$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft File: YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft (raw, json) Hash identifier: wAO9yfu+NmZ0kNWyRM0hsBOuZYl6dpEnJt0oABmYrFk= Subject key identifier: 49:E4:A3:C0:41:C5:43:FC:B6:9E:50:44:8C:CC:F2:D4:10:48:D0:0F Authority key identifier: 60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 Certificate issuer: /CN=A91E5A08/serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Certificate serial: 01B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft Manifest number: 01B5 Signing time: Sat 23 Aug 2025 03:12:21 +0000 Manifest this update: Sat 23 Aug 2025 03:12:21 +0000 Manifest next update: Sat 30 Aug 2025 03:12:21 +0000 Files and hashes: 1: YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl (hash: oKkIiAs1bEhNljDUObkM5WLrPZ5EJ1hI6wIbsfVJ3+I=) 2: EC9A7C9EE26811EDBB19B85EC4F9AE02.roa (hash: b95mpJ4EM9DYq2FEBTGRF8becbveDJsLEHAflxFwbco=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:12:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 440 (0x1b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5A08, serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Validity Not Before: Aug 23 03:12:21 2025 GMT Not After : Aug 30 03:12:21 2025 GMT Subject: CN=68a93195-79cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:f4:62:9f:f9:70:d5:d2:25:3a:7f:68:75:96: 4d:8c:04:73:44:33:3b:94:18:a6:29:a6:93:5c:17: b6:0f:e4:d9:e4:b0:ba:78:e2:dc:9c:c2:66:5e:91: 8e:81:79:c5:d0:ba:c7:22:b2:9e:c0:af:0f:b8:fa: c9:b7:18:57:09:e7:07:a3:70:3a:7a:6b:53:61:d5: 37:7f:75:3c:9b:7b:6b:f2:a2:28:14:7c:12:52:e8: 0e:66:d0:f1:1f:2f:55:6a:37:12:c4:53:5a:0c:e3: b4:8a:63:92:08:84:6b:5f:f9:25:73:91:da:e5:fb: f3:98:15:c5:b0:aa:b3:e2:ba:72:da:42:c6:38:4f: 44:37:3c:bb:56:7b:50:cf:7a:bb:95:0a:6a:ca:4e: 5f:e0:8e:e2:25:97:46:95:fc:e0:f5:b6:65:00:20: 2c:ca:af:9f:c0:89:ca:fa:9f:ae:37:7b:bf:a0:f1: db:90:ba:e3:e1:59:bc:e3:11:4a:b0:4d:28:51:b3: 78:66:6b:d5:7b:71:96:cd:77:4d:3d:cd:3f:95:3c: f2:33:ce:ea:a6:e3:30:a2:33:ba:b9:46:74:22:86: 1f:ad:ae:ec:e7:e2:a5:76:4b:a9:9f:5e:55:b4:bb: f9:70:91:4c:35:62:65:fc:3c:4c:8f:d7:28:e3:9f: 8c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:E4:A3:C0:41:C5:43:FC:B6:9E:50:44:8C:CC:F2:D4:10:48:D0:0F X509v3 Authority Key Identifier: keyid:60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:49:44:4f:0e:5f:95:a0:37:6e:8a:f5:c4:02:1a:cf:f5:0f: 2a:9c:d3:be:bd:b1:31:10:43:48:3f:ad:f6:96:9b:07:90:85: 28:65:f4:24:04:a2:99:ea:3c:01:b1:2d:98:27:33:92:62:f4: a1:74:8e:cf:f2:f1:b3:e7:fd:f0:1d:67:aa:0c:7a:e6:0e:23: 57:97:80:ef:fb:85:11:0d:17:e2:78:35:cb:0c:a5:bd:1a:42: 96:ba:ce:a6:c7:10:8e:8f:49:f3:c5:0e:67:c9:04:f4:8f:d5: 39:37:9a:51:c4:df:23:7b:70:db:ee:97:87:f1:2b:36:ae:22: 3e:61:fe:a0:90:1d:5b:d2:93:03:06:2a:69:bd:e5:10:df:a8: 00:63:25:c3:33:e2:0e:a4:5d:b7:1c:55:1d:bd:57:63:4b:49: 72:ba:38:93:31:09:d0:18:83:78:3a:92:db:fa:99:75:ab:92: 7b:8f:5f:17:92:f4:30:01:9f:11:b9:2a:3d:27:48:4c:ea:a6: 96:f1:6e:45:5a:e4:01:b2:eb:02:64:06:fa:be:9f:2c:2f:1a: 62:43:ed:71:2b:07:3e:cd:9a:20:ed:44:65:cd:45:d8:f5:d6: a9:a2:3c:83:78:16:72:65:34:23:e2:9b:0a:a3:c7:79:58:3a: 7b:9a:ca:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVBMDgxMTAvBgNVBAUTKDYwMDZCOTY1ODMxM0Q4NjQ5OTE2MTlENjk3OUIwRjdF MDFFNEI2NjgwHhcNMjUwODIzMDMxMjIxWhcNMjUwODMwMDMxMjIxWjAYMRYwFAYD VQQDEw02OGE5MzE5NS03OWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2fRin/lw1dIlOn9odZZNjARzRDM7lBimKaaTXBe2D+TZ5LC6eOLcnMJmXpGO gXnF0LrHIrKewK8PuPrJtxhXCecHo3A6emtTYdU3f3U8m3tr8qIoFHwSUugOZtDx Hy9VajcSxFNaDOO0imOSCIRrX/klc5Ha5fvzmBXFsKqz4rpy2kLGOE9ENzy7VntQ z3q7lQpqyk5f4I7iJZdGlfzg9bZlACAsyq+fwInK+p+uN3u/oPHbkLrj4Vm84xFK sE0oUbN4ZmvVe3GWzXdNPc0/lTzyM87qpuMwojO6uUZ0IoYfra7s5+Kldkupn15V tLv5cJFMNWJl/DxMj9co45+MAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEnko8BB xUP8tp5QRIzM8tQQSNAPMB8GA1UdIwQYMBaAFGAGuWWDE9hkmRYZ1pebD34B5LZo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUEwOC9CMDYwQ0M1NEUy NjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJHU1pGaG5XbDVzUGZnSGt0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lBYTVaWU1UMkdTWkZobldsNXNQZmdIa3RtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUEwOC9CMDYwQ0M1NEUyNjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJH U1pGaG5XbDVzUGZnSGt0bWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqSURPDl+VoDduivXEAhrP9Q8qnNO+vbExEENIP632lpsHkIUoZfQk BKKZ6jwBsS2YJzOSYvShdI7P8vGz5/3wHWeqDHrmDiNXl4Dv+4URDRfieDXLDKW9 GkKWus6mxxCOj0nzxQ5nyQT0j9U5N5pRxN8je3Db7peH8Ss2riI+Yf6gkB1b0pMD BippveUQ36gAYyXDM+IOpF23HFUdvVdjS0lyujiTMQnQGIN4OpLb+pl1q5J7j18X kvQwAZ8RuSo9J0hM6qaW8W5FWuQBsusCZAb6vp8sLxpiQ+1xKwc+zZog7URlzUXY 9dapojyDeBZyZTQj4psKo8d5WDp7mspE -----END CERTIFICATE-----Generated at Sun Aug 24 00:16:32 2025 by rpki-client