$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft File: yCFQSaXsETZftnQLghcGdiaArRc.mft (raw, json) Hash identifier: RQl6ngURDCyuFyXnRbRG6vVtwquFGu7OiVX8G3yMzZA= Subject key identifier: 54:C7:2E:05:E0:60:79:2D:EF:CB:B7:71:9F:9A:C5:8D:72:16:DB:EB Authority key identifier: C8:21:50:49:A5:EC:11:36:5F:B6:74:0B:82:17:06:76:26:80:AD:17 Certificate issuer: /CN=A91DC459/serialNumber=C8215049A5EC11365FB6740B821706762680AD17 Certificate serial: 0102 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft Manifest number: 0100 Signing time: Sat 23 Aug 2025 05:15:28 +0000 Manifest this update: Sat 23 Aug 2025 05:15:27 +0000 Manifest next update: Sat 30 Aug 2025 05:15:27 +0000 Files and hashes: 1: yCFQSaXsETZftnQLghcGdiaArRc.crl (hash: 88YFyZi45yNyj7OxvzFr5btUgdApvPK9epSaSQhIci4=) 2: 264C45FAFA3F11EE8A884F09C4F9AE02.roa (hash: 5Qk7wqUj4bSez6DKvrGbvLq6LTkbYNIBEPZBlcBLEEY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.crl rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:15:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 258 (0x102) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC459, serialNumber=C8215049A5EC11365FB6740B821706762680AD17 Validity Not Before: Aug 23 05:15:27 2025 GMT Not After : Aug 30 05:15:27 2025 GMT Subject: CN=68a94e70-e75e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c1:33:e2:45:e5:e5:f4:80:b8:fe:97:d5:eb: fb:18:52:0b:9a:0b:b9:72:74:64:e6:83:cf:ea:bf: 3d:9e:8c:e6:98:cc:2e:37:2d:1a:92:b6:64:c1:75: d4:23:20:73:9a:9e:16:bd:34:6d:fa:6b:76:7a:22: 10:ee:95:33:6c:f7:d4:e4:79:ba:da:3a:d1:58:f4: 46:78:4e:7c:fd:b9:d2:8a:f7:7a:27:6e:ed:e3:3a: 62:50:07:c8:89:5f:f7:14:3e:cb:f4:b1:d4:e7:e2: 82:b1:51:d8:f6:6d:14:76:6b:14:1f:0f:f4:2f:f5: 54:b1:3f:24:62:48:12:8a:bd:03:87:67:c1:4a:68: 5b:63:55:88:e9:64:2c:32:1e:91:1b:7f:93:98:72: 2a:cb:df:5d:aa:f0:1a:16:26:b3:31:f8:d9:dd:f6: 96:1e:67:46:27:dc:b9:52:1d:ed:44:33:ff:1f:4e: 5a:94:d8:f6:af:da:b7:d8:1a:59:f3:09:dc:f4:af: 0d:51:80:60:19:ab:cd:63:6b:5c:75:05:35:42:53: 00:be:28:f3:e3:cc:0f:6a:c8:ce:a1:8e:01:24:88: 75:92:d1:e8:e7:a5:46:7b:04:ea:23:db:ef:31:31: fe:ed:64:69:de:1f:4f:23:dc:74:1d:2f:c2:a3:48: 5e:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:C7:2E:05:E0:60:79:2D:EF:CB:B7:71:9F:9A:C5:8D:72:16:DB:EB X509v3 Authority Key Identifier: keyid:C8:21:50:49:A5:EC:11:36:5F:B6:74:0B:82:17:06:76:26:80:AD:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:c8:9f:6e:1f:91:2d:e1:a6:74:ef:98:60:a5:48:3d:13:13: 7d:63:5c:ff:34:8b:87:02:d1:48:bf:5e:be:ab:86:b1:e7:1e: e7:b6:98:db:3c:d4:85:5c:9d:19:ef:85:29:43:b0:57:59:0a: 63:12:8f:66:4f:a8:ef:ff:ea:0a:a8:3d:af:b9:6b:67:e1:9f: bb:20:cc:e6:60:54:38:13:9e:35:4c:13:72:30:06:1b:72:f6: 7c:66:77:44:8b:de:82:0a:d6:e3:4f:b1:2f:61:f1:bf:a7:06: bd:7b:24:f7:74:88:d8:7b:1f:0a:30:4b:5d:0e:10:5d:e3:f1: 44:4b:07:46:29:ed:11:64:9f:14:ae:24:c4:87:f1:d4:e2:d3: d2:77:ca:50:8e:14:42:8f:1b:0c:76:6c:c2:b1:77:5f:a5:7f: 0f:d1:49:81:29:09:be:4f:5f:d8:52:04:1a:ed:b1:b3:9e:fc: fd:15:58:e0:31:c6:c7:d7:b9:f9:23:56:16:e2:52:c6:f2:65: cf:e7:ae:4d:e3:17:43:d4:3f:04:8f:13:35:a7:de:5d:04:b6: 60:ec:97:06:2d:98:de:17:2f:de:63:64:c1:8b:d7:b8:4d:78: 9e:5f:df:b3:84:68:5f:bf:9c:76:bd:26:d9:03:f8:9c:44:27: 76:eb:b4:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0NTkxMTAvBgNVBAUTKEM4MjE1MDQ5QTVFQzExMzY1RkI2NzQwQjgyMTcwNjc2 MjY4MEFEMTcwHhcNMjUwODIzMDUxNTI3WhcNMjUwODMwMDUxNTI3WjAYMRYwFAYD VQQDEw02OGE5NGU3MC1lNzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5sEz4kXl5fSAuP6X1ev7GFILmgu5cnRk5oPP6r89nozmmMwuNy0akrZkwXXU IyBzmp4WvTRt+mt2eiIQ7pUzbPfU5Hm62jrRWPRGeE58/bnSivd6J27t4zpiUAfI iV/3FD7L9LHU5+KCsVHY9m0UdmsUHw/0L/VUsT8kYkgSir0Dh2fBSmhbY1WI6WQs Mh6RG3+TmHIqy99dqvAaFiazMfjZ3faWHmdGJ9y5Uh3tRDP/H05alNj2r9q32BpZ 8wnc9K8NUYBgGavNY2tcdQU1QlMAvijz48wPasjOoY4BJIh1ktHo56VGewTqI9vv MTH+7WRp3h9PI9x0HS/Co0heUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFTHLgXg YHkt78u3cZ+axY1yFtvrMB8GA1UdIwQYMBaAFMghUEml7BE2X7Z0C4IXBnYmgK0X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQ1OS9BOTM1MDdCQ0Y2 RDUxMUVFQjg3ODNDMUVDNEY5QUUwMi95Q0ZRU2FYc0VUWmZ0blFMZ2hjR2RpYUFy UmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lDRlFTYVhzRVRaZnRuUUxnaGNHZGlhQXJSYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzQ1OS9BOTM1MDdCQ0Y2RDUxMUVFQjg3ODNDMUVDNEY5QUUwMi95Q0ZRU2FYc0VU WmZ0blFMZ2hjR2RpYUFyUmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFyJ9uH5Et4aZ075hgpUg9ExN9Y1z/NIuHAtFIv16+q4ax5x7ntpjb PNSFXJ0Z74UpQ7BXWQpjEo9mT6jv/+oKqD2vuWtn4Z+7IMzmYFQ4E541TBNyMAYb cvZ8ZndEi96CCtbjT7EvYfG/pwa9eyT3dIjYex8KMEtdDhBd4/FESwdGKe0RZJ8U riTEh/HU4tPSd8pQjhRCjxsMdmzCsXdfpX8P0UmBKQm+T1/YUgQa7bGznvz9FVjg McbH17n5I1YW4lLG8mXP565N4xdD1D8EjxM1p95dBLZg7JcGLZjeFy/eY2TBi9e4 TXieX9+zhGhfv5x2vSbZA/icRCd267SI -----END CERTIFICATE-----Generated at Sat Aug 23 19:32:39 2025 by rpki-client