$ rpki-client -vvf rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft File: kY5yieKMGkkiojy1Zb2CG34gphE.mft (raw, json) Hash identifier: GlkdMX3UF7gfxjRYIJuJNf7wCN0p5SsK58G6OsbjUeg= Subject key identifier: 83:68:97:2A:B6:83:C5:45:DD:3E:ED:90:67:AB:1D:92:FD:6D:0C:25 Authority key identifier: 91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11 Certificate issuer: /CN=A9171B1A/serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611 Certificate serial: 0CCE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft Manifest number: 0CC2 Signing time: Fri 22 Aug 2025 18:14:41 +0000 Manifest this update: Fri 22 Aug 2025 18:14:40 +0000 Manifest next update: Fri 29 Aug 2025 18:14:40 +0000 Files and hashes: 1: kY5yieKMGkkiojy1Zb2CG34gphE.crl (hash: a6lm4HDc2KRvwqgfmLJeA1wA7zWYlkS2SeyHmAZ37w8=) 2: 6D9433B0F41211E9AAF5924EC4F9AE02.roa (hash: hSO23qhSJreuhOLk9R8p+4DtFYxsss4sjYdKljRJK2k=) 3: 6E3B1338F41211E9AAF5924EC4F9AE02.roa (hash: 7iLE2NbcVEE13k7k5xb5wiFVYhBSAES33qNPZQmTZqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:14:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3278 (0xcce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171B1A, serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611 Validity Not Before: Aug 22 18:14:40 2025 GMT Not After : Aug 29 18:14:40 2025 GMT Subject: CN=68a8b391-06d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:8a:c7:85:31:2e:82:ad:a6:bc:fc:00:59:6c: bf:da:5c:cb:d7:9b:4a:d6:0a:2c:cb:59:3d:14:8a: 77:f2:87:07:4b:39:83:3e:8f:86:2a:64:b8:5c:18: fe:2a:53:59:de:e3:38:35:20:05:0c:ca:92:5f:b8: 39:47:c6:e8:b3:9a:56:ed:ea:eb:f7:c7:70:49:e8: a3:4e:20:9a:9b:79:58:d2:42:41:77:d6:a3:22:e9: 03:42:c1:62:14:48:c6:3e:a4:68:2b:11:35:98:a9: a5:73:e8:82:5b:c2:be:f1:77:ac:d8:54:83:b0:59: 58:2f:f7:53:07:38:5b:a5:b8:c0:93:1d:e7:b8:2a: 5e:b9:c8:47:7a:cd:e2:a6:f9:91:f8:14:72:60:b1: 30:0d:f1:ca:ed:80:78:6d:0a:a4:08:03:5e:bd:bc: 64:c7:e3:76:f7:8d:7b:fc:a1:be:51:4e:d7:31:87: 57:aa:c1:49:43:89:ec:2f:a7:ef:c5:50:d7:fa:4a: 62:55:ad:87:ad:12:49:2a:da:5a:fd:0e:87:14:42: 54:71:5f:fc:a1:68:a4:bb:f4:46:16:37:de:15:8c: 8f:41:db:3e:f6:19:4f:69:88:bd:d0:02:53:61:eb: 7a:a5:df:81:58:e2:41:49:dd:ed:9e:7a:f6:cc:cf: 77:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:68:97:2A:B6:83:C5:45:DD:3E:ED:90:67:AB:1D:92:FD:6D:0C:25 X509v3 Authority Key Identifier: keyid:91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:94:d2:08:69:a0:8c:3c:9c:75:6b:1e:39:ff:cc:40:4c:e9: c5:b1:73:49:ea:65:d4:28:20:cd:10:85:43:71:6d:22:37:f1: c7:4b:37:f7:26:56:54:1f:c7:98:43:c6:6d:cd:73:1c:6c:2a: 22:b2:bb:9b:83:a7:52:a3:86:97:a0:f7:03:7e:d4:b2:52:01: 32:22:d0:4b:e2:6d:cb:4b:bc:48:24:80:0c:01:9b:94:a0:10: 01:e6:1e:85:2d:15:2f:28:b2:b4:d7:13:17:83:8e:56:d7:e6: 0e:b8:13:46:f1:21:3c:8c:72:62:bd:90:f6:bc:74:84:9e:e8: eb:ec:9d:0c:77:bc:a6:17:54:8d:6b:33:9f:62:b9:21:58:46: e2:3c:7e:90:15:e9:cc:9a:6c:49:d6:3b:b0:8d:cc:8b:97:44: 48:d9:05:88:a6:c4:10:c4:e0:32:63:88:c6:19:40:89:39:71: 59:4e:34:00:ce:36:18:86:48:89:74:56:62:11:73:c6:49:14: 7f:eb:a3:40:19:4b:69:9c:56:dd:c9:5d:60:04:0b:82:b6:e2: 65:7b:b0:44:ae:9c:0e:42:b3:38:0c:6b:50:8d:d2:07:d4:b3: 20:4f:e4:20:db:1d:27:cf:e8:9a:9a:46:52:e8:40:3b:4a:ad: 59:c2:0c:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFCMUExMTAvBgNVBAUTKDkxOEU3Mjg5RTI4QzFBNDkyMkEyM0NCNTY1QkQ4MjFC N0UyMEE2MTEwHhcNMjUwODIyMTgxNDQwWhcNMjUwODI5MTgxNDQwWjAYMRYwFAYD VQQDEw02OGE4YjM5MS0wNmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5YrHhTEugq2mvPwAWWy/2lzL15tK1gosy1k9FIp38ocHSzmDPo+GKmS4XBj+ KlNZ3uM4NSAFDMqSX7g5R8bos5pW7err98dwSeijTiCam3lY0kJBd9ajIukDQsFi FEjGPqRoKxE1mKmlc+iCW8K+8Xes2FSDsFlYL/dTBzhbpbjAkx3nuCpeuchHes3i pvmR+BRyYLEwDfHK7YB4bQqkCANevbxkx+N29417/KG+UU7XMYdXqsFJQ4nsL6fv xVDX+kpiVa2HrRJJKtpa/Q6HFEJUcV/8oWiku/RGFjfeFYyPQds+9hlPaYi90AJT Yet6pd+BWOJBSd3tnnr2zM93sQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFINolyq2 g8VF3T7tkGerHZL9bQwlMB8GA1UdIwQYMBaAFJGOconijBpJIqI8tWW9ght+IKYR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUIxQS81MUZGQzRFNEY0 MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdra2lvankxWmIyQ0czNGdw aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tZNXlpZUtNR2traW9qeTFaYjJDRzM0Z3BoRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUIxQS81MUZGQzRFNEY0MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdr a2lvankxWmIyQ0czNGdwaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwlNIIaaCMPJx1ax45/8xATOnFsXNJ6mXUKCDNEIVDcW0iN/HHSzf3 JlZUH8eYQ8ZtzXMcbCoisrubg6dSo4aXoPcDftSyUgEyItBL4m3LS7xIJIAMAZuU oBAB5h6FLRUvKLK01xMXg45W1+YOuBNG8SE8jHJivZD2vHSEnujr7J0Md7ymF1SN azOfYrkhWEbiPH6QFenMmmxJ1juwjcyLl0RI2QWIpsQQxOAyY4jGGUCJOXFZTjQA zjYYhkiJdFZiEXPGSRR/66NAGUtpnFbdyV1gBAuCtuJle7BErpwOQrM4DGtQjdIH 1LMgT+Qg2x0nz+iamkZS6EA7Sq1ZwgwN -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:27 2025 by rpki-client