$ rpki-client -vvf rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft File: Ys-2EOllD-PIACvGF7cFck0qAt0.mft (raw, json) Hash identifier: hh/efL1oyMrhR6aJU27Sv608o3vLkXNoGgx1VBWdckU= Subject key identifier: A4:16:C9:3F:62:40:6C:13:38:01:C4:06:74:8C:F9:36:64:3C:11:91 Authority key identifier: 62:CF:B6:10:E9:65:0F:E3:C8:00:2B:C6:17:B7:05:72:4D:2A:02:DD Certificate issuer: /CN=A917B1B1/serialNumber=62CFB610E9650FE3C8002BC617B705724D2A02DD Certificate serial: 183E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft Manifest number: 1831 Signing time: Fri 18 Jul 2025 16:38:26 +0000 Manifest this update: Fri 18 Jul 2025 16:38:26 +0000 Manifest next update: Fri 25 Jul 2025 16:38:26 +0000 Files and hashes: 1: Ys-2EOllD-PIACvGF7cFck0qAt0.crl (hash: esGfdjGx/A1GuifvwQHNCPQk8i9qQY/zes5UhM6ynWo=) 2: C1C12662CFC811EB9A5C5879C4F9AE02.roa (hash: YxR/IEAXYjhKk4qyNbFNVRXx2+Bty0U++VTURHi/7GY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.crl rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 16:38:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6206 (0x183e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B1B1, serialNumber=62CFB610E9650FE3C8002BC617B705724D2A02DD Validity Not Before: Jul 18 16:38:26 2025 GMT Not After : Jul 25 16:38:26 2025 GMT Subject: CN=687a7882-92ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:dc:9c:b1:d5:15:06:1f:a1:95:de:a2:e4:6d: 11:e2:cf:f7:9d:c7:16:e2:55:f4:99:a5:41:a0:ef: cc:e5:de:6f:98:95:0f:24:37:b9:6b:8e:6d:53:88: b2:97:16:68:21:4c:63:af:96:06:f4:b8:dd:87:61: 39:6b:b8:b8:62:31:d2:fd:2f:ad:10:1d:1f:72:62: 99:c8:ca:57:d6:4c:41:f6:06:f0:cd:fa:8c:85:d0: 9e:75:b3:96:95:ab:d8:8a:1b:ad:63:c1:dd:6c:de: cf:9d:2d:ee:67:1e:46:f2:4a:9e:09:35:f7:90:38: 21:e3:f3:ee:9b:e4:52:f8:31:b8:0d:96:02:00:06: f0:93:69:07:60:7b:df:c0:19:27:5f:d7:d1:54:d6: f5:a4:44:b7:8d:64:73:31:71:58:19:43:b1:a2:6b: 9b:17:8f:88:9b:2c:8d:4f:4a:d0:08:d6:96:61:ec: 9e:e4:5a:5e:24:4b:3d:d5:e3:65:da:33:89:d5:3a: 34:1d:5c:ab:94:c2:b8:1e:67:89:f2:b1:af:59:7f: 79:e6:e5:98:e1:68:3e:01:3f:c4:c9:05:8a:ae:29: cd:50:39:bd:af:8e:62:09:7d:e8:c2:b7:40:51:e2: 8f:aa:cf:91:37:bb:80:9e:3c:c0:ff:a4:4e:a8:9f: 6b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:16:C9:3F:62:40:6C:13:38:01:C4:06:74:8C:F9:36:64:3C:11:91 X509v3 Authority Key Identifier: keyid:62:CF:B6:10:E9:65:0F:E3:C8:00:2B:C6:17:B7:05:72:4D:2A:02:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:45:3f:23:c8:89:5d:32:b8:e5:29:59:39:a5:b7:88:59:b0: e6:63:be:f3:28:33:a8:74:72:56:8a:3c:f5:0e:9c:5d:4e:d0: 36:fb:8c:8d:c7:66:df:89:6c:ae:f6:59:cb:d4:97:57:79:d2: fd:2f:6a:8d:09:3b:87:5a:0b:6b:71:c8:41:27:ec:07:16:83: b4:2b:23:93:d7:40:b7:3b:47:3e:b4:21:f2:e6:d5:85:20:42: 3f:e3:18:84:2c:9c:7f:ae:43:50:11:5c:72:94:25:34:6b:7b: 93:16:e0:14:b1:89:8a:65:b9:97:70:9a:4f:93:61:4d:7d:13: b6:bf:b4:3f:05:33:20:c9:42:40:9a:10:01:09:84:3c:82:c6: 8c:ba:ef:27:d2:71:71:c8:f2:1d:76:30:03:f3:f0:58:75:c2: 52:ce:23:67:5a:e3:02:8c:e6:81:ff:a2:43:6d:69:bc:f0:a3: e7:cf:94:bd:3e:52:f6:df:1a:21:e3:bd:24:78:5a:71:a3:1c: 53:00:42:7a:18:66:18:a7:56:26:a7:67:63:ff:26:28:fe:35: 27:66:ab:56:c9:3b:56:ab:f4:53:06:9c:bd:90:7c:77:7f:ed: 3e:73:9f:21:ee:a2:7e:99:6f:2f:73:d3:b3:60:16:a7:49:d2: 97:e2:b3:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGD4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0IxQjExMTAvBgNVBAUTKDYyQ0ZCNjEwRTk2NTBGRTNDODAwMkJDNjE3QjcwNTcy NEQyQTAyREQwHhcNMjUwNzE4MTYzODI2WhcNMjUwNzI1MTYzODI2WjAYMRYwFAYD VQQDEw02ODdhNzg4Mi05MmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvNycsdUVBh+hld6i5G0R4s/3nccW4lX0maVBoO/M5d5vmJUPJDe5a45tU4iy lxZoIUxjr5YG9Ljdh2E5a7i4YjHS/S+tEB0fcmKZyMpX1kxB9gbwzfqMhdCedbOW lavYihutY8HdbN7PnS3uZx5G8kqeCTX3kDgh4/Pum+RS+DG4DZYCAAbwk2kHYHvf wBknX9fRVNb1pES3jWRzMXFYGUOxomubF4+ImyyNT0rQCNaWYeye5FpeJEs91eNl 2jOJ1To0HVyrlMK4HmeJ8rGvWX955uWY4Wg+AT/EyQWKrinNUDm9r45iCX3owrdA UeKPqs+RN7uAnjzA/6ROqJ9ryQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKQWyT9i QGwTOAHEBnSM+TZkPBGRMB8GA1UdIwQYMBaAFGLPthDpZQ/jyAArxhe3BXJNKgLd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjFCMS9BMEYwQURGMEIy NTIxMUU3OEI1MEZGNjBDNEY5QUUwMi9Zcy0yRU9sbEQtUElBQ3ZHRjdjRmNrMHFB dDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lzLTJFT2xsRC1QSUFDdkdGN2NGY2swcUF0MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjFCMS9BMEYwQURGMEIyNTIxMUU3OEI1MEZGNjBDNEY5QUUwMi9Zcy0yRU9sbEQt UElBQ3ZHRjdjRmNrMHFBdDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtRT8jyIldMrjlKVk5pbeIWbDmY77zKDOodHJWijz1DpxdTtA2+4yN x2bfiWyu9lnL1JdXedL9L2qNCTuHWgtrcchBJ+wHFoO0KyOT10C3O0c+tCHy5tWF IEI/4xiELJx/rkNQEVxylCU0a3uTFuAUsYmKZbmXcJpPk2FNfRO2v7Q/BTMgyUJA mhABCYQ8gsaMuu8n0nFxyPIddjAD8/BYdcJSziNnWuMCjOaB/6JDbWm88KPnz5S9 PlL23xoh470keFpxoxxTAEJ6GGYYp1Ymp2dj/yYo/jUnZqtWyTtWq/RTBpy9kHx3 f+0+c58h7qJ+mW8vc9OzYBanSdKX4rPs -----END CERTIFICATE-----Generated at Sun Jul 20 07:33:20 2025 by rpki-client