$ rpki-client -vvf rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft File: XpnXCH3VTqLn519cgIcHE4Posp4.mft (raw, json) Hash identifier: lMTa9yUQHZpcz184Ltyfcay5US2LqEAtJvRm98Cmw2Q= Subject key identifier: 12:CD:DB:EF:A3:DC:00:FD:8E:45:B0:5D:32:41:98:F2:7E:B9:DB:A9 Authority key identifier: 5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E Certificate issuer: /CN=A91F81D3/serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Certificate serial: 0B37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft Manifest number: 0B18 Signing time: Tue 04 Nov 2025 19:26:18 +0000 Manifest this update: Tue 04 Nov 2025 19:26:18 +0000 Manifest next update: Tue 11 Nov 2025 19:26:18 +0000 Files and hashes: 1: XpnXCH3VTqLn519cgIcHE4Posp4.crl (hash: BwOUrabDLwYgwGl0vP71iKwvcHBi/YSg8zVuxyXZ3Vc=) 2: E4A8C1240A3611F08B9CFD4FC4F9AE02.roa (hash: pW6ZkmsKrYO4khbqPdFp+1VATISq0kaXo2DoENq+wFM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:26:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2871 (0xb37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F81D3, serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Validity Not Before: Nov 4 19:26:18 2025 GMT Not After : Nov 11 19:26:18 2025 GMT Subject: CN=690a535a-0ea8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fd:3b:22:58:1a:3b:03:cc:5d:b2:7b:10:b5: 32:97:5a:17:2d:43:36:14:17:13:3f:9e:55:35:fa: 9a:26:e5:0d:db:9e:7b:0a:b5:d7:5d:72:c3:4c:29: 4e:0f:d9:5a:0c:c0:7d:f4:05:0f:6a:13:5d:1d:e1: da:42:4b:cb:2d:47:55:72:13:8e:5f:3b:76:59:b2: 86:eb:7a:17:fe:97:9a:56:5e:bd:c6:f7:9a:dd:b8: a5:31:d9:c2:eb:b2:9b:83:ec:4e:67:7f:3e:f5:d1: 8f:4a:e1:54:3f:00:57:8c:3d:a0:23:41:0c:a7:85: b1:29:d7:14:44:34:63:d5:91:96:24:d0:f7:fe:eb: 23:9d:1d:20:ec:4c:27:73:d2:cd:8f:71:d4:bc:01: 86:73:d3:53:2e:75:7d:af:73:74:ab:64:33:ff:96: 5c:f9:ed:da:4c:7a:1f:7e:b7:49:58:bb:bd:13:97: 32:b9:db:a2:35:df:79:f5:4e:51:a5:02:61:c5:a9: 05:06:56:4d:4e:0c:44:46:47:66:94:fe:33:c3:e2: 91:6d:1c:70:be:4a:0c:0b:45:ea:88:30:5e:f0:0f: 42:1c:0e:6a:59:54:52:4c:20:da:60:51:a2:7f:72: d3:eb:e9:9f:c7:6b:99:5f:0e:de:1b:c5:f6:ed:30: 32:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:CD:DB:EF:A3:DC:00:FD:8E:45:B0:5D:32:41:98:F2:7E:B9:DB:A9 X509v3 Authority Key Identifier: keyid:5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:31:90:48:50:88:eb:b9:e6:33:99:6a:61:20:d1:9e:ae:ba: db:4c:90:99:4c:6f:05:d6:4d:4c:80:d7:2e:d7:e1:96:57:d3: bf:be:14:39:e3:4c:63:ee:dd:6f:bb:46:98:ed:e0:06:1a:d4: 34:ba:3d:16:00:70:10:23:3f:7a:35:77:48:62:b7:57:dc:11: 88:f9:17:d7:fb:f6:41:21:29:55:79:0b:c1:92:0f:11:bb:81: b9:93:a9:17:8e:af:c9:20:e7:ee:6d:55:23:f5:1a:26:bd:ef: 31:6f:c5:a5:bf:34:1f:14:fb:c5:6e:a8:6c:a3:d4:83:ce:84: 7d:94:87:a8:a4:3a:49:3b:66:49:4e:d9:17:4b:3a:d0:2a:68: 61:7f:17:b4:75:82:5f:0b:cd:58:d2:27:fd:c9:62:b9:b5:9d: a9:1a:8d:b6:b9:1c:1a:46:6b:98:e4:6a:c1:ea:40:71:9d:36: 32:36:c6:ae:06:5a:8a:ca:c5:b5:6a:01:64:3d:1e:c5:11:84: c1:57:14:fc:29:6c:3c:1f:c4:91:58:01:23:75:4f:07:92:88: 53:b1:dd:74:72:f3:9d:31:39:cc:7c:bd:4b:b0:a1:96:04:a7: 51:52:a9:b7:0b:ff:8f:0a:68:32:1a:46:54:ad:6e:59:cd:df: 8d:3d:a5:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxRDMxMTAvBgNVBAUTKDVFOTlENzA4N0RENTRFQTJFN0U3NUY1QzgwODcwNzEz ODNFOEIyOUUwHhcNMjUxMTA0MTkyNjE4WhcNMjUxMTExMTkyNjE4WjAYMRYwFAYD VQQDEw02OTBhNTM1YS0wZWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvf07IlgaOwPMXbJ7ELUyl1oXLUM2FBcTP55VNfqaJuUN2557CrXXXXLDTClO D9laDMB99AUPahNdHeHaQkvLLUdVchOOXzt2WbKG63oX/peaVl69xvea3bilMdnC 67Kbg+xOZ38+9dGPSuFUPwBXjD2gI0EMp4WxKdcURDRj1ZGWJND3/usjnR0g7Ewn c9LNj3HUvAGGc9NTLnV9r3N0q2Qz/5Zc+e3aTHoffrdJWLu9E5cyuduiNd959U5R pQJhxakFBlZNTgxERkdmlP4zw+KRbRxwvkoMC0XqiDBe8A9CHA5qWVRSTCDaYFGi f3LT6+mfx2uZXw7eG8X27TAy7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBLN2++j 3AD9jkWwXTJBmPJ+udupMB8GA1UdIwQYMBaAFF6Z1wh91U6i5+dfXICHBxOD6LKe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODFEMy8wQTg0NTlGNDUy MzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRxTG41MTljZ0ljSEU0UG9z cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hwblhDSDNWVHFMbjUxOWNnSWNIRTRQb3NwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODFEMy8wQTg0NTlGNDUyMzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRx TG41MTljZ0ljSEU0UG9zcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdMZBIUIjrueYzmWphINGerrrbTJCZTG8F1k1MgNcu1+GWV9O/vhQ5 40xj7t1vu0aY7eAGGtQ0uj0WAHAQIz96NXdIYrdX3BGI+RfX+/ZBISlVeQvBkg8R u4G5k6kXjq/JIOfubVUj9Romve8xb8WlvzQfFPvFbqhso9SDzoR9lIeopDpJO2ZJ TtkXSzrQKmhhfxe0dYJfC81Y0if9yWK5tZ2pGo22uRwaRmuY5GrB6kBxnTYyNsau BlqKysW1agFkPR7FEYTBVxT8KWw8H8SRWAEjdU8HkohTsd10cvOdMTnMfL1LsKGW BKdRUqm3C/+PCmgyGkZUrW5Zzd+NPaVE -----END CERTIFICATE-----Generated at Wed Nov 5 16:20:55 2025 by rpki-client