$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: cY0dpp2mO5z/dQEOwTel73Tl3E4II6rkiHPkkD3l5ME= Subject key identifier: 07:D1:ED:E8:4C:7E:87:E4:43:B2:86:1D:69:83:81:BF:DE:82:D1:39 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: 81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: 7D Signing time: Sun 11 May 2025 05:30:34 +0000 Manifest this update: Sun 11 May 2025 05:30:34 +0000 Manifest next update: Sun 18 May 2025 05:30:34 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: f3p4B4njp4rLvoEZl8anXnUNP9SmVHszmKVN8tANEdQ=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: Po2BM3la9bQp8SxvolgWBVl3dKAKoE5yaonqoVw5jxw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 129 (0x81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: May 11 05:30:34 2025 GMT Not After : May 18 05:30:34 2025 GMT Subject: CN=682035fa-e33d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e4:b5:bb:b2:b9:a8:6c:49:39:a5:58:73:0c: d8:23:6a:c0:40:12:88:66:27:9e:71:5a:0f:e6:0f: 7a:7a:49:4b:09:93:55:2f:df:4a:0d:63:8b:42:4a: d3:a5:13:2b:6d:c3:3d:d3:43:e1:96:e4:e6:5b:e8: 3e:25:b5:20:aa:f1:ca:a0:1c:26:1f:8a:72:32:92: f0:05:00:1e:9b:6c:a3:5c:43:7d:0c:01:e1:9d:39: b6:96:3c:bd:43:59:d2:d9:80:34:b3:33:d3:82:e2: e9:2a:cb:b9:0a:32:e9:37:e2:95:ec:dc:39:e5:b2: ad:72:d4:de:af:02:ad:0a:70:80:95:78:b7:52:fd: e8:0c:78:f7:45:6d:0c:83:ac:32:e8:4a:85:09:c9: e9:07:27:a5:46:8a:cc:ac:e8:b5:9d:0d:0d:38:56: 2e:8d:c1:fc:3e:fc:96:9e:09:b4:b5:89:6f:13:d2: 64:34:c8:86:b9:e2:a4:e4:b4:58:55:1a:2d:8b:a8: 18:6d:e2:31:ca:a2:5c:53:67:09:86:61:c7:4c:50: 9d:e4:32:3d:d1:a8:26:72:b4:46:5d:9b:26:c7:06: 63:67:30:0a:75:7a:95:4d:3f:24:28:e2:c3:49:c9: 48:ac:53:c3:15:e1:96:ee:b8:35:e1:e1:d0:9c:60: 3c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:D1:ED:E8:4C:7E:87:E4:43:B2:86:1D:69:83:81:BF:DE:82:D1:39 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:d7:c9:7e:9e:25:91:e8:e8:03:0e:0d:50:7c:bc:4a:1a:81: e5:cb:09:5a:5c:80:54:9f:eb:6b:f2:97:96:00:07:2e:c3:c2: bc:73:89:a7:ad:20:77:9b:36:f8:a3:c3:1f:c3:3a:35:8e:3f: 01:ef:93:24:a1:68:20:7c:ec:11:87:5c:7a:8f:17:a9:60:26: 5d:1d:66:79:76:89:8e:86:60:1e:0b:34:a2:d5:a5:f7:30:ac: 97:39:7d:7b:ce:c3:d5:80:b4:7c:4a:47:35:0a:cf:84:b4:3f: db:cf:0e:6c:75:df:9b:cb:c1:4f:fc:b5:c7:09:3e:a9:83:c2: 09:b9:36:35:00:da:fc:01:2d:e4:66:d0:cc:f4:b9:2f:23:11: 4a:8f:7d:6e:10:6f:49:ae:94:a8:91:19:0b:af:b4:5c:ac:69: c7:49:e6:6e:f6:69:b1:30:9f:e4:4d:dc:04:b4:9b:8c:7f:0c: d7:54:4b:7b:99:2f:76:1e:35:2c:d7:49:87:7c:9e:b1:c5:4f: de:8e:83:39:59:bb:2e:0b:fd:7d:bc:77:69:fe:6d:29:15:aa: 4f:89:15:db:c2:78:58:5c:92:21:a7:56:30:98:8f:f1:d1:8f: b4:02:69:26:29:d2:d0:d2:12:eb:99:9e:a2:04:47:dc:7f:08: 8d:9a:78:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUwNTExMDUzMDM0WhcNMjUwNTE4MDUzMDM0WjAYMRYwFAYD VQQDEw02ODIwMzVmYS1lMzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyuS1u7K5qGxJOaVYcwzYI2rAQBKIZieecVoP5g96eklLCZNVL99KDWOLQkrT pRMrbcM900PhluTmW+g+JbUgqvHKoBwmH4pyMpLwBQAem2yjXEN9DAHhnTm2ljy9 Q1nS2YA0szPTguLpKsu5CjLpN+KV7Nw55bKtctTerwKtCnCAlXi3Uv3oDHj3RW0M g6wy6EqFCcnpByelRorMrOi1nQ0NOFYujcH8PvyWngm0tYlvE9JkNMiGueKk5LRY VRoti6gYbeIxyqJcU2cJhmHHTFCd5DI90agmcrRGXZsmxwZjZzAKdXqVTT8kKOLD SclIrFPDFeGW7rg14eHQnGA8pQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAfR7ehM fofkQ7KGHWmDgb/egtE5MB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAV18l+niWR6OgDDg1QfLxKGoHlywlaXIBUn+tr8peWAAcuw8K8c4mn rSB3mzb4o8Mfwzo1jj8B75MkoWggfOwRh1x6jxepYCZdHWZ5domOhmAeCzSi1aX3 MKyXOX17zsPVgLR8Skc1Cs+EtD/bzw5sdd+by8FP/LXHCT6pg8IJuTY1ANr8AS3k ZtDM9LkvIxFKj31uEG9JrpSokRkLr7RcrGnHSeZu9mmxMJ/kTdwEtJuMfwzXVEt7 mS92HjUs10mHfJ6xxU/ejoM5WbsuC/19vHdp/m0pFapPiRXbwnhYXJIhp1YwmI/x 0Y+0AmkmKdLQ0hLrmZ6iBEfcfwiNmnhX -----END CERTIFICATE-----Generated at Sun May 11 16:41:13 2025 by rpki-client