$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: KK+osOH11LKRrRub+vWvSukPUgD07LQpKfZsElftAJM= Subject key identifier: FE:DF:FE:E9:A8:7E:C4:8B:52:49:DF:A2:AD:D7:2D:63:9D:C1:D0:63 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 24FA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 24FA Signing time: Mon 12 May 2025 14:16:35 +0000 Manifest this update: Mon 12 May 2025 14:16:35 +0000 Manifest next update: Mon 19 May 2025 14:16:35 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: k+vjzsVf+FG1IeouQ40eBFJ+H2pxDThd6NV2K350N+o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:16:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9466 (0x24fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: May 12 14:16:35 2025 GMT Not After : May 19 14:16:35 2025 GMT Subject: CN=682202c3-74d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ed:df:3c:31:81:ed:30:69:4a:84:c6:4a:c5: c3:16:58:7c:05:a4:1a:92:c6:7a:79:90:a6:41:31: e0:97:e1:49:30:fc:9a:4d:09:d8:80:c0:5c:df:17: b0:b8:66:61:54:8d:49:7a:60:b8:d3:64:b2:e3:24: ee:b3:0b:fd:0a:a1:d6:79:6a:e2:94:a9:08:48:8b: 89:cc:5f:8e:6c:0c:63:43:b6:4b:92:9a:7c:6b:d4: 5a:85:46:90:19:00:ea:29:8d:76:e2:2b:a4:16:6b: ca:b8:30:5b:66:1f:12:6c:81:91:c3:64:f6:1a:2b: be:04:b4:49:1c:9f:df:fd:ab:1f:c3:57:9c:08:67: c3:95:6e:55:c5:0a:e9:15:0b:db:7c:1f:b2:55:e8: a7:df:6c:34:b6:fb:7b:cd:66:a6:a2:e4:9c:2d:75: da:70:2d:15:37:aa:f8:06:59:ec:3d:9b:e8:b3:e3: b7:08:75:e0:5f:73:65:24:f1:20:2c:52:e5:81:93: 11:7e:c7:f5:cb:93:9b:cc:84:6f:b9:c9:6c:7e:1b: 6b:d9:1e:cd:f2:16:44:b7:f1:67:b7:3d:c2:dc:94: f0:bb:3b:22:ed:31:8b:1a:65:24:a1:ee:f8:c9:09: 88:a3:e7:a8:df:fb:47:37:64:f9:67:93:11:c5:e9: b4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:DF:FE:E9:A8:7E:C4:8B:52:49:DF:A2:AD:D7:2D:63:9D:C1:D0:63 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:1a:3a:0a:45:d3:02:9d:38:f2:ba:5d:d9:d8:2e:a6:b5:44: 6c:28:f0:f8:17:3e:77:cc:bf:df:3a:c2:43:15:1d:b0:1c:e6: 91:9c:fa:ef:4e:c9:eb:cf:4a:93:c0:4e:7a:0e:b6:80:26:02: 23:3a:b0:08:5f:b3:7a:39:17:59:62:0a:e2:5d:2a:4c:d3:03: bc:8b:b8:76:7a:52:fe:54:6d:fe:e0:ee:cf:d2:01:17:e5:22: c7:3b:43:1e:6b:39:d2:fe:95:98:31:58:18:f2:95:a9:f7:4a: 2c:14:cd:a5:3b:b8:02:98:5c:98:00:75:a8:a6:bc:28:8e:da: 4f:f6:1f:d1:d9:5c:24:0e:8a:59:15:b5:79:1a:ca:4c:33:a9: 3e:09:76:e0:f4:ed:c1:06:c7:ef:ef:f4:b1:e8:16:d8:5c:5c: a1:07:ae:05:00:c0:9e:c3:46:cb:0c:ff:93:af:a7:7a:30:a5: c1:52:d3:26:77:f8:f2:57:b5:fd:94:78:48:ca:56:4c:4c:f0: da:02:f4:bb:8a:40:8c:8d:a5:30:6d:db:84:f5:74:78:9f:b6: db:b9:e3:aa:f8:02:8c:df:a5:39:79:29:82:c9:a5:9e:ab:5f: ce:a2:bf:77:02:2b:8e:44:88:34:b2:7f:ee:68:67:b8:00:1f: 73:cd:e1:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUwNTEyMTQxNjM1WhcNMjUwNTE5MTQxNjM1WjAYMRYwFAYD VQQDEw02ODIyMDJjMy03NGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqO3fPDGB7TBpSoTGSsXDFlh8BaQaksZ6eZCmQTHgl+FJMPyaTQnYgMBc3xew uGZhVI1JemC402Sy4yTuswv9CqHWeWrilKkISIuJzF+ObAxjQ7ZLkpp8a9RahUaQ GQDqKY124iukFmvKuDBbZh8SbIGRw2T2Giu+BLRJHJ/f/asfw1ecCGfDlW5VxQrp FQvbfB+yVein32w0tvt7zWamouScLXXacC0VN6r4BlnsPZvos+O3CHXgX3NlJPEg LFLlgZMRfsf1y5ObzIRvuclsfhtr2R7N8hZEt/Fntz3C3JTwuzsi7TGLGmUkoe74 yQmIo+eo3/tHN2T5Z5MRxem0owIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7f/umo fsSLUknfoq3XLWOdwdBjMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfGjoKRdMCnTjyul3Z2C6mtURsKPD4Fz53zL/fOsJDFR2wHOaRnPrv Tsnrz0qTwE56DraAJgIjOrAIX7N6ORdZYgriXSpM0wO8i7h2elL+VG3+4O7P0gEX 5SLHO0MeaznS/pWYMVgY8pWp90osFM2lO7gCmFyYAHWoprwojtpP9h/R2VwkDopZ FbV5GspMM6k+CXbg9O3BBsfv7/Sx6BbYXFyhB64FAMCew0bLDP+Tr6d6MKXBUtMm d/jyV7X9lHhIylZMTPDaAvS7ikCMjaUwbduE9XR4n7bbueOq+AKM36U5eSmCyaWe q1/Oor93AiuORIg0sn/uaGe4AB9zzeFW -----END CERTIFICATE-----Generated at Wed May 14 15:03:38 2025 by rpki-client