IPz2YUoTF5EcfsaDYlPV3vBGPYeZMWyt9duvUTbQzlIrVD3zqsgN5RE9R ElPJVQHuagEekal3uDjXFdjbDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFkqm2IX LGIcpt1VS3TmbP/4VRCpMB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMrBJf7S+66FQ8KrCZIos5DFQNZDCmx4CoycUto6SGYFwMsLhREY+w V2YwKRnkCaCJEsX/lx5KmZrzRnycJqmIfXplJ3zefcVc2qfBdf4DPY/3lUcjb6hL A69gXfHwm+vSM+sW2kNACxVkQpeA5ESmSozKGvj0koGiO5Zb4XySp4IeKM1gK+vt kjioTRcX9qDtctZ8D1rb5TiLSmm1eyufUPZLOYbAQp4/2k4pfFUrWo8O/PCL/Zk2 k13oGhX8QraZms+yxOSt/OFEDCfzUnpJA2VBWLqXVtk5vzEoZ8Yxd+d8cFlHa729 w8W7rSTiOSckfWu1Z/GLK6ZddXWYR0nD -----END CERTIFICATE-----Generated at Thu Sep 18 23:24:28 2025 by rpki-client