$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: DFHSx7+fh3rcsCO1qwlO74heJxW80x/nXI8cYJ6uBNs= Subject key identifier: CC:C2:1A:D8:23:9C:5A:A9:90:2F:6A:CB:DE:6F:83:AB:8A:97:18:D6 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 24F1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 24F1 Signing time: Thu 24 Apr 2025 14:16:32 +0000 Manifest this update: Thu 24 Apr 2025 14:16:31 +0000 Manifest next update: Thu 01 May 2025 14:16:31 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: C0Hv0uemTfiI25K82zgzqCVSP/PX6ar3/rlaOn9MNyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:16:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9457 (0x24f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Apr 24 14:16:31 2025 GMT Not After : May 1 14:16:31 2025 GMT Subject: CN=680a47bf-c7c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9e:6d:7a:40:75:85:10:08:2a:c9:72:a8:15: 22:5c:ea:9b:f6:e9:cc:63:1c:00:43:00:f6:9a:de: 3d:7a:95:8c:9e:b0:3c:33:aa:d8:49:6f:bb:68:77: 0c:00:18:7b:4d:84:5d:c6:45:00:31:9e:af:4a:ea: 9f:ee:0a:85:c3:c9:1d:94:3e:17:5f:83:e8:f3:66: bf:91:fa:e7:c2:5a:62:28:e8:17:21:ef:26:48:95: 43:14:15:1c:84:fa:f8:cc:f0:ef:db:7b:13:f8:75: a3:66:d1:c9:fa:d3:01:a3:7f:17:02:92:5f:b3:20: 59:29:79:15:b9:50:ce:09:82:c6:d7:86:16:55:c6: 5c:4b:5e:d3:e8:f1:2a:5a:c0:2e:0a:c2:a3:29:0a: d7:b0:29:08:1d:26:7c:c9:27:be:2b:a1:88:18:02: a0:0a:57:6f:de:6a:36:8a:8d:87:ca:20:54:15:f2: c1:52:5d:e1:7e:f8:e9:0d:4e:08:6b:c9:27:2d:8a: 1d:f9:79:3a:cb:b1:da:27:e1:5d:93:3b:14:f4:b1: b3:d3:57:a4:d2:8a:83:94:cc:03:d1:69:dc:5e:5b: 52:56:c7:07:31:f6:46:10:0c:62:41:45:7f:a9:5a: 00:06:dc:ce:11:f2:72:e4:30:f8:6f:62:0a:35:6d: f3:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:C2:1A:D8:23:9C:5A:A9:90:2F:6A:CB:DE:6F:83:AB:8A:97:18:D6 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:3b:3a:e1:b4:e1:49:b2:b3:07:96:ca:17:fe:4e:79:d2:de: c4:dc:13:55:82:67:a2:4a:87:61:cb:c4:0b:80:5a:5b:c2:9f: 4d:b5:f2:72:af:01:59:fb:f7:54:82:01:3e:80:89:6f:58:41: e3:8d:ba:92:bb:61:02:0f:54:30:6c:2e:6a:45:b9:3f:d8:7e: 8e:1c:73:34:c1:17:dd:48:8c:a7:17:29:17:b8:3b:08:60:4a: 24:5a:59:b2:61:ad:69:eb:96:7c:2e:53:8e:8b:24:65:d2:f7: fb:6d:00:f3:0b:f2:25:c4:8f:25:50:df:30:1d:e4:59:af:d6: ca:c5:e5:86:69:e6:18:e5:4b:db:90:05:d7:20:66:90:9f:ed: 7d:d0:ec:63:f3:44:52:79:d3:a8:a6:4f:22:db:ec:86:ed:3c: 2b:0b:75:de:4b:9f:f7:32:44:66:fe:c2:4e:b5:c9:6b:6e:1d: 48:56:59:6a:d1:a7:8b:84:c1:80:56:78:28:49:e5:06:e7:0d: 83:e5:9a:d2:cd:06:10:00:60:c2:66:52:00:00:6e:c0:22:78: 6e:c1:17:ec:09:0e:cd:62:9f:9d:5c:24:ad:d6:6e:59:1e:fa: 57:2f:6e:f7:36:f5:a0:8a:e1:9c:88:a5:47:b3:2c:12:66:b3: 38:86:39:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUwNDI0MTQxNjMxWhcNMjUwNTAxMTQxNjMxWjAYMRYwFAYD VQQDEw02ODBhNDdiZi1jN2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy55tekB1hRAIKslyqBUiXOqb9unMYxwAQwD2mt49epWMnrA8M6rYSW+7aHcM ABh7TYRdxkUAMZ6vSuqf7gqFw8kdlD4XX4Po82a/kfrnwlpiKOgXIe8mSJVDFBUc hPr4zPDv23sT+HWjZtHJ+tMBo38XApJfsyBZKXkVuVDOCYLG14YWVcZcS17T6PEq WsAuCsKjKQrXsCkIHSZ8ySe+K6GIGAKgCldv3mo2io2HyiBUFfLBUl3hfvjpDU4I a8knLYod+Xk6y7HaJ+FdkzsU9LGz01ek0oqDlMwD0WncXltSVscHMfZGEAxiQUV/ qVoABtzOEfJy5DD4b2IKNW3zhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMzCGtgj nFqpkC9qy95vg6uKlxjWMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiOzrhtOFJsrMHlsoX/k550t7E3BNVgmeiSodhy8QLgFpbwp9NtfJy rwFZ+/dUggE+gIlvWEHjjbqSu2ECD1QwbC5qRbk/2H6OHHM0wRfdSIynFykXuDsI YEokWlmyYa1p65Z8LlOOiyRl0vf7bQDzC/IlxI8lUN8wHeRZr9bKxeWGaeYY5Uvb kAXXIGaQn+190Oxj80RSedOopk8i2+yG7TwrC3XeS5/3MkRm/sJOtclrbh1IVllq 0aeLhMGAVngoSeUG5w2D5ZrSzQYQAGDCZlIAAG7AInhuwRfsCQ7NYp+dXCSt1m5Z HvpXL273NvWgiuGciKVHsywSZrM4hjnr -----END CERTIFICATE-----Generated at Sat Apr 26 14:21:15 2025 by rpki-client