$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: xtFrC4Md8hrmtIpd/V/GvmkAUJ96Gd1HpBJiA8BsLXA= Subject key identifier: 9C:70:8A:21:5B:53:1F:F0:EB:2B:1E:EC:7F:43:7A:A3:4C:23:D6:01 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: 9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: 98 Signing time: Tue 01 Jul 2025 07:10:07 +0000 Manifest this update: Tue 01 Jul 2025 07:10:06 +0000 Manifest next update: Tue 08 Jul 2025 07:10:06 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: hsZ3f+eAYF+ysqWNbavWFzYEwWSWkvclMzbB7As596I=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: 0W2/njWu/4NeHHOITSUzSzI4ic/vgB1fnauNrzPM4sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:10:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 157 (0x9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Jul 1 07:10:06 2025 GMT Not After : Jul 8 07:10:06 2025 GMT Subject: CN=686389cf-270d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:13:eb:f2:51:ba:23:79:6d:7e:54:25:b2:03: 46:9b:7f:fa:71:80:08:4e:b5:a7:4b:a9:18:28:cf: b1:53:c9:4b:b7:54:44:9d:e0:ca:5f:04:15:10:34: 3e:0c:a0:cd:49:27:ae:1e:f9:b4:01:87:57:77:2e: 19:08:7c:ef:ea:78:f8:3a:03:08:53:21:02:0f:11: 30:02:9a:ba:98:7c:0d:ff:6b:04:65:d0:22:5e:99: 5e:8c:38:4d:d8:3a:37:4e:f5:c4:5c:17:eb:78:3b: 1f:f0:e0:01:59:2c:1b:2c:71:c0:a6:14:bb:0b:97: 58:08:ed:68:a1:c4:08:90:ff:56:41:09:8c:51:ee: 0e:68:80:79:5a:2a:43:a6:4c:f4:e5:df:b1:de:9c: 83:7a:2b:ac:84:91:f3:0b:b2:f4:89:45:f4:6b:0e: 07:77:6c:39:55:f8:fc:9e:de:90:be:07:65:f3:8c: 6a:a5:ee:bc:06:d0:4e:11:23:f0:40:0b:0b:0b:bd: ff:a9:a6:50:31:e6:fb:d0:ac:24:96:25:28:dd:97: 8d:37:73:21:fd:e5:c1:5e:cf:32:c1:69:28:04:42: a8:4b:ff:80:42:f2:01:08:dc:f6:ce:06:6d:12:f1: 14:d3:04:8b:5f:15:03:ee:13:e8:40:ac:f7:8a:36: a4:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:70:8A:21:5B:53:1F:F0:EB:2B:1E:EC:7F:43:7A:A3:4C:23:D6:01 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:e5:b0:69:8d:63:02:43:11:e1:9c:fd:dd:be:c5:9c:77:b3: 4d:fd:60:41:43:2f:02:19:de:6b:bd:d2:11:45:3f:e7:f6:7d: 9e:67:7f:96:57:06:9e:4a:c8:d9:95:eb:cd:c2:15:7c:09:fc: da:41:4d:69:27:63:de:ab:16:95:65:87:65:4f:d9:61:91:d4: 3a:2a:8c:f8:6c:77:10:b7:d5:5b:7a:37:8b:11:40:53:cc:05: 70:15:62:49:b3:e4:8a:f0:67:84:38:f3:3d:f3:09:dc:5d:75: dd:75:00:f7:9b:4e:2e:5a:e8:4e:80:4a:fe:3d:2a:51:22:d7: c6:78:ae:1f:7c:f5:52:5e:c7:17:ac:d5:04:93:7b:02:76:f8: 35:0c:8c:73:32:b6:4a:9f:70:e3:a1:17:29:81:71:0d:b1:b3: 4c:25:85:cc:5c:23:66:ec:e7:37:b3:71:64:90:01:e8:0d:39: 28:9c:d8:a6:d0:9c:c0:fd:50:fd:8d:d3:e6:f1:00:40:8a:47: 3b:40:64:6b:26:59:cd:8e:37:db:9b:13:71:d4:00:0d:b5:e2: 66:e5:b0:81:0f:2c:b8:39:83:80:17:4f:55:77:83:ee:2a:42: 24:37:ed:47:17:6d:86:fa:42:b7:4a:d8:60:b0:16:75:c6:3c: 77:c4:51:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUwNzAxMDcxMDA2WhcNMjUwNzA4MDcxMDA2WjAYMRYwFAYD VQQDEw02ODYzODljZi0yNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7hPr8lG6I3ltflQlsgNGm3/6cYAITrWnS6kYKM+xU8lLt1REneDKXwQVEDQ+ DKDNSSeuHvm0AYdXdy4ZCHzv6nj4OgMIUyECDxEwApq6mHwN/2sEZdAiXplejDhN 2Do3TvXEXBfreDsf8OABWSwbLHHAphS7C5dYCO1oocQIkP9WQQmMUe4OaIB5WipD pkz05d+x3pyDeiushJHzC7L0iUX0aw4Hd2w5Vfj8nt6Qvgdl84xqpe68BtBOESPw QAsLC73/qaZQMeb70KwkliUo3ZeNN3Mh/eXBXs8ywWkoBEKoS/+AQvIBCNz2zgZt EvEU0wSLXxUD7hPoQKz3ijak0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJxwiiFb Ux/w6yse7H9DeqNMI9YBMB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCa5bBpjWMCQxHhnP3dvsWcd7NN/WBBQy8CGd5rvdIRRT/n9n2eZ3+W VwaeSsjZlevNwhV8CfzaQU1pJ2PeqxaVZYdlT9lhkdQ6Koz4bHcQt9VbejeLEUBT zAVwFWJJs+SK8GeEOPM98wncXXXddQD3m04uWuhOgEr+PSpRItfGeK4ffPVSXscX rNUEk3sCdvg1DIxzMrZKn3DjoRcpgXENsbNMJYXMXCNm7Oc3s3FkkAHoDTkonNim 0JzA/VD9jdPm8QBAikc7QGRrJlnNjjfbmxNx1AANteJm5bCBDyy4OYOAF09Vd4Pu KkIkN+1HF22G+kK3SthgsBZ1xjx3xFFH -----END CERTIFICATE-----Generated at Tue Jul 1 22:05:03 2025 by rpki-client