$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft File: ysNNxbjd0zsX7HVcldRdD3YlD6g.mft (raw, json) Hash identifier: nkPZxHRo2lvV+IdUm+yCoFeUZI0nFTKqpgQX2+jD8Lo= Subject key identifier: 79:DF:DD:98:78:96:5D:37:94:88:FC:49:BB:50:7A:01:95:3F:12:2F Authority key identifier: CA:C3:4D:C5:B8:DD:D3:3B:17:EC:75:5C:95:D4:5D:0F:76:25:0F:A8 Certificate issuer: /CN=A91C9B39/serialNumber=CAC34DC5B8DDD33B17EC755C95D45D0F76250FA8 Certificate serial: 01FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft Manifest number: 01F7 Signing time: Sat 23 Aug 2025 02:33:36 +0000 Manifest this update: Sat 23 Aug 2025 02:33:35 +0000 Manifest next update: Sat 30 Aug 2025 02:33:35 +0000 Files and hashes: 1: ysNNxbjd0zsX7HVcldRdD3YlD6g.crl (hash: rqKtkeTbTjtVo1oVvLzSFyzg+lEiX4E5J3s3tEenjLE=) 2: E21DEF607B5E11ED98247D60C4F9AE02.roa (hash: ADnEMa2Brj1gfAu5du2mdudMmrXS7wa9cPzXrkNiEN4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.crl rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:33:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 506 (0x1fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9B39, serialNumber=CAC34DC5B8DDD33B17EC755C95D45D0F76250FA8 Validity Not Before: Aug 23 02:33:35 2025 GMT Not After : Aug 30 02:33:35 2025 GMT Subject: CN=68a92880-b74a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:32:20:ae:41:45:b6:7b:4c:eb:be:e8:81:01: 0e:b8:82:09:89:ed:56:b0:f7:6e:41:65:b8:8d:78: c1:a2:f0:8c:4a:42:c0:21:2d:c4:df:be:5f:69:03: 2a:41:0b:a6:d8:d2:3a:4c:81:c1:e1:0a:a0:67:fc: a6:e1:87:bd:62:bd:66:d8:d4:71:f2:5f:ef:e6:66: 2f:38:41:6f:be:48:81:46:31:89:74:03:c9:fc:3f: 92:78:8e:17:79:d6:e8:3d:44:4b:53:c2:29:de:52: b2:ee:e3:01:eb:46:ea:a9:97:0c:f7:56:6f:4d:e8: 01:b6:ce:6e:b8:21:46:fd:b5:34:24:74:d9:83:76: d0:05:27:1a:9c:42:33:01:84:4f:57:1e:2d:51:35: 2d:82:f1:ee:2a:74:52:f3:8c:a2:02:9f:01:66:f8: d1:4b:0c:9c:46:ad:4c:0e:3e:f8:32:8a:9e:bc:e5: fa:81:3b:51:0e:0b:6a:41:73:e4:8f:36:34:8d:13: f5:ab:ec:9a:14:97:7e:90:ca:69:d0:c9:c7:9a:7a: 10:ed:f8:1d:96:0d:53:7b:fe:8d:ee:41:1d:96:79: 12:77:cf:dc:b5:26:dc:fb:29:f7:7e:0f:81:df:ea: 15:ff:2d:a3:56:4c:71:a8:f0:ea:b8:a6:ee:42:e6: 50:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:DF:DD:98:78:96:5D:37:94:88:FC:49:BB:50:7A:01:95:3F:12:2F X509v3 Authority Key Identifier: keyid:CA:C3:4D:C5:B8:DD:D3:3B:17:EC:75:5C:95:D4:5D:0F:76:25:0F:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:32:91:cf:d1:fb:8f:2f:be:3a:e6:6d:ac:72:86:24:01:e6: cb:8c:48:9a:15:57:0b:0a:18:cc:ab:2f:20:66:ea:97:a5:83: c1:5c:66:e1:5f:26:4c:2d:fb:25:d4:04:eb:a6:84:f7:c3:46: b7:80:07:45:6c:7f:f1:f8:d3:8d:29:1d:13:79:62:90:4f:52: f1:9b:a6:9f:06:14:52:62:e4:4b:73:e2:b7:dc:23:5c:df:e6: 85:0c:c3:b3:c6:22:67:7b:16:43:0c:52:8e:af:7e:ba:ec:9b: 78:f6:9f:1a:14:27:85:50:db:6a:b5:83:51:2a:14:b3:e8:1b: dd:30:76:9a:1f:82:b9:4b:2f:32:a8:20:1d:b5:f9:48:d3:64: c1:9d:78:0b:33:3b:03:29:fb:f2:cd:c3:cb:fd:ec:c4:fe:4b: 80:91:9b:c4:94:d2:0f:19:de:0d:d3:f7:2c:7d:01:e9:e3:cc: 65:16:72:8c:4f:22:d1:ae:20:46:75:e0:ae:ee:20:42:dc:35: 15:71:d7:7a:cb:bc:70:c6:19:f1:39:32:db:be:5c:a3:16:b1: 40:be:64:2e:2a:74:f6:f4:4e:bd:2a:dd:63:b6:57:52:90:b8: 69:84:69:64:5d:ee:dd:b1:db:d3:67:76:a1:66:f2:ad:f3:20: 34:6b:a0:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlCMzkxMTAvBgNVBAUTKENBQzM0REM1QjhEREQzM0IxN0VDNzU1Qzk1RDQ1RDBG NzYyNTBGQTgwHhcNMjUwODIzMDIzMzM1WhcNMjUwODMwMDIzMzM1WjAYMRYwFAYD VQQDEw02OGE5Mjg4MC1iNzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArzIgrkFFtntM677ogQEOuIIJie1WsPduQWW4jXjBovCMSkLAIS3E375faQMq QQum2NI6TIHB4QqgZ/ym4Ye9Yr1m2NRx8l/v5mYvOEFvvkiBRjGJdAPJ/D+SeI4X edboPURLU8Ip3lKy7uMB60bqqZcM91ZvTegBts5uuCFG/bU0JHTZg3bQBScanEIz AYRPVx4tUTUtgvHuKnRS84yiAp8BZvjRSwycRq1MDj74MoqevOX6gTtRDgtqQXPk jzY0jRP1q+yaFJd+kMpp0MnHmnoQ7fgdlg1Te/6N7kEdlnkSd8/ctSbc+yn3fg+B 3+oV/y2jVkxxqPDquKbuQuZQUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHnf3Zh4 ll03lIj8SbtQegGVPxIvMB8GA1UdIwQYMBaAFMrDTcW43dM7F+x1XJXUXQ92JQ+o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIzOS9CNjE1RDBCQzdC NUExMUVEQTVFM0NBNjZDNEY5QUUwMi95c05OeGJqZDB6c1g3SFZjbGRSZEQzWWxE NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzTk54YmpkMHpzWDdIVmNsZFJkRDNZbEQ2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUIzOS9CNjE1RDBCQzdCNUExMUVEQTVFM0NBNjZDNEY5QUUwMi95c05OeGJqZDB6 c1g3SFZjbGRSZEQzWWxENmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkMpHP0fuPL7465m2scoYkAebLjEiaFVcLChjMqy8gZuqXpYPBXGbh XyZMLfsl1ATrpoT3w0a3gAdFbH/x+NONKR0TeWKQT1Lxm6afBhRSYuRLc+K33CNc 3+aFDMOzxiJnexZDDFKOr3667Jt49p8aFCeFUNtqtYNRKhSz6BvdMHaaH4K5Sy8y qCAdtflI02TBnXgLMzsDKfvyzcPL/ezE/kuAkZvElNIPGd4N0/csfQHp48xlFnKM TyLRriBGdeCu7iBC3DUVcdd6y7xwxhnxOTLbvlyjFrFAvmQuKnT29E69Kt1jtldS kLhphGlkXe7dsdvTZ3ahZvKt8yA0a6Bi -----END CERTIFICATE-----Generated at Sat Aug 23 17:22:12 2025 by rpki-client