$ rpki-client -vvf rpki.apnic.net/member_repository/A917F4F2/34D55432E0AF11EC82902F6DC4F9AE02/XLz7z59AY6eYAiqPHiafvf6jb_g.mft File: XLz7z59AY6eYAiqPHiafvf6jb_g.mft (raw, json) Hash identifier: 1uGh9rtpVnGDYaO7C2VFetwo0hruWnLUdFtSVtdD4OY= Subject key identifier: 38:3E:C1:CF:7F:71:D0:B4:B4:E9:4A:B3:AC:84:49:20:03:29:9A:88 Authority key identifier: 5C:BC:FB:CF:9F:40:63:A7:98:02:2A:8F:1E:26:9F:BD:FE:A3:6F:F8 Certificate issuer: /CN=A917F4F2/serialNumber=5CBCFBCF9F4063A798022A8F1E269FBDFEA36FF8 Certificate serial: 02D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XLz7z59AY6eYAiqPHiafvf6jb_g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F4F2/34D55432E0AF11EC82902F6DC4F9AE02/XLz7z59AY6eYAiqPHiafvf6jb_g.mft Manifest number: 02D6 Signing time: Fri 25 Apr 2025 01:07:47 +0000 Manifest this update: Fri 25 Apr 2025 01:07:46 +0000 Manifest next update: Fri 02 May 2025 01:07:46 +0000 Files and hashes: 1: XLz7z59AY6eYAiqPHiafvf6jb_g.crl (hash: KZFx64jhnBmNXVoCqITOd1+8f/7PuDFC31ioScvu+5Y=) 2: CA455C5CE0B311ECBC9BEA63C4F9AE02.roa (hash: rJOay/9KosJKH4xAyXnCJek3gQV9STnlHAs4YwiimrU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F4F2/34D55432E0AF11EC82902F6DC4F9AE02/XLz7z59AY6eYAiqPHiafvf6jb_g.crl rsync://rpki.apnic.net/member_repository/A917F4F2/34D55432E0AF11EC82902F6DC4F9AE02/XLz7z59AY6eYAiqPHiafvf6jb_g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XLz7z59AY6eYAiqPHiafvf6jb_g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:07:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 729 (0x2d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F4F2, serialNumber=5CBCFBCF9F4063A798022A8F1E269FBDFEA36FF8 Validity Not Before: Apr 25 01:07:46 2025 GMT Not After : May 2 01:07:46 2025 GMT Subject: CN=680ae062-73a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:96:fa:2d:fd:6e:4e:94:af:b1:36:72:3c:0d: 46:a9:a8:d8:a0:ac:38:10:85:cf:d1:f6:6e:e7:69: e3:fd:cd:17:63:7c:a5:a0:f2:cd:ea:12:05:30:76: 31:2f:73:b5:43:8b:2a:41:2e:a2:48:91:89:f9:c6: 88:17:f0:7f:d1:1f:15:2e:72:e3:db:09:3a:5c:ae: 87:e7:5a:9b:b7:b1:6d:37:d5:72:1b:23:54:04:97: c1:3e:11:05:88:ea:9b:5d:4f:07:f8:d0:7b:da:c2: a7:5e:75:a9:82:1d:e1:a9:d6:72:39:66:c3:b3:75: 53:12:50:c7:f2:dc:ce:f3:be:6e:d3:0d:15:e4:b0: 3d:e4:77:51:bd:e1:eb:ee:8c:3a:9f:13:b8:8e:bd: e5:3b:f1:6b:22:62:fa:58:6b:25:1d:54:68:52:0a: ad:5f:b0:22:cb:fa:53:3a:8a:a7:14:77:a8:b1:0a: 9a:6b:08:54:c0:8c:60:53:c0:f8:b0:2b:a6:f1:f7: 48:c7:e1:01:aa:53:ed:66:fa:28:de:41:46:6e:17: 16:3e:bd:27:dc:3b:1b:63:3c:e0:17:94:54:47:e9: 93:b0:6a:5c:36:d7:06:f7:80:83:ce:07:44:12:08: 1b:76:ba:77:f2:25:d8:43:39:ca:95:aa:a9:0a:61: a2:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:3E:C1:CF:7F:71:D0:B4:B4:E9:4A:B3:AC:84:49:20:03:29:9A:88 X509v3 Authority Key Identifier: keyid:5C:BC:FB:CF:9F:40:63:A7:98:02:2A:8F:1E:26:9F:BD:FE:A3:6F:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F4F2/34D55432E0AF11EC82902F6DC4F9AE02/XLz7z59AY6eYAiqPHiafvf6jb_g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XLz7z59AY6eYAiqPHiafvf6jb_g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F4F2/34D55432E0AF11EC82902F6DC4F9AE02/XLz7z59AY6eYAiqPHiafvf6jb_g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:0c:dd:16:2d:6c:74:73:bb:cc:34:63:c3:0c:5f:f3:a6:90: f6:28:71:ec:12:53:b9:3c:9d:54:a7:fb:39:6a:29:e6:16:28: 2c:dd:d9:c0:c7:b6:5a:c8:fd:89:c2:01:ee:f9:e3:66:82:46: 1e:b2:11:08:9e:d5:f9:62:36:3a:5f:98:06:b3:fa:02:cf:bd: 25:91:fc:cf:ea:64:ac:dd:cb:76:0b:7e:3f:fe:26:c8:54:f8: 56:7c:04:36:d2:0d:d0:ee:90:2e:80:31:8d:e0:56:87:ce:35: bd:18:34:ab:60:30:96:b8:08:8b:3c:65:f3:3d:4f:e1:c4:f8: c1:a3:7e:6c:6b:6a:c4:54:35:94:f6:6f:3a:69:aa:a6:9a:9c: c4:d7:2d:7d:b8:11:64:10:35:53:4f:b7:78:76:df:bd:a1:19: c4:2c:76:c6:c9:fd:45:3e:d9:44:3e:c2:12:34:e6:91:7b:ae: 4f:c7:cc:52:de:26:41:ef:05:83:80:01:76:5b:0d:90:41:c6: 9e:42:78:ae:03:d3:04:67:32:15:6c:3b:33:70:82:97:9d:0e: 0b:1c:64:02:24:a6:35:23:41:21:67:e6:4b:bc:5a:15:25:9a: 10:63:0d:4f:e5:48:c3:7b:4f:d0:b0:5c:5d:fd:98:44:9f:bc: 13:0a:ac:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y0RjIxMTAvBgNVBAUTKDVDQkNGQkNGOUY0MDYzQTc5ODAyMkE4RjFFMjY5RkJE RkVBMzZGRjgwHhcNMjUwNDI1MDEwNzQ2WhcNMjUwNTAyMDEwNzQ2WjAYMRYwFAYD VQQDEw02ODBhZTA2Mi03M2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu5b6Lf1uTpSvsTZyPA1GqajYoKw4EIXP0fZu52nj/c0XY3yloPLN6hIFMHYx L3O1Q4sqQS6iSJGJ+caIF/B/0R8VLnLj2wk6XK6H51qbt7FtN9VyGyNUBJfBPhEF iOqbXU8H+NB72sKnXnWpgh3hqdZyOWbDs3VTElDH8tzO875u0w0V5LA95HdRveHr 7ow6nxO4jr3lO/FrImL6WGslHVRoUgqtX7Aiy/pTOoqnFHeosQqaawhUwIxgU8D4 sCum8fdIx+EBqlPtZvoo3kFGbhcWPr0n3DsbYzzgF5RUR+mTsGpcNtcG94CDzgdE Eggbdrp38iXYQznKlaqpCmGiPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDg+wc9/ cdC0tOlKs6yESSADKZqIMB8GA1UdIwQYMBaAFFy8+8+fQGOnmAIqjx4mn73+o2/4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjRGMi8zNEQ1NTQzMkUw QUYxMUVDODI5MDJGNkRDNEY5QUUwMi9YTHo3ejU5QVk2ZVlBaXFQSGlhZnZmNmpi X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hMejd6NTlBWTZlWUFpcVBIaWFmdmY2amJfZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjRGMi8zNEQ1NTQzMkUwQUYxMUVDODI5MDJGNkRDNEY5QUUwMi9YTHo3ejU5QVk2 ZVlBaXFQSGlhZnZmNmpiX2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfDN0WLWx0c7vMNGPDDF/zppD2KHHsElO5PJ1Up/s5ainmFigs3dnA x7ZayP2JwgHu+eNmgkYeshEIntX5YjY6X5gGs/oCz70lkfzP6mSs3ct2C34//ibI VPhWfAQ20g3Q7pAugDGN4FaHzjW9GDSrYDCWuAiLPGXzPU/hxPjBo35sa2rEVDWU 9m86aaqmmpzE1y19uBFkEDVTT7d4dt+9oRnELHbGyf1FPtlEPsISNOaRe65Px8xS 3iZB7wWDgAF2Ww2QQcaeQniuA9MEZzIVbDszcIKXnQ4LHGQCJKY1I0EhZ+ZLvFoV JZoQYw1P5UjDe0/QsFxd/ZhEn7wTCqw4 -----END CERTIFICATE-----Generated at Sat Apr 26 05:06:57 2025 by rpki-client