$ rpki-client -vvf rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft File: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft (raw, json) Hash identifier: ANT97CoXSqZKv4sABNHA9GHeXjczmg4nHC2lHI3MMfY= Subject key identifier: F7:3E:CE:0A:40:83:21:12:EE:65:2A:57:0F:AF:A3:F6:47:DE:B7:69 Authority key identifier: CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 Certificate issuer: /CN=A919B5BB/serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Certificate serial: 2101 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft Manifest number: 20F5 Signing time: Fri 22 Aug 2025 15:59:37 +0000 Manifest this update: Fri 22 Aug 2025 15:59:36 +0000 Manifest next update: Fri 29 Aug 2025 15:59:36 +0000 Files and hashes: 1: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl (hash: YmSDwv1mS0B3BJbuFtWU71uVvScqbmUxhozlhQbpDiE=) 2: C49E2E22FF0111E591C15659C4F9AE02.roa (hash: oBzh3F7vXr0+lbZGHQqiGoRJzyM9Q1R1dON0koDXQXQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:59:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8449 (0x2101) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B5BB, serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Validity Not Before: Aug 22 15:59:36 2025 GMT Not After : Aug 29 15:59:36 2025 GMT Subject: CN=68a893e8-4fdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7a:08:62:30:94:b5:eb:77:6b:7f:2e:29:84: 8c:ab:58:e9:90:47:cf:2e:9e:71:82:68:9e:f6:98: be:07:8c:71:4d:a7:c1:d2:33:63:38:33:4a:df:6f: d7:ea:69:9c:d4:c8:c9:10:c6:a3:11:81:27:f6:a8: 97:b2:a6:48:e2:86:14:80:e6:4b:ff:65:42:51:8d: 3e:2f:16:02:d5:e7:1d:f5:1e:20:2c:36:46:e5:50: 9d:35:44:d4:da:06:55:b1:4c:55:34:4d:c4:cf:01: e8:18:c0:61:77:41:f0:00:72:f2:91:49:2e:c9:d1: 2c:32:c1:a2:2f:93:c4:30:c8:2c:7c:fc:fb:b3:7d: d2:c8:01:c8:62:97:14:c5:76:ed:7a:d2:33:87:45: d8:b6:37:cf:e6:f7:f5:a4:70:47:95:f8:3a:f9:84: 8b:dc:42:91:61:2b:8e:74:ee:03:e8:dd:22:d1:b3: 8a:e7:f0:c1:bb:73:73:b8:c9:1e:f8:99:2b:76:cd: b1:e1:7d:db:0c:48:f6:ce:a6:eb:c6:5c:58:0e:02: 7a:f6:81:42:b0:ca:5f:63:02:72:5b:0b:04:2c:51: 1c:5a:31:2f:fd:fa:73:c1:eb:6b:e7:bf:dc:0e:2c: c0:d1:55:ac:0e:89:05:d4:7d:69:9e:1f:07:ee:7b: a8:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:3E:CE:0A:40:83:21:12:EE:65:2A:57:0F:AF:A3:F6:47:DE:B7:69 X509v3 Authority Key Identifier: keyid:CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:99:17:01:19:43:b2:83:f3:b2:e4:c5:20:53:5b:e8:ab:36: 0e:87:30:d8:f7:02:11:bf:2b:80:3d:1a:32:34:7c:cd:79:2a: ec:4b:8b:03:41:cf:7b:1b:a4:0e:29:93:57:0a:74:a8:b8:32: dd:4f:5c:58:59:9e:3b:ac:b9:6e:42:d7:74:ea:5e:9d:98:98: 61:26:36:b1:70:ac:2f:0f:cb:53:1b:51:1d:15:29:35:c9:b5: d9:17:98:2f:95:90:a0:56:1c:da:71:32:72:3a:ec:ef:ae:99: 8d:e6:ed:e8:45:71:76:80:e3:0f:18:e5:1f:85:0c:1a:29:71: 83:c6:d3:c1:34:ee:ce:d1:b5:a6:59:b6:ac:2b:79:6a:53:41: f4:2f:40:bd:cd:e1:44:be:5d:93:8f:bc:da:d7:f2:dc:8d:16: e5:e0:31:72:05:a6:9f:b7:05:5e:ba:3d:27:da:76:13:e5:ef: 4a:4f:9d:67:30:e1:a0:cc:f7:da:d1:8d:2b:8a:86:d2:7a:56: bb:c2:fd:7c:1a:af:2e:6c:ce:27:8e:31:bf:2e:8b:c9:24:2d: 21:38:98:21:76:b8:18:38:7a:ad:b9:61:2c:1c:9f:06:d1:83: 77:7b:26:e8:e8:6d:2b:90:66:16:e6:a2:7e:b8:74:cd:44:d7: 27:a8:11:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUI1QkIxMTAvBgNVBAUTKENBQzQ0NzhGMEZERDlBRTQxRTI0RTlGQzY3Rjg1MUZG NDNDMzMzMDkwHhcNMjUwODIyMTU1OTM2WhcNMjUwODI5MTU1OTM2WjAYMRYwFAYD VQQDEw02OGE4OTNlOC00ZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv3oIYjCUtet3a38uKYSMq1jpkEfPLp5xgmie9pi+B4xxTafB0jNjODNK32/X 6mmc1MjJEMajEYEn9qiXsqZI4oYUgOZL/2VCUY0+LxYC1ecd9R4gLDZG5VCdNUTU 2gZVsUxVNE3EzwHoGMBhd0HwAHLykUkuydEsMsGiL5PEMMgsfPz7s33SyAHIYpcU xXbtetIzh0XYtjfP5vf1pHBHlfg6+YSL3EKRYSuOdO4D6N0i0bOK5/DBu3NzuMke +Jkrds2x4X3bDEj2zqbrxlxYDgJ69oFCsMpfYwJyWwsELFEcWjEv/fpzwetr57/c DizA0VWsDokF1H1pnh8H7nuoLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPc+zgpA gyES7mUqVw+vo/ZH3rdpMB8GA1UdIwQYMBaAFMrER48P3ZrkHiTp/Gf4Uf9DwzMJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjVCQi80NEJCQzE0Q0ZG MDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11UWVKT244Wl9oUl8wUERN d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzUkhqd19kbXVRZUpPbjhaX2hSXzBQRE13ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QjVCQi80NEJCQzE0Q0ZGMDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11 UWVKT244Wl9oUl8wUERNd2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/mRcBGUOyg/Oy5MUgU1voqzYOhzDY9wIRvyuAPRoyNHzNeSrsS4sD Qc97G6QOKZNXCnSouDLdT1xYWZ47rLluQtd06l6dmJhhJjaxcKwvD8tTG1EdFSk1 ybXZF5gvlZCgVhzacTJyOuzvrpmN5u3oRXF2gOMPGOUfhQwaKXGDxtPBNO7O0bWm WbasK3lqU0H0L0C9zeFEvl2Tj7za1/LcjRbl4DFyBaaftwVeuj0n2nYT5e9KT51n MOGgzPfa0Y0riobSela7wv18Gq8ubM4njjG/LovJJC0hOJghdrgYOHqtuWEsHJ8G 0YN3eybo6G0rkGYW5qJ+uHTNRNcnqBFd -----END CERTIFICATE-----Generated at Sat Aug 23 16:09:45 2025 by rpki-client