$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft File: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft (raw, json) Hash identifier: abDMr77cWGkSo1+Ljqa6gGNaISBRiNWDbf1+NSsXSYU= Subject key identifier: 18:36:5D:DA:16:D4:F0:1D:E8:02:85:19:72:F8:A2:8A:EB:88:31:B6 Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Certificate serial: 04A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft Manifest number: 0489 Signing time: Thu 03 Jul 2025 00:22:22 +0000 Manifest this update: Thu 03 Jul 2025 00:22:21 +0000 Manifest next update: Thu 10 Jul 2025 00:22:21 +0000 Files and hashes: 1: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl (hash: 5ZfpY1pObKkAlj2+SxWnAYGwfG26nyGEprJCyLMfKdU=) 2: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (hash: 4by10ick3aOPoEwL9MxmYZych/O61DB95JCCfpjs2l0=) 3: 52B98FDA46AF11ECB113AA4BC4F9AE02.roa (hash: zdWwyK62ezTqtldMx3AFhd08v1ee56JEEEGh/b+1bK8=) 4: 35A2418C45AE11ECB857890EC4F9AE02.roa (hash: yt5ul2v37If2OMAgvwlcXNvNlpOeU9vk4N82gRjp7ro=) 5: 9896BA2EB6DE11EC8DB17172C4F9AE02.roa (hash: tkC8VFhPaMMB7xHukmlTC8vVY5Lai1noTB/JDIdLAEc=) 6: 351AC73E45AE11ECB857890EC4F9AE02.roa (hash: ofwlwfDv/f2slgSdPa6hT78BUtn3LBZ837QvOITSXas=) 7: 346A2B4045AE11ECB857890EC4F9AE02.roa (hash: y6Yo94bVO58GlNbuqBWAfuC5sCH6iiyxweKo6sloNrk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:22:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1186 (0x4a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4357, serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Validity Not Before: Jul 3 00:22:21 2025 GMT Not After : Jul 10 00:22:21 2025 GMT Subject: CN=6865cd3e-d508 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b3:6e:9f:05:48:1d:78:f6:4b:d1:18:65:62: cc:59:c7:7d:cb:d3:d1:94:d6:99:f4:84:49:d8:fc: a4:80:f3:8d:dd:04:a4:a9:65:60:a2:a2:6e:bc:1e: 9a:e0:e4:e3:c6:34:7e:ac:3c:f6:07:5e:74:c8:87: 65:9f:47:af:a0:f6:f7:cd:a2:e7:9f:e9:d7:fc:80: 57:be:8c:fb:08:dc:0d:f4:47:e1:50:db:78:63:65: 07:eb:85:2e:c8:61:1a:e9:37:92:b9:6a:d7:a7:83: 53:2d:58:ee:34:a5:2d:f8:f2:ac:72:88:6f:f2:f7: e5:4b:02:6c:08:a2:9f:9f:e2:5a:b9:43:15:ac:98: 69:58:e4:df:d2:0c:45:73:18:9e:e1:be:91:d4:e3: 57:df:e3:9e:ca:9c:9f:1c:4f:60:3b:d8:28:1b:0c: 53:75:ca:c6:5e:2f:48:3a:3d:74:3c:81:5b:d1:57: c4:bd:52:d3:f0:4a:4b:87:62:f2:a4:b0:e3:5d:69: 8e:3d:3b:7d:58:56:52:17:1b:32:4e:03:fe:ed:37: 08:f0:ba:1c:1b:72:48:95:27:28:f6:b7:14:34:66: cf:1c:10:79:a7:14:6c:e5:9c:d6:69:b7:b6:81:b9: 71:f9:98:28:dc:57:10:4c:3b:06:75:7b:d2:cd:cf: 6d:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:36:5D:DA:16:D4:F0:1D:E8:02:85:19:72:F8:A2:8A:EB:88:31:B6 X509v3 Authority Key Identifier: keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:91:6b:c5:ba:e7:b5:56:fe:b8:42:b8:7e:be:49:ce:c2:ff: b0:47:27:b3:a9:5f:05:24:49:6e:9f:ff:b7:8c:fa:fd:29:f6: 01:0c:3b:3b:be:c2:f8:18:30:73:fb:e9:0f:0e:da:e5:9a:dd: ce:a3:db:f7:9b:49:ef:b4:fb:da:51:12:eb:e7:60:f2:86:42: 7c:92:fa:ac:6f:5a:34:fb:6e:d5:bb:06:e7:3d:ff:b6:43:d6: 25:1e:77:24:00:2c:55:84:49:83:6a:8f:a2:44:46:ce:6d:92: 70:90:eb:ad:02:ca:df:25:cc:3b:b8:e6:16:09:b9:33:fd:ee: 37:98:31:40:be:18:20:37:95:60:b3:51:43:4c:c7:ee:4d:c6: 0b:19:f1:93:83:cd:4f:f6:b2:b0:25:dc:13:57:da:b5:ef:27: 47:d0:8c:c0:2e:1e:b3:f5:de:08:64:7e:89:09:47:8e:4e:2e: 9d:bb:1a:dd:6f:04:61:81:48:66:6f:24:6b:87:ee:a8:1d:5a: 8f:ca:42:fa:01:80:10:73:fd:fe:71:23:b5:8f:fb:04:f7:54: 3b:9f:9f:d5:8c:de:4d:98:80:fc:e1:be:d6:4d:49:23:ab:26: 01:6f:ff:98:e0:2f:7b:7e:b0:55:0b:c1:31:76:58:18:b3:40: 95:a1:ce:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB RDYxNjk3MUEwHhcNMjUwNzAzMDAyMjIxWhcNMjUwNzEwMDAyMjIxWjAYMRYwFAYD VQQDEw02ODY1Y2QzZS1kNTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7NunwVIHXj2S9EYZWLMWcd9y9PRlNaZ9IRJ2PykgPON3QSkqWVgoqJuvB6a 4OTjxjR+rDz2B150yIdln0evoPb3zaLnn+nX/IBXvoz7CNwN9EfhUNt4Y2UH64Uu yGEa6TeSuWrXp4NTLVjuNKUt+PKscohv8vflSwJsCKKfn+JauUMVrJhpWOTf0gxF cxie4b6R1ONX3+OeypyfHE9gO9goGwxTdcrGXi9IOj10PIFb0VfEvVLT8EpLh2Ly pLDjXWmOPTt9WFZSFxsyTgP+7TcI8LocG3JIlSco9rcUNGbPHBB5pxRs5ZzWabe2 gblx+Zgo3FcQTDsGdXvSzc9tTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBg2XdoW 1PAd6AKFGXL4oorriDG2MB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1 QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDM1Ny9CODRCMTBFQzQ1QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJY bVQ2TmdibjVlWTJ0WVdseG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCykWvFuue1Vv64Qrh+vknOwv+wRyezqV8FJElun/+3jPr9KfYBDDs7 vsL4GDBz++kPDtrlmt3Oo9v3m0nvtPvaURLr52DyhkJ8kvqsb1o0+27VuwbnPf+2 Q9YlHnckACxVhEmDao+iREbObZJwkOutAsrfJcw7uOYWCbkz/e43mDFAvhggN5Vg s1FDTMfuTcYLGfGTg81P9rKwJdwTV9q17ydH0IzALh6z9d4IZH6JCUeOTi6duxrd bwRhgUhmbyRrh+6oHVqPykL6AYAQc/3+cSO1j/sE91Q7n5/VjN5NmID84b7WTUkj qyYBb/+Y4C97frBVC8ExdlgYs0CVoc7R -----END CERTIFICATE-----Generated at Fri Jul 4 10:22:12 2025 by rpki-client