$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: vmX5PcscHUMIcHU13X339UV2AKGYmUiSzJj0assIYvM= Subject key identifier: 28:B6:A7:63:29:28:0D:9A:0B:32:62:0F:28:6D:C8:5F:8A:D5:8F:08 Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 0234 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 0231 Signing time: Mon 03 Nov 2025 01:51:51 +0000 Manifest this update: Mon 03 Nov 2025 01:51:51 +0000 Manifest next update: Mon 10 Nov 2025 01:51:51 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: JHhXbqPX9CYZX/x74DrTzlP7r9YeYD9tQr7XJipGmDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:51:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 564 (0x234) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0, serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: Nov 3 01:51:51 2025 GMT Not After : Nov 10 01:51:51 2025 GMT Subject: CN=69080ab7-fdc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:dd:0f:ae:18:62:16:c5:75:fd:32:ad:21:f9: 90:63:2e:b4:b0:c0:23:6e:84:6c:8e:80:6a:89:4c: d7:7b:14:78:dd:d8:9b:f8:a3:cd:b7:f7:22:5d:39: 7d:40:67:b6:90:3d:c7:f0:b4:3e:7b:ed:e9:9e:a0: 8b:92:67:7e:74:f2:45:7d:16:1b:eb:23:64:4d:09: fd:d8:94:35:31:5c:53:74:94:e9:47:33:85:bb:43: 77:ed:14:b9:8d:b4:c3:bf:0a:aa:82:e4:4b:c2:56: 33:e9:a5:15:59:e7:a9:f0:78:24:e0:6f:72:56:34: cb:c3:65:83:3d:fc:8e:89:de:6b:f7:f6:64:c1:23: 86:57:4e:5d:5b:3f:82:e6:f2:bb:af:97:d9:19:c2: 13:0b:3d:80:aa:b5:10:42:fb:b8:2b:7e:2f:34:6f: 8f:9d:10:15:f0:24:e3:bf:b2:e4:39:16:d3:f5:ad: eb:84:1a:11:99:f6:30:1b:d2:7b:1a:af:da:1d:e7: 92:eb:0b:d6:70:6b:c9:45:7f:b9:75:5b:e3:72:d0: 3d:5c:00:10:c0:47:cc:cf:97:7d:e0:98:40:a7:38: ee:0e:bf:2c:2c:b9:91:d5:0a:b3:f7:1c:05:5e:a0: 9c:1f:35:15:d5:cd:1a:a3:40:61:30:c6:18:ae:55: fe:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:B6:A7:63:29:28:0D:9A:0B:32:62:0F:28:6D:C8:5F:8A:D5:8F:08 X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:33:21:eb:52:82:2d:0c:09:6e:0a:4d:f2:3b:7c:ac:cb:ec: 53:44:22:4d:e0:b1:51:02:05:e4:52:0d:bd:18:ba:6e:4f:88: 08:a3:21:9a:23:fa:b0:51:09:e2:2b:11:26:3a:9c:73:3a:c9: 98:5c:51:91:ee:fd:b6:9c:fe:6a:72:b1:0e:43:50:79:04:32: 1f:e3:f8:1b:18:cc:55:7d:6a:68:21:41:61:92:84:d7:6b:df: e3:25:ce:0c:c6:31:ad:bd:0f:6d:78:e5:50:43:12:6d:a2:5e: 64:a4:e7:95:cd:31:0e:da:97:5d:16:27:cc:46:ea:1f:cc:10: 01:cf:65:13:2e:dc:04:be:32:7e:67:af:8f:05:9c:63:2d:e3: a4:d3:7c:ca:c5:5a:43:d4:32:26:a3:d8:7c:e2:3e:aa:95:94: 96:76:18:30:45:63:0a:d2:b7:2f:6c:86:3d:b0:f2:a9:a7:a6: 7e:7f:81:be:0d:af:ad:37:6d:6d:20:76:dc:91:70:91:2d:01: fc:01:4f:8e:f9:8f:49:e8:c3:c1:ca:95:22:dc:f1:21:b1:12: 93:e4:22:da:bf:b3:28:b2:73:76:d5:b5:4e:93:33:ac:ba:ca: 42:ea:e2:f8:ea:55:01:58:c5:37:23:ca:bc:2e:92:b0:12:4e: b2:0d:b2:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjUxMTAzMDE1MTUxWhcNMjUxMTEwMDE1MTUxWjAYMRYwFAYD VQQDEw02OTA4MGFiNy1mZGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwt0PrhhiFsV1/TKtIfmQYy60sMAjboRsjoBqiUzXexR43dib+KPNt/ciXTl9 QGe2kD3H8LQ+e+3pnqCLkmd+dPJFfRYb6yNkTQn92JQ1MVxTdJTpRzOFu0N37RS5 jbTDvwqqguRLwlYz6aUVWeep8Hgk4G9yVjTLw2WDPfyOid5r9/ZkwSOGV05dWz+C 5vK7r5fZGcITCz2AqrUQQvu4K34vNG+PnRAV8CTjv7LkORbT9a3rhBoRmfYwG9J7 Gq/aHeeS6wvWcGvJRX+5dVvjctA9XAAQwEfMz5d94JhApzjuDr8sLLmR1Qqz9xwF XqCcHzUV1c0ao0BhMMYYrlX+zwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCi2p2Mp KA2aCzJiDyhtyF+K1Y8IMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiMyHrUoItDAluCk3yO3ysy+xTRCJN4LFRAgXkUg29GLpuT4gIoyGa I/qwUQniKxEmOpxzOsmYXFGR7v22nP5qcrEOQ1B5BDIf4/gbGMxVfWpoIUFhkoTX a9/jJc4MxjGtvQ9teOVQQxJtol5kpOeVzTEO2pddFifMRuofzBABz2UTLtwEvjJ+ Z6+PBZxjLeOk03zKxVpD1DImo9h84j6qlZSWdhgwRWMK0rcvbIY9sPKpp6Z+f4G+ Da+tN21tIHbckXCRLQH8AU+O+Y9J6MPBypUi3PEhsRKT5CLav7MosnN21bVOkzOs uspC6uL46lUBWMU3I8q8LpKwEk6yDbKK -----END CERTIFICATE-----Generated at Tue Nov 4 08:30:26 2025 by rpki-client