$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: nevtmc5UsTR9YCUc24b18rVS+78XhM1g47LiDyTENLI= Subject key identifier: 4D:7C:22:B2:1C:59:84:83:54:6E:52:74:C7:0B:1A:A7:E9:97:55:21 Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 021D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 021A Signing time: Wed 17 Sep 2025 02:33:34 +0000 Manifest this update: Wed 17 Sep 2025 02:33:33 +0000 Manifest next update: Wed 24 Sep 2025 02:33:33 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: pmsDngWvRtl1KCwaqxdXyjLE8EJDIxK54mkkzYyQiuA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 02:33:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 541 (0x21d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0, serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: Sep 17 02:33:33 2025 GMT Not After : Sep 24 02:33:33 2025 GMT Subject: CN=68ca1dfd-ec8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b5:bc:fb:e3:b7:29:62:29:10:66:99:22:4c: 7a:a3:74:ed:25:dc:53:ae:da:54:77:0e:aa:42:07: d0:fa:96:b3:6f:ce:5a:ea:ca:5c:26:b1:67:61:31: 05:23:0b:7b:1c:19:31:29:63:e3:4a:d8:3d:fe:4b: 2e:06:52:14:03:73:fa:d6:e4:c1:75:fa:6e:51:f1: c0:33:a7:38:13:52:3e:2a:bf:a3:b1:93:68:02:94: 5f:81:54:10:bf:e1:35:51:ab:55:20:8c:65:7c:bd: 25:35:cf:18:e7:75:62:31:83:b3:12:18:e8:da:f1: f6:f0:9c:fe:71:46:c0:30:4b:cf:12:6a:57:9a:b5: e2:c9:be:74:ff:4d:c4:88:e5:16:e1:11:dc:77:a4: 1c:de:26:33:f6:a0:b6:e9:80:03:84:8f:c0:87:da: dd:84:ca:16:07:76:aa:f4:9d:52:f9:85:6c:b4:8e: 31:b0:e6:c9:5c:64:95:8f:f7:b4:66:e7:f8:d2:89: 74:c5:b2:37:ec:14:e6:11:38:95:6b:9c:2a:1c:20: 5e:8b:7a:c4:3c:d2:ff:44:9d:f9:6a:88:01:14:c2: 8d:83:ed:f1:b3:32:f4:40:c2:ef:c9:74:42:22:30: ca:29:8e:33:a8:94:d8:48:2a:c2:7f:73:91:32:d2: 15:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:7C:22:B2:1C:59:84:83:54:6E:52:74:C7:0B:1A:A7:E9:97:55:21 X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:d4:79:40:0d:51:33:f8:52:4d:dc:af:d1:6c:58:ba:14:16: 48:c9:c4:5d:e2:9d:11:5b:7f:54:86:e8:7b:c9:67:5c:3d:40: a9:57:38:9a:0a:a3:aa:ee:ec:65:db:38:e2:c4:e2:f8:17:d8: 98:c0:64:b5:de:2d:18:69:5c:bc:8a:03:e8:e1:fb:01:c3:38: a9:a4:3e:5b:41:4b:2f:13:fa:38:27:fc:e1:38:d3:59:cb:65: 89:c6:f1:92:6c:62:ad:1b:43:86:d0:dd:f9:a9:78:92:18:44: 7d:ac:0d:17:f9:b2:21:e2:81:32:aa:d2:a1:ac:e5:4c:38:29: 06:0e:e3:74:37:f6:d4:7c:5b:39:f3:58:66:a1:13:db:9f:78: a8:a6:56:12:cd:4c:8c:c6:c5:dd:e4:99:c0:d0:41:10:da:e1: cf:dd:a3:e7:8e:7a:c0:b2:a4:d4:fa:af:8f:3c:42:f4:4f:3e: 86:a5:0d:a7:73:66:0e:f8:91:48:e6:22:08:de:18:13:ac:21: 18:bb:67:e6:8d:3f:30:45:1d:0c:7f:b2:6b:12:ce:dc:5a:65: 6c:76:dc:e5:ef:da:7d:25:82:be:b1:6f:9a:c2:f4:84:85:93: 9d:08:45:9e:3b:f4:e9:18:d4:9a:ce:0a:0a:ed:e7:03:2a:75: c4:4f:ec:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjUwOTE3MDIzMzMzWhcNMjUwOTI0MDIzMzMzWjAYMRYwFAYD VQQDEw02OGNhMWRmZC1lYzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7W8++O3KWIpEGaZIkx6o3TtJdxTrtpUdw6qQgfQ+pazb85a6spcJrFnYTEF Iwt7HBkxKWPjStg9/ksuBlIUA3P61uTBdfpuUfHAM6c4E1I+Kr+jsZNoApRfgVQQ v+E1UatVIIxlfL0lNc8Y53ViMYOzEhjo2vH28Jz+cUbAMEvPEmpXmrXiyb50/03E iOUW4RHcd6Qc3iYz9qC26YADhI/Ah9rdhMoWB3aq9J1S+YVstI4xsObJXGSVj/e0 Zuf40ol0xbI37BTmETiVa5wqHCBei3rEPNL/RJ35aogBFMKNg+3xszL0QMLvyXRC IjDKKY4zqJTYSCrCf3ORMtIV6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE18IrIc WYSDVG5SdMcLGqfpl1UhMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB61HlADVEz+FJN3K/RbFi6FBZIycRd4p0RW39Uhuh7yWdcPUCpVzia CqOq7uxl2zjixOL4F9iYwGS13i0YaVy8igPo4fsBwzippD5bQUsvE/o4J/zhONNZ y2WJxvGSbGKtG0OG0N35qXiSGER9rA0X+bIh4oEyqtKhrOVMOCkGDuN0N/bUfFs5 81hmoRPbn3ioplYSzUyMxsXd5JnA0EEQ2uHP3aPnjnrAsqTU+q+PPEL0Tz6GpQ2n c2YO+JFI5iII3hgTrCEYu2fmjT8wRR0Mf7JrEs7cWmVsdtzl79p9JYK+sW+awvSE hZOdCEWeO/TpGNSazgoK7ecDKnXET+w3 -----END CERTIFICATE-----Generated at Fri Sep 19 01:00:49 2025 by rpki-client