$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: N8eTxf9YFUzb5QmKwmDsYvaubxGdorWKFtu5hSAMxo4= Subject key identifier: 78:1D:7C:CA:07:8F:37:1A:69:95:81:69:F6:A7:53:21:A3:0E:5B:D5 Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 0235 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 0232 Signing time: Wed 05 Nov 2025 02:01:03 +0000 Manifest this update: Wed 05 Nov 2025 02:01:03 +0000 Manifest next update: Wed 12 Nov 2025 02:01:03 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: HQO0pZr0MdLLIA9mjvgdjgIkNtEoBOaBZ+36S4mGMeQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 565 (0x235) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0, serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: Nov 5 02:01:03 2025 GMT Not After : Nov 12 02:01:03 2025 GMT Subject: CN=690aafdf-01cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:02:b3:ae:fe:69:c6:e9:58:11:16:6f:7a:26: 0e:fa:84:49:64:ba:72:b0:43:fe:b1:fa:50:61:63: e0:ac:bf:94:e6:f8:77:9f:fd:7b:01:22:1f:96:29: e5:24:40:07:30:11:48:90:3f:88:38:45:e9:8b:6f: ea:0e:da:db:85:8a:c0:41:ca:ea:06:51:6f:6d:b4: e9:e4:8c:25:40:29:f3:ba:b1:2b:db:26:b0:a1:ac: 85:a2:2a:4b:75:c9:83:58:a9:d9:b1:d6:db:54:01: 51:0b:a7:b3:e7:52:fd:38:81:35:58:f1:bc:fb:e3: c7:dd:d9:d2:3b:8d:3f:c4:78:4a:59:79:3f:89:44: e7:98:67:a4:3c:38:24:2d:ce:89:df:94:4a:42:81: 01:5d:7d:71:0d:65:90:57:78:53:3e:15:c3:58:0c: a9:11:1e:3d:48:f4:87:be:20:b8:e3:21:51:43:26: b9:72:7c:86:76:27:a7:04:48:21:2f:cc:7b:54:48: 26:36:82:0e:96:0d:99:84:36:0f:60:c0:4f:db:7d: 4d:ae:56:10:a7:1a:83:d2:3b:4a:4d:7c:be:b7:89: e3:75:b4:97:83:f3:81:06:e9:e3:65:9a:82:67:19: ff:4e:c8:8b:12:36:b8:04:e2:32:15:4a:cf:32:27: 97:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:1D:7C:CA:07:8F:37:1A:69:95:81:69:F6:A7:53:21:A3:0E:5B:D5 X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:12:8e:f7:eb:61:9b:6d:fb:5d:15:56:2a:76:eb:4a:31:4d: a4:8d:ca:0a:bd:f7:24:80:0d:ad:d3:39:28:9d:5d:30:1d:a0: e1:91:6b:ef:24:34:a0:e4:e8:a9:53:7d:e1:ec:5c:61:77:1b: 3a:75:3c:66:15:19:45:a4:73:25:00:49:d2:59:5d:03:f3:53: b3:ad:0c:0b:e6:c3:b1:66:65:52:35:11:3e:c6:e6:8d:a3:c3: 62:0f:3d:87:10:f7:37:e2:9e:8a:12:94:1c:6a:b4:b9:67:6d: 07:f4:b5:03:2b:e1:0f:a5:d2:72:b3:f5:74:bb:00:74:f8:f6: 6d:08:b3:09:5a:54:cc:4d:c4:38:ab:92:39:52:16:a6:5f:c9: 90:0e:27:29:51:60:20:91:70:d3:29:a8:8f:9f:0f:f9:9e:53: d4:7a:da:40:94:96:e0:45:4f:44:b9:3e:15:61:81:70:99:2e: 0c:dd:2b:21:48:47:8b:bb:8c:38:e0:34:52:b1:0f:fe:83:62: 32:f4:37:0f:6c:62:ae:30:68:68:59:78:0e:c6:f7:ce:49:a3: 40:29:4d:f5:6c:20:4a:08:d0:30:5c:e6:f4:a6:1d:41:04:c9: a9:96:b5:a1:5a:70:d7:30:34:99:d6:71:21:3c:36:47:0f:a8: 91:53:16:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjUxMTA1MDIwMTAzWhcNMjUxMTEyMDIwMTAzWjAYMRYwFAYD VQQDEw02OTBhYWZkZi0wMWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApAKzrv5pxulYERZveiYO+oRJZLpysEP+sfpQYWPgrL+U5vh3n/17ASIflinl JEAHMBFIkD+IOEXpi2/qDtrbhYrAQcrqBlFvbbTp5IwlQCnzurEr2yawoayFoipL dcmDWKnZsdbbVAFRC6ez51L9OIE1WPG8++PH3dnSO40/xHhKWXk/iUTnmGekPDgk Lc6J35RKQoEBXX1xDWWQV3hTPhXDWAypER49SPSHviC44yFRQya5cnyGdienBEgh L8x7VEgmNoIOlg2ZhDYPYMBP231NrlYQpxqD0jtKTXy+t4njdbSXg/OBBunjZZqC Zxn/TsiLEja4BOIyFUrPMieXhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHgdfMoH jzcaaZWBafanUyGjDlvVMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBEo7362GbbftdFVYqdutKMU2kjcoKvfckgA2t0zkonV0wHaDhkWvv JDSg5OipU33h7Fxhdxs6dTxmFRlFpHMlAEnSWV0D81OzrQwL5sOxZmVSNRE+xuaN o8NiDz2HEPc34p6KEpQcarS5Z20H9LUDK+EPpdJys/V0uwB0+PZtCLMJWlTMTcQ4 q5I5UhamX8mQDicpUWAgkXDTKaiPnw/5nlPUetpAlJbgRU9EuT4VYYFwmS4M3Ssh SEeLu4w44DRSsQ/+g2Iy9DcPbGKuMGhoWXgOxvfOSaNAKU31bCBKCNAwXOb0ph1B BMmplrWhWnDXMDSZ1nEhPDZHD6iRUxa2 -----END CERTIFICATE-----Generated at Wed Nov 5 05:13:45 2025 by rpki-client