$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft File: xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft (raw, json) Hash identifier: f1ekp8QYxJOkljX1s1yL92e68tf8zt/hMdI3peFBPxA= Subject key identifier: 47:A0:4D:1B:51:4A:7E:2D:71:DE:07:A2:D5:31:92:8E:DA:6C:6E:4A Authority key identifier: C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED Certificate issuer: /CN=A91EBFAE/serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Certificate serial: 2533 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft Manifest number: 2533 Signing time: Fri 22 Aug 2025 14:32:42 +0000 Manifest this update: Fri 22 Aug 2025 14:32:41 +0000 Manifest next update: Fri 29 Aug 2025 14:32:41 +0000 Files and hashes: 1: xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl (hash: D5diQZ7b2NyrVtnP03V/3QerlEP5/PNvKeGYCptPrSs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:32:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9523 (0x2533) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBFAE, serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Validity Not Before: Aug 22 14:32:41 2025 GMT Not After : Aug 29 14:32:41 2025 GMT Subject: CN=68a87f89-3384 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:30:6d:60:c8:60:c7:5d:25:59:f3:59:cc:b5: 5b:f2:df:dd:61:62:1e:e7:ad:57:65:58:54:3c:17: 6a:a0:59:a0:46:58:e4:bf:cd:e2:34:fb:81:27:48: a2:76:81:e6:1f:e0:72:f9:44:07:4d:d4:2b:d7:eb: 8f:d3:65:d7:0d:7a:98:4c:85:68:b1:14:e1:f0:dd: d3:91:70:24:73:07:a0:ee:45:fb:7b:d6:47:e6:4e: e3:b2:93:cf:3d:04:7b:f1:cf:6e:99:5a:15:14:bf: f5:e3:ea:8e:52:35:0a:39:cd:d2:cf:1e:77:8e:d4: 29:6c:55:d0:d7:c8:0f:39:31:58:ea:58:f2:41:dc: 6a:47:cb:27:cb:ef:fe:6d:64:64:f3:f8:6e:c0:42: c9:7c:b4:c3:de:6a:4e:31:ec:05:1a:b7:5a:b5:32: c0:75:f2:f3:66:70:8d:92:6d:cd:5a:95:e9:46:72: b3:8a:56:1e:60:23:c9:df:94:a8:7f:3f:9b:09:d9: 1b:bf:e7:cf:be:0f:48:38:43:55:1b:4e:6b:35:eb: e5:e7:af:33:6d:a6:ae:55:a1:29:fa:8d:fd:d5:8c: 62:bb:c2:a7:9c:2a:fe:9c:ac:46:27:db:b8:e6:c5: 9d:81:39:65:83:7f:22:d2:29:b3:13:ba:e8:c7:4d: 8f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:A0:4D:1B:51:4A:7E:2D:71:DE:07:A2:D5:31:92:8E:DA:6C:6E:4A X509v3 Authority Key Identifier: keyid:C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:6b:f9:8b:67:5d:ad:b9:89:a5:5f:a0:70:56:6c:17:28:a5: 95:0d:eb:cf:86:db:d2:9d:64:7a:13:5d:96:16:1c:d4:6b:37: 91:b9:2a:d9:c7:6f:e1:2e:3f:da:b8:ea:55:9e:7b:e0:80:30: e2:4d:48:47:91:1d:d6:fc:c6:42:5c:91:13:ec:e5:86:db:11: 87:fe:d5:1d:d9:86:5b:b7:a1:b1:3b:19:cc:65:c4:53:12:bb: b8:bc:62:9d:26:d8:80:49:96:f1:13:98:61:b6:4c:8b:08:6a: f5:ce:cf:ea:48:7e:fb:84:77:db:e0:af:ee:3c:76:70:98:96: 57:4b:7f:ee:fc:a1:55:ab:b3:87:e0:81:1e:f8:fa:d9:02:a2: 96:5e:fe:d1:74:53:d0:a5:12:12:89:2e:5d:60:82:4a:cf:27: 68:ed:f7:b0:6f:26:2d:11:5e:f7:a9:a3:db:ff:7b:16:04:44: bf:77:df:8f:34:25:fc:28:84:a7:40:3c:92:17:a0:3c:d8:a0: 58:22:89:de:dc:b1:16:72:05:9f:89:c6:29:80:74:58:8a:28: 38:0a:6d:a3:be:96:28:f8:a3:67:92:7f:27:64:f2:49:6f:2a: 31:69:75:9b:73:11:d2:c4:c2:70:8a:85:36:cb:6f:69:11:2e: 25:1a:b4:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJTMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGQUUxMTAvBgNVBAUTKEM2NTNFRjc3QjE5RDEwOENGNUM1OUFFMTgwMUYwMjAw M0FCNTVFRUQwHhcNMjUwODIyMTQzMjQxWhcNMjUwODI5MTQzMjQxWjAYMRYwFAYD VQQDEw02OGE4N2Y4OS0zMzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6jBtYMhgx10lWfNZzLVb8t/dYWIe561XZVhUPBdqoFmgRljkv83iNPuBJ0ii doHmH+By+UQHTdQr1+uP02XXDXqYTIVosRTh8N3TkXAkcweg7kX7e9ZH5k7jspPP PQR78c9umVoVFL/14+qOUjUKOc3Szx53jtQpbFXQ18gPOTFY6ljyQdxqR8sny+/+ bWRk8/huwELJfLTD3mpOMewFGrdatTLAdfLzZnCNkm3NWpXpRnKzilYeYCPJ35So fz+bCdkbv+fPvg9IOENVG05rNevl568zbaauVaEp+o391Yxiu8KnnCr+nKxGJ9u4 5sWdgTllg38i0imzE7rox02PFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEegTRtR Sn4tcd4HotUxko7abG5KMB8GA1UdIwQYMBaAFMZT73exnRCM9cWa4YAfAgA6tV7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZBRS9FRDMyNDQwQTI5 MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJejF4WnJoZ0I4Q0FEcTFY dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3hsUHZkN0dkRUl6MXhacmhnQjhDQURxMVh1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkZBRS9FRDMyNDQwQTI5MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJ ejF4WnJoZ0I4Q0FEcTFYdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+a/mLZ12tuYmlX6BwVmwXKKWVDevPhtvSnWR6E12WFhzUazeRuSrZ x2/hLj/auOpVnnvggDDiTUhHkR3W/MZCXJET7OWG2xGH/tUd2YZbt6GxOxnMZcRT Eru4vGKdJtiASZbxE5hhtkyLCGr1zs/qSH77hHfb4K/uPHZwmJZXS3/u/KFVq7OH 4IEe+PrZAqKWXv7RdFPQpRISiS5dYIJKzydo7fewbyYtEV73qaPb/3sWBES/d9+P NCX8KISnQDySF6A82KBYIone3LEWcgWficYpgHRYiig4Cm2jvpYo+KNnkn8nZPJJ byoxaXWbcxHSxMJwioU2y29pES4lGrQU -----END CERTIFICATE-----Generated at Sat Aug 23 21:23:29 2025 by rpki-client