$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA053/8720305E449911EFBAC67153C4F9AE02/yod6eu8duwRWSH9h_uaZNjdUHl0.mft File: yod6eu8duwRWSH9h_uaZNjdUHl0.mft (raw, json) Hash identifier: 3VrNpCp9KtBpRctJEVLSMGTewauPqundT7YTsVOuu8Y= Subject key identifier: 5B:AE:F5:A4:F6:DA:84:DA:B1:AB:3F:9A:99:D3:76:49:F5:C4:74:83 Authority key identifier: CA:87:7A:7A:EF:1D:BB:04:56:48:7F:61:FE:E6:99:36:37:54:1E:5D Certificate issuer: /CN=A91AA053/serialNumber=CA877A7AEF1DBB0456487F61FEE6993637541E5D Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yod6eu8duwRWSH9h_uaZNjdUHl0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA053/8720305E449911EFBAC67153C4F9AE02/yod6eu8duwRWSH9h_uaZNjdUHl0.mft Manifest number: D0 Signing time: Fri 22 Aug 2025 21:48:56 +0000 Manifest this update: Fri 22 Aug 2025 21:48:55 +0000 Manifest next update: Fri 29 Aug 2025 21:48:55 +0000 Files and hashes: 1: yod6eu8duwRWSH9h_uaZNjdUHl0.crl (hash: pVv1cMReLbIS/Up2rFANdypobW8Y8dDm6WNphnWYM1w=) 2: E098BB864FA311F0B96FBA3DC4F9AE02.roa (hash: C+d1LQ7j4suoEMqt6jmxPLK9+SyxrHsAW+pg0qKDarw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA053/8720305E449911EFBAC67153C4F9AE02/yod6eu8duwRWSH9h_uaZNjdUHl0.crl rsync://rpki.apnic.net/member_repository/A91AA053/8720305E449911EFBAC67153C4F9AE02/yod6eu8duwRWSH9h_uaZNjdUHl0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yod6eu8duwRWSH9h_uaZNjdUHl0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:48:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA053, serialNumber=CA877A7AEF1DBB0456487F61FEE6993637541E5D Validity Not Before: Aug 22 21:48:55 2025 GMT Not After : Aug 29 21:48:55 2025 GMT Subject: CN=68a8e5c7-2170 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:85:b7:40:ab:96:4a:ea:9b:aa:43:e5:32:7d: ac:e8:8d:07:90:d6:e3:d4:70:e8:ad:4f:3b:5f:94: ac:fe:b7:4f:61:fb:25:27:0d:08:57:99:0d:8a:42: 0b:9a:34:a0:3a:39:eb:ac:5a:93:6f:85:1b:de:5f: b8:2f:ff:ce:53:98:b4:70:55:13:2e:00:2b:e5:4e: 30:9d:c5:c8:20:f9:5f:ad:2f:50:a7:f0:c5:1f:3b: 74:4f:83:82:ea:4d:10:6a:30:15:2c:1c:51:83:51: 7d:91:e6:50:d4:8e:12:bf:ca:3b:90:57:89:63:c6: 55:dd:78:a2:b6:54:34:7a:12:2d:a9:df:93:9d:95: 21:8e:56:4b:0e:fe:5a:61:4c:88:e0:c1:d6:f8:1c: 25:44:b3:f6:ca:3e:09:32:95:de:6c:1c:4d:5f:b7: a3:da:8d:21:a1:89:12:b3:40:88:6a:ae:80:ef:12: 1d:8d:8e:b8:26:82:1d:4d:93:d7:7b:1a:1d:ad:ab: 1b:5d:62:20:76:fb:c3:3a:98:61:e4:c2:bc:8b:18: 18:d0:b5:3f:a3:02:91:ea:e3:86:6a:8f:46:17:15: 33:2d:85:2a:2a:24:49:3c:2d:f7:f2:a5:93:a3:6a: ce:51:4a:89:e4:24:43:01:99:8f:44:25:36:05:b1: fe:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:AE:F5:A4:F6:DA:84:DA:B1:AB:3F:9A:99:D3:76:49:F5:C4:74:83 X509v3 Authority Key Identifier: keyid:CA:87:7A:7A:EF:1D:BB:04:56:48:7F:61:FE:E6:99:36:37:54:1E:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA053/8720305E449911EFBAC67153C4F9AE02/yod6eu8duwRWSH9h_uaZNjdUHl0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yod6eu8duwRWSH9h_uaZNjdUHl0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA053/8720305E449911EFBAC67153C4F9AE02/yod6eu8duwRWSH9h_uaZNjdUHl0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:b6:4f:a1:e1:b6:87:51:cd:d0:50:6d:df:e2:89:a4:e0:cb: ea:da:8f:6f:17:a6:e5:ef:be:5d:94:71:54:ee:71:e6:9f:58: 83:27:8c:84:31:10:d2:22:bb:12:ad:a7:88:91:a9:a3:46:c4: 8e:c5:44:3d:8d:5b:c6:16:dc:9e:ec:33:4b:b7:fc:86:a8:db: db:a1:dd:26:10:b3:50:5d:f9:48:bc:04:05:e1:b9:10:36:48: 35:02:55:3c:83:a9:ba:56:54:2a:e9:6d:97:e9:0f:c8:7b:98: d6:76:26:93:a1:18:3b:f7:ab:49:4d:5a:c3:f6:f6:17:e0:84: 19:a6:16:6d:c5:97:69:83:84:89:df:f6:17:ad:9d:ab:e5:cf: ff:6e:77:0d:bb:17:9c:47:a5:8c:62:59:e0:96:b6:c0:6c:8f: ae:5a:52:88:ee:5e:43:19:10:af:07:20:a8:62:04:41:e9:cd: 0a:ff:3a:55:54:dd:aa:c8:f0:c8:90:7f:dd:77:0e:66:97:ba: 95:b2:77:dd:0b:56:d9:b7:c4:ec:23:e1:85:dd:40:75:50:ed: 30:f9:d0:40:29:0f:a6:e4:5b:0a:ca:99:5a:e1:d8:a1:c4:f0: e7:a5:21:af:34:e1:3f:d7:89:3b:57:05:93:dc:62:59:6f:78: 48:28:8b:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEwNTMxMTAvBgNVBAUTKENBODc3QTdBRUYxREJCMDQ1NjQ4N0Y2MUZFRTY5OTM2 Mzc1NDFFNUQwHhcNMjUwODIyMjE0ODU1WhcNMjUwODI5MjE0ODU1WjAYMRYwFAYD VQQDEw02OGE4ZTVjNy0yMTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvoW3QKuWSuqbqkPlMn2s6I0HkNbj1HDorU87X5Ss/rdPYfslJw0IV5kNikIL mjSgOjnrrFqTb4Ub3l+4L//OU5i0cFUTLgAr5U4wncXIIPlfrS9Qp/DFHzt0T4OC 6k0QajAVLBxRg1F9keZQ1I4Sv8o7kFeJY8ZV3XiitlQ0ehItqd+TnZUhjlZLDv5a YUyI4MHW+BwlRLP2yj4JMpXebBxNX7ej2o0hoYkSs0CIaq6A7xIdjY64JoIdTZPX exodrasbXWIgdvvDOphh5MK8ixgY0LU/owKR6uOGao9GFxUzLYUqKiRJPC338qWT o2rOUUqJ5CRDAZmPRCU2BbH+ywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFuu9aT2 2oTasas/mpnTdkn1xHSDMB8GA1UdIwQYMBaAFMqHenrvHbsEVkh/Yf7mmTY3VB5d MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTA1My84NzIwMzA1RTQ0 OTkxMUVGQkFDNjcxNTNDNEY5QUUwMi95b2Q2ZXU4ZHV3UldTSDloX3VhWk5qZFVI bDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3lvZDZldThkdXdSV1NIOWhfdWFaTmpkVUhsMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTA1My84NzIwMzA1RTQ0OTkxMUVGQkFDNjcxNTNDNEY5QUUwMi95b2Q2ZXU4ZHV3 UldTSDloX3VhWk5qZFVIbDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEtk+h4baHUc3QUG3f4omk4Mvq2o9vF6bl775dlHFU7nHmn1iDJ4yE MRDSIrsSraeIkamjRsSOxUQ9jVvGFtye7DNLt/yGqNvbod0mELNQXflIvAQF4bkQ Nkg1AlU8g6m6VlQq6W2X6Q/Ie5jWdiaToRg796tJTVrD9vYX4IQZphZtxZdpg4SJ 3/YXrZ2r5c//bncNuxecR6WMYlnglrbAbI+uWlKI7l5DGRCvByCoYgRB6c0K/zpV VN2qyPDIkH/ddw5ml7qVsnfdC1bZt8TsI+GF3UB1UO0w+dBAKQ+m5FsKypla4dih xPDnpSGvNOE/14k7VwWT3GJZb3hIKItE -----END CERTIFICATE-----Generated at Sat Aug 23 12:43:16 2025 by rpki-client