$ rpki-client -vvf rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.mft File: DYtx2GteICkzvLAqW210CSpSoXw.mft (raw, json) Hash identifier: 23BNfrgVdbVx8sfoybHV3CbPZk2kDCq36o38kmA9Ok4= Subject key identifier: 7D:B1:DB:0F:CE:11:24:44:D6:35:C1:BB:47:7E:6B:CD:5D:DE:07:FE Authority key identifier: 0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C Certificate issuer: /CN=A91A395C/serialNumber=0D8B71D86B5E202933BCB02A5B6D74092A52A17C Certificate serial: 3501 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.mft Manifest number: 34D3 Signing time: Fri 22 Aug 2025 14:51:58 +0000 Manifest this update: Fri 22 Aug 2025 14:51:58 +0000 Manifest next update: Fri 29 Aug 2025 14:51:58 +0000 Files and hashes: 1: DYtx2GteICkzvLAqW210CSpSoXw.crl (hash: ki5eLMnwLs8I2PkoEeISZlzPqaQiG0FIocAWyRpmGis=) 2: 991EB004BE8511EE960E5082C4F9AE02.roa (hash: IR/fxoozFicSxIrUXHGZXGMAUroK6RP4wvdk7z4PV7A=) 3: 9B71FEB0593F11EA9F9FA238C4F9AE02.roa (hash: XQCwNi2PZQw3HwB0S22xbUukUjh1gRPdN0DptoUSl6Q=) 4: D56D9FD87E8711EC9A928B6AC4F9AE02.roa (hash: MzFm0njK9GauK3PVGzL0I/Klqbd6ft5wJ9/podujw/8=) 5: 9A2B0DE4593F11EA9F9FA238C4F9AE02.roa (hash: jv97nGJvaH0WKHe7n31vkT3MMMbNqFjpDhhexD6X6+Q=) 6: 65552C3AE8D411ED8D0FAD45C4F9AE02.roa (hash: ifJGYL5q49BedEWwURROMxMLmQuzo6sd4i9VU7gjPWk=) 7: 3DBC186C5AD611EF85A4557BC4F9AE02.roa (hash: crg/ljxSxvSurizJ6VoDNQFMCKyOAKHsQIWFOorvrvI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.crl rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:51:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13569 (0x3501) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A395C, serialNumber=0D8B71D86B5E202933BCB02A5B6D74092A52A17C Validity Not Before: Aug 22 14:51:58 2025 GMT Not After : Aug 29 14:51:58 2025 GMT Subject: CN=68a8840e-9238 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:82:96:40:bc:64:bf:6a:32:86:0b:24:7b:be: 0a:f6:84:09:e7:cb:8a:48:79:74:3a:34:ee:79:e8: 9a:7a:eb:b1:23:ae:27:17:e3:f2:f9:14:a9:b2:86: 9d:c4:b8:0d:1b:8d:a0:9b:bd:48:e9:35:47:58:c3: 31:c9:6b:c3:d6:6f:c3:4f:75:f0:f9:66:42:53:df: 09:58:7f:13:64:0a:00:9e:8e:32:ce:e2:99:af:e6: 0d:d0:1f:5e:99:fd:9f:0e:38:4b:5a:ba:66:b7:78: e9:f9:61:ff:7f:9f:e9:e6:87:b6:e7:a8:f8:16:a8: 33:d9:c6:50:33:71:41:5d:31:e2:0e:3f:2e:b8:05: a3:71:1f:b0:75:5a:b3:2d:b9:ff:03:af:be:4d:db: f9:23:4b:92:69:f1:78:a5:21:10:73:3a:f4:62:d7: ad:62:06:2a:c1:ab:94:af:77:f1:a8:4a:57:64:83: 11:09:a8:6c:7e:4f:2e:91:1c:33:a7:a5:84:06:8e: ab:58:d3:59:a5:c1:16:be:de:88:f4:69:70:c7:0a: 7c:26:5a:26:ef:d9:00:f1:6d:f4:65:0d:83:f9:7c: bc:83:35:1f:24:f7:e0:ac:58:62:f8:8b:98:03:0a: a3:b9:a9:00:f2:1d:25:d2:bc:bb:23:71:61:9d:65: 9c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:B1:DB:0F:CE:11:24:44:D6:35:C1:BB:47:7E:6B:CD:5D:DE:07:FE X509v3 Authority Key Identifier: keyid:0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:67:0c:02:37:8d:aa:0e:04:ee:56:50:75:91:92:5f:3f:74: 6c:9b:74:68:3b:1a:d9:43:dc:e9:d8:49:50:82:80:0c:18:c9: 28:53:97:14:85:85:06:3e:d6:08:23:ad:7c:7e:8e:2e:01:8f: e7:bb:e4:db:4e:9e:b7:6e:00:d8:3f:f9:fe:bd:45:ed:60:84: 34:98:49:f6:77:c1:79:66:a4:57:18:24:41:b7:be:49:b3:de: 57:52:7c:b7:fb:fc:5e:eb:9f:77:28:aa:52:12:a6:c9:7d:b2: 2c:93:8b:cf:03:ba:79:41:be:7b:8e:69:4e:39:7f:82:3f:5b: 2e:73:07:5e:5c:26:5b:fd:35:59:e3:a0:23:4e:2a:61:f0:da: 29:c5:0d:f4:b1:4d:eb:60:8c:3a:3b:5f:5d:10:d4:b6:30:ad: 80:95:81:16:b0:fa:0f:3c:70:84:06:2e:f8:8b:76:f4:67:9f: 5c:2f:74:c0:46:67:17:15:43:7e:c6:cc:db:ee:32:95:08:e6: 35:33:da:0b:ba:94:ea:fe:0b:2d:a6:14:19:25:ee:e3:c8:e9: 00:42:d9:33:99:32:86:52:10:55:19:a4:8f:a2:1a:cc:71:16: e7:90:a6:f3:c0:3c:bf:03:b2:b3:32:d1:ee:06:47:b9:d3:f0: 97:b1:24:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM5NUMxMTAvBgNVBAUTKDBEOEI3MUQ4NkI1RTIwMjkzM0JDQjAyQTVCNkQ3NDA5 MkE1MkExN0MwHhcNMjUwODIyMTQ1MTU4WhcNMjUwODI5MTQ1MTU4WjAYMRYwFAYD VQQDEw02OGE4ODQwZS05MjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4IKWQLxkv2oyhgske74K9oQJ58uKSHl0OjTueeiaeuuxI64nF+Py+RSpsoad xLgNG42gm71I6TVHWMMxyWvD1m/DT3Xw+WZCU98JWH8TZAoAno4yzuKZr+YN0B9e mf2fDjhLWrpmt3jp+WH/f5/p5oe256j4Fqgz2cZQM3FBXTHiDj8uuAWjcR+wdVqz Lbn/A6++Tdv5I0uSafF4pSEQczr0YtetYgYqwauUr3fxqEpXZIMRCahsfk8ukRwz p6WEBo6rWNNZpcEWvt6I9Glwxwp8Jlom79kA8W30ZQ2D+Xy8gzUfJPfgrFhi+IuY AwqjuakA8h0l0ry7I3FhnWWcCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH2x2w/O ESRE1jXBu0d+a81d3gf+MB8GA1UdIwQYMBaAFA2LcdhrXiApM7ywKlttdAkqUqF8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzk1Qy9CQjM0MTdDMDFE OTYxMUUyQjhCQjgyN0YwOEIwMkNEMi9EWXR4Mkd0ZUlDa3p2TEFxVzIxMENTcFNv WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RZdHgyR3RlSUNrenZMQXFXMjEwQ1NwU29Ydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Mzk1Qy9CQjM0MTdDMDFEOTYxMUUyQjhCQjgyN0YwOEIwMkNEMi9EWXR4Mkd0ZUlD a3p2TEFxVzIxMENTcFNvWHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChZwwCN42qDgTuVlB1kZJfP3Rsm3RoOxrZQ9zp2ElQgoAMGMkoU5cU hYUGPtYII618fo4uAY/nu+TbTp63bgDYP/n+vUXtYIQ0mEn2d8F5ZqRXGCRBt75J s95XUny3+/xe6593KKpSEqbJfbIsk4vPA7p5Qb57jmlOOX+CP1sucwdeXCZb/TVZ 46AjTiph8NopxQ30sU3rYIw6O19dENS2MK2AlYEWsPoPPHCEBi74i3b0Z59cL3TA RmcXFUN+xszb7jKVCOY1M9oLupTq/gstphQZJe7jyOkAQtkzmTKGUhBVGaSPohrM cRbnkKbzwDy/A7KzMtHuBke50/CXsSQe -----END CERTIFICATE-----Generated at Sun Aug 24 00:36:48 2025 by rpki-client