$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: 8o9tP52+ETSZiE+ooW9uDKE5lJCNnqh/b8Io1YN5o6g= Subject key identifier: 8A:5A:5F:34:D2:9A:C2:0C:8E:38:81:85:42:87:76:43:BC:83:2C:97 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 254B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 254B Signing time: Mon 20 Oct 2025 14:16:50 +0000 Manifest this update: Mon 20 Oct 2025 14:16:49 +0000 Manifest next update: Mon 27 Oct 2025 14:16:49 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: rthwNRwPji/avDwi1vNHUz5V50aG0MWaph8v/E3caig=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:16:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9547 (0x254b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Oct 20 14:16:49 2025 GMT Not After : Oct 27 14:16:49 2025 GMT Subject: CN=68f64451-ff78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7c:4b:65:e8:80:ff:8b:9c:96:da:d4:15:84: fe:3c:4a:b0:17:60:91:82:d9:1b:d1:d1:e5:e1:a2: c1:2b:42:41:ba:f5:45:cc:ee:8b:96:1a:69:15:fb: e0:56:52:64:32:a7:01:22:e7:df:e8:0a:53:f5:b0: 02:24:93:d9:90:a3:9b:9a:0b:51:c7:d1:d1:ea:ea: c6:ed:1d:b8:34:7f:77:96:a4:6f:ce:b4:9b:67:e1: 70:d4:de:96:f0:61:c9:18:ef:8a:fb:d5:e1:67:81: 2b:3c:56:64:7b:37:c0:3b:28:a2:da:12:6f:e7:20: fc:98:39:a0:74:f9:c3:37:33:8a:31:81:9b:bb:5a: 4a:9c:33:62:fb:d4:00:f7:1e:e1:9d:72:90:1e:ff: 12:a2:0e:c1:66:01:18:2f:9a:98:b2:db:5f:47:65: f6:01:32:fc:fe:61:df:26:87:9b:be:69:ac:61:cf: 51:98:c4:9f:bb:1f:17:91:c8:d0:8e:37:bf:9a:11: 98:13:0c:84:35:ce:cd:f8:b5:c3:a3:72:58:a1:e2: 46:b0:9b:0a:f8:07:fe:39:a8:e2:65:c3:38:3a:8f: 87:72:29:8e:00:b0:e5:65:b7:35:50:da:b6:33:51: 4d:84:19:df:07:51:6a:e3:3a:0c:a0:3d:49:e3:07: 02:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:5A:5F:34:D2:9A:C2:0C:8E:38:81:85:42:87:76:43:BC:83:2C:97 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:fa:07:3f:1d:cf:2e:b0:27:5d:e2:19:ce:68:57:7a:ef:b1: 93:30:5c:71:b0:ba:23:52:12:d8:4f:67:e1:cf:0a:9d:30:7e: 98:34:9d:06:d5:10:36:d8:32:f2:b2:99:45:03:65:78:68:9a: 62:bd:66:7a:40:43:0d:ac:1a:5a:d3:dc:b7:6f:5a:65:5e:bf: 55:8a:a1:01:7e:4d:05:31:9a:f3:3a:f4:93:b9:8f:96:90:b8: 8d:c4:18:12:00:88:11:e3:46:ef:8a:83:f1:49:84:43:6c:65: a8:a8:c4:9a:2e:5c:f2:02:17:cf:f0:58:21:54:b3:42:c7:ed: 69:ea:62:4a:f4:3d:e0:c7:7d:7b:47:93:2a:4f:88:d5:88:44: aa:3a:db:7c:0a:12:dc:8e:11:b2:37:3a:70:05:6d:65:0d:5a: 8b:60:d7:bc:80:48:ba:6f:a9:f0:13:c2:2e:13:d6:7e:96:fc: 7b:d8:23:17:f2:73:8e:b5:9c:20:a8:1b:c6:b1:a8:9e:8e:46: 22:60:06:f1:05:62:8f:b2:20:e5:a9:34:82:dc:68:0f:f9:94: dc:55:3b:4f:80:25:1d:22:15:48:e9:9d:12:60:17:1f:47:eb: a0:92:19:1f:06:07:c3:a6:97:d5:18:69:ef:56:e1:97:d8:d4: 1d:db:be:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUxMDIwMTQxNjQ5WhcNMjUxMDI3MTQxNjQ5WjAYMRYwFAYD VQQDEw02OGY2NDQ1MS1mZjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3XxLZeiA/4ucltrUFYT+PEqwF2CRgtkb0dHl4aLBK0JBuvVFzO6LlhppFfvg VlJkMqcBIuff6ApT9bACJJPZkKObmgtRx9HR6urG7R24NH93lqRvzrSbZ+Fw1N6W 8GHJGO+K+9XhZ4ErPFZkezfAOyii2hJv5yD8mDmgdPnDNzOKMYGbu1pKnDNi+9QA 9x7hnXKQHv8Sog7BZgEYL5qYsttfR2X2ATL8/mHfJoebvmmsYc9RmMSfux8XkcjQ jje/mhGYEwyENc7N+LXDo3JYoeJGsJsK+Af+OajiZcM4Oo+HcimOALDlZbc1UNq2 M1FNhBnfB1Fq4zoMoD1J4wcC7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIpaXzTS msIMjjiBhUKHdkO8gyyXMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBT+gc/Hc8usCdd4hnOaFd677GTMFxxsLojUhLYT2fhzwqdMH6YNJ0G 1RA22DLysplFA2V4aJpivWZ6QEMNrBpa09y3b1plXr9ViqEBfk0FMZrzOvSTuY+W kLiNxBgSAIgR40bvioPxSYRDbGWoqMSaLlzyAhfP8FghVLNCx+1p6mJK9D3gx317 R5MqT4jViESqOtt8ChLcjhGyNzpwBW1lDVqLYNe8gEi6b6nwE8IuE9Z+lvx72CMX 8nOOtZwgqBvGsaiejkYiYAbxBWKPsiDlqTSC3GgP+ZTcVTtPgCUdIhVI6Z0SYBcf R+ugkhkfBgfDppfVGGnvVuGX2NQd276E -----END CERTIFICATE-----Generated at Mon Oct 20 18:25:58 2025 by rpki-client