$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.mft File: y8FNQFd4Ri-cXZFYOlxxg28jwZ0.mft (raw, json) Hash identifier: yoFj3OPHFqPsOMdxvK28BG0L1RpDgQdv3Xh5DRK6940= Subject key identifier: F1:7D:69:62:69:D1:25:8B:D6:9B:AA:DB:3D:A6:56:E0:BB:76:50:85 Authority key identifier: CB:C1:4D:40:57:78:46:2F:9C:5D:91:58:3A:5C:71:83:6F:23:C1:9D Certificate issuer: /CN=A91B9C52/serialNumber=CBC14D405778462F9C5D91583A5C71836F23C19D Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.mft Manifest number: 055A Signing time: Tue 01 Jul 2025 00:03:12 +0000 Manifest this update: Tue 01 Jul 2025 00:03:12 +0000 Manifest next update: Tue 08 Jul 2025 00:03:12 +0000 Files and hashes: 1: y8FNQFd4Ri-cXZFYOlxxg28jwZ0.crl (hash: ViXvJZBE5KDiYOc/XxXkl4tZJHX4wZJRbMK86c4YNcc=) 2: B0245792094611F089247D2CC4F9AE02.roa (hash: WzcjSkbp1L3UZdNgdiavQerl/BKgE6QHhDZV6MZpLAY=) 3: DB78EC4202C411F0A370F12EC4F9AE02.roa (hash: cYCE21n+c8J3/ZWE+DpkusC3dL/h3MNQr/C6R6q0LQY=) 4: DBEA4AA402C411F0A370F12EC4F9AE02.roa (hash: LglT88AP992wwS6++8oX+hvPgvXH2IXg5x9/81P07t8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.crl rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:03:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9C52, serialNumber=CBC14D405778462F9C5D91583A5C71836F23C19D Validity Not Before: Jul 1 00:03:12 2025 GMT Not After : Jul 8 00:03:12 2025 GMT Subject: CN=686325c0-4c3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:68:b3:05:4f:f6:ac:5e:6b:bb:4d:92:1e:08: 5f:f7:e3:10:2c:ad:cd:2f:ab:4f:37:9b:db:1b:6c: 1c:2e:aa:5f:a3:bf:c0:f6:17:2f:dd:b8:5e:0a:c3: 3e:87:49:b8:0f:cd:8e:5b:1e:c4:c3:2b:a2:55:17: 9a:b9:d1:20:9c:0e:93:08:27:c3:d0:ae:56:05:cd: d4:b4:7f:ea:9b:47:48:07:9c:5d:7f:e1:ef:c6:13: 66:23:c1:6d:7d:bf:7e:14:d2:7d:c5:2c:21:c9:7a: 3b:8e:76:2b:4b:89:bb:71:21:41:bf:e3:70:e5:9d: 4e:3c:d9:9a:4c:8d:54:85:b2:27:0e:93:65:e3:11: 1e:80:07:65:2d:41:ea:b8:fa:d1:34:05:fe:03:9e: ee:b9:47:cd:8f:7f:e6:84:ea:fc:69:c3:3d:b9:2b: 7f:98:60:12:5e:3d:9d:e9:6d:6f:c3:3f:d9:1e:ac: c0:59:74:c6:57:a0:02:d0:15:b7:b6:f2:63:f7:55: a0:91:62:a7:1a:a5:33:e9:6d:f7:ea:d3:1c:bf:df: 43:82:a0:31:04:1c:35:ae:77:20:4d:30:ed:87:64: 2d:52:05:e0:a5:a7:43:b2:1f:fb:98:cb:7b:0d:80: 67:40:f9:55:ea:4c:88:82:f5:af:4f:32:17:8e:cf: 38:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:7D:69:62:69:D1:25:8B:D6:9B:AA:DB:3D:A6:56:E0:BB:76:50:85 X509v3 Authority Key Identifier: keyid:CB:C1:4D:40:57:78:46:2F:9C:5D:91:58:3A:5C:71:83:6F:23:C1:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:05:5c:63:ef:22:f7:0d:9c:5a:ec:52:5f:72:a2:d3:ca:9b: 01:09:86:00:4c:f0:ef:c5:75:ae:e9:c8:0e:87:32:a8:07:a6: 40:92:dd:0a:a7:69:b6:81:da:0e:56:9c:4f:5a:6d:bf:00:cc: 3b:b9:05:f9:70:87:5a:60:ad:d0:66:2e:a7:98:93:c6:87:7e: 54:0c:29:7f:1f:21:e7:6a:2c:00:90:88:46:3c:e1:0f:96:68: c5:44:1e:ce:b4:18:ff:7a:55:ce:1a:4b:8b:a2:3a:a2:7e:63: 4f:e9:f5:01:c0:9c:f4:b2:73:43:9c:7b:c3:be:63:47:00:2e: 4a:56:40:c0:54:a0:72:03:e3:db:08:62:76:48:57:aa:70:f1: 00:e5:3d:91:3a:6e:d1:67:50:72:e6:01:4a:da:bf:26:c9:dc: 0e:ae:21:95:48:51:45:d3:38:55:65:56:c5:d7:1a:e0:5a:c9: c3:cf:f3:d2:35:0e:3a:cd:d8:76:a4:5f:d6:6a:5e:dd:da:89: 89:6b:ce:3a:74:b7:32:12:42:e7:f7:79:35:b9:61:92:42:10: c5:be:99:29:57:61:a5:78:28:4e:ef:1d:7b:14:0a:29:5d:5e: 5b:c8:30:4b:a6:d9:31:a5:31:29:80:11:4d:ff:48:3d:5f:ec: bd:75:34:96 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC OUM1MjExMC8GA1UEBRMoQ0JDMTRENDA1Nzc4NDYyRjlDNUQ5MTU4M0E1QzcxODM2 RjIzQzE5RDAeFw0yNTA3MDEwMDAzMTJaFw0yNTA3MDgwMDAzMTJaMBgxFjAUBgNV BAMTDTY4NjMyNWMwLTRjM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxaLMFT/asXmu7TZIeCF/34xAsrc0vq083m9sbbBwuql+jv8D2Fy/duF4Kwz6H SbgPzY5bHsTDK6JVF5q50SCcDpMIJ8PQrlYFzdS0f+qbR0gHnF1/4e/GE2YjwW19 v34U0n3FLCHJejuOditLibtxIUG/43DlnU482ZpMjVSFsicOk2XjER6AB2UtQeq4 +tE0Bf4Dnu65R82Pf+aE6vxpwz25K3+YYBJePZ3pbW/DP9kerMBZdMZXoALQFbe2 8mP3VaCRYqcapTPpbffq0xy/30OCoDEEHDWudyBNMO2HZC1SBeClp0OyH/uYy3sN gGdA+VXqTIiC9a9PMheOzzhJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8X1pYmnR JYvWm6rbPaZW4Lt2UIUwHwYDVR0jBBgwFoAUy8FNQFd4Ri+cXZFYOlxxg28jwZ0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5QzUyLzZCNzE1MTYyMEQ3 RTExRUM5QzBCNUY3NUM0RjlBRTAyL3k4Rk5RRmQ0UmktY1haRllPbHh4ZzI4anda MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveThGTlFGZDRSaS1jWFpGWU9seHhnMjhqd1owLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5 QzUyLzZCNzE1MTYyMEQ3RTExRUM5QzBCNUY3NUM0RjlBRTAyL3k4Rk5RRmQ0Umkt Y1haRllPbHh4ZzI4andaMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFwFXGPvIvcNnFrsUl9yotPKmwEJhgBM8O/Fda7pyA6HMqgHpkCS3Qqn abaB2g5WnE9abb8AzDu5Bflwh1pgrdBmLqeYk8aHflQMKX8fIedqLACQiEY84Q+W aMVEHs60GP96Vc4aS4uiOqJ+Y0/p9QHAnPSyc0Oce8O+Y0cALkpWQMBUoHID49sI YnZIV6pw8QDlPZE6btFnUHLmAUravybJ3A6uIZVIUUXTOFVlVsXXGuBaycPP89I1 DjrN2HakX9ZqXt3aiYlrzjp0tzISQuf3eTW5YZJCEMW+mSlXYaV4KE7vHXsUCild XlvIMEum2TGlMSmAEU3/SD1f7L11NJY= -----END CERTIFICATE-----Generated at Wed Jul 2 13:18:41 2025 by rpki-client