$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft File: y1McHsaSJfDcrkTOyl41mAzpwPI.mft (raw, json) Hash identifier: KkNFoPOreXtSG0g6Bl0kz+5RhW0+u1G7qmBXkuV95AE= Subject key identifier: BA:9A:59:85:57:F8:C8:77:FC:45:4F:0B:51:55:E7:44:C4:C1:21:B9 Authority key identifier: CB:53:1C:1E:C6:92:25:F0:DC:AE:44:CE:CA:5E:35:98:0C:E9:C0:F2 Certificate issuer: /CN=A91CFFCB/serialNumber=CB531C1EC69225F0DCAE44CECA5E35980CE9C0F2 Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1McHsaSJfDcrkTOyl41mAzpwPI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft Manifest number: 2B Signing time: Sat 23 Aug 2025 07:59:06 +0000 Manifest this update: Sat 23 Aug 2025 07:59:06 +0000 Manifest next update: Sat 30 Aug 2025 07:59:06 +0000 Files and hashes: 1: y1McHsaSJfDcrkTOyl41mAzpwPI.crl (hash: 1DRBui26Irm6Rd31DGINJ8576RVC6dUC+F3FAkywPNE=) 2: BB8F3118497B11F096DCA14EC4F9AE02.roa (hash: n0pGyYXueEy9F7Jw89IAbICySxf38MqDCZugETeFEBQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1McHsaSJfDcrkTOyl41mAzpwPI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:59:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=CB531C1EC69225F0DCAE44CECA5E35980CE9C0F2 Validity Not Before: Aug 23 07:59:06 2025 GMT Not After : Aug 30 07:59:06 2025 GMT Subject: CN=68a974ca-e1b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0f:d7:39:77:b8:98:90:97:98:46:fb:e1:7f: 47:a2:9d:93:17:57:06:af:e7:c6:10:0c:7f:9f:72: a1:da:86:f5:c6:b0:ed:25:93:54:d0:8f:1a:d4:25: d5:25:5f:e0:ca:74:15:10:74:e7:f5:fa:11:74:b0: 4c:66:ca:3f:cc:b6:5e:e4:a1:dc:a7:6f:51:6a:4a: 0b:18:29:9d:93:ce:54:18:7e:68:cf:21:ec:ce:da: c9:d3:26:06:5d:27:7a:70:36:5e:06:77:92:54:e5: 04:a8:f1:af:cc:5a:ae:e2:28:bd:bd:e8:a2:66:e2: 2d:91:1a:a4:8f:9e:87:2f:59:88:45:c7:9b:92:a2: 9e:77:53:e6:14:6a:65:1d:26:e2:9d:5e:34:55:12: ed:f2:de:a8:84:55:f3:fc:31:0a:d7:70:4c:23:ee: 2e:05:2b:2a:4c:04:30:bd:f7:f2:29:26:7b:bc:37: fa:58:b0:b5:15:eb:c4:57:b0:4a:42:48:af:3d:18: 46:af:b1:0e:c2:ec:d0:36:e0:a8:43:ff:33:f7:0d: 9a:dd:51:5b:5a:96:aa:8f:18:b4:44:f2:ab:b3:30: d9:38:cf:39:90:56:17:46:61:6a:f8:3b:33:ec:54: bf:8b:b5:35:23:a5:b7:55:8b:35:29:db:f1:9d:54: 9c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:9A:59:85:57:F8:C8:77:FC:45:4F:0B:51:55:E7:44:C4:C1:21:B9 X509v3 Authority Key Identifier: keyid:CB:53:1C:1E:C6:92:25:F0:DC:AE:44:CE:CA:5E:35:98:0C:E9:C0:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1McHsaSJfDcrkTOyl41mAzpwPI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:7e:c4:66:80:79:da:a8:02:3f:3f:cd:21:04:59:0c:03:58: e3:4c:e9:40:e6:17:ac:90:5d:97:4f:b0:31:8b:48:3c:3c:01: 0a:ec:8e:d3:51:00:4a:00:03:aa:25:3a:cf:07:8c:bf:e0:78: bf:62:61:17:a4:ca:4f:05:0d:8c:8e:9a:01:ad:6b:0d:4f:c6: e9:95:af:03:92:11:d1:02:33:d1:de:b4:7f:a0:c6:02:5b:18: 50:48:9e:d2:4e:11:7d:8c:49:27:6f:e2:9a:06:29:1c:15:2c: 74:1a:70:6a:ce:65:5f:86:0a:5f:91:ff:34:c7:a7:46:c1:31: f2:bc:4e:e7:fe:b7:08:d5:94:1f:64:0a:fa:97:9a:80:87:1b: 80:a1:c7:d6:ee:e3:11:97:c2:7a:91:5d:f7:49:74:de:4f:c2: fe:7d:fe:4c:94:eb:e1:a6:e3:a8:8a:75:38:1b:7d:e7:90:13: 2e:0d:9f:f4:27:5e:bf:0e:3d:f5:84:e3:8a:9a:47:e8:35:55: 08:0b:76:f9:69:0a:1c:bb:ac:03:e0:ca:6c:cd:32:d3:5f:f7: aa:81:86:99:e8:16:23:93:f9:d0:70:7d:48:bc:1f:b1:96:7f: 85:41:58:2d:d2:96:f4:60:ee:78:1f:4b:90:fa:7e:3a:88:11: 2a:f3:27:71 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoQ0I1MzFDMUVDNjkyMjVGMERDQUU0NENFQ0E1RTM1OTgw Q0U5QzBGMjAeFw0yNTA4MjMwNzU5MDZaFw0yNTA4MzAwNzU5MDZaMBgxFjAUBgNV BAMTDTY4YTk3NGNhLWUxYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3D9c5d7iYkJeYRvvhf0einZMXVwav58YQDH+fcqHahvXGsO0lk1TQjxrUJdUl X+DKdBUQdOf1+hF0sExmyj/Mtl7kodynb1FqSgsYKZ2TzlQYfmjPIezO2snTJgZd J3pwNl4Gd5JU5QSo8a/MWq7iKL296KJm4i2RGqSPnocvWYhFx5uSop53U+YUamUd JuKdXjRVEu3y3qiEVfP8MQrXcEwj7i4FKypMBDC99/IpJnu8N/pYsLUV68RXsEpC SK89GEavsQ7C7NA24KhD/zP3DZrdUVtalqqPGLRE8quzMNk4zzmQVhdGYWr4OzPs VL+LtTUjpbdVizUp2/GdVJz5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuppZhVf4 yHf8RU8LUVXnRMTBIbkwHwYDVR0jBBgwFoAUy1McHsaSJfDcrkTOyl41mAzpwPIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0Y1REI3QTE2NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL3kxTWNIc2FTSmZEY3JrVE95bDQxbUF6cHdQ SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveTFNY0hzYVNKZkRjcmtUT3lsNDFtQXpwd1BJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0Y1REI3QTE2NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL3kxTWNIc2FTSmZE Y3JrVE95bDQxbUF6cHdQSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHN+xGaAedqoAj8/zSEEWQwDWONM6UDmF6yQXZdPsDGLSDw8AQrsjtNR AEoAA6olOs8HjL/geL9iYRekyk8FDYyOmgGtaw1PxumVrwOSEdECM9HetH+gxgJb GFBIntJOEX2MSSdv4poGKRwVLHQacGrOZV+GCl+R/zTHp0bBMfK8Tuf+twjVlB9k CvqXmoCHG4Chx9bu4xGXwnqRXfdJdN5Pwv59/kyU6+Gm46iKdTgbfeeQEy4Nn/Qn Xr8OPfWE44qaR+g1VQgLdvlpChy7rAPgymzNMtNf96qBhpnoFiOT+dBwfUi8H7GW f4VBWC3SlvRg7ngfS5D6fjqIESrzJ3E= -----END CERTIFICATE-----Generated at Sat Aug 23 13:35:46 2025 by rpki-client