$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft File: Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft (raw, json) Hash identifier: CkDlCHFvweJ/z88oy9r/bYgyGaam/gvx3WA+klcx5y4= Subject key identifier: 8D:7E:63:25:CF:DA:F5:D9:16:03:74:E7:03:AD:B4:A5:51:23:C9:F5 Authority key identifier: 63:49:73:59:04:E1:BC:0D:65:BD:59:4A:07:76:2B:B5:29:9C:03:8A Certificate issuer: /CN=A91AFB4C/serialNumber=6349735904E1BC0D65BD594A07762BB5299C038A Certificate serial: 01CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft Manifest number: 01C8 Signing time: Sat 19 Jul 2025 03:09:13 +0000 Manifest this update: Sat 19 Jul 2025 03:09:12 +0000 Manifest next update: Sat 26 Jul 2025 03:09:12 +0000 Files and hashes: 1: Y0lzWQThvA1lvVlKB3YrtSmcA4o.crl (hash: OJStYQurMoSGyjqT0N/LnNTE0BJz6H512J82k3CmbrI=) 2: AD286018B29C11EDB216812EC4F9AE02.roa (hash: ck7frHwbdvA8vLLhGdgsJbIt8cpEwUyRbFKBDEFTB8E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.crl rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 03:09:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AFB4C, serialNumber=6349735904E1BC0D65BD594A07762BB5299C038A Validity Not Before: Jul 19 03:09:12 2025 GMT Not After : Jul 26 03:09:12 2025 GMT Subject: CN=687b0c58-694a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bd:17:0b:c2:45:e4:1b:b4:0b:9a:85:86:86: 4e:67:a3:71:08:15:c5:c0:7a:b6:b7:97:66:cd:49: 14:73:08:44:b1:23:63:b1:c9:43:3e:6e:8a:cb:c2: ce:bb:79:ff:04:d4:53:47:47:1d:ac:4c:6a:af:d3: dc:d1:25:d1:7c:39:3a:f4:23:20:a5:8a:63:da:07: fd:96:bd:dd:f3:a8:bc:c9:83:8d:1f:ec:10:5e:11: 1d:12:e9:21:5c:68:cb:b9:c1:c0:8f:63:3d:c1:09: ad:d3:c7:82:bc:45:3a:fd:6a:c9:94:18:ab:19:7a: f1:bf:be:8e:f9:74:51:97:c2:91:bd:a9:c6:c4:76: 08:ca:3c:85:ca:0d:bb:2f:e7:a6:42:f4:7f:36:08: 58:2f:2b:69:32:23:30:90:2a:0d:37:10:5a:43:fb: 9d:e9:61:e2:b7:37:21:fa:e2:7b:83:f6:c5:75:0e: 2d:d7:16:9c:4c:4b:cd:8f:06:1f:5b:ea:31:9c:5b: 09:c6:55:a3:11:fa:0b:61:3a:cf:94:15:8b:5f:4c: 61:bf:d2:83:bd:8d:1a:1e:e1:68:3a:07:15:37:62: b5:ff:f9:24:3b:e0:69:b9:a6:ec:bc:76:60:c7:03: 1b:5a:78:cc:b3:33:61:9e:07:1a:4d:0c:38:c9:c8: 17:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:7E:63:25:CF:DA:F5:D9:16:03:74:E7:03:AD:B4:A5:51:23:C9:F5 X509v3 Authority Key Identifier: keyid:63:49:73:59:04:E1:BC:0D:65:BD:59:4A:07:76:2B:B5:29:9C:03:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption db:37:88:dd:0b:5f:21:40:03:f8:b8:7d:da:21:dd:92:62:e8: c9:78:d6:a0:40:49:67:e9:ad:34:52:e5:b9:8b:a8:bd:ad:12: 2a:a3:f9:81:c5:47:08:20:d7:99:23:62:0d:9a:9e:63:ef:31: 0e:7b:cf:f9:84:21:8a:8e:12:25:d8:8a:ce:c6:35:00:40:59: d3:d3:51:42:17:de:be:48:a5:ab:f5:58:c9:02:1c:e6:4c:62: ac:92:09:4e:46:22:c7:f2:c4:aa:3b:ef:a5:c9:19:9a:d0:b9: ab:5c:f5:f1:22:60:0b:c4:d6:ff:d8:60:3d:2a:06:24:a9:fa: 81:d0:06:c0:f7:f2:49:75:9e:ae:be:09:a5:6b:ef:7f:94:fa: 77:f2:76:b3:d5:4f:e7:a7:91:92:3f:a5:21:64:06:7b:5b:99: 56:34:3f:c5:94:e2:b0:78:70:3f:ce:fc:c1:d4:f4:6d:1d:56: 17:51:35:73:02:be:50:f4:b6:a6:8f:78:f1:42:b0:a3:a5:94: 75:2c:6a:6a:12:c3:97:44:32:65:a2:a3:2a:fb:5d:ad:51:dd: 20:da:f2:b1:95:44:b7:d4:4f:67:24:b4:27:55:eb:54:0e:ee: 89:f8:85:9e:01:51:28:53:b3:15:47:9c:da:46:21:b8:07:4f: c0:98:e1:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUZCNEMxMTAvBgNVBAUTKDYzNDk3MzU5MDRFMUJDMEQ2NUJENTk0QTA3NzYyQkI1 Mjk5QzAzOEEwHhcNMjUwNzE5MDMwOTEyWhcNMjUwNzI2MDMwOTEyWjAYMRYwFAYD VQQDEw02ODdiMGM1OC02OTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvb0XC8JF5Bu0C5qFhoZOZ6NxCBXFwHq2t5dmzUkUcwhEsSNjsclDPm6Ky8LO u3n/BNRTR0cdrExqr9Pc0SXRfDk69CMgpYpj2gf9lr3d86i8yYONH+wQXhEdEukh XGjLucHAj2M9wQmt08eCvEU6/WrJlBirGXrxv76O+XRRl8KRvanGxHYIyjyFyg27 L+emQvR/NghYLytpMiMwkCoNNxBaQ/ud6WHitzch+uJ7g/bFdQ4t1xacTEvNjwYf W+oxnFsJxlWjEfoLYTrPlBWLX0xhv9KDvY0aHuFoOgcVN2K1//kkO+BpuabsvHZg xwMbWnjMszNhngcaTQw4ycgXvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI1+YyXP 2vXZFgN05wOttKVRI8n1MB8GA1UdIwQYMBaAFGNJc1kE4bwNZb1ZSgd2K7UpnAOK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkI0Qy9DNDcwQjIyQUIy OTcxMUVEOTRFRjA5MjZDNEY5QUUwMi9ZMGx6V1FUaHZBMWx2VmxLQjNZcnRTbWNB NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1kwbHpXUVRodkExbHZWbEtCM1lydFNtY0E0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RkI0Qy9DNDcwQjIyQUIyOTcxMUVEOTRFRjA5MjZDNEY5QUUwMi9ZMGx6V1FUaHZB MWx2VmxLQjNZcnRTbWNBNG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDbN4jdC18hQAP4uH3aId2SYujJeNagQEln6a00UuW5i6i9rRIqo/mB xUcIINeZI2INmp5j7zEOe8/5hCGKjhIl2IrOxjUAQFnT01FCF96+SKWr9VjJAhzm TGKskglORiLH8sSqO++lyRma0LmrXPXxImALxNb/2GA9KgYkqfqB0AbA9/JJdZ6u vgmla+9/lPp38naz1U/np5GSP6UhZAZ7W5lWND/FlOKweHA/zvzB1PRtHVYXUTVz Ar5Q9Lamj3jxQrCjpZR1LGpqEsOXRDJloqMq+12tUd0g2vKxlUS31E9nJLQnVetU Du6J+IWeAVEoU7MVR5zaRiG4B0/AmOHk -----END CERTIFICATE-----Generated at Sun Jul 20 18:48:02 2025 by rpki-client