$ rpki-client -vvf rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft File: XpnXCH3VTqLn519cgIcHE4Posp4.mft (raw, json) Hash identifier: 5g+JGt0sfROC3CvrB8Hrt+OvuHTL8A0VQI2jjvSmITc= Subject key identifier: C1:4C:D4:B1:36:26:5A:2B:CA:24:D7:9D:84:CC:EE:C7:6F:23:C4:97 Authority key identifier: 5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E Certificate issuer: /CN=A91F81D3/serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Certificate serial: 0AFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft Manifest number: 0AE0 Signing time: Sun 20 Jul 2025 19:32:25 +0000 Manifest this update: Sun 20 Jul 2025 19:32:24 +0000 Manifest next update: Sun 27 Jul 2025 19:32:24 +0000 Files and hashes: 1: XpnXCH3VTqLn519cgIcHE4Posp4.crl (hash: NgjQt96BfSgiTc2wGFey0q4NmaIlCBwLQ85Vpv5BIyk=) 2: E4A8C1240A3611F08B9CFD4FC4F9AE02.roa (hash: pW6ZkmsKrYO4khbqPdFp+1VATISq0kaXo2DoENq+wFM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:32:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2815 (0xaff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F81D3, serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Validity Not Before: Jul 20 19:32:24 2025 GMT Not After : Jul 27 19:32:24 2025 GMT Subject: CN=687d4449-5667 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:1a:36:61:93:9a:4f:10:d6:be:5d:92:96:38: eb:65:16:39:b7:51:60:4e:8d:f2:98:f1:dc:59:91: cd:89:80:fa:1a:b5:45:58:13:5c:b0:1b:09:da:ba: fc:77:81:35:e1:83:32:1f:ac:60:4f:62:1f:71:36: 07:2e:ea:d9:ef:e8:52:13:09:bd:7d:0b:6b:1e:2c: 4c:62:dc:f2:ae:02:62:c9:d5:e4:76:3a:70:b4:c9: 82:c2:15:20:d1:d1:c6:ff:c4:42:05:60:df:ec:6c: c4:5a:01:03:ca:6f:16:73:ae:d2:80:19:72:b5:c7: 4d:f6:85:ed:af:ff:12:ec:a1:4e:ce:ec:95:96:ca: 34:74:a3:ba:8c:29:1b:35:0a:8b:a5:87:46:a0:dc: 75:3e:a9:a3:ac:b0:cf:91:91:b7:23:e1:ab:49:e9: 98:f8:52:8f:a1:dc:3b:e0:f1:ba:bd:9f:25:22:55: 81:52:c5:bc:4c:e8:8f:15:17:c3:4b:06:c7:57:d5: 0f:c7:61:f8:12:93:69:c3:4e:43:2d:03:a2:8f:09: 49:88:a1:ac:32:6b:ab:94:a0:40:54:a0:35:b7:19: de:9b:5a:7a:47:a7:f7:7b:b1:81:92:b2:ac:37:21: 82:2f:9a:5d:ab:a7:78:e1:8d:b2:f8:b6:75:f9:ab: d2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:4C:D4:B1:36:26:5A:2B:CA:24:D7:9D:84:CC:EE:C7:6F:23:C4:97 X509v3 Authority Key Identifier: keyid:5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:cb:ce:2a:89:54:d1:dd:06:6d:ee:ca:09:28:b7:55:43:58: ab:e3:00:c6:d7:8b:b1:97:95:6a:13:ff:cc:3f:ab:88:b0:dc: 54:0f:38:dc:45:df:6d:9d:67:6b:67:09:05:fc:ea:9f:ef:4b: 27:39:6a:48:20:ed:70:1f:d5:be:4c:6e:e1:f9:3e:fc:ec:7c: 1b:e4:38:19:7e:bf:9b:63:7e:38:e5:31:2c:98:3a:0c:40:12: 3e:a1:bc:35:2c:5d:5f:77:0b:86:e6:83:70:77:27:b6:f2:e7: 38:5f:06:02:d2:bc:d9:d1:f4:a0:c9:fb:72:2e:c1:77:c5:c8: b7:ce:03:7f:d4:d4:6c:c5:3a:c7:e4:f6:3b:dd:41:1d:de:38: 8b:33:8e:ce:41:fe:ac:48:92:b8:b5:2c:ad:b1:05:de:aa:2f: a5:af:9d:65:e4:69:b1:2a:84:cd:74:5f:93:08:b6:9a:47:20: 69:7f:21:3c:0c:24:6a:1c:83:e0:d0:f1:8b:74:57:d0:83:11: 4e:87:37:58:96:a3:99:0b:36:9d:2c:6c:b2:06:2c:df:5d:54: 83:ad:59:16:74:f1:b7:48:d7:ab:fb:3b:a8:75:3e:52:2a:63: 88:ca:c8:e7:c6:c0:55:32:67:13:1b:53:05:0e:eb:22:33:ac: ff:12:b8:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxRDMxMTAvBgNVBAUTKDVFOTlENzA4N0RENTRFQTJFN0U3NUY1QzgwODcwNzEz ODNFOEIyOUUwHhcNMjUwNzIwMTkzMjI0WhcNMjUwNzI3MTkzMjI0WjAYMRYwFAYD VQQDEw02ODdkNDQ0OS01NjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApho2YZOaTxDWvl2SljjrZRY5t1FgTo3ymPHcWZHNiYD6GrVFWBNcsBsJ2rr8 d4E14YMyH6xgT2IfcTYHLurZ7+hSEwm9fQtrHixMYtzyrgJiydXkdjpwtMmCwhUg 0dHG/8RCBWDf7GzEWgEDym8Wc67SgBlytcdN9oXtr/8S7KFOzuyVlso0dKO6jCkb NQqLpYdGoNx1PqmjrLDPkZG3I+GrSemY+FKPodw74PG6vZ8lIlWBUsW8TOiPFRfD SwbHV9UPx2H4EpNpw05DLQOijwlJiKGsMmurlKBAVKA1txnem1p6R6f3e7GBkrKs NyGCL5pdq6d44Y2y+LZ1+avSRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMFM1LE2 JloryiTXnYTM7sdvI8SXMB8GA1UdIwQYMBaAFF6Z1wh91U6i5+dfXICHBxOD6LKe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODFEMy8wQTg0NTlGNDUy MzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRxTG41MTljZ0ljSEU0UG9z cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hwblhDSDNWVHFMbjUxOWNnSWNIRTRQb3NwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODFEMy8wQTg0NTlGNDUyMzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRx TG41MTljZ0ljSEU0UG9zcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5y84qiVTR3QZt7soJKLdVQ1ir4wDG14uxl5VqE//MP6uIsNxUDzjc Rd9tnWdrZwkF/Oqf70snOWpIIO1wH9W+TG7h+T787Hwb5DgZfr+bY3445TEsmDoM QBI+obw1LF1fdwuG5oNwdye28uc4XwYC0rzZ0fSgyftyLsF3xci3zgN/1NRsxTrH 5PY73UEd3jiLM47OQf6sSJK4tSytsQXeqi+lr51l5GmxKoTNdF+TCLaaRyBpfyE8 DCRqHIPg0PGLdFfQgxFOhzdYlqOZCzadLGyyBizfXVSDrVkWdPG3SNer+zuodT5S KmOIysjnxsBVMmcTG1MFDusiM6z/Ergq -----END CERTIFICATE-----Generated at Mon Jul 21 05:48:14 2025 by rpki-client