$ rpki-client -vvf rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft File: XpnXCH3VTqLn519cgIcHE4Posp4.mft (raw, json) Hash identifier: NXz58+UojOK6uA7q8jZla7Bsye7l3dPAI+Bd2xHFbLA= Subject key identifier: 34:95:08:59:3B:12:38:45:F6:2D:D6:5C:F8:5B:42:59:64:F1:80:F8 Authority key identifier: 5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E Certificate issuer: /CN=A91F81D3/serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Certificate serial: 0B36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft Manifest number: 0B17 Signing time: Sun 02 Nov 2025 19:18:45 +0000 Manifest this update: Sun 02 Nov 2025 19:18:45 +0000 Manifest next update: Sun 09 Nov 2025 19:18:45 +0000 Files and hashes: 1: XpnXCH3VTqLn519cgIcHE4Posp4.crl (hash: a7La5qxIC/cf/yzJrA9QQ+S4y8i+49dHlPGxqIzowqo=) 2: E4A8C1240A3611F08B9CFD4FC4F9AE02.roa (hash: pW6ZkmsKrYO4khbqPdFp+1VATISq0kaXo2DoENq+wFM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:18:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2870 (0xb36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F81D3, serialNumber=5E99D7087DD54EA2E7E75F5C8087071383E8B29E Validity Not Before: Nov 2 19:18:45 2025 GMT Not After : Nov 9 19:18:45 2025 GMT Subject: CN=6907ae95-3457 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:58:2f:11:0e:ec:48:76:51:b6:5b:d5:cd:30: 2d:36:70:3b:3f:65:ed:f8:e7:1c:73:3b:39:8b:fe: 38:b7:70:89:f7:d8:5e:9b:e5:68:98:4c:d1:7a:ee: 2a:44:09:0b:ee:d2:06:3c:65:ad:9d:27:0c:37:55: 6b:b6:da:c7:74:85:82:30:ae:7a:ae:33:52:47:f1: bb:bd:b3:69:bc:a7:f1:0c:54:ef:14:2d:c3:43:32: ee:4f:b2:a6:4f:7e:7b:6e:08:dd:60:89:0b:ac:2d: ae:ac:9d:ab:2d:98:57:55:5a:7a:60:e9:c7:a5:f6: f0:d8:8e:77:da:c0:37:d0:af:c8:fe:b7:ec:5e:21: 94:b1:e3:74:f8:a2:22:6c:d5:5a:9d:35:af:70:de: 7a:58:63:ba:e8:46:a0:9d:4e:22:1c:81:c7:39:af: fc:d3:1d:6e:5f:06:35:2f:ba:df:6b:f4:99:d3:55: fd:41:22:97:19:9c:ce:64:03:08:ad:b6:0b:5f:b0: f8:f5:3d:87:da:dc:b0:ca:f4:93:f9:ab:c8:bb:a2: 67:e3:b0:59:55:c9:88:6e:3c:d9:a2:e7:21:30:8c: be:99:7c:0d:43:68:16:d9:95:b6:6b:cc:f7:da:5b: 68:e3:ee:ce:c9:a5:2e:dc:ad:c5:19:2a:ee:3e:be: bd:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:95:08:59:3B:12:38:45:F6:2D:D6:5C:F8:5B:42:59:64:F1:80:F8 X509v3 Authority Key Identifier: keyid:5E:99:D7:08:7D:D5:4E:A2:E7:E7:5F:5C:80:87:07:13:83:E8:B2:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XpnXCH3VTqLn519cgIcHE4Posp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F81D3/0A8459F4523511EA9A0CB273C4F9AE02/XpnXCH3VTqLn519cgIcHE4Posp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:9b:5e:09:ba:d6:c9:69:ec:24:31:1e:16:24:e1:85:4e:a4: b1:0a:fd:db:fc:e8:45:a0:76:64:82:26:4a:0d:3e:67:26:f9: 00:8a:34:e7:10:c4:56:1a:db:61:a2:f1:59:7c:f0:be:f2:83: 38:01:de:d5:e3:a1:73:69:41:a8:9f:26:29:15:d5:27:d1:84: 88:00:84:df:35:fb:5f:7c:33:40:3d:69:de:90:29:31:bc:1e: 10:67:d2:73:9c:ce:47:ac:30:fc:d8:7a:c5:89:a7:3c:1c:d6: f7:3a:d5:7f:12:34:7e:e4:f4:39:07:3a:83:ff:07:ae:2b:2b: 80:f2:e4:d9:fa:76:1b:7b:1e:2a:bb:ab:a1:d7:25:c5:96:56: c0:a1:11:b0:90:92:08:34:5d:8f:72:1f:de:47:28:03:88:eb: 74:15:75:5d:09:e3:02:d4:69:f5:76:7a:51:f5:38:d5:02:ac: 1e:7e:a4:4d:03:f3:1d:8d:ea:4b:8f:8f:f0:62:26:65:28:be: f1:62:32:b9:d1:74:17:e3:82:b7:26:9a:22:cc:e4:60:1f:6f: 84:1f:1d:43:62:56:6e:a8:ef:84:82:76:a6:d4:43:22:d5:d4: ba:90:73:0e:dd:f0:cd:33:8b:b6:91:98:8a:84:2f:b6:39:6a: 9f:ee:a5:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCzYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxRDMxMTAvBgNVBAUTKDVFOTlENzA4N0RENTRFQTJFN0U3NUY1QzgwODcwNzEz ODNFOEIyOUUwHhcNMjUxMTAyMTkxODQ1WhcNMjUxMTA5MTkxODQ1WjAYMRYwFAYD VQQDEw02OTA3YWU5NS0zNDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA01gvEQ7sSHZRtlvVzTAtNnA7P2Xt+Occczs5i/44t3CJ99hem+VomEzReu4q RAkL7tIGPGWtnScMN1VrttrHdIWCMK56rjNSR/G7vbNpvKfxDFTvFC3DQzLuT7Km T357bgjdYIkLrC2urJ2rLZhXVVp6YOnHpfbw2I532sA30K/I/rfsXiGUseN0+KIi bNVanTWvcN56WGO66EagnU4iHIHHOa/80x1uXwY1L7rfa/SZ01X9QSKXGZzOZAMI rbYLX7D49T2H2tywyvST+avIu6Jn47BZVcmIbjzZouchMIy+mXwNQ2gW2ZW2a8z3 2lto4+7OyaUu3K3FGSruPr69bQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDSVCFk7 EjhF9i3WXPhbQllk8YD4MB8GA1UdIwQYMBaAFF6Z1wh91U6i5+dfXICHBxOD6LKe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODFEMy8wQTg0NTlGNDUy MzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRxTG41MTljZ0ljSEU0UG9z cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hwblhDSDNWVHFMbjUxOWNnSWNIRTRQb3NwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODFEMy8wQTg0NTlGNDUyMzUxMUVBOUEwQ0IyNzNDNEY5QUUwMi9YcG5YQ0gzVlRx TG41MTljZ0ljSEU0UG9zcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZm14JutbJaewkMR4WJOGFTqSxCv3b/OhFoHZkgiZKDT5nJvkAijTn EMRWGtthovFZfPC+8oM4Ad7V46FzaUGonyYpFdUn0YSIAITfNftffDNAPWnekCkx vB4QZ9JznM5HrDD82HrFiac8HNb3OtV/EjR+5PQ5BzqD/weuKyuA8uTZ+nYbex4q u6uh1yXFllbAoRGwkJIINF2Pch/eRygDiOt0FXVdCeMC1Gn1dnpR9TjVAqwefqRN A/MdjepLj4/wYiZlKL7xYjK50XQX44K3JpoizORgH2+EHx1DYlZuqO+Egnam1EMi 1dS6kHMO3fDNM4u2kZiKhC+2OWqf7qUd -----END CERTIFICATE-----Generated at Tue Nov 4 08:28:00 2025 by rpki-client