$ rpki-client -vvf rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.mft File: XrCY701WVcxmtq-Bw83kBi2ALzs.mft (raw, json) Hash identifier: MmhNn+iopIiR0hNpmNecSrV/q0er37KNzZhsfYKxDtQ= Subject key identifier: 4E:2A:8B:5E:2F:26:D0:2D:26:EA:40:5D:4D:66:2C:C1:6E:77:11:AA Authority key identifier: 5E:B0:98:EF:4D:56:55:CC:66:B6:AF:81:C3:CD:E4:06:2D:80:2F:3B Certificate issuer: /CN=A919E3FB/serialNumber=5EB098EF4D5655CC66B6AF81C3CDE4062D802F3B Certificate serial: 04FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XrCY701WVcxmtq-Bw83kBi2ALzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.mft Manifest number: 04F8 Signing time: Sun 07 Sep 2025 00:01:34 +0000 Manifest this update: Sun 07 Sep 2025 00:01:34 +0000 Manifest next update: Sun 14 Sep 2025 00:01:34 +0000 Files and hashes: 1: XrCY701WVcxmtq-Bw83kBi2ALzs.crl (hash: U+SjLrcrXzS+8axCtlEo4DJuP2oajDaIurgQAXOF5wk=) 2: B4D8E692267111ECA0546981C4F9AE02.roa (hash: APl5b4vCPo52FjFgWioqB5D0vfXVOhLUTwuTuf6xSiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.crl rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XrCY701WVcxmtq-Bw83kBi2ALzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 00:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1277 (0x4fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919E3FB, serialNumber=5EB098EF4D5655CC66B6AF81C3CDE4062D802F3B Validity Not Before: Sep 7 00:01:34 2025 GMT Not After : Sep 14 00:01:34 2025 GMT Subject: CN=68bccb5e-83ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7b:d4:8f:f1:aa:73:55:5a:02:65:d0:da:b3: 43:b4:16:8f:c3:5c:8f:0a:f8:e9:8c:19:69:12:d1: d1:05:c2:91:c4:da:7a:5b:52:c8:ed:e8:9b:7e:1d: ea:1e:e5:65:a9:a6:0a:db:ce:40:02:a9:63:3b:ac: cf:c8:15:2b:56:8e:72:36:fb:2a:5f:63:7e:ca:7c: 50:a9:72:18:38:af:e6:68:05:28:64:eb:8c:cf:65: 25:21:d2:e9:77:c4:61:8c:bc:ef:4c:99:4b:d9:d2: 05:e9:4a:79:b9:85:1f:26:50:60:a3:50:28:89:ce: e4:c9:08:eb:a8:50:aa:85:40:a8:02:e0:59:31:1a: b8:46:bb:af:e1:33:e2:a8:82:ca:d8:ae:6b:34:fb: c4:98:b5:65:3a:8b:73:40:31:1d:20:2e:03:23:41: 48:50:9e:49:a6:4c:d0:b8:3c:6d:63:cf:e0:a0:32: 7e:7d:7c:b4:15:a6:33:c6:01:07:67:04:cc:cb:c8: cd:44:64:90:18:16:95:90:59:96:24:b4:b2:31:0b: 58:d6:5c:d2:13:c9:8d:17:a1:eb:d5:b6:b8:d1:4e: 49:bb:7a:59:cf:85:f2:a3:6a:f4:ce:7e:d9:d8:2d: fe:2d:07:ae:03:f9:6a:63:4e:3b:ab:4f:0b:16:2e: 9c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:2A:8B:5E:2F:26:D0:2D:26:EA:40:5D:4D:66:2C:C1:6E:77:11:AA X509v3 Authority Key Identifier: keyid:5E:B0:98:EF:4D:56:55:CC:66:B6:AF:81:C3:CD:E4:06:2D:80:2F:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XrCY701WVcxmtq-Bw83kBi2ALzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:ba:40:de:f6:47:29:1a:c6:a0:b9:4b:91:54:8d:1f:42:dc: c0:b3:4b:16:96:b5:63:80:46:41:15:3a:ab:82:b2:70:b5:52: f7:f6:6c:01:85:41:e0:23:30:2b:6b:e7:7e:ea:57:0e:fd:a4: d6:49:5c:f9:3f:d0:9f:96:69:25:62:8c:01:ef:e6:ff:8c:c3: 7b:63:a4:10:79:8c:35:76:ce:9f:90:f8:6d:60:72:30:6b:41: 29:29:79:5b:94:88:06:26:6b:9a:37:a2:27:8c:51:4b:af:2a: 4c:95:6b:65:ad:b1:e5:39:34:d2:63:67:f0:ad:cd:4d:eb:92: 25:ab:b1:df:08:28:bb:95:be:fa:23:c7:33:96:97:e9:1f:8f: 5b:8c:ab:7d:6d:8d:56:3a:1b:86:bd:81:c4:a7:3b:1a:79:b9: a2:15:aa:ae:4e:71:06:05:35:3f:74:62:20:af:5e:75:fb:8a: cd:48:a5:5e:79:fa:00:47:9a:52:46:41:ae:b1:90:2c:c7:a4: 06:c4:91:42:38:95:0d:9b:e3:7a:55:cc:e4:4a:b3:a4:3c:cc: 59:b6:c5:8e:c7:f4:a1:db:69:a4:3f:5b:ef:02:60:bb:90:28: bb:f5:66:e5:26:fa:2a:cb:32:56:fe:8a:19:d0:ff:b9:6e:cc: 7d:4c:98:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUUzRkIxMTAvBgNVBAUTKDVFQjA5OEVGNEQ1NjU1Q0M2NkI2QUY4MUMzQ0RFNDA2 MkQ4MDJGM0IwHhcNMjUwOTA3MDAwMTM0WhcNMjUwOTE0MDAwMTM0WjAYMRYwFAYD VQQDEw02OGJjY2I1ZS04M2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv3vUj/Gqc1VaAmXQ2rNDtBaPw1yPCvjpjBlpEtHRBcKRxNp6W1LI7eibfh3q HuVlqaYK285AAqljO6zPyBUrVo5yNvsqX2N+ynxQqXIYOK/maAUoZOuMz2UlIdLp d8RhjLzvTJlL2dIF6Up5uYUfJlBgo1Aoic7kyQjrqFCqhUCoAuBZMRq4Rruv4TPi qILK2K5rNPvEmLVlOotzQDEdIC4DI0FIUJ5JpkzQuDxtY8/goDJ+fXy0FaYzxgEH ZwTMy8jNRGSQGBaVkFmWJLSyMQtY1lzSE8mNF6Hr1ba40U5Ju3pZz4Xyo2r0zn7Z 2C3+LQeuA/lqY047q08LFi6cJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE4qi14v JtAtJupAXU1mLMFudxGqMB8GA1UdIwQYMBaAFF6wmO9NVlXMZravgcPN5AYtgC87 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTNGQi9GREQ0NEMyMjI2 NkUxMUVDQUMwOTdDN0JDNEY5QUUwMi9YckNZNzAxV1ZjeG10cS1Cdzgza0JpMkFM enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hyQ1k3MDFXVmN4bXRxLUJ3ODNrQmkyQUx6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RTNGQi9GREQ0NEMyMjI2NkUxMUVDQUMwOTdDN0JDNEY5QUUwMi9YckNZNzAxV1Zj eG10cS1Cdzgza0JpMkFMenMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABukDe9kcpGsaguUuRVI0fQtzAs0sWlrVjgEZBFTqrgrJwtVL39mwB hUHgIzAra+d+6lcO/aTWSVz5P9CflmklYowB7+b/jMN7Y6QQeYw1ds6fkPhtYHIw a0EpKXlblIgGJmuaN6InjFFLrypMlWtlrbHlOTTSY2fwrc1N65Ilq7HfCCi7lb76 I8czlpfpH49bjKt9bY1WOhuGvYHEpzsaebmiFaquTnEGBTU/dGIgr151+4rNSKVe efoAR5pSRkGusZAsx6QGxJFCOJUNm+N6VczkSrOkPMxZtsWOx/Sh22mkP1vvAmC7 kCi79WblJvoqyzJW/ooZ0P+5bsx9TJia -----END CERTIFICATE-----Generated at Mon Sep 8 17:42:26 2025 by rpki-client