$ rpki-client -vvf rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft File: YZBA6DW609z1wgE5bYVxmVp6zFA.mft (raw, json) Hash identifier: KqUpF8UscRxQBAlC3AzyewMLJfotpHN7BWJpVspZjc0= Subject key identifier: 5A:D6:74:9E:98:27:F2:38:A9:13:F6:B9:39:F4:9E:68:2A:34:00:E5 Authority key identifier: 61:90:40:E8:35:BA:D3:DC:F5:C2:01:39:6D:85:71:99:5A:7A:CC:50 Certificate issuer: /CN=A91FABEF/serialNumber=619040E835BAD3DCF5C201396D8571995A7ACC50 Certificate serial: 0141 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YZBA6DW609z1wgE5bYVxmVp6zFA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft Manifest number: 013D Signing time: Sun 19 Oct 2025 07:15:04 +0000 Manifest this update: Sun 19 Oct 2025 07:15:04 +0000 Manifest next update: Sun 26 Oct 2025 07:15:04 +0000 Files and hashes: 1: YZBA6DW609z1wgE5bYVxmVp6zFA.crl (hash: /LCDK9Ol2++cuwNI7sn2YVff/FkEmHeQRCjqrtMrxbk=) 2: 8045E9A4CEEC11EEAFFC5E36C4F9AE02.roa (hash: QQ0CP8HHmI7PCShWjhNg26xSyERliRPL6u4e6U+9a/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.crl rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YZBA6DW609z1wgE5bYVxmVp6zFA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 07:15:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 321 (0x141) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FABEF, serialNumber=619040E835BAD3DCF5C201396D8571995A7ACC50 Validity Not Before: Oct 19 07:15:04 2025 GMT Not After : Oct 26 07:15:04 2025 GMT Subject: CN=68f48ff8-1ce8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:99:8f:d4:3a:21:99:3e:7a:63:92:37:66:4c: ba:90:1b:f9:86:ee:f2:97:e0:df:c9:9d:a6:ef:52: a8:d4:3a:4a:2b:f0:1c:20:47:c7:74:99:96:0d:f6: 96:26:c4:6a:fc:33:00:9e:88:e9:5b:92:46:86:c8: 73:5d:47:4f:5e:6f:ea:90:9f:75:04:d6:a3:25:57: d5:ae:63:f9:79:31:14:df:89:6f:89:0d:06:59:ac: 0d:3b:e3:15:33:a2:16:b8:f5:5e:5d:0d:98:e4:96: 13:49:27:1d:5e:ea:0a:b9:ca:67:c0:35:bd:ba:e8: 94:4f:15:ad:b4:b1:bd:b5:11:ab:5d:d4:6a:2a:05: 76:0e:bd:7b:ea:39:94:14:47:5b:bb:f1:9d:5e:74: 39:38:2d:75:be:bf:46:06:b1:0f:09:20:e2:93:fe: aa:50:c8:e7:89:b8:d9:9a:44:a5:54:1c:4f:5d:96: ed:72:47:14:db:ce:39:27:28:1d:72:0e:85:2c:26: 18:4c:b6:94:b0:b6:7c:44:96:5e:2c:82:c7:a7:d5: d5:e9:eb:08:46:99:53:ad:38:d1:31:dd:5f:c4:c5: 0d:89:b7:d2:07:8e:6a:c3:14:bf:3c:56:30:ce:7b: 46:58:ef:3b:d3:57:06:b6:6a:91:b2:65:2e:e5:c9: b8:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:D6:74:9E:98:27:F2:38:A9:13:F6:B9:39:F4:9E:68:2A:34:00:E5 X509v3 Authority Key Identifier: keyid:61:90:40:E8:35:BA:D3:DC:F5:C2:01:39:6D:85:71:99:5A:7A:CC:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YZBA6DW609z1wgE5bYVxmVp6zFA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:38:f4:20:6a:58:33:72:5b:98:b7:25:18:28:e6:4f:e5:bd: 44:cf:59:6a:04:1f:04:3e:bc:75:5d:6c:57:c4:08:06:c5:e3: 3a:49:d1:64:30:75:d6:74:c6:8f:4c:14:56:cd:f9:76:3f:f1: 80:e6:e6:6d:e2:f5:7a:27:22:ac:e2:61:e6:d6:26:1e:a4:c0: ce:07:7d:df:d1:b8:8c:07:d2:9f:63:2d:56:fa:86:1d:8d:04: 00:d9:1d:bf:fb:e7:be:1e:c0:ce:6a:9f:7a:66:ca:64:ef:6a: 1f:b2:2d:9a:c6:65:2a:36:6c:d3:58:d7:ad:94:d7:0f:7d:d0: 03:c1:ac:b6:38:65:d7:25:1c:c0:04:de:a6:c4:e1:b9:69:57: ff:ab:47:9b:3d:9b:3a:b2:b9:55:18:68:32:1b:7c:ee:e4:be: 2c:26:75:ca:56:93:8e:cc:94:21:0b:b8:e3:db:07:97:1d:11: 8b:18:49:2d:43:d4:52:3c:d2:a6:6e:f6:df:99:79:2f:0e:0d: 59:36:73:3f:c7:10:f6:3f:2b:7d:8d:f9:d1:48:34:48:fb:33: 64:1c:8a:09:6b:88:35:8d:19:31:d7:cd:a8:3a:30:cf:78:b0: 1c:52:a0:10:4f:72:ff:54:ed:31:12:c7:54:47:08:ec:c4:35: 51:14:97:2f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFCRUYxMTAvBgNVBAUTKDYxOTA0MEU4MzVCQUQzRENGNUMyMDEzOTZEODU3MTk5 NUE3QUNDNTAwHhcNMjUxMDE5MDcxNTA0WhcNMjUxMDI2MDcxNTA0WjAYMRYwFAYD VQQDEw02OGY0OGZmOC0xY2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA15mP1DohmT56Y5I3Zky6kBv5hu7yl+DfyZ2m71Ko1DpKK/AcIEfHdJmWDfaW JsRq/DMAnojpW5JGhshzXUdPXm/qkJ91BNajJVfVrmP5eTEU34lviQ0GWawNO+MV M6IWuPVeXQ2Y5JYTSScdXuoKucpnwDW9uuiUTxWttLG9tRGrXdRqKgV2Dr176jmU FEdbu/GdXnQ5OC11vr9GBrEPCSDik/6qUMjnibjZmkSlVBxPXZbtckcU2845Jygd cg6FLCYYTLaUsLZ8RJZeLILHp9XV6esIRplTrTjRMd1fxMUNibfSB45qwxS/PFYw zntGWO8701cGtmqRsmUu5cm4hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFrWdJ6Y J/I4qRP2uTn0nmgqNADlMB8GA1UdIwQYMBaAFGGQQOg1utPc9cIBOW2FcZlaesxQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUJFRi9DMDc2NDU3MkNC MTkxMUVFODE1RkFCNjhDNEY5QUUwMi9ZWkJBNkRXNjA5ejF3Z0U1YllWeG1WcDZ6 RkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1laQkE2RFc2MDl6MXdnRTViWVZ4bVZwNnpGQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUJFRi9DMDc2NDU3MkNCMTkxMUVFODE1RkFCNjhDNEY5QUUwMi9ZWkJBNkRXNjA5 ejF3Z0U1YllWeG1WcDZ6RkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzOPQgalgzcluYtyUYKOZP5b1Ez1lqBB8EPrx1XWxXxAgGxeM6SdFk MHXWdMaPTBRWzfl2P/GA5uZt4vV6JyKs4mHm1iYepMDOB33f0biMB9KfYy1W+oYd jQQA2R2/++e+HsDOap96Zspk72ofsi2axmUqNmzTWNetlNcPfdADway2OGXXJRzA BN6mxOG5aVf/q0ebPZs6srlVGGgyG3zu5L4sJnXKVpOOzJQhC7jj2weXHRGLGEkt Q9RSPNKmbvbfmXkvDg1ZNnM/xxD2Pyt9jfnRSDRI+zNkHIoJa4g1jRkx182oOjDP eLAcUqAQT3L/VO0xEsdURwjsxDVRFJcv -----END CERTIFICATE-----Generated at Tue Oct 21 08:07:03 2025 by rpki-client