$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft File: y_Kp2oisCPjVEG3svXLW-gnIGOk.mft (raw, json) Hash identifier: NZ9NNqg5GBW4t1qyxAlxEBooH/fc1hoRFk6ZkwZVegk= Subject key identifier: 2A:68:6D:31:CD:5B:B1:01:76:B2:7D:CE:11:F2:9D:6A:C6:08:97:56 Authority key identifier: CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 Certificate issuer: /CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Certificate serial: 0F4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft Manifest number: 0F44 Signing time: Fri 22 Aug 2025 17:43:07 +0000 Manifest this update: Fri 22 Aug 2025 17:43:07 +0000 Manifest next update: Fri 29 Aug 2025 17:43:07 +0000 Files and hashes: 1: y_Kp2oisCPjVEG3svXLW-gnIGOk.crl (hash: 2icTkGhyOxJUQhgwNVPDyDspBwwHNUMUYKM50t4ZOlY=) 2: 4ECF0A4C765C11E9A01A6E34C4F9AE02.roa (hash: pLwEgd+VwWLgIg3V6a+yYMrZGmHsHcB345LFbQql9+8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:43:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3917 (0xf4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5C25, serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Validity Not Before: Aug 22 17:43:07 2025 GMT Not After : Aug 29 17:43:07 2025 GMT Subject: CN=68a8ac2b-19ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:60:8b:61:2e:94:db:c3:e9:99:36:a3:70:9a: a5:d1:d9:5a:2b:78:45:88:bd:e8:66:d5:64:ba:d7: 35:90:4d:0f:cd:cd:f4:5e:cd:3f:72:a7:10:71:4c: 0d:95:0e:00:f0:52:c4:24:25:44:b5:cd:e9:ef:d8: bc:60:ca:4f:21:21:94:d7:9e:86:cc:bb:6d:32:18: da:d7:0d:95:8f:14:bd:f8:a5:c5:5c:2a:9d:5e:3b: 9a:41:72:66:f9:73:5b:03:df:f1:36:13:f1:5c:6f: 5a:50:35:61:b2:15:80:8e:77:03:0b:b9:f1:62:4b: 14:40:f8:36:09:14:69:67:84:e0:a2:1f:dc:5b:e7: 3c:62:80:fe:39:1f:0c:8e:54:4b:a7:c6:01:41:7e: 5c:38:04:9c:dd:1b:56:b5:8b:a2:be:51:29:94:99: 7b:3f:a2:f8:23:f9:07:1f:b7:dc:44:e5:1b:0c:7e: 85:06:28:03:5e:cd:b8:66:c6:05:2f:10:33:2f:2a: 51:29:00:c7:bd:76:57:40:bc:99:cf:31:9c:fa:c7: 97:73:12:ad:45:6e:85:0b:1b:1b:2e:c5:98:f7:4a: b9:38:f9:01:24:9d:3d:4e:9a:6e:b1:28:f4:95:cf: 58:4f:a1:21:04:10:5b:6c:f6:34:14:a6:75:45:63: 28:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:68:6D:31:CD:5B:B1:01:76:B2:7D:CE:11:F2:9D:6A:C6:08:97:56 X509v3 Authority Key Identifier: keyid:CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:1b:6c:13:fd:26:2c:c2:ac:0f:70:26:c3:96:e8:c0:37:93: c2:57:a3:95:e9:85:bf:89:30:b8:4b:7a:a6:4a:22:7c:40:cf: f2:ce:e9:cd:0f:4a:29:b5:39:a6:97:ad:9a:d6:71:c9:a6:fc: 25:3c:b3:e7:76:1c:4e:f6:07:a1:5c:f1:42:85:04:58:f5:2c: 7e:82:d1:69:11:4c:7b:25:18:0d:5a:1f:a2:53:c8:0c:ec:9e: 3a:ca:3c:87:94:20:9e:8e:91:eb:d6:bf:bf:a8:a7:b1:a2:12: b5:57:18:14:e9:f8:5c:57:6d:1e:a2:b5:29:39:6d:7f:a4:19: bf:f4:ec:09:5c:98:06:dd:11:0e:ec:72:dc:14:de:14:46:86: bd:2c:2a:72:5d:18:aa:51:9d:3f:5a:14:b1:cc:2f:cd:17:3b: 46:03:0e:b0:a1:5e:ee:54:c7:f1:c8:00:29:b5:ef:aa:b7:ee: 12:84:0a:84:0f:a4:fe:b1:f1:45:4c:ea:40:11:45:83:d5:a3: 3e:53:06:57:25:cd:66:19:9e:37:47:b1:22:ff:c1:74:e6:12: 20:85:23:be:03:85:64:db:e1:f6:b1:33:50:42:c6:b7:e7:79: 11:a6:1a:7c:b2:2e:cc:d6:ed:90:85:77:2f:00:43:09:a5:fb: c7:88:ce:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVDMjUxMTAvBgNVBAUTKENCRjJBOURBODhBQzA4RjhENTEwNkRFQ0JENzJENkZB MDlDODE4RTkwHhcNMjUwODIyMTc0MzA3WhcNMjUwODI5MTc0MzA3WjAYMRYwFAYD VQQDEw02OGE4YWMyYi0xOWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyGCLYS6U28PpmTajcJql0dlaK3hFiL3oZtVkutc1kE0Pzc30Xs0/cqcQcUwN lQ4A8FLEJCVEtc3p79i8YMpPISGU156GzLttMhja1w2VjxS9+KXFXCqdXjuaQXJm +XNbA9/xNhPxXG9aUDVhshWAjncDC7nxYksUQPg2CRRpZ4Tgoh/cW+c8YoD+OR8M jlRLp8YBQX5cOASc3RtWtYuivlEplJl7P6L4I/kHH7fcROUbDH6FBigDXs24ZsYF LxAzLypRKQDHvXZXQLyZzzGc+seXcxKtRW6FCxsbLsWY90q5OPkBJJ09TppusSj0 lc9YT6EhBBBbbPY0FKZ1RWMobwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCpobTHN W7EBdrJ9zhHynWrGCJdWMB8GA1UdIwQYMBaAFMvyqdqIrAj41RBt7L1y1voJyBjp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUMyNS82ODdBMTBBNjc2 NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQalZFRzNzdlhMVy1nbklH T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lfS3Ayb2lzQ1BqVkVHM3N2WExXLWduSUdPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUMyNS82ODdBMTBBNjc2NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQ alZFRzNzdlhMVy1nbklHT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6G2wT/SYswqwPcCbDlujAN5PCV6OV6YW/iTC4S3qmSiJ8QM/yzunN D0optTmml62a1nHJpvwlPLPndhxO9gehXPFChQRY9Sx+gtFpEUx7JRgNWh+iU8gM 7J46yjyHlCCejpHr1r+/qKexohK1VxgU6fhcV20eorUpOW1/pBm/9OwJXJgG3REO 7HLcFN4URoa9LCpyXRiqUZ0/WhSxzC/NFztGAw6woV7uVMfxyAApte+qt+4ShAqE D6T+sfFFTOpAEUWD1aM+UwZXJc1mGZ43R7Ei/8F05hIghSO+A4Vk2+H2sTNQQsa3 53kRphp8si7M1u2QhXcvAEMJpfvHiM4b -----END CERTIFICATE-----Generated at Sat Aug 23 20:43:12 2025 by rpki-client