$ rpki-client -vvf rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft File: YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft (raw, json) Hash identifier: gPwD8PiOMmiPLoRUGqc3ReKm3VHPFmbtR/CT4gY+p88= Subject key identifier: F2:D2:43:5D:0D:C7:48:C9:2A:C1:2A:D0:8D:55:02:B5:FE:8E:8F:F0 Authority key identifier: 63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 Certificate issuer: /CN=A91F428C/serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Certificate serial: 34D7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft Manifest number: 34D2 Signing time: Mon 20 Oct 2025 15:10:01 +0000 Manifest this update: Mon 20 Oct 2025 15:10:00 +0000 Manifest next update: Mon 27 Oct 2025 15:10:00 +0000 Files and hashes: 1: YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl (hash: 09g1CZB7rbU3SqZTbjyLlhHjosdkSp25V884l0wAE4o=) 2: 8852DDDEBED411ECBA66025BC4F9AE02.roa (hash: 3hsbI0PrBL5LI5VaCiCNQ0sMN2EIkZA6LenSvD9t9yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 15:09:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13527 (0x34d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F428C, serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Validity Not Before: Oct 20 15:10:00 2025 GMT Not After : Oct 27 15:10:00 2025 GMT Subject: CN=68f650c8-0949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a9:70:1a:95:ff:34:f3:6a:47:0c:51:da:53: 4c:c0:c4:99:8c:0f:cb:6c:96:4a:83:78:cf:61:c5: e6:ac:c3:1b:93:29:81:5a:62:c2:c4:cf:3e:48:3a: ba:7b:24:f3:5d:8e:fb:8d:13:62:8f:9a:61:62:c7: ff:84:16:da:7b:5e:dd:68:eb:44:93:9e:00:b7:db: e5:0b:e7:28:83:ff:85:69:1a:01:6b:83:5f:18:a0: e5:a9:56:27:ab:9f:80:65:70:9a:81:13:9c:d2:41: 35:0b:34:2d:ec:70:10:9b:c1:26:b8:17:fa:4f:b2: e4:30:b7:59:50:5f:bc:47:bb:79:10:8a:04:a4:dc: e8:bb:77:fe:67:66:95:68:86:31:0c:f1:46:ce:1c: 8b:a1:3d:46:a0:fb:ca:01:b4:ae:4a:20:94:22:ef: c8:ee:97:da:e1:5a:2a:0f:8a:e6:f3:d9:3c:bc:c0: ee:49:a2:29:f3:ac:bf:db:b8:91:33:01:a7:7d:30: fb:c1:17:b2:73:02:a6:c8:d9:a1:4e:64:05:75:b5: 6f:7a:9f:e6:fb:67:91:89:44:b8:26:0f:48:27:b5: 30:70:8d:6d:82:ad:a7:0a:2c:a6:cc:ea:90:13:bd: 67:10:70:0c:81:af:da:7d:ee:bc:09:7e:2a:ff:09: 2b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:D2:43:5D:0D:C7:48:C9:2A:C1:2A:D0:8D:55:02:B5:FE:8E:8F:F0 X509v3 Authority Key Identifier: keyid:63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:f6:3d:0c:f7:c0:a2:8f:68:68:60:e0:71:35:19:d6:60:d5: 27:13:d4:6e:d2:58:2a:5e:8f:a1:c9:c8:df:1f:23:dc:97:a5: b8:e1:ea:cb:1a:4e:43:52:2f:5c:83:be:6e:f6:1d:db:ce:b0: 4e:71:1b:fc:6f:3b:42:21:6c:1b:06:79:2f:7a:f0:6a:a8:c5: a6:0d:3e:3c:29:74:89:87:de:77:e7:0e:ea:89:5a:2b:44:8a: e9:eb:e7:de:3c:0a:e2:66:b3:bc:f2:63:9c:e8:c7:d5:7b:21: 0e:64:df:18:71:33:b3:a6:55:8a:d1:67:2b:c7:44:bf:7d:96: a9:68:3c:1b:09:d3:6e:30:83:a7:e8:44:56:d4:b2:51:6a:4b: 9c:b2:4e:c6:a5:9f:63:77:48:1b:6d:23:b4:1e:1a:15:bd:cc: 38:aa:36:b0:8d:01:32:63:6b:b0:22:6a:cc:1b:a6:c7:f5:a8: c3:29:5d:a8:72:13:da:85:1d:81:d3:69:80:a1:cf:93:e6:cb: 5f:06:09:d5:53:89:28:12:8b:a5:0f:9b:ee:23:a5:84:3d:06: f2:14:5a:fd:c7:6e:01:78:ac:4c:4d:46:28:05:10:c8:67:ea: 30:bd:0e:9b:04:ac:86:e8:fe:bc:26:01:c4:43:b9:ce:00:5f: 35:05:8a:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyOEMxMTAvBgNVBAUTKDYzMkM4REUwMjIwQjhDMTBCNDFGRjQ5QkZGOEI0MzJD RjhGRkQyNTQwHhcNMjUxMDIwMTUxMDAwWhcNMjUxMDI3MTUxMDAwWjAYMRYwFAYD VQQDEw02OGY2NTBjOC0wOTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp6lwGpX/NPNqRwxR2lNMwMSZjA/LbJZKg3jPYcXmrMMbkymBWmLCxM8+SDq6 eyTzXY77jRNij5phYsf/hBbae17daOtEk54At9vlC+cog/+FaRoBa4NfGKDlqVYn q5+AZXCagROc0kE1CzQt7HAQm8EmuBf6T7LkMLdZUF+8R7t5EIoEpNzou3f+Z2aV aIYxDPFGzhyLoT1GoPvKAbSuSiCUIu/I7pfa4VoqD4rm89k8vMDuSaIp86y/27iR MwGnfTD7wReycwKmyNmhTmQFdbVvep/m+2eRiUS4Jg9IJ7UwcI1tgq2nCiymzOqQ E71nEHAMga/afe68CX4q/wkrIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPLSQ10N x0jJKsEq0I1VArX+jo/wMB8GA1UdIwQYMBaAFGMsjeAiC4wQtB/0m/+LQyz4/9JU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4Qy80NDlCQTUwNjFE QTAxMUUyQjZEODcwOTEwOEIwMkNEMi9ZeXlONENJTGpCQzBIX1NiXzR0RExQal8w bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1l5eU40Q0lMakJDMEhfU2JfNHRETFBqXzBsUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDI4Qy80NDlCQTUwNjFEQTAxMUUyQjZEODcwOTEwOEIwMkNEMi9ZeXlONENJTGpC QzBIX1NiXzR0RExQal8wbFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBM9j0M98Cij2hoYOBxNRnWYNUnE9Ru0lgqXo+hycjfHyPcl6W44erL Gk5DUi9cg75u9h3bzrBOcRv8bztCIWwbBnkvevBqqMWmDT48KXSJh9535w7qiVor RIrp6+fePAriZrO88mOc6MfVeyEOZN8YcTOzplWK0Wcrx0S/fZapaDwbCdNuMIOn 6ERW1LJRakucsk7GpZ9jd0gbbSO0HhoVvcw4qjawjQEyY2uwImrMG6bH9ajDKV2o chPahR2B02mAoc+T5stfBgnVU4koEoulD5vuI6WEPQbyFFr9x24BeKxMTUYoBRDI Z+owvQ6bBKyG6P68JgHEQ7nOAF81BYor -----END CERTIFICATE-----Generated at Mon Oct 20 18:39:28 2025 by rpki-client