$ rpki-client -vvf rpki.apnic.net/member_repository/A9144F45/D76FF044397011EC9B65BA16C4F9AE02/YBC8xly5zPAs9-0p7HXk1iK98_A.mft File: YBC8xly5zPAs9-0p7HXk1iK98_A.mft (raw, json) Hash identifier: YrWvAMtRCbHrEE6lJY9IEog6g4bi+mXhN7Y39vxXCBs= Subject key identifier: 2B:B2:12:47:33:03:D8:01:AA:7B:23:4B:44:18:98:86:8A:66:45:17 Authority key identifier: 60:10:BC:C6:5C:B9:CC:F0:2C:F7:ED:29:EC:75:E4:D6:22:BD:F3:F0 Certificate issuer: /CN=A9144F45/serialNumber=6010BCC65CB9CCF02CF7ED29EC75E4D622BDF3F0 Certificate serial: 04C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YBC8xly5zPAs9-0p7HXk1iK98_A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144F45/D76FF044397011EC9B65BA16C4F9AE02/YBC8xly5zPAs9-0p7HXk1iK98_A.mft Manifest number: 04C0 Signing time: Sat 23 Aug 2025 00:04:52 +0000 Manifest this update: Sat 23 Aug 2025 00:04:51 +0000 Manifest next update: Sat 30 Aug 2025 00:04:51 +0000 Files and hashes: 1: YBC8xly5zPAs9-0p7HXk1iK98_A.crl (hash: mq2I13O7M9rsjUqo1LRf8oryftZaPTYdPCiGaMmnYTk=) 2: E225E68E397411EC8120D135C4F9AE02.roa (hash: GWZiL4+KkXKacwwHdWBVfV3QtoEcyH45HgJbisXMlBM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144F45/D76FF044397011EC9B65BA16C4F9AE02/YBC8xly5zPAs9-0p7HXk1iK98_A.crl rsync://rpki.apnic.net/member_repository/A9144F45/D76FF044397011EC9B65BA16C4F9AE02/YBC8xly5zPAs9-0p7HXk1iK98_A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YBC8xly5zPAs9-0p7HXk1iK98_A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:04:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1220 (0x4c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144F45, serialNumber=6010BCC65CB9CCF02CF7ED29EC75E4D622BDF3F0 Validity Not Before: Aug 23 00:04:51 2025 GMT Not After : Aug 30 00:04:51 2025 GMT Subject: CN=68a905a3-2442 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ca:8d:17:de:bc:90:44:87:bd:b4:67:7c:54: 2c:0a:dc:29:25:fc:00:ab:71:7f:de:26:b2:a8:c8: 8b:2f:69:fd:2f:55:c7:f5:1f:68:c9:35:91:9c:81: e7:3f:7b:38:9c:0d:2f:1d:5d:89:d2:16:7c:49:0d: 5d:4c:17:ad:3b:7c:b4:1f:62:2b:97:77:51:de:52: ff:32:37:ec:36:8b:78:4f:b9:99:0b:be:4f:59:ec: 35:84:d2:67:ba:db:77:80:d9:a4:8c:c9:50:58:e3: 84:18:26:17:39:e5:80:46:2a:dd:ee:1a:e4:65:ba: 8d:20:a3:3d:07:76:d3:a6:4e:b9:a3:dd:6d:f2:00: ae:f9:f5:14:d9:d9:93:16:d0:5c:1c:f0:43:53:ab: c0:78:25:5f:16:97:94:6c:f7:15:18:6f:15:1d:6a: f7:83:0c:dd:01:5b:0a:71:c7:1c:14:70:50:14:ec: 77:e9:8b:cc:8d:19:b9:34:9f:33:56:b5:25:d8:27: 37:3a:80:b3:9d:b7:e2:61:49:33:c0:a5:97:62:2f: ab:41:dd:a1:0d:53:84:0b:d7:55:3e:51:40:3c:79: 60:fa:4e:8f:2f:31:0f:fe:40:7a:0f:15:28:4d:f8: 84:0b:f1:d2:6e:31:42:78:43:12:c6:6e:b0:82:f6: 5c:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:B2:12:47:33:03:D8:01:AA:7B:23:4B:44:18:98:86:8A:66:45:17 X509v3 Authority Key Identifier: keyid:60:10:BC:C6:5C:B9:CC:F0:2C:F7:ED:29:EC:75:E4:D6:22:BD:F3:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144F45/D76FF044397011EC9B65BA16C4F9AE02/YBC8xly5zPAs9-0p7HXk1iK98_A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YBC8xly5zPAs9-0p7HXk1iK98_A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144F45/D76FF044397011EC9B65BA16C4F9AE02/YBC8xly5zPAs9-0p7HXk1iK98_A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:e3:13:7c:d9:4e:da:60:fd:f4:e5:30:d7:f3:7d:9d:e0:23: e5:54:52:db:de:9c:e9:c5:4a:2b:b1:28:4e:c6:c8:c4:63:8d: 6f:f3:8c:56:a1:38:27:bc:e1:0b:ea:69:41:a1:74:01:62:26: 06:58:3d:c8:de:e5:fd:f9:a0:8f:1b:e9:3b:8c:91:1c:b3:da: eb:ad:21:f3:38:08:3e:0f:91:5f:8b:b1:4e:3c:e7:f3:a8:b5: e8:13:4c:b3:56:44:1e:c3:82:dd:85:09:9b:c7:08:cd:ba:c2: 49:56:8d:10:52:de:c5:06:1a:66:9a:e3:6e:db:51:5e:75:1b: b2:51:59:4c:20:1c:59:d7:c4:d9:3d:de:03:cd:06:72:e7:63: 9c:fd:5e:67:1c:bb:23:d5:a0:08:23:cf:4f:2e:a8:31:b4:39: 7e:c7:bb:1b:f0:59:a5:e1:16:b5:a5:02:46:2d:4c:19:f8:04: b6:62:f2:74:1b:c8:ca:e5:36:c9:70:0f:88:41:8c:62:5c:58: 0b:b7:1f:eb:58:9f:88:1a:11:dc:7d:02:25:74:d6:67:3e:b7: d8:50:34:40:52:d7:48:d5:2f:48:01:da:36:9b:dc:f5:86:35: 13:6e:a9:95:bd:39:24:46:0a:8e:3c:8a:51:6b:ad:af:78:b7: 50:7f:13:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDRGNDUxMTAvBgNVBAUTKDYwMTBCQ0M2NUNCOUNDRjAyQ0Y3RUQyOUVDNzVFNEQ2 MjJCREYzRjAwHhcNMjUwODIzMDAwNDUxWhcNMjUwODMwMDAwNDUxWjAYMRYwFAYD VQQDEw02OGE5MDVhMy0yNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxMqNF968kESHvbRnfFQsCtwpJfwAq3F/3iayqMiLL2n9L1XH9R9oyTWRnIHn P3s4nA0vHV2J0hZ8SQ1dTBetO3y0H2Irl3dR3lL/MjfsNot4T7mZC75PWew1hNJn utt3gNmkjMlQWOOEGCYXOeWARird7hrkZbqNIKM9B3bTpk65o91t8gCu+fUU2dmT FtBcHPBDU6vAeCVfFpeUbPcVGG8VHWr3gwzdAVsKccccFHBQFOx36YvMjRm5NJ8z VrUl2Cc3OoCznbfiYUkzwKWXYi+rQd2hDVOEC9dVPlFAPHlg+k6PLzEP/kB6DxUo TfiEC/HSbjFCeEMSxm6wgvZcyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCuyEkcz A9gBqnsjS0QYmIaKZkUXMB8GA1UdIwQYMBaAFGAQvMZcuczwLPftKex15NYivfPw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEY0NS9ENzZGRjA0NDM5 NzAxMUVDOUI2NUJBMTZDNEY5QUUwMi9ZQkM4eGx5NXpQQXM5LTBwN0hYazFpSzk4 X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lCQzh4bHk1elBBczktMHA3SFhrMWlLOThfQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NEY0NS9ENzZGRjA0NDM5NzAxMUVDOUI2NUJBMTZDNEY5QUUwMi9ZQkM4eGx5NXpQ QXM5LTBwN0hYazFpSzk4X0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDE4xN82U7aYP305TDX832d4CPlVFLb3pzpxUorsShOxsjEY41v84xW oTgnvOEL6mlBoXQBYiYGWD3I3uX9+aCPG+k7jJEcs9rrrSHzOAg+D5Ffi7FOPOfz qLXoE0yzVkQew4LdhQmbxwjNusJJVo0QUt7FBhpmmuNu21FedRuyUVlMIBxZ18TZ Pd4DzQZy52Oc/V5nHLsj1aAII89PLqgxtDl+x7sb8Fml4Ra1pQJGLUwZ+AS2YvJ0 G8jK5TbJcA+IQYxiXFgLtx/rWJ+IGhHcfQIldNZnPrfYUDRAUtdI1S9IAdo2m9z1 hjUTbqmVvTkkRgqOPIpRa62veLdQfxNb -----END CERTIFICATE-----Generated at Sat Aug 23 22:39:48 2025 by rpki-client