$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft File: ysNNxbjd0zsX7HVcldRdD3YlD6g.mft (raw, json) Hash identifier: e8JyhcVeYXgNPQXKOytKD/0Nr6QXXYxYZodgn11wk14= Subject key identifier: 9B:FE:18:2F:42:E0:1E:32:4A:91:CE:F0:2B:01:EA:64:FE:57:AB:03 Authority key identifier: CA:C3:4D:C5:B8:DD:D3:3B:17:EC:75:5C:95:D4:5D:0F:76:25:0F:A8 Certificate issuer: /CN=A91C9B39/serialNumber=CAC34DC5B8DDD33B17EC755C95D45D0F76250FA8 Certificate serial: 01DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft Manifest number: 01DC Signing time: Tue 01 Jul 2025 03:06:47 +0000 Manifest this update: Tue 01 Jul 2025 03:06:46 +0000 Manifest next update: Tue 08 Jul 2025 03:06:46 +0000 Files and hashes: 1: ysNNxbjd0zsX7HVcldRdD3YlD6g.crl (hash: wggPuk1Kk4iKYOQRkKXlqwsJLn6mmbW1eaYATqyCYUE=) 2: E21DEF607B5E11ED98247D60C4F9AE02.roa (hash: ADnEMa2Brj1gfAu5du2mdudMmrXS7wa9cPzXrkNiEN4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.crl rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:06:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 479 (0x1df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9B39, serialNumber=CAC34DC5B8DDD33B17EC755C95D45D0F76250FA8 Validity Not Before: Jul 1 03:06:46 2025 GMT Not After : Jul 8 03:06:46 2025 GMT Subject: CN=686350c7-6aaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:23:ec:58:6b:c2:08:c1:28:4a:aa:b7:a9:58: 45:99:32:53:83:31:8d:a8:9c:f3:04:8e:a6:32:f7: da:b5:1a:cb:0d:69:ef:2d:e4:8e:4e:91:87:7e:6f: 4a:79:53:23:42:ec:0b:c3:bb:08:f9:fe:1b:0d:92: 52:fd:eb:21:ef:0d:6d:08:2a:cd:99:a0:2d:7c:09: b4:46:31:1a:12:68:6c:97:d7:0e:53:f7:fb:f4:a3: da:62:25:e9:dd:8b:b3:d7:48:a0:11:3f:7e:cf:66: ad:90:8a:c0:13:fb:50:2f:81:ab:72:90:95:60:a3: 1b:7e:f5:b9:a1:ee:88:c3:e5:c0:e6:29:cb:8a:6e: 6b:52:80:11:12:b2:24:cb:43:f8:7d:67:e7:47:10: e5:c7:23:3f:e7:1f:8b:55:60:cf:d0:64:9e:96:9a: e7:56:5d:c6:8c:46:1c:98:eb:c4:bc:66:fa:c8:3a: 2a:a2:7d:1e:f7:5d:d8:01:24:f4:e0:56:e0:0f:42: 12:ec:ac:79:19:67:fd:c2:3b:c1:e2:96:ad:96:32: ed:5b:74:c4:69:04:5e:18:87:88:f9:2d:9d:d8:2c: 9b:9f:9c:8f:c2:30:8b:db:0e:3f:9b:72:8a:97:8d: 75:d5:30:da:3b:57:72:c2:02:74:66:ff:ac:8e:4d: 27:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:FE:18:2F:42:E0:1E:32:4A:91:CE:F0:2B:01:EA:64:FE:57:AB:03 X509v3 Authority Key Identifier: keyid:CA:C3:4D:C5:B8:DD:D3:3B:17:EC:75:5C:95:D4:5D:0F:76:25:0F:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:ea:bf:43:4e:dc:6f:4f:ee:5f:bc:4e:b4:e6:ca:ae:4f:37: 3a:6a:61:09:cb:bd:07:d3:c4:c3:43:da:d9:d6:4a:c4:e2:e4: f6:8a:05:90:ba:74:11:57:77:30:48:5a:89:12:f5:70:8e:13: ec:25:74:38:15:fb:3c:9e:45:f8:17:0e:0b:c2:5f:c4:22:df: c6:3f:ec:7f:e9:41:00:b4:13:4a:cd:dc:fb:3b:a3:54:89:80: d0:0a:2c:9c:cd:6d:71:62:af:57:45:5e:de:5a:19:65:d3:58: 1a:f6:c5:5b:cc:4d:9f:5b:81:f5:41:a8:e9:a2:aa:45:7c:6e: ac:cd:2b:24:d2:2d:8a:45:01:0c:e2:fa:e7:3e:b1:b5:d5:61: 21:ed:b7:1a:d5:08:69:08:03:69:92:8b:94:73:96:ec:14:6e: 8f:8a:85:0d:7f:bf:40:6d:a7:8e:fd:22:9c:9c:13:ba:96:b7: 72:e0:aa:7d:2a:d2:27:63:c4:5f:10:95:af:3f:12:51:df:36: 20:d2:6e:a2:59:29:52:c5:60:a9:f8:98:31:9e:ae:8c:fe:c0: 8a:7d:39:fc:31:e2:33:bb:87:74:84:e9:8b:c5:3d:f7:95:6f: e9:6f:b1:c1:6e:31:bd:2c:9a:f8:75:34:d2:e3:1d:79:5a:79: ec:9c:36:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlCMzkxMTAvBgNVBAUTKENBQzM0REM1QjhEREQzM0IxN0VDNzU1Qzk1RDQ1RDBG NzYyNTBGQTgwHhcNMjUwNzAxMDMwNjQ2WhcNMjUwNzA4MDMwNjQ2WjAYMRYwFAYD VQQDEw02ODYzNTBjNy02YWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsSPsWGvCCMEoSqq3qVhFmTJTgzGNqJzzBI6mMvfatRrLDWnvLeSOTpGHfm9K eVMjQuwLw7sI+f4bDZJS/esh7w1tCCrNmaAtfAm0RjEaEmhsl9cOU/f79KPaYiXp 3Yuz10igET9+z2atkIrAE/tQL4GrcpCVYKMbfvW5oe6Iw+XA5inLim5rUoARErIk y0P4fWfnRxDlxyM/5x+LVWDP0GSelprnVl3GjEYcmOvEvGb6yDoqon0e913YAST0 4FbgD0IS7Kx5GWf9wjvB4patljLtW3TEaQReGIeI+S2d2Cybn5yPwjCL2w4/m3KK l4111TDaO1dywgJ0Zv+sjk0npQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJv+GC9C 4B4ySpHO8CsB6mT+V6sDMB8GA1UdIwQYMBaAFMrDTcW43dM7F+x1XJXUXQ92JQ+o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIzOS9CNjE1RDBCQzdC NUExMUVEQTVFM0NBNjZDNEY5QUUwMi95c05OeGJqZDB6c1g3SFZjbGRSZEQzWWxE NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzTk54YmpkMHpzWDdIVmNsZFJkRDNZbEQ2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUIzOS9CNjE1RDBCQzdCNUExMUVEQTVFM0NBNjZDNEY5QUUwMi95c05OeGJqZDB6 c1g3SFZjbGRSZEQzWWxENmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAF6r9DTtxvT+5fvE605squTzc6amEJy70H08TDQ9rZ1krE4uT2igWQ unQRV3cwSFqJEvVwjhPsJXQ4Ffs8nkX4Fw4Lwl/EIt/GP+x/6UEAtBNKzdz7O6NU iYDQCiyczW1xYq9XRV7eWhll01ga9sVbzE2fW4H1QajpoqpFfG6szSsk0i2KRQEM 4vrnPrG11WEh7bca1QhpCANpkouUc5bsFG6PioUNf79AbaeO/SKcnBO6lrdy4Kp9 KtInY8RfEJWvPxJR3zYg0m6iWSlSxWCp+Jgxnq6M/sCKfTn8MeIzu4d0hOmLxT33 lW/pb7HBbjG9LJr4dTTS4x15WnnsnDay -----END CERTIFICATE-----Generated at Wed Jul 2 20:51:32 2025 by rpki-client