$ rpki-client -vvf rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft File: XpnXCH3VTqLn519cgIcHE4Posp4.mft (raw, json) Hash identifier: nyhbf5xKZam4s9fcgLhDKOaSyv9jDQqPDreuw+kSjkU= Subject key identifier: B4:E6:8D:0F:5A:5D:95:FD:9B:B3:8A:FA:80:42:A2:E5:C8:04:99:C0 Authority key identifier: 5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E Certificate issuer: /CN=A91F81D3/serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Certificate serial: 0B07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft Manifest number: 0AE8 Signing time: Mon 04 Aug 2025 19:40:37 +0000 Manifest this update: Mon 04 Aug 2025 19:40:36 +0000 Manifest next update: Mon 11 Aug 2025 19:40:36 +0000 Files and hashes: 1: XpnXCH3VTqLn519cgIcHE4Posp4.crl (hash: DiKBT0gU0d/srZ4EdfJSgUIeKwAtUZbLpbzSu0DUjJI=) 2: E4A8C1240A3611F08B9CFD4FC4F9AE02.roa (hash: pW6ZkmsKrYO4khbqPdFp+1VATISq0kaXo2DoENq+wFM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 19:40:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2823 (0xb07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F81D3, serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Validity Not Before: Aug 4 19:40:36 2025 GMT Not After : Aug 11 19:40:36 2025 GMT Subject: CN=68910cb4-71b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:42:48:71:cd:91:f5:60:9d:6f:1c:83:43:64: f6:21:7a:bd:dc:6b:b1:36:15:a4:a4:39:4c:5e:52: 54:be:a7:67:98:2b:c5:9d:72:4c:10:33:41:c9:5a: d3:a6:7a:cf:0a:34:16:cd:da:ec:5a:a2:b0:6a:3b: 0f:46:d6:ae:03:ba:f5:b0:b3:94:6e:73:02:7d:df: 10:57:0b:46:db:1f:ee:32:ce:fa:b3:7a:0f:32:04: f1:a3:b0:f1:3a:25:c0:25:4d:fd:43:24:2b:24:dc: eb:1a:7f:b3:70:f9:9a:80:d6:b6:f7:8a:2c:1a:86: da:6e:e1:66:6b:57:76:7b:dc:15:8f:ad:3d:d3:75: 7e:56:7b:2d:12:47:cb:ce:a2:10:c6:7b:44:09:0a: 6b:22:10:02:2c:1d:b5:43:ad:98:53:9e:0a:d7:1a: fc:a6:41:2a:c2:d7:2b:e4:d3:01:58:24:e6:bb:f3: b8:88:5b:a6:1d:16:0a:44:a7:4b:83:f5:e3:79:fd: af:9b:6d:a5:98:a1:05:ea:90:e7:48:d0:0f:11:2e: fd:e4:92:df:35:1f:c0:14:67:fa:c6:83:63:54:da: 6c:dd:c1:71:04:92:3e:72:ad:b0:6e:38:72:83:4b: 94:78:4a:13:72:50:9b:c1:89:96:5a:b7:dc:a0:7b: c3:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:E6:8D:0F:5A:5D:95:FD:9B:B3:8A:FA:80:42:A2:E5:C8:04:99:C0 X509v3 Authority Key Identifier: keyid:5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:2b:c9:3b:aa:ab:56:37:a0:14:b3:fd:e4:82:a8:05:a1:ca: 85:d8:22:9b:b6:c5:83:2a:a3:ca:26:33:e6:44:f4:69:98:97: 01:4a:d1:a1:35:4a:2f:29:6c:d3:d8:01:22:50:eb:a4:54:a3: f4:5a:37:36:69:fb:c2:6c:1c:86:0d:f1:86:f0:58:b1:32:5f: 29:2c:7f:bd:3b:a7:ef:e3:9b:46:f4:ab:2b:69:14:bd:f0:78: a5:16:05:a1:bf:a5:05:44:e6:8a:cc:25:7f:de:2b:7e:e2:df: 56:9b:f0:6e:42:b3:3f:26:fb:8d:37:1c:59:49:7f:88:8d:56: 1c:0a:b7:68:31:65:36:c5:8e:21:ec:3c:9e:0b:bf:db:aa:ec: 7d:63:49:ba:63:f3:c3:75:61:00:a4:0a:95:57:fb:e4:e8:ad: 60:6a:39:af:25:64:43:f1:84:60:ff:8d:e8:4e:ae:8e:b7:12: bc:6d:36:e8:88:c3:66:32:7b:75:0b:d8:d1:dc:40:49:78:dd: 64:9d:61:c1:85:0d:ff:33:30:89:57:63:0e:99:57:49:83:12: e2:63:07:6e:6b:01:b7:8d:50:b9:5f:57:83:3d:9d:cd:60:fe: c7:7b:c5:b8:a3:65:4e:3b:c4:99:78:21:78:fe:d3:81:7a:9e: 06:64:9b:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCwcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxRDMxMTAvBgNVBAUTKDVFOTlENzA4N0RENTRFQTJFN0U3NUY1QzgwODcwNzEz ODNFOEIyOUUwHhcNMjUwODA0MTk0MDM2WhcNMjUwODExMTk0MDM2WjAYMRYwFAYD VQQDEw02ODkxMGNiNC03MWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqUJIcc2R9WCdbxyDQ2T2IXq93GuxNhWkpDlMXlJUvqdnmCvFnXJMEDNByVrT pnrPCjQWzdrsWqKwajsPRtauA7r1sLOUbnMCfd8QVwtG2x/uMs76s3oPMgTxo7Dx OiXAJU39QyQrJNzrGn+zcPmagNa294osGobabuFma1d2e9wVj60903V+VnstEkfL zqIQxntECQprIhACLB21Q62YU54K1xr8pkEqwtcr5NMBWCTmu/O4iFumHRYKRKdL g/Xjef2vm22lmKEF6pDnSNAPES795JLfNR/AFGf6xoNjVNps3cFxBJI+cq2wbjhy g0uUeEoTclCbwYmWWrfcoHvDvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLTmjQ9a XZX9m7OK+oBCouXIBJnAMB8GA1UdIwQYMBaAFF6Z1wh91U6i5+dfXICHBxOD6LKe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODFEMy8wQTg0NTlGNDUy MzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRxTG41MTljZ0ljSEU0UG9z cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hwblhDSDNWVHFMbjUxOWNnSWNIRTRQb3NwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODFEMy8wQTg0NTlGNDUyMzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRx TG41MTljZ0ljSEU0UG9zcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqK8k7qqtWN6AUs/3kgqgFocqF2CKbtsWDKqPKJjPmRPRpmJcBStGh NUovKWzT2AEiUOukVKP0Wjc2afvCbByGDfGG8FixMl8pLH+9O6fv45tG9KsraRS9 8HilFgWhv6UFROaKzCV/3it+4t9Wm/BuQrM/JvuNNxxZSX+IjVYcCrdoMWU2xY4h 7DyeC7/bqux9Y0m6Y/PDdWEApAqVV/vk6K1gajmvJWRD8YRg/43oTq6OtxK8bTbo iMNmMnt1C9jR3EBJeN1knWHBhQ3/MzCJV2MOmVdJgxLiYwduawG3jVC5X1eDPZ3N YP7He8W4o2VOO8SZeCF4/tOBep4GZJur -----END CERTIFICATE-----Generated at Wed Aug 6 13:02:20 2025 by rpki-client