$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft File: YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft (raw, json) Hash identifier: AZa8yMRzgkizS5t3Manuqm1uocvU6Vn3MdsE8DtAM8Q= Subject key identifier: 1B:46:7A:DC:06:9E:E0:49:0E:20:7B:3E:24:4F:19:52:DC:0C:49:04 Authority key identifier: 60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 Certificate issuer: /CN=A91E5A08/serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Certificate serial: 01A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft Manifest number: 01A4 Signing time: Mon 21 Jul 2025 03:20:22 +0000 Manifest this update: Mon 21 Jul 2025 03:20:22 +0000 Manifest next update: Mon 28 Jul 2025 03:20:22 +0000 Files and hashes: 1: YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl (hash: Udc/h0tK77qVOAIxbjdYvFpCe5M+NRyRlEO5upkFF2g=) 2: EC9A7C9EE26811EDBB19B85EC4F9AE02.roa (hash: b95mpJ4EM9DYq2FEBTGRF8becbveDJsLEHAflxFwbco=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 03:20:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 423 (0x1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5A08, serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Validity Not Before: Jul 21 03:20:22 2025 GMT Not After : Jul 28 03:20:22 2025 GMT Subject: CN=687db1f6-09fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5e:0f:1c:1a:1a:79:da:47:7a:14:44:6f:ed: 9a:a2:0b:30:63:30:26:d6:62:97:06:f3:bb:36:d6: 8e:21:e6:67:75:31:05:82:11:15:6d:db:f0:ba:c3: de:2e:f4:f5:62:47:51:df:46:c4:64:3f:35:1c:bb: f3:d7:f1:fd:c3:46:e2:21:01:b0:49:29:3e:e5:c2: a7:2e:c1:83:82:17:1f:58:30:58:a3:eb:33:a8:e1: ff:ee:e7:a5:26:0c:76:2e:1d:e4:88:9d:be:2e:c2: 50:9f:ab:f4:3e:52:d1:67:51:f7:df:3d:e3:97:63: 6b:3f:07:cb:f4:68:b8:14:26:e4:80:74:b0:08:d2: 5f:ba:a6:8d:8d:ee:72:89:9f:13:24:5f:f3:a9:06: 6f:c1:d6:5a:1a:67:ab:35:1c:94:5a:10:81:b3:a7: 5e:1b:9d:57:57:07:c1:b3:d5:44:68:e2:87:36:7f: 0b:85:a6:11:a2:6b:ed:7b:9a:03:a3:38:6e:ed:df: 51:3b:4f:4e:90:7c:0d:bd:86:91:84:c7:3e:e5:49: 6c:81:a8:ed:95:cc:14:7c:ea:94:d8:bc:58:a1:b4: c8:9d:6f:6b:12:72:85:50:55:4a:be:3c:c6:8a:a0: 87:8d:b3:0e:64:11:1d:6b:fc:b4:ce:74:ad:ac:c2: 1e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:46:7A:DC:06:9E:E0:49:0E:20:7B:3E:24:4F:19:52:DC:0C:49:04 X509v3 Authority Key Identifier: keyid:60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:24:02:9f:cd:72:7a:46:ce:41:e8:62:0d:87:7d:c5:3b:71: e2:7d:4d:70:3f:e3:0b:e0:66:92:85:b3:97:53:9d:b8:78:e9: 5e:1d:8d:00:71:04:11:41:b6:11:ce:55:4e:a1:f3:b0:a1:82: 42:c2:b4:93:73:32:c0:5f:3c:a6:48:b3:66:06:bf:66:38:4a: 35:e0:41:d6:c4:f7:50:48:00:99:76:f6:40:8b:e0:70:99:46: f9:0d:25:ee:87:13:35:98:2b:2a:3d:f4:d8:8e:6b:c9:7a:6c: 03:a7:e3:50:45:b2:5b:ba:ab:d9:da:aa:ee:6c:7f:5e:02:48: 1b:f5:4d:6a:46:05:73:1a:ef:bd:05:bf:c8:89:b6:78:44:69: 44:4e:5f:59:30:cb:63:9d:c2:9e:0f:22:6b:37:78:fd:68:f9: 10:1d:14:18:cb:c4:8b:c2:3c:f2:69:2d:8d:38:0e:ca:c7:fa: 24:51:83:f3:d3:5a:e2:03:e5:cb:87:e1:d1:fb:fe:29:5e:f8: fe:79:28:0f:a3:70:5e:fa:8b:da:8c:18:11:e6:d8:18:18:10: 1c:fd:2e:f4:81:95:a5:5f:e4:d7:4a:63:99:ff:7b:d8:41:30: 60:e0:49:18:d5:b8:46:5f:1a:c2:12:dd:67:80:e4:4e:50:15: ff:19:59:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVBMDgxMTAvBgNVBAUTKDYwMDZCOTY1ODMxM0Q4NjQ5OTE2MTlENjk3OUIwRjdF MDFFNEI2NjgwHhcNMjUwNzIxMDMyMDIyWhcNMjUwNzI4MDMyMDIyWjAYMRYwFAYD VQQDEw02ODdkYjFmNi0wOWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyl4PHBoaedpHehREb+2aogswYzAm1mKXBvO7NtaOIeZndTEFghEVbdvwusPe LvT1YkdR30bEZD81HLvz1/H9w0biIQGwSSk+5cKnLsGDghcfWDBYo+szqOH/7uel Jgx2Lh3kiJ2+LsJQn6v0PlLRZ1H33z3jl2NrPwfL9Gi4FCbkgHSwCNJfuqaNje5y iZ8TJF/zqQZvwdZaGmerNRyUWhCBs6deG51XVwfBs9VEaOKHNn8LhaYRomvte5oD ozhu7d9RO09OkHwNvYaRhMc+5UlsgajtlcwUfOqU2LxYobTInW9rEnKFUFVKvjzG iqCHjbMOZBEda/y0znStrMIe+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBtGetwG nuBJDiB7PiRPGVLcDEkEMB8GA1UdIwQYMBaAFGAGuWWDE9hkmRYZ1pebD34B5LZo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUEwOC9CMDYwQ0M1NEUy NjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJHU1pGaG5XbDVzUGZnSGt0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lBYTVaWU1UMkdTWkZobldsNXNQZmdIa3RtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUEwOC9CMDYwQ0M1NEUyNjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJH U1pGaG5XbDVzUGZnSGt0bWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABJAKfzXJ6Rs5B6GINh33FO3HifU1wP+ML4GaShbOXU524eOleHY0A cQQRQbYRzlVOofOwoYJCwrSTczLAXzymSLNmBr9mOEo14EHWxPdQSACZdvZAi+Bw mUb5DSXuhxM1mCsqPfTYjmvJemwDp+NQRbJbuqvZ2qrubH9eAkgb9U1qRgVzGu+9 Bb/IibZ4RGlETl9ZMMtjncKeDyJrN3j9aPkQHRQYy8SLwjzyaS2NOA7Kx/okUYPz 01riA+XLh+HR+/4pXvj+eSgPo3Be+ovajBgR5tgYGBAc/S70gZWlX+TXSmOZ/3vY QTBg4EkY1bhGXxrCEt1ngOROUBX/GVnC -----END CERTIFICATE-----Generated at Mon Jul 21 07:07:53 2025 by rpki-client