$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: W6cLg1jid+ZvYVGKQSuM0mv12K44I/t6B6A9yK6VS7M= Subject key identifier: 3C:F2:C0:92:F5:7C:37:5D:B6:4A:FB:FD:A7:96:AA:87:E3:8D:2F:44 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 252D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 252D Signing time: Fri 22 Aug 2025 14:16:37 +0000 Manifest this update: Fri 22 Aug 2025 14:16:36 +0000 Manifest next update: Fri 29 Aug 2025 14:16:36 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: AryM9yLreOlApzhx/EVKbuwv5iePjLReuP5+487MHSA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:16:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9517 (0x252d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Aug 22 14:16:36 2025 GMT Not After : Aug 29 14:16:36 2025 GMT Subject: CN=68a87bc4-4bd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:9b:4f:e9:54:6c:d6:4d:39:0c:b1:2a:10:65: 33:bc:dd:7e:07:00:ec:98:f1:86:08:99:7a:30:7e: da:14:14:18:54:80:31:93:d6:f9:38:13:00:b6:73: 46:dc:74:3b:be:b3:52:8c:4f:d6:d6:f3:95:0c:07: 96:c8:40:a5:92:d7:c5:c5:cc:53:7b:96:cc:f1:1f: ea:73:7d:81:4e:c7:3f:83:d6:88:a2:d1:7c:4e:d1: 46:cb:82:e1:44:0b:5d:ca:de:ca:bf:2e:ce:97:0b: df:b8:0f:2b:cf:b0:45:eb:7d:75:54:1d:29:88:e2: 27:d9:4d:88:36:1b:c8:1f:5c:9e:26:40:c2:8e:8c: 59:a7:7f:30:97:d7:b2:8a:29:98:d2:91:e9:91:c8: 59:24:cd:88:20:f3:ae:90:b4:1a:4a:44:d4:c0:c6: a3:f2:35:63:ab:a0:15:f1:da:d2:a3:db:ec:b7:c2: 82:16:a1:3e:17:c7:f9:f1:eb:9a:1b:28:d6:20:02: c1:f5:d7:85:50:70:a6:6a:38:75:75:e5:c6:48:b6: 38:a2:20:b1:1d:05:d0:aa:70:08:f1:5b:7b:7f:52: a3:05:94:75:2a:ce:b5:9e:21:b4:d9:08:80:35:51: 6b:19:ab:82:3a:23:80:ef:a0:9d:17:ed:48:c1:73: 6f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:F2:C0:92:F5:7C:37:5D:B6:4A:FB:FD:A7:96:AA:87:E3:8D:2F:44 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:ba:5c:ce:1b:64:ac:af:c1:4d:7d:88:46:7c:59:fb:d6:62: d9:22:e5:46:3b:a7:0b:a6:8e:94:3f:0c:1a:3d:1f:89:0b:05: d4:00:83:97:d8:b8:cf:ef:62:0f:a9:b8:12:a4:33:19:4d:80: 88:36:99:c2:df:a9:d2:9b:db:bb:e9:9a:61:6f:cc:51:f6:3b: 51:03:f1:86:f2:c8:57:62:e5:b4:d9:b8:6e:ce:8c:08:3e:3a: 16:f1:b6:7f:24:42:bc:ec:29:7f:cd:9c:85:bf:64:70:50:41: c4:87:74:5f:67:7b:8c:71:08:0b:f9:24:f6:a1:af:6b:e6:69: c1:ca:8d:7e:f6:0f:a5:ca:ee:70:21:8c:cc:f2:1c:73:ad:6b: f7:3b:9c:85:84:b0:ee:56:e3:05:23:2e:3e:b9:db:f8:6a:b3: 96:40:1d:9f:26:eb:60:8d:a5:a3:4f:86:a1:9d:87:ea:78:f1: 87:1a:c6:e9:79:53:9d:0e:bf:40:a1:56:13:d2:f8:28:d0:e9: 72:db:a9:62:ee:6e:ad:49:eb:3c:b9:e0:9e:26:a0:e8:89:2e: 74:38:58:ad:aa:e4:d9:b4:61:81:89:fb:d4:b8:22:f8:58:87: 82:55:47:20:6c:d8:e4:b5:d6:7c:fc:5a:97:aa:3c:27:eb:13: e3:6e:83:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUwODIyMTQxNjM2WhcNMjUwODI5MTQxNjM2WjAYMRYwFAYD VQQDEw02OGE4N2JjNC00YmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0ptP6VRs1k05DLEqEGUzvN1+BwDsmPGGCJl6MH7aFBQYVIAxk9b5OBMAtnNG 3HQ7vrNSjE/W1vOVDAeWyEClktfFxcxTe5bM8R/qc32BTsc/g9aIotF8TtFGy4Lh RAtdyt7Kvy7OlwvfuA8rz7BF6311VB0piOIn2U2INhvIH1yeJkDCjoxZp38wl9ey iimY0pHpkchZJM2IIPOukLQaSkTUwMaj8jVjq6AV8drSo9vst8KCFqE+F8f58eua GyjWIALB9deFUHCmajh1deXGSLY4oiCxHQXQqnAI8Vt7f1KjBZR1Ks61niG02QiA NVFrGauCOiOA76CdF+1IwXNvoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDzywJL1 fDddtkr7/aeWqofjjS9EMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGulzOG2Ssr8FNfYhGfFn71mLZIuVGO6cLpo6UPwwaPR+JCwXUAIOX 2LjP72IPqbgSpDMZTYCINpnC36nSm9u76Zphb8xR9jtRA/GG8shXYuW02bhuzowI PjoW8bZ/JEK87Cl/zZyFv2RwUEHEh3RfZ3uMcQgL+ST2oa9r5mnByo1+9g+lyu5w IYzM8hxzrWv3O5yFhLDuVuMFIy4+udv4arOWQB2fJutgjaWjT4ahnYfqePGHGsbp eVOdDr9AoVYT0vgo0Oly26li7m6tSes8ueCeJqDoiS50OFitquTZtGGBifvUuCL4 WIeCVUcgbNjktdZ8/FqXqjwn6xPjboOG -----END CERTIFICATE-----Generated at Sun Aug 24 00:17:05 2025 by rpki-client