$ rpki-client -vvf rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft File: YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft (raw, json) Hash identifier: xbtVOepPA7B+pg0LMAPL4gecpwaO+S2CuIXEQvGznb0= Subject key identifier: 9D:D5:AA:9F:7C:DC:B2:D3:E0:9B:04:E8:E4:D4:EC:F6:26:FC:CD:F0 Authority key identifier: 63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 Certificate issuer: /CN=A91F428C/serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Certificate serial: 349C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft Manifest number: 3498 Signing time: Wed 02 Jul 2025 15:08:22 +0000 Manifest this update: Wed 02 Jul 2025 15:08:22 +0000 Manifest next update: Wed 09 Jul 2025 15:08:22 +0000 Files and hashes: 1: YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl (hash: RXtquHGrjCvOPB7OrsSgXmeWEQIkIt9KaIhenE0O/bo=) 2: 8852DDDEBED411ECBA66025BC4F9AE02.roa (hash: lc/qlMf4LlkPKULr4QDdOr7yT3mSRd2CWo/AG45TiUY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:08:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13468 (0x349c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F428C, serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Validity Not Before: Jul 2 15:08:22 2025 GMT Not After : Jul 9 15:08:22 2025 GMT Subject: CN=68654b66-5ad5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:3d:b1:d3:72:30:49:2e:bc:18:5b:d3:8b:a0: 81:60:88:31:16:95:06:8a:49:8e:b0:6a:f8:bf:33: 43:48:dc:1f:e3:1f:88:95:c7:31:c5:53:a0:2f:35: 28:da:31:a6:8d:30:6a:57:87:71:ab:98:fb:3d:ec: 77:c4:17:89:1f:51:8b:c4:15:d6:64:ed:c0:0e:6a: 0f:45:c7:6f:7e:a8:57:f9:5d:63:53:e6:bd:d4:c0: b3:6d:c0:d3:f9:04:f9:9d:03:06:e4:f0:dc:f7:02: d6:17:8d:75:c9:94:52:5c:df:b9:13:09:fc:f0:37: 4b:77:5d:b2:db:33:f4:42:ac:45:07:7d:8b:d4:ae: 39:56:17:0f:e1:9e:fc:d2:c3:10:51:c5:ac:37:27: c8:ee:ae:cc:7c:89:47:42:be:74:cd:51:72:a0:3a: 85:27:4e:93:a2:70:bb:29:1b:bc:12:6c:e3:ff:1a: 26:8c:08:59:d3:64:29:cd:05:bc:35:4f:45:56:ac: f7:c5:a7:89:ff:5c:68:ad:ea:2d:89:a7:a0:58:c8: 55:b7:6f:4d:cb:ef:45:fc:89:bf:56:5c:ca:d6:0f: b6:f3:ef:e6:18:61:a8:34:8b:e9:1f:7e:9c:6a:46: 60:68:f1:17:bd:fc:63:8c:04:65:43:58:2c:5a:01: ad:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D5:AA:9F:7C:DC:B2:D3:E0:9B:04:E8:E4:D4:EC:F6:26:FC:CD:F0 X509v3 Authority Key Identifier: keyid:63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:fb:65:b1:fe:2b:9e:24:ec:2c:18:be:20:82:96:56:c7:58: 8b:d7:83:32:a0:1c:93:d5:6b:b2:9c:cb:17:1a:c7:e5:f7:95: 23:12:2e:0c:4a:0b:31:be:e2:cb:bd:29:d7:0e:ab:ed:c0:9c: 51:85:dd:02:2f:68:0e:3a:f2:28:7f:f3:df:34:98:b5:aa:3f: 24:aa:c3:b8:f1:e4:2c:7e:4d:99:21:01:58:e0:93:91:ca:be: 4c:3e:55:77:81:61:37:c9:f4:a9:79:b8:51:d6:7a:09:6d:c7: 84:ab:94:72:d6:ac:b6:0c:cf:7d:a0:22:52:e8:fb:dc:72:0f: 5e:c6:81:f6:35:1d:7a:a3:9b:71:8b:f4:7d:bb:b0:f3:e8:ef: 88:d7:a7:5b:1a:b7:3d:52:88:a2:dd:d9:7e:76:2d:7a:cc:12: 50:41:da:c3:7e:07:02:7d:4e:be:79:c3:63:54:da:76:85:61: f1:40:0b:db:d3:40:11:cb:46:56:d6:b2:02:86:06:a9:11:66: 2e:02:e0:bd:12:26:30:8a:69:c5:3c:d1:b5:36:e8:9c:3d:d2: e5:7c:f8:dd:83:c8:37:7f:ae:4c:46:be:f2:48:34:63:99:e6: 82:75:cd:49:4f:ce:44:51:a9:18:f5:11:ba:9a:b6:73:fc:83: f0:5b:ee:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyOEMxMTAvBgNVBAUTKDYzMkM4REUwMjIwQjhDMTBCNDFGRjQ5QkZGOEI0MzJD RjhGRkQyNTQwHhcNMjUwNzAyMTUwODIyWhcNMjUwNzA5MTUwODIyWjAYMRYwFAYD VQQDEw02ODY1NGI2Ni01YWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqj2x03IwSS68GFvTi6CBYIgxFpUGikmOsGr4vzNDSNwf4x+IlccxxVOgLzUo 2jGmjTBqV4dxq5j7Pex3xBeJH1GLxBXWZO3ADmoPRcdvfqhX+V1jU+a91MCzbcDT +QT5nQMG5PDc9wLWF411yZRSXN+5Ewn88DdLd12y2zP0QqxFB32L1K45VhcP4Z78 0sMQUcWsNyfI7q7MfIlHQr50zVFyoDqFJ06TonC7KRu8Emzj/xomjAhZ02QpzQW8 NU9FVqz3xaeJ/1xoreotiaegWMhVt29Ny+9F/Im/VlzK1g+28+/mGGGoNIvpH36c akZgaPEXvfxjjARlQ1gsWgGtGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ3Vqp98 3LLT4JsE6OTU7PYm/M3wMB8GA1UdIwQYMBaAFGMsjeAiC4wQtB/0m/+LQyz4/9JU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4Qy80NDlCQTUwNjFE QTAxMUUyQjZEODcwOTEwOEIwMkNEMi9ZeXlONENJTGpCQzBIX1NiXzR0RExQal8w bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1l5eU40Q0lMakJDMEhfU2JfNHRETFBqXzBsUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDI4Qy80NDlCQTUwNjFEQTAxMUUyQjZEODcwOTEwOEIwMkNEMi9ZeXlONENJTGpC QzBIX1NiXzR0RExQal8wbFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCX+2Wx/iueJOwsGL4ggpZWx1iL14MyoByT1WuynMsXGsfl95UjEi4M SgsxvuLLvSnXDqvtwJxRhd0CL2gOOvIof/PfNJi1qj8kqsO48eQsfk2ZIQFY4JOR yr5MPlV3gWE3yfSpebhR1noJbceEq5Ry1qy2DM99oCJS6Pvccg9exoH2NR16o5tx i/R9u7Dz6O+I16dbGrc9Uoii3dl+di16zBJQQdrDfgcCfU6+ecNjVNp2hWHxQAvb 00ARy0ZW1rIChgapEWYuAuC9EiYwimnFPNG1NuicPdLlfPjdg8g3f65MRr7ySDRj meaCdc1JT85EUakY9RG6mrZz/IPwW+5K -----END CERTIFICATE-----Generated at Thu Jul 3 23:04:33 2025 by rpki-client