$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: chQI1kIjAzEPd8DzCyUfuYJurl2dgpyQYdCHmeShttU= Subject key identifier: CD:0D:C2:6F:42:1E:09:1A:8D:D7:B9:DF:84:5A:5A:35:9A:A9:F5:25 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: B3 Signing time: Sat 23 Aug 2025 06:20:36 +0000 Manifest this update: Sat 23 Aug 2025 06:20:36 +0000 Manifest next update: Sat 30 Aug 2025 06:20:36 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: AhEUVEvlpz0bN58irW3ZntdbS/8uyDDK0wVnXVE8SxA=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: 0W2/njWu/4NeHHOITSUzSzI4ic/vgB1fnauNrzPM4sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:20:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 184 (0xb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Aug 23 06:20:36 2025 GMT Not After : Aug 30 06:20:36 2025 GMT Subject: CN=68a95db4-338a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e2:ab:61:6c:43:de:b8:14:19:59:3e:ec:9d: 2d:0c:55:4c:d1:f3:a1:37:10:f6:4e:d9:b1:fc:93: db:12:48:05:e3:ab:e5:31:06:e8:66:33:48:43:ff: bb:e3:22:a5:ea:67:9a:13:0a:7d:68:86:08:b2:56: 57:5c:87:e0:e7:9d:14:d8:a3:d3:50:72:98:6e:0e: 75:93:72:71:ea:28:f5:23:c6:97:5b:fd:ef:99:a0: 98:2f:6b:12:d7:f0:cc:5b:9a:a6:82:ed:02:b1:4e: 3e:0f:1f:90:c5:b6:95:8f:88:b1:26:37:fb:1e:15: bb:de:78:71:43:d5:6c:e3:84:d1:ec:33:28:26:04: 1d:d5:dd:56:7c:62:d9:7b:73:5c:3c:f9:6f:ea:f3: 7c:d5:6e:96:6a:c2:01:b5:b1:52:c9:cb:a8:89:88: 15:ad:66:16:25:ea:72:ce:73:ae:cd:25:4d:14:c5: 48:f2:8b:8f:a1:99:0f:63:42:51:ce:a3:09:f7:95: 03:01:58:21:c7:0b:fb:41:18:85:52:bf:b9:6e:f2: 11:2f:d8:e9:fa:8c:f2:cc:78:c6:c5:85:85:8d:1c: 5f:c5:07:45:8c:e0:9b:ea:6a:fe:4f:f8:bb:4c:c6: c2:9b:36:27:6f:42:2e:a0:1e:95:8a:84:f0:e2:f2: 1a:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:0D:C2:6F:42:1E:09:1A:8D:D7:B9:DF:84:5A:5A:35:9A:A9:F5:25 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:3b:d2:11:ca:10:84:32:08:08:ff:7d:9c:aa:82:bf:bb:a5: 80:81:96:58:76:98:4a:6d:81:ce:ad:d2:36:8f:b9:3c:1e:91: a4:b0:3e:84:0b:29:2b:1e:dd:63:05:12:2d:07:99:2c:65:d4: a0:24:cc:5a:bc:af:22:e7:01:ee:e5:3b:cc:99:87:43:1f:b5: b9:6d:06:5d:98:66:6b:a2:b6:da:ad:2f:e2:35:a0:12:4f:8c: 76:2c:8b:87:00:3d:34:59:f2:2f:9b:ef:bd:cf:bf:13:21:fd: 10:3c:d2:33:e9:7c:bd:55:e3:7f:bf:17:1a:fa:fc:1d:de:6a: 06:2b:28:33:af:5b:b7:72:59:65:d1:ac:59:70:fc:65:4b:3a: 55:de:a5:1a:7e:41:7d:15:ea:57:91:3e:eb:c7:26:db:61:5b: 46:e3:f5:f5:63:17:35:7b:c2:ed:bc:91:59:e2:58:70:ec:f8: 05:26:3c:6e:10:a2:aa:87:ba:78:2c:1d:f0:2c:fb:ed:a4:28: 72:be:85:b0:da:f2:17:3d:8b:31:02:55:c7:c7:28:32:f5:0e: b3:c4:ae:d3:a0:70:1b:c3:ed:d4:ac:fc:eb:18:ae:ef:6b:d6: b1:2c:75:84:f6:6a:b5:61:23:df:8b:0d:5e:61:2d:3b:26:77: 88:b5:87:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUwODIzMDYyMDM2WhcNMjUwODMwMDYyMDM2WjAYMRYwFAYD VQQDEw02OGE5NWRiNC0zMzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAteKrYWxD3rgUGVk+7J0tDFVM0fOhNxD2Ttmx/JPbEkgF46vlMQboZjNIQ/+7 4yKl6meaEwp9aIYIslZXXIfg550U2KPTUHKYbg51k3Jx6ij1I8aXW/3vmaCYL2sS 1/DMW5qmgu0CsU4+Dx+QxbaVj4ixJjf7HhW73nhxQ9Vs44TR7DMoJgQd1d1WfGLZ e3NcPPlv6vN81W6WasIBtbFSycuoiYgVrWYWJepyznOuzSVNFMVI8ouPoZkPY0JR zqMJ95UDAVghxwv7QRiFUr+5bvIRL9jp+ozyzHjGxYWFjRxfxQdFjOCb6mr+T/i7 TMbCmzYnb0IuoB6VioTw4vIaUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0Nwm9C Hgkajde534RaWjWaqfUlMB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfO9IRyhCEMggI/32cqoK/u6WAgZZYdphKbYHOrdI2j7k8HpGksD6E CykrHt1jBRItB5ksZdSgJMxavK8i5wHu5TvMmYdDH7W5bQZdmGZrorbarS/iNaAS T4x2LIuHAD00WfIvm++9z78TIf0QPNIz6Xy9VeN/vxca+vwd3moGKygzr1u3clll 0axZcPxlSzpV3qUafkF9FepXkT7rxybbYVtG4/X1Yxc1e8LtvJFZ4lhw7PgFJjxu EKKqh7p4LB3wLPvtpChyvoWw2vIXPYsxAlXHxygy9Q6zxK7ToHAbw+3UrPzrGK7v a9axLHWE9mq1YSPfiw1eYS07JneItYdu -----END CERTIFICATE-----Generated at Sat Aug 23 16:39:12 2025 by rpki-client