$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft File: xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft (raw, json) Hash identifier: K1PSBZ1Pb54usZVYmGJA17I1do7YJSFxyQrd2Fz0TY4= Subject key identifier: FA:99:6B:A6:32:7A:69:9B:03:B9:23:8A:0D:70:A8:BA:E8:F4:7A:D6 Authority key identifier: C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED Certificate issuer: /CN=A91EBFAE/serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Certificate serial: 2559 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft Manifest number: 2559 Signing time: Tue 04 Nov 2025 14:34:50 +0000 Manifest this update: Tue 04 Nov 2025 14:34:50 +0000 Manifest next update: Tue 11 Nov 2025 14:34:50 +0000 Files and hashes: 1: xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl (hash: djf7GMp3x5wDYKnuKNQulfaEpexfBLgMeMLwV+7KUMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:34:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9561 (0x2559) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBFAE, serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Validity Not Before: Nov 4 14:34:50 2025 GMT Not After : Nov 11 14:34:50 2025 GMT Subject: CN=690a0f0a-c073 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:87:94:67:e7:26:ec:92:7f:94:58:aa:6e:dd: 43:05:db:7f:f3:9f:54:55:82:49:28:85:23:41:e4: e6:4b:71:87:d3:5d:fe:28:9a:5d:e9:54:57:9a:61: 4c:50:3d:7e:ee:f4:bb:d7:1d:dc:fe:e3:33:8f:2d: bd:96:fb:b5:37:aa:bb:9d:d5:5d:5b:54:39:ec:21: 14:45:ab:92:30:8c:26:75:26:10:51:fb:96:56:d5: fb:40:ae:8e:d5:f3:ea:77:77:8b:ae:82:27:2d:9e: 17:8a:f3:7a:71:88:e3:a3:68:b7:85:c4:8f:ba:89: 2a:f4:9e:47:c4:a0:fc:e9:83:79:07:f4:59:1b:3d: 22:70:c7:13:1b:5c:74:74:81:ac:5a:16:4e:a0:08: 33:06:26:8f:96:a9:ed:50:a2:62:52:27:80:a9:6d: 36:08:91:ea:07:ba:1f:51:a3:57:77:72:e4:93:4c: 2f:fb:4b:e1:e7:c7:63:a3:93:6d:c2:da:ff:e1:a2: 11:ba:80:e4:f5:e5:19:f3:7c:a9:11:a0:73:fe:ff: ad:db:1f:05:38:9c:a9:4a:72:35:2c:4a:fb:46:54: 7a:4b:c5:31:0c:7a:33:50:51:d9:27:03:b2:12:d3: 56:03:fa:5b:5a:45:2b:43:35:46:9f:ad:ae:35:6c: 8d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:99:6B:A6:32:7A:69:9B:03:B9:23:8A:0D:70:A8:BA:E8:F4:7A:D6 X509v3 Authority Key Identifier: keyid:C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:b1:88:2a:fd:b8:4d:bb:8c:7c:7f:11:e8:c0:fb:80:f4:8b: 54:88:92:95:95:8b:e6:8d:4d:e9:61:05:f5:30:41:0d:86:e2: 25:c0:7c:23:10:18:48:10:dc:fe:fb:b2:61:c1:2a:ef:38:5e: b2:ce:fd:72:c6:ba:de:fe:c5:76:94:ce:75:70:26:6d:ae:b5: 1f:14:6b:3a:ba:b5:9e:af:97:80:e4:85:28:af:f4:9d:3a:99: 58:22:73:3a:2b:24:86:a3:40:43:15:dd:2f:c2:58:d5:23:0b: 01:69:81:38:40:02:98:d2:31:31:bb:91:de:07:5c:38:9f:37: cc:8c:16:52:d0:31:86:8d:e3:8f:b9:e4:b1:f9:ae:9c:db:96: d6:0f:2b:06:f7:ef:dd:ee:9f:c8:e8:9b:df:7e:2d:45:5a:c1: ef:d1:db:ad:a6:c4:4c:9f:0b:de:80:46:d1:ab:0e:ad:1b:52: 57:c9:3b:dc:67:66:c2:8a:21:9f:d9:12:42:a0:6d:c2:ac:49: df:3d:79:03:6b:a3:74:9e:b9:c6:06:c0:3e:78:1e:d8:b2:a5: 32:4d:59:97:a6:7c:9d:89:f1:a5:57:47:a7:b7:06:70:e1:67: 83:3e:58:52:82:e5:9a:f3:00:66:12:a2:16:c7:46:97:18:96: a1:6d:db:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGQUUxMTAvBgNVBAUTKEM2NTNFRjc3QjE5RDEwOENGNUM1OUFFMTgwMUYwMjAw M0FCNTVFRUQwHhcNMjUxMTA0MTQzNDUwWhcNMjUxMTExMTQzNDUwWjAYMRYwFAYD VQQDEw02OTBhMGYwYS1jMDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv4eUZ+cm7JJ/lFiqbt1DBdt/859UVYJJKIUjQeTmS3GH013+KJpd6VRXmmFM UD1+7vS71x3c/uMzjy29lvu1N6q7ndVdW1Q57CEURauSMIwmdSYQUfuWVtX7QK6O 1fPqd3eLroInLZ4XivN6cYjjo2i3hcSPuokq9J5HxKD86YN5B/RZGz0icMcTG1x0 dIGsWhZOoAgzBiaPlqntUKJiUieAqW02CJHqB7ofUaNXd3Lkk0wv+0vh58djo5Nt wtr/4aIRuoDk9eUZ83ypEaBz/v+t2x8FOJypSnI1LEr7RlR6S8UxDHozUFHZJwOy EtNWA/pbWkUrQzVGn62uNWyNswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPqZa6Yy emmbA7kjig1wqLro9HrWMB8GA1UdIwQYMBaAFMZT73exnRCM9cWa4YAfAgA6tV7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZBRS9FRDMyNDQwQTI5 MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJejF4WnJoZ0I4Q0FEcTFY dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3hsUHZkN0dkRUl6MXhacmhnQjhDQURxMVh1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkZBRS9FRDMyNDQwQTI5MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJ ejF4WnJoZ0I4Q0FEcTFYdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAusYgq/bhNu4x8fxHowPuA9ItUiJKVlYvmjU3pYQX1MEENhuIlwHwj EBhIENz++7JhwSrvOF6yzv1yxrre/sV2lM51cCZtrrUfFGs6urWer5eA5IUor/Sd OplYInM6KySGo0BDFd0vwljVIwsBaYE4QAKY0jExu5HeB1w4nzfMjBZS0DGGjeOP ueSx+a6c25bWDysG9+/d7p/I6Jvffi1FWsHv0dutpsRMnwvegEbRqw6tG1JXyTvc Z2bCiiGf2RJCoG3CrEnfPXkDa6N0nrnGBsA+eB7YsqUyTVmXpnydifGlV0entwZw 4WeDPlhSguWa8wBmEqIWx0aXGJahbdvG -----END CERTIFICATE-----Generated at Wed Nov 5 10:05:08 2025 by rpki-client