$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft File: 0ypa3AVCwugXwgK-a3KB6GnReJc.mft (raw, json) Hash identifier: GMwpMxt8X5v5NVK33dcaMIEKObT5KSZYrVLSQLSgdZE= Subject key identifier: 0A:40:D3:72:75:46:0D:10:B3:BB:66:9F:E4:AD:B0:18:6D:95:C1:1B Authority key identifier: D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97 Certificate issuer: /CN=A91E0855/serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897 Certificate serial: D7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft Manifest number: D3 Signing time: Sat 23 Aug 2025 05:49:17 +0000 Manifest this update: Sat 23 Aug 2025 05:49:17 +0000 Manifest next update: Sat 30 Aug 2025 05:49:17 +0000 Files and hashes: 1: 0ypa3AVCwugXwgK-a3KB6GnReJc.crl (hash: MCcXNS+V9mNtk5bSWXnW8JnJ76IYE1HYW4AbXSpVqIM=) 2: 01D0FEFA79EB11F0B5CB2A62C4F9AE02.roa (hash: Fxcp82mxa1VxCmwlewXIUBftqvLZyxmZKvRkMB0Yh98=) 3: A717F73658B911F085B39880C4F9AE02.roa (hash: GRaZt0pedz3CCCklqX2hkq6cs1hiTnf3botIHYa4ZiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.crl rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:49:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0855, serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897 Validity Not Before: Aug 23 05:49:17 2025 GMT Not After : Aug 30 05:49:17 2025 GMT Subject: CN=68a9565d-7d18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:4d:f4:73:eb:15:e8:0f:25:f9:98:e5:61:5d: 63:22:05:90:02:5d:a2:ec:85:16:26:49:2f:d5:80: 25:cc:b2:9a:21:67:df:c7:fa:af:4a:6a:ac:ab:a7: ce:f6:03:25:d9:32:c6:60:f1:d4:bd:81:d8:87:7a: 30:87:86:85:8e:6d:6a:d8:92:6a:25:34:52:bd:09: 79:7c:07:12:61:5d:05:0e:16:67:8c:28:b6:7e:62: c3:4f:ec:16:f7:3e:5b:55:a5:8c:77:6d:57:02:ac: e4:a3:4e:51:d5:15:4f:3f:55:06:1b:4a:f2:f1:33: 14:f5:eb:b4:3a:5e:58:48:22:7c:0b:a8:26:d4:73: d7:57:6f:c5:c5:4f:b8:5f:81:30:50:59:47:84:f8: 5b:4a:73:1b:d7:a7:da:d4:52:61:73:3a:18:b8:18: d7:37:fe:5f:59:2d:25:dd:d5:7d:79:6e:c6:60:2c: 32:4e:3b:3b:4f:48:26:42:97:e8:53:9a:67:97:7a: 6f:01:c4:c0:8d:eb:a7:45:72:ea:ce:91:7c:ff:ce: 4c:06:c3:e0:56:f7:47:ee:ca:61:41:f3:41:68:67: 22:b0:95:7b:3b:94:3c:f0:2d:8a:1e:f5:f6:52:f4: b4:31:0a:0b:f1:dd:98:a7:9a:7d:b3:f1:29:a2:7f: 8d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:40:D3:72:75:46:0D:10:B3:BB:66:9F:E4:AD:B0:18:6D:95:C1:1B X509v3 Authority Key Identifier: keyid:D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:d7:0e:57:82:1f:c3:57:c5:03:26:ea:35:c5:83:07:63:72: f0:01:12:53:31:71:f5:52:c4:42:18:df:dd:1b:6a:cb:e5:fa: 80:fc:40:bb:f5:1d:c8:86:0e:4e:7e:cb:0b:01:92:c1:ee:6e: 24:97:35:e5:59:5f:aa:4b:ed:f7:78:0c:45:e4:0e:e7:b4:b4: dc:02:d7:f6:38:67:a0:fa:5f:4c:93:8f:07:11:82:eb:14:9d: 1d:85:dc:a4:ba:a8:01:67:d9:17:0e:c1:69:28:4c:34:cb:2d: b0:9e:5d:1c:08:b6:a5:90:af:db:6f:cd:e6:51:4d:b4:bb:37: cf:a7:ce:d4:37:3d:67:e8:42:3b:3a:39:1b:f0:ca:f3:b8:b2: 7a:02:88:e7:84:d9:ca:04:11:ea:8b:09:b6:20:3f:63:25:56: c1:31:52:2a:27:41:b0:d1:55:80:9e:8d:10:46:72:ab:43:c8: 7e:11:45:2d:d8:5e:54:74:de:1a:d7:f3:1f:90:5c:ab:ae:f5: ac:a2:04:65:4a:b5:27:4d:cc:d1:b5:a9:35:ca:f3:86:7f:f7: 38:de:a8:83:fb:da:f0:c1:e4:28:92:f6:ad:0c:61:21:36:cc: 77:9c:bd:fb:91:0e:1b:8b:dd:b3:a7:2f:6d:96:b6:86:e4:9c: 16:31:d7:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTA4NTUxMTAvBgNVBAUTKEQzMkE1QURDMDU0MkMyRTgxN0MyMDJCRTZCNzI4MUU4 NjlEMTc4OTcwHhcNMjUwODIzMDU0OTE3WhcNMjUwODMwMDU0OTE3WjAYMRYwFAYD VQQDEw02OGE5NTY1ZC03ZDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqE30c+sV6A8l+ZjlYV1jIgWQAl2i7IUWJkkv1YAlzLKaIWffx/qvSmqsq6fO 9gMl2TLGYPHUvYHYh3owh4aFjm1q2JJqJTRSvQl5fAcSYV0FDhZnjCi2fmLDT+wW 9z5bVaWMd21XAqzko05R1RVPP1UGG0ry8TMU9eu0Ol5YSCJ8C6gm1HPXV2/FxU+4 X4EwUFlHhPhbSnMb16fa1FJhczoYuBjXN/5fWS0l3dV9eW7GYCwyTjs7T0gmQpfo U5pnl3pvAcTAjeunRXLqzpF8/85MBsPgVvdH7sphQfNBaGcisJV7O5Q88C2KHvX2 UvS0MQoL8d2Yp5p9s/Epon+NPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFApA03J1 Rg0Qs7tmn+StsBhtlcEbMB8GA1UdIwQYMBaAFNMqWtwFQsLoF8ICvmtygehp0XiX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDg1NS81MDRDRkZFMjQ0 OTYxMUVGOEU4NEU2M0RDNEY5QUUwMi8weXBhM0FWQ3d1Z1h3Z0stYTNLQjZHblJl SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzB5cGEzQVZDd3VnWHdnSy1hM0tCNkduUmVKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MDg1NS81MDRDRkZFMjQ0OTYxMUVGOEU4NEU2M0RDNEY5QUUwMi8weXBhM0FWQ3d1 Z1h3Z0stYTNLQjZHblJlSmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBy1w5Xgh/DV8UDJuo1xYMHY3LwARJTMXH1UsRCGN/dG2rL5fqA/EC7 9R3Ihg5OfssLAZLB7m4klzXlWV+qS+33eAxF5A7ntLTcAtf2OGeg+l9Mk48HEYLr FJ0dhdykuqgBZ9kXDsFpKEw0yy2wnl0cCLalkK/bb83mUU20uzfPp87UNz1n6EI7 Ojkb8MrzuLJ6AojnhNnKBBHqiwm2ID9jJVbBMVIqJ0Gw0VWAno0QRnKrQ8h+EUUt 2F5UdN4a1/MfkFyrrvWsogRlSrUnTczRtak1yvOGf/c43qiD+9rwweQokvatDGEh Nsx3nL37kQ4bi92zpy9tlraG5JwWMddh -----END CERTIFICATE-----Generated at Sun Aug 24 00:15:10 2025 by rpki-client