$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft File: yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft (raw, json) Hash identifier: fDqMqhCXlyCOyfqEVNz64aaahxE00/Qkv+MJjThkYuI= Subject key identifier: 74:64:D3:F8:F6:6A:4B:39:B0:8A:8B:BD:73:03:3C:99:C2:39:58:F9 Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Certificate serial: 05F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft Manifest number: 05D8 Signing time: Fri 22 Aug 2025 23:18:10 +0000 Manifest this update: Fri 22 Aug 2025 23:18:10 +0000 Manifest next update: Fri 29 Aug 2025 23:18:10 +0000 Files and hashes: 1: yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl (hash: SsDSH7TTJ+TDqRWvqiMIwwAu1ILCkSQ7pQIOXZSP5gE=) 2: 5FA1BF8802DD11EE86865A23C4F9AE02.roa (hash: ui8GmB9i/5pnYfd6MeCxTJj3Yjz4hQKs4XNWYMcqflM=) 3: 3003C4BA7C7711EEB9E0BE15C4F9AE02.roa (hash: vtLAm7IVt53zIg8Nc5apkEjvAOJhd3yNQjgM+aQMRxs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:18:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1523 (0x5f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Validity Not Before: Aug 22 23:18:10 2025 GMT Not After : Aug 29 23:18:10 2025 GMT Subject: CN=68a8fab2-7ace Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:22:16:9e:2d:82:50:a7:8e:63:dc:f1:c9:9c: a9:72:2a:aa:67:c8:57:75:9f:5f:6a:e6:28:9c:b2: c2:eb:53:f8:e9:85:62:75:a8:97:fb:4b:87:7e:45: f1:a0:9e:08:22:10:b2:c1:97:ec:7b:f8:89:50:6f: 40:86:72:0c:61:3f:d7:d1:80:9c:9e:97:44:bc:70: 8e:22:51:1b:d4:30:84:8a:7a:a2:19:1d:44:f5:4e: d6:ee:ad:e7:5c:4c:21:e1:84:d1:6f:8b:90:2f:9b: f0:80:79:31:3f:8e:32:18:3c:ef:aa:a5:45:a1:b2: a0:9e:a3:09:70:bd:0f:68:88:89:a3:33:cd:11:68: ad:9c:b8:58:f3:13:6e:c6:e3:89:a8:69:53:ed:5c: eb:f2:58:49:90:7b:89:2c:02:65:96:cd:7f:00:ce: 0d:57:dd:c0:7a:2b:4e:79:f9:8e:64:6d:7b:42:38: 0b:43:b1:a8:f7:4a:a2:a9:a9:c6:74:0a:fa:05:ef: 11:83:98:9d:a5:8b:90:fc:9e:8a:79:e6:cc:c9:90: 84:57:88:a5:6e:57:d3:88:ae:c1:6c:25:1e:f6:60: 04:51:e9:f0:da:b0:ee:0c:cc:8b:60:77:a2:03:88: 1f:9b:0b:a2:ba:4a:9f:2f:dd:7a:6f:46:35:05:f4: f1:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:64:D3:F8:F6:6A:4B:39:B0:8A:8B:BD:73:03:3C:99:C2:39:58:F9 X509v3 Authority Key Identifier: keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:b0:d4:7e:62:6b:e6:29:b6:cf:9d:81:91:2a:72:35:e0:57: 79:49:c3:74:b4:dd:0b:d7:cf:85:76:12:24:bb:2e:ce:3a:f7: 2d:d1:a7:59:e8:ec:98:93:3e:0a:2b:f1:bf:e7:c8:04:17:72: b4:b4:84:3f:2d:c6:19:69:1f:64:ca:59:ec:c0:4e:0e:ad:69: d4:5a:6d:bc:58:83:5d:ab:4a:6f:5e:48:9d:7e:90:29:19:4f: 1a:00:39:76:a4:fd:fa:af:54:33:a7:e7:73:1b:d1:20:37:6c: 85:e3:1d:10:6d:23:e0:49:58:ad:76:3b:e4:a1:35:26:8e:b5: e7:80:7a:0f:91:e0:16:6f:2f:20:d4:03:1c:e6:d9:da:1d:ca: 3f:8a:1a:74:ff:57:81:41:6f:2e:a7:87:f8:5b:ab:de:fe:cb: 0c:6d:c4:4a:2e:e4:72:9b:2e:d6:71:a0:cb:3f:b2:d6:88:00: 9d:33:1a:2e:af:c6:b2:c2:42:c0:43:91:c1:07:ac:ba:0a:89: 3c:57:52:49:fa:2b:43:0e:53:01:e3:c2:12:db:61:bd:9e:ef: 3a:37:47:18:29:25:4a:10:f2:90:dd:66:88:08:d9:14:95:9f: 29:94:2c:1b:86:e8:62:b3:b5:64:65:5a:2d:69:2e:13:56:74: c6:c7:9d:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF Qjk4RkY3MDEwHhcNMjUwODIyMjMxODEwWhcNMjUwODI5MjMxODEwWjAYMRYwFAYD VQQDEw02OGE4ZmFiMi03YWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwCIWni2CUKeOY9zxyZypciqqZ8hXdZ9fauYonLLC61P46YVidaiX+0uHfkXx oJ4IIhCywZfse/iJUG9AhnIMYT/X0YCcnpdEvHCOIlEb1DCEinqiGR1E9U7W7q3n XEwh4YTRb4uQL5vwgHkxP44yGDzvqqVFobKgnqMJcL0PaIiJozPNEWitnLhY8xNu xuOJqGlT7Vzr8lhJkHuJLAJlls1/AM4NV93AeitOefmOZG17QjgLQ7Go90qiqanG dAr6Be8Rg5idpYuQ/J6KeebMyZCEV4ilblfTiK7BbCUe9mAEUenw2rDuDMyLYHei A4gfmwuiukqfL916b0Y1BfTxHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHRk0/j2 aks5sIqLvXMDPJnCOVj5MB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5 d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1Vm LUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCesNR+YmvmKbbPnYGRKnI14Fd5ScN0tN0L18+FdhIkuy7OOvct0adZ 6OyYkz4KK/G/58gEF3K0tIQ/LcYZaR9kylnswE4OrWnUWm28WINdq0pvXkidfpAp GU8aADl2pP36r1Qzp+dzG9EgN2yF4x0QbSPgSVitdjvkoTUmjrXngHoPkeAWby8g 1AMc5tnaHco/ihp0/1eBQW8up4f4W6ve/ssMbcRKLuRymy7WcaDLP7LWiACdMxou r8aywkLAQ5HBB6y6Cok8V1JJ+itDDlMB48IS22G9nu86N0cYKSVKEPKQ3WaICNkU lZ8plCwbhuhis7VkZVotaS4TVnTGx50Q -----END CERTIFICATE-----Generated at Sat Aug 23 23:57:54 2025 by rpki-client