$ rpki-client -vvf rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft File: yAlz0WzMyeGME6aIAz3E0PDmHEo.mft (raw, json) Hash identifier: 5NFcwdZ1CYLGSiCW2WQgQfBTLsGDNgnwWKLN6JpKn3k= Subject key identifier: AE:B6:4C:53:5F:5D:2A:CA:7D:04:B2:F1:5F:1C:6C:E1:1E:F0:CA:B9 Authority key identifier: C8:09:73:D1:6C:CC:C9:E1:8C:13:A6:88:03:3D:C4:D0:F0:E6:1C:4A Certificate issuer: /CN=A91657FE/serialNumber=C80973D16CCCC9E18C13A688033DC4D0F0E61C4A Certificate serial: 0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAlz0WzMyeGME6aIAz3E0PDmHEo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft Manifest number: 0A Signing time: Tue 01 Jul 2025 08:58:00 +0000 Manifest this update: Tue 01 Jul 2025 08:58:00 +0000 Manifest next update: Tue 08 Jul 2025 08:58:00 +0000 Files and hashes: 1: yAlz0WzMyeGME6aIAz3E0PDmHEo.crl (hash: UI5UCmKVwbNFCNlf8wp5EJT1gyivVyrhbVQJ0O/ON30=) 2: BFEE74284D9811F0930F6465C4F9AE02.roa (hash: utYcBcFgJK+aEaHZM9pNCTgsikhCHuFU4gRIhVACRLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.crl rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAlz0WzMyeGME6aIAz3E0PDmHEo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:57:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91657FE, serialNumber=C80973D16CCCC9E18C13A688033DC4D0F0E61C4A Validity Not Before: Jul 1 08:58:00 2025 GMT Not After : Jul 8 08:58:00 2025 GMT Subject: CN=6863a318-f6d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a9:c7:2c:e6:49:13:a4:62:ae:7b:4b:79:d1: 31:51:c0:60:4b:2c:57:2d:73:a6:5a:6d:8f:c1:2c: 96:c5:d0:ac:be:bd:b7:b9:9e:50:cc:ef:b1:9a:30: fb:97:07:77:8a:97:c1:f2:16:cb:2d:d5:df:63:06: b1:b4:c8:57:c0:8e:8e:5a:4b:fe:1e:10:de:5c:7a: c6:2f:f4:0b:9f:0c:fa:fe:bc:45:fa:c8:a1:59:d1: d9:c9:e0:76:3a:f6:03:2c:62:e1:78:ca:a9:47:fd: 91:37:3b:c7:6b:e9:aa:cc:76:1e:4d:ff:da:e7:b0: 80:8b:b3:61:15:02:35:fd:8f:8c:3a:c0:44:c4:a6: 1a:b1:31:bb:45:95:d2:fb:40:b5:7f:f9:40:b3:22: 91:14:5f:1e:4a:ef:a6:ae:40:87:56:f5:c6:c3:6c: d8:7d:d4:40:67:ec:92:33:3a:69:41:69:0d:61:19: 7c:95:6f:01:97:e0:f5:25:b6:02:37:ab:39:6f:79: c1:5c:c0:ce:59:fb:b1:5b:3f:5a:54:dd:05:2e:ee: 05:6e:ac:e8:1a:50:35:79:d0:5e:73:9a:2a:b2:7e: 56:4f:4c:5d:b9:e8:aa:f4:67:51:3d:3f:72:82:b7: fa:f1:ca:d3:20:a6:04:74:4a:c8:28:41:5b:ce:ce: f3:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:B6:4C:53:5F:5D:2A:CA:7D:04:B2:F1:5F:1C:6C:E1:1E:F0:CA:B9 X509v3 Authority Key Identifier: keyid:C8:09:73:D1:6C:CC:C9:E1:8C:13:A6:88:03:3D:C4:D0:F0:E6:1C:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAlz0WzMyeGME6aIAz3E0PDmHEo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:08:16:a2:2d:5c:4d:1c:49:2f:12:b4:48:b1:b3:79:82:3c: fd:b7:19:7e:b6:b3:5d:ec:bd:9b:a4:d5:1c:6f:54:d7:fb:12: 3c:18:42:1f:3a:cb:ac:ed:74:31:f9:e1:7a:c5:af:8b:a0:10: ae:dd:72:ee:61:6d:3b:c8:15:1d:b8:ae:84:28:3e:f1:6e:ea: c1:68:1e:21:b4:a9:d3:c9:f1:04:79:43:2a:fe:a4:f7:f9:7e: fd:d2:0c:82:74:c0:20:92:c4:84:0b:e5:6b:43:47:96:43:05: d8:ca:f1:56:f4:70:b8:90:7f:d5:2d:1a:df:2e:44:72:76:68: 13:a5:d4:90:da:be:3d:0b:8c:9e:2b:26:be:9a:eb:bb:ef:26: 7f:02:47:17:43:80:7d:79:55:d3:3c:1c:15:22:ce:fb:1e:e6: 19:e7:24:4e:3d:00:ac:12:4a:2e:db:6c:00:f3:ef:0c:c2:9f: 9b:58:cf:d3:32:0c:d6:f1:eb:9c:4d:75:de:f0:7c:94:40:7c: 2c:76:92:d6:a6:84:d6:d2:ad:f5:73:ad:60:0d:34:b2:b5:33: 58:71:e1:f0:01:b5:6e:ee:90:cb:6c:5a:c8:fa:26:e9:60:3f: e3:a4:bc:61:79:8e:34:e5:d6:c4:c3:4f:51:c5:09:e6:90:c3: 5c:f1:9c:c5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NTdGRTExMC8GA1UEBRMoQzgwOTczRDE2Q0NDQzlFMThDMTNBNjg4MDMzREM0RDBG MEU2MUM0QTAeFw0yNTA3MDEwODU4MDBaFw0yNTA3MDgwODU4MDBaMBgxFjAUBgNV BAMTDTY4NjNhMzE4LWY2ZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUqccs5kkTpGKue0t50TFRwGBLLFctc6ZabY/BLJbF0Ky+vbe5nlDM77GaMPuX B3eKl8HyFsst1d9jBrG0yFfAjo5aS/4eEN5cesYv9AufDPr+vEX6yKFZ0dnJ4HY6 9gMsYuF4yqlH/ZE3O8dr6arMdh5N/9rnsICLs2EVAjX9j4w6wETEphqxMbtFldL7 QLV/+UCzIpEUXx5K76auQIdW9cbDbNh91EBn7JIzOmlBaQ1hGXyVbwGX4PUltgI3 qzlvecFcwM5Z+7FbP1pU3QUu7gVurOgaUDV50F5zmiqyflZPTF256Kr0Z1E9P3KC t/rxytMgpgR0SsgoQVvOzvPFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrrZMU19d Ksp9BLLxXxxs4R7wyrkwHwYDVR0jBBgwFoAUyAlz0WzMyeGME6aIAz3E0PDmHEow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1N0ZFL0MwODc1NzIyNEQ4 QjExRjA4RUFDNTgyM0M0RjlBRTAyL3lBbHowV3pNeWVHTUU2YUlBejNFMFBEbUhF by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUFsejBXek15ZUdNRTZhSUF6M0UwUERtSEVvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1 N0ZFL0MwODc1NzIyNEQ4QjExRjA4RUFDNTgyM0M0RjlBRTAyL3lBbHowV3pNeWVH TUU2YUlBejNFMFBEbUhFby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKwIFqItXE0cSS8StEixs3mCPP23GX62s13svZuk1RxvVNf7EjwYQh86 y6ztdDH54XrFr4ugEK7dcu5hbTvIFR24roQoPvFu6sFoHiG0qdPJ8QR5Qyr+pPf5 fv3SDIJ0wCCSxIQL5WtDR5ZDBdjK8Vb0cLiQf9UtGt8uRHJ2aBOl1JDavj0LjJ4r Jr6a67vvJn8CRxdDgH15VdM8HBUizvse5hnnJE49AKwSSi7bbADz7wzCn5tYz9My DNbx65xNdd7wfJRAfCx2ktamhNbSrfVzrWANNLK1M1hx4fABtW7ukMtsWsj6Julg P+OkvGF5jjTl1sTDT1HFCeaQw1zxnMU= -----END CERTIFICATE-----Generated at Tue Jul 1 19:00:07 2025 by rpki-client