$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft File: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft (raw, json) Hash identifier: IdXXtRzZJlUsPpECCw4WWNeAYjDimsmiRKanSa4BpLY= Subject key identifier: AF:3F:30:78:58:72:44:8E:A0:1B:64:91:68:ED:FD:DD:8C:57:70:78 Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Certificate serial: 04BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft Manifest number: 04A3 Signing time: Sat 23 Aug 2025 00:10:23 +0000 Manifest this update: Sat 23 Aug 2025 00:10:22 +0000 Manifest next update: Sat 30 Aug 2025 00:10:22 +0000 Files and hashes: 1: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl (hash: RwugMyT+97PiwxoUNtelQQlx5Kgwl81KwiwFXkrsh5M=) 2: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (hash: 4by10ick3aOPoEwL9MxmYZych/O61DB95JCCfpjs2l0=) 3: 52B98FDA46AF11ECB113AA4BC4F9AE02.roa (hash: zdWwyK62ezTqtldMx3AFhd08v1ee56JEEEGh/b+1bK8=) 4: 35A2418C45AE11ECB857890EC4F9AE02.roa (hash: yt5ul2v37If2OMAgvwlcXNvNlpOeU9vk4N82gRjp7ro=) 5: 9896BA2EB6DE11EC8DB17172C4F9AE02.roa (hash: tkC8VFhPaMMB7xHukmlTC8vVY5Lai1noTB/JDIdLAEc=) 6: 351AC73E45AE11ECB857890EC4F9AE02.roa (hash: ofwlwfDv/f2slgSdPa6hT78BUtn3LBZ837QvOITSXas=) 7: 346A2B4045AE11ECB857890EC4F9AE02.roa (hash: y6Yo94bVO58GlNbuqBWAfuC5sCH6iiyxweKo6sloNrk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:10:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1212 (0x4bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4357, serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Validity Not Before: Aug 23 00:10:22 2025 GMT Not After : Aug 30 00:10:22 2025 GMT Subject: CN=68a906ee-6e5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:08:86:b2:21:df:f8:1c:cf:6c:d7:6d:12:7d: 35:87:2c:e5:94:95:2b:8d:5c:9f:35:22:7e:4b:54: 08:3a:91:4a:f7:28:b2:9f:b2:3d:17:e1:e7:c6:00: 57:86:cb:08:3c:80:4d:2d:97:45:b7:5f:bf:b8:24: 76:d7:a1:e2:aa:c3:ab:dd:63:f6:36:fb:30:68:21: 48:26:81:bc:f3:2e:0b:e5:0c:21:af:58:ea:85:93: 0f:c2:6a:d1:72:87:e6:aa:e7:61:5b:86:ec:c6:8d: e5:47:2a:68:63:87:0a:fd:d3:89:19:90:48:a1:c8: ab:d8:2e:51:bc:e4:12:80:81:71:3b:e5:b1:78:03: 32:58:0e:a6:14:8d:4d:e3:ee:49:56:c9:1d:47:e1: 6c:bb:65:84:e1:67:e1:ca:24:66:e7:93:90:b4:2f: 29:da:a0:b0:90:78:db:d0:62:3e:c1:50:72:61:17: c3:67:c0:c1:93:63:23:8f:af:bd:04:89:4a:b8:8d: 70:c1:d8:f3:33:73:42:4d:1e:06:71:fd:ac:fd:e4: d3:b7:be:70:f9:2c:76:91:77:7f:de:f5:a2:f0:24: e2:47:42:b4:03:e9:c5:a9:22:75:d2:81:bc:84:84: c0:99:42:b1:e6:66:a6:05:87:60:ef:47:21:6a:8a: ee:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:3F:30:78:58:72:44:8E:A0:1B:64:91:68:ED:FD:DD:8C:57:70:78 X509v3 Authority Key Identifier: keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:53:06:cd:ba:4a:99:4b:78:4d:1f:33:04:a3:15:64:f6:f7: 4a:6b:7a:11:cd:d8:1a:e0:03:8e:a1:39:b3:20:d2:6a:61:75: 2b:14:3a:a8:eb:ef:04:07:e3:cb:0e:46:b5:40:25:e2:e1:62: bd:e7:ec:04:de:9a:b8:ba:34:00:f0:ae:fb:bb:52:cc:bc:64: d0:c4:57:36:57:46:cb:9a:d9:03:81:4a:68:ca:92:15:17:c1: c6:87:e7:0f:10:83:3f:a6:6d:6d:1f:57:85:69:26:7f:78:6d: c0:9a:02:62:1c:e5:5a:82:87:0b:c2:f2:c1:83:d9:e8:02:9a: 30:e3:45:3f:ec:ac:df:90:e9:87:b8:2f:70:7b:79:fa:63:a3: 60:d2:47:e9:39:4c:8f:ca:4e:45:88:9c:d7:03:3f:d6:80:a7: 2f:7e:47:a2:ed:52:a0:56:a8:14:08:bf:0d:d8:da:8c:dd:fa: ad:9e:bd:8d:23:70:06:a9:11:33:75:92:db:89:a4:1c:56:7b: c9:82:1c:ba:e9:10:df:9c:6f:8d:77:3e:44:9d:ba:d5:d3:53: 43:e5:63:55:55:88:f3:a0:51:c6:c5:75:e0:4f:0f:06:51:48: a5:7b:f5:dc:4e:2b:4d:ba:15:fb:2f:4e:97:57:62:41:85:4f: 68:ee:fa:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB RDYxNjk3MUEwHhcNMjUwODIzMDAxMDIyWhcNMjUwODMwMDAxMDIyWjAYMRYwFAYD VQQDEw02OGE5MDZlZS02ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoQiGsiHf+BzPbNdtEn01hyzllJUrjVyfNSJ+S1QIOpFK9yiyn7I9F+HnxgBX hssIPIBNLZdFt1+/uCR216HiqsOr3WP2NvswaCFIJoG88y4L5Qwhr1jqhZMPwmrR cofmqudhW4bsxo3lRypoY4cK/dOJGZBIocir2C5RvOQSgIFxO+WxeAMyWA6mFI1N 4+5JVskdR+Fsu2WE4WfhyiRm55OQtC8p2qCwkHjb0GI+wVByYRfDZ8DBk2Mjj6+9 BIlKuI1wwdjzM3NCTR4Gcf2s/eTTt75w+Sx2kXd/3vWi8CTiR0K0A+nFqSJ10oG8 hITAmUKx5mamBYdg70chaoruhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK8/MHhY ckSOoBtkkWjt/d2MV3B4MB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1 QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDM1Ny9CODRCMTBFQzQ1QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJY bVQ2TmdibjVlWTJ0WVdseG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKUwbNukqZS3hNHzMEoxVk9vdKa3oRzdga4AOOoTmzINJqYXUrFDqo 6+8EB+PLDka1QCXi4WK95+wE3pq4ujQA8K77u1LMvGTQxFc2V0bLmtkDgUpoypIV F8HGh+cPEIM/pm1tH1eFaSZ/eG3AmgJiHOVagocLwvLBg9noApow40U/7KzfkOmH uC9we3n6Y6Ng0kfpOUyPyk5FiJzXAz/WgKcvfkei7VKgVqgUCL8N2NqM3fqtnr2N I3AGqREzdZLbiaQcVnvJghy66RDfnG+Ndz5EnbrV01ND5WNVVYjzoFHGxXXgTw8G UUile/XcTitNuhX7L06XV2JBhU9o7vrA -----END CERTIFICATE-----Generated at Sat Aug 23 23:55:43 2025 by rpki-client