$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: i1IhFtABIlKMLswv+DJbNl8qWWz92dt+mFSBLDCaDmQ= Subject key identifier: 7B:CA:E0:FC:96:4A:7E:46:A8:6D:13:D3:3C:15:3F:D2:74:9C:C5:53 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 2526 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 2526 Signing time: Fri 08 Aug 2025 14:16:32 +0000 Manifest this update: Fri 08 Aug 2025 14:16:31 +0000 Manifest next update: Fri 15 Aug 2025 14:16:31 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: hzsSypqz0LVCNphnb6cbMifan0AYmhWkdl6zrL2iU/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9510 (0x2526) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Aug 8 14:16:31 2025 GMT Not After : Aug 15 14:16:31 2025 GMT Subject: CN=689606bf-da26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9d:dc:80:bb:c9:fc:62:14:27:4d:95:de:6d: 94:b0:0e:60:9f:99:f4:86:73:32:10:22:ec:f6:96: a4:a6:59:47:6f:77:2d:de:ed:d9:a7:41:3c:4a:b4: b5:ae:a1:9c:92:6e:d0:89:df:34:77:7d:bb:07:c2: 01:fc:44:2d:f0:1a:99:e0:39:89:cb:e0:df:49:da: a3:a4:da:78:0e:30:18:e6:e9:5e:04:de:98:41:d1: ef:60:ad:14:a6:14:bb:b8:d4:3f:28:4b:c8:31:8b: c5:67:5f:e2:ea:a1:86:28:db:9f:60:9d:8f:cd:0e: 6a:7e:a7:68:ac:93:8f:7e:d3:56:68:be:b7:d0:4b: a6:72:99:2e:88:89:61:d3:4e:11:b1:4a:20:ca:75: 2c:9f:81:07:3b:bd:43:f7:08:92:3c:2f:54:02:a4: fb:56:43:0d:0e:4c:50:99:6a:8a:7a:74:1f:2a:f9: ca:50:69:48:2d:6a:88:f0:e2:05:3a:6b:db:50:cb: 43:22:ce:43:1e:cd:f0:9f:b4:75:ad:ac:37:0f:25: e4:11:de:c2:07:1b:b9:b1:88:ab:7f:9d:65:96:6f: a5:9c:77:0e:a3:46:b9:08:b2:63:90:7f:18:b8:8b: 44:b7:61:cc:a0:39:ff:5d:0d:ef:00:4a:ce:ec:10: 1b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:CA:E0:FC:96:4A:7E:46:A8:6D:13:D3:3C:15:3F:D2:74:9C:C5:53 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:8e:3a:03:a6:51:fc:39:a6:7e:2e:c6:63:64:08:a7:ee:04: cc:98:01:02:06:86:4d:5a:64:01:56:5a:06:43:6e:d8:fc:36: 6d:22:92:63:a0:41:ce:fb:4b:77:11:21:ed:47:f4:de:e6:d9: 57:ac:68:8b:11:30:35:65:b3:32:fa:b2:c5:ab:02:67:2e:92: 8d:03:cc:18:b2:37:d1:74:52:85:34:7a:7a:57:36:69:01:a2: fc:9d:ba:81:5d:7d:1e:4e:93:e5:99:be:58:50:55:44:f1:ea: b9:a4:a3:3c:b0:7e:de:c4:a3:46:e2:8f:4b:03:cc:1d:41:e9: 5f:77:26:ff:42:51:49:92:a4:b5:18:47:0c:69:b1:0f:6c:5d: 82:47:74:ce:8d:e9:fb:d7:cf:86:9f:08:ba:b5:53:fc:33:0b: 50:48:a3:28:76:82:d1:74:e4:33:09:8a:cd:2a:72:94:82:78: 74:dd:f0:95:ad:2e:62:ae:12:dd:e7:c4:e3:c2:c6:f2:ae:75: aa:3c:c5:1f:1e:b7:28:38:02:85:04:6b:85:cc:10:cf:b9:14: e9:d0:5f:99:82:84:3c:06:07:61:89:e9:b0:dc:d6:60:ec:de: f4:da:b1:58:d8:e1:fd:49:d6:90:8d:30:ac:0a:e8:da:41:e4: 45:3e:5a:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJSYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUwODA4MTQxNjMxWhcNMjUwODE1MTQxNjMxWjAYMRYwFAYD VQQDEw02ODk2MDZiZi1kYTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4p3cgLvJ/GIUJ02V3m2UsA5gn5n0hnMyECLs9pakpllHb3ct3u3Zp0E8SrS1 rqGckm7Qid80d327B8IB/EQt8BqZ4DmJy+DfSdqjpNp4DjAY5uleBN6YQdHvYK0U phS7uNQ/KEvIMYvFZ1/i6qGGKNufYJ2PzQ5qfqdorJOPftNWaL630EumcpkuiIlh 004RsUogynUsn4EHO71D9wiSPC9UAqT7VkMNDkxQmWqKenQfKvnKUGlILWqI8OIF OmvbUMtDIs5DHs3wn7R1raw3DyXkEd7CBxu5sYirf51llm+lnHcOo0a5CLJjkH8Y uItEt2HMoDn/XQ3vAErO7BAbZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHvK4PyW Sn5GqG0T0zwVP9J0nMVTMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByjjoDplH8OaZ+LsZjZAin7gTMmAECBoZNWmQBVloGQ27Y/DZtIpJj oEHO+0t3ESHtR/Te5tlXrGiLETA1ZbMy+rLFqwJnLpKNA8wYsjfRdFKFNHp6VzZp AaL8nbqBXX0eTpPlmb5YUFVE8eq5pKM8sH7exKNG4o9LA8wdQelfdyb/QlFJkqS1 GEcMabEPbF2CR3TOjen718+Gnwi6tVP8MwtQSKModoLRdOQzCYrNKnKUgnh03fCV rS5irhLd58TjwsbyrnWqPMUfHrcoOAKFBGuFzBDPuRTp0F+ZgoQ8Bgdhiemw3NZg 7N702rFY2OH9SdaQjTCsCujaQeRFPlox -----END CERTIFICATE-----Generated at Sun Aug 10 04:58:30 2025 by rpki-client