$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: k6vPaQTMnoRjdCocPH2ROeoOxt4v+U+vWnBQju1IEbA= Subject key identifier: E9:D2:42:D6:30:49:B5:47:F0:C3:54:7A:FC:BC:2F:EA:FE:90:67:D8 Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 01D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 01D1 Signing time: Fri 25 Apr 2025 02:01:20 +0000 Manifest this update: Fri 25 Apr 2025 02:01:19 +0000 Manifest next update: Fri 02 May 2025 02:01:19 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: NC6Ep7Oa4GW07P0ybWgJVDqOgLbAW6CjHbgIzH13hOo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 468 (0x1d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0, serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: Apr 25 02:01:19 2025 GMT Not After : May 2 02:01:19 2025 GMT Subject: CN=680aecef-34de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:50:ad:4d:a5:86:44:75:94:0f:de:19:1c:ae: ab:6d:ac:c2:26:74:43:36:42:3c:dc:66:64:31:55: e2:21:7c:e3:1b:79:23:af:c4:b7:e6:c0:3a:af:84: e2:98:2e:ea:1d:92:33:0c:ca:d4:6d:48:a5:74:a0: 8f:ef:7f:f5:25:1c:33:7a:0e:2b:75:e8:8d:b9:d9: 29:a2:6d:e6:e1:be:8f:36:91:13:c6:d9:3d:aa:4f: fd:3c:97:23:7b:0e:b5:71:45:bd:50:c6:e6:55:ff: fc:c1:bb:e8:03:34:b8:0a:79:9f:4a:27:7f:40:fb: f4:52:df:36:8b:2a:75:f0:d9:c4:44:57:6c:a5:49: 37:ba:e2:38:06:be:e1:a0:02:9d:1b:88:90:08:14: 47:b0:86:54:0a:41:18:d9:3d:62:cc:fb:b2:81:06: fe:75:3e:a1:f4:d8:bd:5a:16:f6:16:82:18:46:46: e5:ac:a2:d0:92:dd:74:06:91:29:18:69:4b:30:9b: 79:84:42:10:3d:2f:a9:9b:19:a5:98:2d:82:02:98: e2:9d:ce:89:16:cf:0b:05:c0:de:28:c2:89:71:9b: 35:4b:55:15:e5:1b:cf:9f:05:4d:6a:68:69:75:7a: 01:61:6f:96:37:80:24:9b:00:04:8f:85:92:c7:da: 83:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:D2:42:D6:30:49:B5:47:F0:C3:54:7A:FC:BC:2F:EA:FE:90:67:D8 X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:54:21:57:cd:9f:e4:d8:80:ce:63:21:29:42:e3:56:9f:c9: 5e:6f:66:0d:bf:88:34:ae:3e:37:34:27:1c:56:8d:f8:2e:23: 35:92:d1:10:09:b8:a6:f4:ca:fc:92:29:7e:04:f7:2e:78:5c: fe:d7:1f:4c:17:c5:f6:c3:c4:5a:6c:70:d9:be:41:96:bb:97: d9:93:fe:27:8a:93:e8:de:10:49:d7:48:23:11:98:75:5f:a7: c6:84:0d:eb:41:44:e9:50:67:04:12:4f:6b:80:e0:d1:9e:97: ec:50:76:93:30:19:42:4c:bb:59:62:81:eb:d1:6d:ed:23:ce: 59:15:6f:21:f8:77:2d:aa:ac:da:c3:a3:eb:6e:31:f7:09:8a: 57:df:63:70:a3:e2:e5:45:64:7b:68:d7:94:21:ea:c4:27:a3: 2d:4e:ba:1a:e0:a4:c2:0f:42:38:cf:8b:da:19:08:8c:3b:5f: 65:cc:a4:ad:aa:3f:91:0a:a9:a4:ff:cf:a6:57:ce:0a:92:7b: 53:8b:12:5a:45:bc:71:61:82:77:74:45:fa:be:88:14:55:48: 97:ea:5b:3f:4d:7b:80:56:1b:1a:61:9b:fc:1b:72:70:12:39: 5a:19:64:09:dc:40:15:4a:68:73:fb:79:b9:38:b6:52:53:56: 17:18:1b:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjUwNDI1MDIwMTE5WhcNMjUwNTAyMDIwMTE5WjAYMRYwFAYD VQQDEw02ODBhZWNlZi0zNGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvlCtTaWGRHWUD94ZHK6rbazCJnRDNkI83GZkMVXiIXzjG3kjr8S35sA6r4Ti mC7qHZIzDMrUbUildKCP73/1JRwzeg4rdeiNudkpom3m4b6PNpETxtk9qk/9PJcj ew61cUW9UMbmVf/8wbvoAzS4CnmfSid/QPv0Ut82iyp18NnERFdspUk3uuI4Br7h oAKdG4iQCBRHsIZUCkEY2T1izPuygQb+dT6h9Ni9Whb2FoIYRkblrKLQkt10BpEp GGlLMJt5hEIQPS+pmxmlmC2CApjinc6JFs8LBcDeKMKJcZs1S1UV5RvPnwVNamhp dXoBYW+WN4AkmwAEj4WSx9qDCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOnSQtYw SbVH8MNUevy8L+r+kGfYMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBsVCFXzZ/k2IDOYyEpQuNWn8leb2YNv4g0rj43NCccVo34LiM1ktEQ Cbim9Mr8kil+BPcueFz+1x9MF8X2w8RabHDZvkGWu5fZk/4nipPo3hBJ10gjEZh1 X6fGhA3rQUTpUGcEEk9rgODRnpfsUHaTMBlCTLtZYoHr0W3tI85ZFW8h+Hctqqza w6PrbjH3CYpX32Nwo+LlRWR7aNeUIerEJ6MtTroa4KTCD0I4z4vaGQiMO19lzKSt qj+RCqmk/8+mV84KkntTixJaRbxxYYJ3dEX6vogUVUiX6ls/TXuAVhsaYZv8G3Jw EjlaGWQJ3EAVSmhz+3m5OLZSU1YXGBsm -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:54 2025 by rpki-client