$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: EpQ5rsZCUQfezuSWqAItEB1Fck8h6B04w0Jjh7eLl04= Subject key identifier: 45:52:32:47:FA:C1:62:18:40:94:E0:4B:6C:F0:ED:DC:36:83:E1:22 Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 020A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 0207 Signing time: Mon 11 Aug 2025 02:22:08 +0000 Manifest this update: Mon 11 Aug 2025 02:22:08 +0000 Manifest next update: Mon 18 Aug 2025 02:22:08 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: ECF7griYzI+E4ZRyAS9tv9st4ZksTwVIIHqE3O9Gtds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 522 (0x20a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0, serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: Aug 11 02:22:08 2025 GMT Not After : Aug 18 02:22:08 2025 GMT Subject: CN=689953d0-8e59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:14:22:67:df:74:c7:07:87:ff:26:21:28:15: b8:9f:4c:6c:3a:95:a1:d8:2c:09:5a:73:b8:ca:5a: e1:e4:03:b2:d3:f0:ea:5d:c2:09:17:5a:fc:f1:fe: cd:42:b3:b9:ea:66:7a:18:e8:56:04:8d:13:80:fd: 84:e3:c3:c5:4a:94:09:8f:d1:79:f0:48:dc:7c:6d: d8:dc:0b:8b:f2:33:f2:14:27:e2:d8:70:75:1e:e4: e4:d8:13:ae:1a:8d:28:0f:c4:85:99:75:65:5a:07: a2:dc:bc:6f:84:63:0c:fe:2f:67:1f:35:d4:b5:84: 2b:de:f8:a5:c8:e6:3a:f6:9c:49:47:02:06:fb:4e: 1a:cd:1d:03:f5:07:09:22:fb:cf:d5:e9:0d:47:db: dc:43:91:da:12:a8:77:53:84:b9:46:b9:33:fa:d0: 9d:0b:dd:ee:60:94:66:f1:c5:45:45:eb:9f:eb:18: 4c:54:ce:e4:92:cb:e8:a7:d9:f4:2c:36:00:4e:28: 83:6b:ad:e3:8f:50:26:6d:a1:ae:67:91:52:cd:7b: 77:7a:42:01:bf:45:ef:af:0a:70:6f:d7:e4:01:3a: 45:63:a2:c5:f0:2a:b1:41:6c:a8:a1:fb:1e:e3:7a: df:9f:06:fe:66:1a:ce:ec:ec:ce:69:40:04:90:92: 48:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:52:32:47:FA:C1:62:18:40:94:E0:4B:6C:F0:ED:DC:36:83:E1:22 X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:61:fa:4f:b6:d0:24:ba:13:19:44:92:a1:57:33:a7:e1:c6: 28:01:42:69:cd:7c:34:c9:8c:4c:d3:26:44:69:64:1d:8a:23: d6:48:c4:7d:f0:d4:8a:1a:33:5c:bc:3a:a5:55:98:e0:d9:22: 77:e4:70:50:a3:86:45:1b:0b:3a:35:1d:b5:e9:c5:38:42:f3: 5a:e6:e4:42:c9:6c:cd:7a:49:c1:01:7e:28:f3:cf:ca:f9:76: 55:6e:d1:21:65:3c:f6:50:7c:7d:ae:78:49:09:e6:65:b3:2d: 3b:89:83:80:66:91:f1:5c:1a:88:af:3f:74:e0:50:29:14:d1: f1:58:77:3a:56:82:c0:1b:24:65:40:25:03:6f:b8:72:4e:b0: 47:41:42:a1:54:ed:cb:e9:2d:dc:d2:1f:d8:98:65:8b:c4:5f: c6:bd:d1:b3:7c:ac:c0:55:ff:42:8a:85:f2:98:72:f6:68:9f: cb:62:32:0c:95:88:55:62:f3:77:90:3b:f9:04:74:6a:ec:6e: e7:5d:b8:87:8d:f1:58:2a:cd:f4:0b:cc:dd:33:00:3f:cf:64: 35:e8:51:51:cb:01:fa:70:a3:95:15:21:49:36:5f:87:83:df: 7c:ef:ab:fc:f5:45:9e:ac:65:0e:07:1e:cc:14:28:06:1f:2c: 3a:f3:a6:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjUwODExMDIyMjA4WhcNMjUwODE4MDIyMjA4WjAYMRYwFAYD VQQDEw02ODk5NTNkMC04ZTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1xQiZ990xweH/yYhKBW4n0xsOpWh2CwJWnO4ylrh5AOy0/DqXcIJF1r88f7N QrO56mZ6GOhWBI0TgP2E48PFSpQJj9F58EjcfG3Y3AuL8jPyFCfi2HB1HuTk2BOu Go0oD8SFmXVlWgei3LxvhGMM/i9nHzXUtYQr3vilyOY69pxJRwIG+04azR0D9QcJ IvvP1ekNR9vcQ5HaEqh3U4S5Rrkz+tCdC93uYJRm8cVFReuf6xhMVM7kksvop9n0 LDYATiiDa63jj1AmbaGuZ5FSzXt3ekIBv0Xvrwpwb9fkATpFY6LF8CqxQWyoofse 43rfnwb+ZhrO7OzOaUAEkJJISQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEVSMkf6 wWIYQJTgS2zw7dw2g+EiMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1YfpPttAkuhMZRJKhVzOn4cYoAUJpzXw0yYxM0yZEaWQdiiPWSMR9 8NSKGjNcvDqlVZjg2SJ35HBQo4ZFGws6NR216cU4QvNa5uRCyWzNeknBAX4o88/K +XZVbtEhZTz2UHx9rnhJCeZlsy07iYOAZpHxXBqIrz904FApFNHxWHc6VoLAGyRl QCUDb7hyTrBHQUKhVO3L6S3c0h/YmGWLxF/GvdGzfKzAVf9CioXymHL2aJ/LYjIM lYhVYvN3kDv5BHRq7G7nXbiHjfFYKs30C8zdMwA/z2Q16FFRywH6cKOVFSFJNl+H g99876v89UWerGUOBx7MFCgGHyw686ZN -----END CERTIFICATE-----Generated at Mon Aug 11 04:22:32 2025 by rpki-client