$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft File: Y3kC4bqWiB1HLuyt-kW1V348HDE.mft (raw, json) Hash identifier: 8tgXRZf2jN3rQb6EpOMGEZJfiTxsTyeBKQMyEdHmp0U= Subject key identifier: FD:43:6D:5E:DD:71:78:6E:7B:44:B1:A7:57:35:08:09:DD:0F:1C:4E Authority key identifier: 63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31 Certificate issuer: /CN=A91CE524/serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31 Certificate serial: 013C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft Manifest number: 0139 Signing time: Mon 21 Jul 2025 04:32:43 +0000 Manifest this update: Mon 21 Jul 2025 04:32:43 +0000 Manifest next update: Mon 28 Jul 2025 04:32:42 +0000 Files and hashes: 1: Y3kC4bqWiB1HLuyt-kW1V348HDE.crl (hash: Q1ROEv4PTkxt2e2UP04RLHxcCvWUUZUjRx6kp7SuJvI=) 2: FF1FE402898011EEB3403779C4F9AE02.roa (hash: kfUd7cLCmHmQ/k7ENeRjEkFUrum5OXV/qc4Vt8EOcIQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.crl rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:32:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE524, serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31 Validity Not Before: Jul 21 04:32:43 2025 GMT Not After : Jul 28 04:32:42 2025 GMT Subject: CN=687dc2eb-a671 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:1d:f3:a0:97:c3:e8:ee:7e:20:41:74:4d:05: ac:04:5d:67:da:60:72:f5:ed:34:41:1e:00:69:18: 47:e0:f3:20:1e:39:42:51:99:d9:51:2b:9b:bc:56: 10:5e:f6:ac:4b:d6:76:9f:af:5c:88:24:fc:e1:e9: 2b:63:8b:bd:9c:5f:3a:e1:1d:b7:bc:c5:33:82:9c: 80:a6:11:4e:e8:f4:1a:db:11:ab:63:85:1b:f1:79: ad:c0:a4:ce:7b:10:c8:02:9b:68:69:28:56:56:6c: e2:d6:af:db:df:17:24:03:a7:07:36:92:bf:c5:62: af:f8:69:57:1c:f8:70:5d:d5:98:4c:f6:03:4e:28: fd:a8:b5:00:c0:bd:15:3a:c6:30:03:6a:25:67:2f: ed:5c:89:c3:5d:57:3a:3d:16:db:ec:66:34:13:c7: bd:aa:45:1f:f8:ce:5b:7d:f1:20:dd:0d:1d:2a:18: 66:8e:fb:29:a7:14:84:c8:0c:7c:10:21:0a:72:4b: fd:7e:de:2b:ff:1a:77:7e:34:66:3b:67:8b:06:92: ca:dc:f3:50:ac:30:d8:e5:32:08:f2:16:6f:10:e8: b6:57:db:2d:66:23:92:35:ef:2a:98:f3:95:66:27: 36:1c:8b:85:58:ea:e6:d7:a8:d5:f6:b7:36:eb:57: ef:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:43:6D:5E:DD:71:78:6E:7B:44:B1:A7:57:35:08:09:DD:0F:1C:4E X509v3 Authority Key Identifier: keyid:63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:e5:82:f1:1d:87:d2:24:95:7a:11:85:94:f0:81:3f:22:24: ea:bc:19:b3:72:be:6f:a7:c2:21:6d:43:0e:ac:16:ae:e7:64: 6a:7c:98:d7:b7:a1:c8:ab:b4:0c:1a:e2:0e:ff:1b:4b:a2:48: 6c:db:91:1b:dc:b9:db:1e:4d:7f:c6:04:ec:5e:91:be:75:29: f4:bd:37:75:f3:9a:17:f4:8a:d9:fc:38:ad:85:fc:51:9c:2a: a4:dd:b1:ef:d3:7e:9b:6e:df:6c:8c:ee:a8:54:f8:8d:49:89: 23:77:7a:6c:9b:6a:f6:e7:0d:c8:3a:ce:17:f4:96:28:03:2d: 4c:3d:80:86:ca:13:b9:13:8d:7e:98:a1:dc:28:79:07:06:8b: 04:7f:c8:4e:ab:a6:65:38:f4:bb:88:5e:2a:ee:61:ff:91:d0: 9c:80:a8:73:d7:2f:12:c7:59:7c:13:70:7d:51:55:92:50:0c: 42:db:a5:1b:40:f1:46:a1:fe:16:c4:28:04:8a:b3:71:f5:c1: 7a:b6:4a:dc:6e:17:74:77:38:43:f1:db:c0:e6:05:d0:53:f0: 03:82:07:ef:fc:8e:06:35:92:5b:54:b1:87:24:d3:9e:87:a8: 4b:89:dd:2b:ce:30:1c:bb:c8:ed:bb:89:b3:48:00:34:6a:4d: 6e:65:4b:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U1MjQxMTAvBgNVBAUTKDYzNzkwMkUxQkE5Njg4MUQ0NzJFRUNBREZBNDVCNTU3 N0UzQzFDMzEwHhcNMjUwNzIxMDQzMjQzWhcNMjUwNzI4MDQzMjQyWjAYMRYwFAYD VQQDEw02ODdkYzJlYi1hNjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwR3zoJfD6O5+IEF0TQWsBF1n2mBy9e00QR4AaRhH4PMgHjlCUZnZUSubvFYQ XvasS9Z2n69ciCT84ekrY4u9nF864R23vMUzgpyAphFO6PQa2xGrY4Ub8XmtwKTO exDIAptoaShWVmzi1q/b3xckA6cHNpK/xWKv+GlXHPhwXdWYTPYDTij9qLUAwL0V OsYwA2olZy/tXInDXVc6PRbb7GY0E8e9qkUf+M5bffEg3Q0dKhhmjvsppxSEyAx8 ECEKckv9ft4r/xp3fjRmO2eLBpLK3PNQrDDY5TII8hZvEOi2V9stZiOSNe8qmPOV Zic2HIuFWOrm16jV9rc261fvJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP1DbV7d cXhue0Sxp1c1CAndDxxOMB8GA1UdIwQYMBaAFGN5AuG6logdRy7srfpFtVd+PBwx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTUyNC8wQzJDMkJENjg4 QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJxV2lCMUhMdXl0LWtXMVYzNDhI REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1kza0M0YnFXaUIxSEx1eXQta1cxVjM0OEhERS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTUyNC8wQzJDMkJENjg4QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJxV2lC MUhMdXl0LWtXMVYzNDhIREUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAK5YLxHYfSJJV6EYWU8IE/IiTqvBmzcr5vp8IhbUMOrBau52RqfJjX t6HIq7QMGuIO/xtLokhs25Eb3LnbHk1/xgTsXpG+dSn0vTd185oX9IrZ/DithfxR nCqk3bHv036bbt9sjO6oVPiNSYkjd3psm2r25w3IOs4X9JYoAy1MPYCGyhO5E41+ mKHcKHkHBosEf8hOq6ZlOPS7iF4q7mH/kdCcgKhz1y8Sx1l8E3B9UVWSUAxC26Ub QPFGof4WxCgEirNx9cF6tkrcbhd0dzhD8dvA5gXQU/ADggfv/I4GNZJbVLGHJNOe h6hLid0rzjAcu8jtu4mzSAA0ak1uZUt4 -----END CERTIFICATE-----Generated at Mon Jul 21 07:21:40 2025 by rpki-client