$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft File: yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft (raw, json) Hash identifier: xr2pgmLz81OJ4tsLJs33kD262X42GEEx5rRxcSeCrVE= Subject key identifier: FA:13:6E:7F:21:BE:FF:E5:B1:C2:77:85:B7:26:9A:A1:44:2F:F8:A1 Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Certificate serial: 05E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft Manifest number: 05C7 Signing time: Sun 20 Jul 2025 23:21:00 +0000 Manifest this update: Sun 20 Jul 2025 23:20:59 +0000 Manifest next update: Sun 27 Jul 2025 23:20:59 +0000 Files and hashes: 1: yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl (hash: 86040qjcR2zir+mZmbRgA91+AD798BgNR9XKM1uElps=) 2: 5FA1BF8802DD11EE86865A23C4F9AE02.roa (hash: ui8GmB9i/5pnYfd6MeCxTJj3Yjz4hQKs4XNWYMcqflM=) 3: 3003C4BA7C7711EEB9E0BE15C4F9AE02.roa (hash: vtLAm7IVt53zIg8Nc5apkEjvAOJhd3yNQjgM+aQMRxs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 23:20:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1506 (0x5e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Validity Not Before: Jul 20 23:20:59 2025 GMT Not After : Jul 27 23:20:59 2025 GMT Subject: CN=687d79db-2e2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a0:60:23:24:2d:47:58:73:84:9f:1d:1f:76: f6:77:08:33:34:05:49:1e:75:33:50:f5:ab:37:6b: 19:2e:1c:ba:ab:46:ed:15:f4:dd:b2:39:aa:2a:5d: fd:8c:8b:0c:7c:c1:8c:1e:40:17:26:1c:46:86:fc: 8c:d5:42:3b:89:e6:29:22:31:a3:a7:fb:00:9d:fb: 8f:50:e1:11:ca:9a:a2:51:36:8a:e5:71:f4:52:27: 05:de:45:54:ce:44:61:aa:cb:f2:4f:50:ba:f0:0a: 52:2c:dd:b7:1b:6f:e9:99:92:83:44:4f:a2:d6:ec: 9f:38:18:c7:eb:e3:41:8b:2f:c1:78:75:8c:3c:3f: f6:9e:bc:fb:b7:3e:1b:fe:30:65:60:66:52:39:1c: 44:e0:8d:da:0a:46:58:c6:8e:66:19:8e:40:50:b0: 04:a7:30:15:51:af:cb:38:7a:e9:37:31:d3:d3:e4: 33:18:b1:2e:a6:d2:63:1b:8f:10:17:3a:fb:ee:cd: 53:fd:c0:90:ea:dc:16:b1:9c:74:12:eb:cf:36:78: 54:41:16:75:92:b6:fa:a3:5e:8c:02:6d:0e:db:cd: 67:43:d6:50:d1:c6:94:8d:80:35:fc:ed:a1:dc:99: f1:c6:9f:d5:4e:82:e0:86:91:6b:cc:a6:37:99:61: 19:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:13:6E:7F:21:BE:FF:E5:B1:C2:77:85:B7:26:9A:A1:44:2F:F8:A1 X509v3 Authority Key Identifier: keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:0a:b6:f1:37:97:b2:94:ad:e6:8e:bc:1a:de:0d:cd:a0:43: c4:44:e8:55:8a:02:a6:0e:70:b8:fe:57:8b:f5:fc:94:62:79: d1:e8:6b:dc:c1:c2:4e:d0:bd:b4:8c:57:74:d6:d5:a6:79:b7: f2:fc:49:45:78:ed:1e:c8:a1:fa:f5:49:6b:d5:60:35:1e:50: 5d:23:18:8c:f2:e1:dd:1e:9a:32:a9:6a:60:fd:e0:79:56:ec: fa:e7:4d:19:87:c3:f4:df:24:e5:f4:1a:83:13:42:8b:47:cc: 63:f0:bd:b7:74:be:c9:72:d0:a4:19:fa:7d:0c:de:c0:12:69: 6c:48:e8:3b:8f:79:74:ae:33:a3:31:8b:0c:08:4b:c3:73:6a: 26:c6:ff:93:b1:1a:03:e1:be:30:e6:de:d9:c0:df:c2:f5:db: 9c:1e:bf:bf:61:10:15:b0:26:32:f3:58:ac:45:ef:43:23:80: e2:39:a3:66:31:a6:6f:82:f0:2d:84:49:90:65:c3:54:12:53: a3:b2:02:fb:45:76:8f:5e:5e:0d:c9:39:65:45:4b:af:3f:6e: c0:fb:05:d9:06:45:57:09:97:fa:1f:cc:5a:0b:cb:4b:8f:d5: e8:60:d5:33:88:45:82:69:ce:2f:3f:29:1c:7b:bc:a9:97:f8: 9b:06:9f:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF Qjk4RkY3MDEwHhcNMjUwNzIwMjMyMDU5WhcNMjUwNzI3MjMyMDU5WjAYMRYwFAYD VQQDEw02ODdkNzlkYi0yZTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxqBgIyQtR1hzhJ8dH3b2dwgzNAVJHnUzUPWrN2sZLhy6q0btFfTdsjmqKl39 jIsMfMGMHkAXJhxGhvyM1UI7ieYpIjGjp/sAnfuPUOERypqiUTaK5XH0UicF3kVU zkRhqsvyT1C68ApSLN23G2/pmZKDRE+i1uyfOBjH6+NBiy/BeHWMPD/2nrz7tz4b /jBlYGZSORxE4I3aCkZYxo5mGY5AULAEpzAVUa/LOHrpNzHT0+QzGLEuptJjG48Q Fzr77s1T/cCQ6twWsZx0EuvPNnhUQRZ1krb6o16MAm0O281nQ9ZQ0caUjYA1/O2h 3Jnxxp/VToLghpFrzKY3mWEZUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPoTbn8h vv/lscJ3hbcmmqFEL/ihMB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5 d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1Vm LUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkCrbxN5eylK3mjrwa3g3NoEPEROhVigKmDnC4/leL9fyUYnnR6Gvc wcJO0L20jFd01tWmebfy/ElFeO0eyKH69Ulr1WA1HlBdIxiM8uHdHpoyqWpg/eB5 Vuz6500Zh8P03yTl9BqDE0KLR8xj8L23dL7JctCkGfp9DN7AEmlsSOg7j3l0rjOj MYsMCEvDc2omxv+TsRoD4b4w5t7ZwN/C9ducHr+/YRAVsCYy81isRe9DI4DiOaNm MaZvgvAthEmQZcNUElOjsgL7RXaPXl4NyTllRUuvP27A+wXZBkVXCZf6H8xaC8tL j9XoYNUziEWCac4vPykce7ypl/ibBp9q -----END CERTIFICATE-----Generated at Mon Jul 21 09:27:55 2025 by rpki-client