$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft File: YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft (raw, json) Hash identifier: xA2WTgcLgm5N++AlsA2Kt9rNQW6Tc3VquTh9KPxYzUY= Subject key identifier: C5:01:CB:D1:CE:9C:01:F5:4B:97:FF:92:88:56:02:0C:F0:C0:E9:5C Authority key identifier: 61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 Certificate issuer: /CN=A91A1CAA/serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Certificate serial: 011F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft Manifest number: 011C Signing time: Sat 23 Aug 2025 04:56:54 +0000 Manifest this update: Sat 23 Aug 2025 04:56:54 +0000 Manifest next update: Sat 30 Aug 2025 04:56:53 +0000 Files and hashes: 1: YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl (hash: 2K0B9rCgJ6F6WbrmLmFfM8gNdMph+mw2osdFeIdUcy0=) 2: E75FB4F0CE4A11EE95C15E20C4F9AE02.roa (hash: utq11zi2cO+ldR8mXOv++lb25ZgD5tUSUW03iRiwBL0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:56:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 287 (0x11f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1CAA, serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Validity Not Before: Aug 23 04:56:54 2025 GMT Not After : Aug 30 04:56:53 2025 GMT Subject: CN=68a94a16-068c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:26:cc:95:42:da:c6:60:0f:ca:4f:91:0d:b5: cd:93:1a:a8:ad:d2:af:f7:4e:d7:16:87:4d:9b:63: 74:18:59:1d:2a:bb:b7:a0:82:17:32:a1:f5:64:21: b3:fc:c5:c6:51:26:9a:09:09:15:ef:44:f8:c9:93: 06:38:78:01:89:ce:93:d2:18:7e:4c:71:39:c6:d2: de:7c:1d:c5:3d:12:aa:1d:19:6d:75:0e:ac:13:91: 43:51:9a:11:41:2e:62:0c:60:a3:00:e2:6e:5b:18: ba:67:72:b5:66:c1:02:1f:58:40:e0:33:51:4c:2c: 07:c4:dc:c8:ae:e9:b2:91:ee:30:8a:59:a8:0d:f3: 45:cd:7b:1e:0e:da:ff:8e:01:84:f5:e8:83:10:de: 69:d5:4a:c2:cf:5c:6f:d1:e3:45:f4:6d:f1:0a:f8: 2a:c5:9c:b9:10:45:36:a6:45:8e:3f:1a:86:15:13: 55:09:55:2e:e3:f3:30:98:88:bd:5c:8d:2c:4e:04: 96:f5:a8:95:c1:19:55:fd:0d:91:8d:99:ea:78:03: f0:e2:8b:67:48:1d:b8:c7:9e:78:c9:d1:92:7b:7a: 9a:ba:03:25:49:b9:df:95:e9:72:ce:d2:d2:7e:de: 26:19:42:60:a7:6c:5f:0a:0b:24:70:85:15:74:3c: 12:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:01:CB:D1:CE:9C:01:F5:4B:97:FF:92:88:56:02:0C:F0:C0:E9:5C X509v3 Authority Key Identifier: keyid:61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:3e:94:22:bf:d0:a6:1e:3f:13:53:eb:62:c0:ef:d9:ef:89: ee:5d:a4:58:14:3f:37:ad:9b:47:54:64:b2:ab:37:b6:f5:f2: 17:9e:dd:7d:d1:f9:9f:1c:ca:25:a0:1b:3a:c2:5c:97:db:0e: 23:67:75:fb:5f:e2:be:83:93:8d:0a:94:2b:d4:e4:27:b6:d0: b7:99:cb:1e:2f:31:fb:e3:c2:7a:cb:fd:dc:7f:5e:5f:3f:7a: 29:c3:2f:dc:9c:ce:79:4b:e0:93:f8:ba:fb:61:38:04:9d:8a: c0:2c:fe:e7:fd:93:c1:e9:66:a4:af:f5:79:55:3f:2c:3e:f3: 16:31:34:85:93:e7:7b:2d:e8:a3:3a:86:92:6b:da:ea:a1:dc: 48:60:17:dc:08:33:e3:f6:9c:9c:16:9e:87:1f:15:81:e6:d6: 14:69:07:64:15:73:bb:cf:7b:f7:10:82:dd:33:dc:dc:9b:85: c6:60:c8:54:0a:62:20:97:b3:a5:45:e4:70:1b:5d:13:8c:e7: 32:c7:bc:13:11:26:49:e9:c8:71:99:6e:49:75:75:fb:c0:ba: 4f:32:7e:22:89:ab:aa:d2:47:c4:41:b9:9c:8a:0c:45:d4:77: 46:bc:88:ed:76:47:5c:08:9d:8d:f5:93:6d:ac:73:90:6b:c2: 61:03:a6:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTFDQUExMTAvBgNVBAUTKDYxN0YwNTRFM0NFNDUxRTBDM0U3RjQ0NkREMDlGNzg2 NDY1MkI2NTYwHhcNMjUwODIzMDQ1NjU0WhcNMjUwODMwMDQ1NjUzWjAYMRYwFAYD VQQDEw02OGE5NGExNi0wNjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtibMlULaxmAPyk+RDbXNkxqordKv907XFodNm2N0GFkdKru3oIIXMqH1ZCGz /MXGUSaaCQkV70T4yZMGOHgBic6T0hh+THE5xtLefB3FPRKqHRltdQ6sE5FDUZoR QS5iDGCjAOJuWxi6Z3K1ZsECH1hA4DNRTCwHxNzIrumyke4wilmoDfNFzXseDtr/ jgGE9eiDEN5p1UrCz1xv0eNF9G3xCvgqxZy5EEU2pkWOPxqGFRNVCVUu4/MwmIi9 XI0sTgSW9aiVwRlV/Q2RjZnqeAPw4otnSB24x554ydGSe3qaugMlSbnflelyztLS ft4mGUJgp2xfCgskcIUVdDwSoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMUBy9HO nAH1S5f/kohWAgzwwOlcMB8GA1UdIwQYMBaAFGF/BU485FHgw+f0Rt0J94ZGUrZW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUNBQS84RTI3NUExRUNF NEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1VlREQ1X1JHM1FuM2hrWlN0 bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lYOEZUanprVWVERDVfUkczUW4zaGtaU3RsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MUNBQS84RTI3NUExRUNFNEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1Vl REQ1X1JHM1FuM2hrWlN0bFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXPpQiv9CmHj8TU+tiwO/Z74nuXaRYFD83rZtHVGSyqze29fIXnt19 0fmfHMoloBs6wlyX2w4jZ3X7X+K+g5ONCpQr1OQnttC3mcseLzH748J6y/3cf15f P3opwy/cnM55S+CT+Lr7YTgEnYrALP7n/ZPB6Wakr/V5VT8sPvMWMTSFk+d7Leij OoaSa9rqodxIYBfcCDPj9pycFp6HHxWB5tYUaQdkFXO7z3v3EILdM9zcm4XGYMhU CmIgl7OlReRwG10TjOcyx7wTESZJ6chxmW5JdXX7wLpPMn4iiauq0kfEQbmcigxF 1HdGvIjtdkdcCJ2N9ZNtrHOQa8JhA6YF -----END CERTIFICATE-----Generated at Sat Aug 23 20:18:16 2025 by rpki-client