$ rpki-client -vvf rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft File: y1sC0Pxzbip6stKIoPwzFnpLvO0.mft (raw, json) Hash identifier: cew/+0kcmRACz5n0p0yM7KkpYBXeYH1o4BjHLP9zXNA= Subject key identifier: 65:F3:03:C3:0D:4E:16:68:C7:AD:3E:F3:55:85:10:B0:3E:5F:3C:A9 Authority key identifier: CB:5B:02:D0:FC:73:6E:2A:7A:B2:D2:88:A0:FC:33:16:7A:4B:BC:ED Certificate issuer: /CN=A9129F1D/serialNumber=CB5B02D0FC736E2A7AB2D288A0FC33167A4BBCED Certificate serial: 01FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft Manifest number: 01FA Signing time: Wed 17 Sep 2025 02:53:07 +0000 Manifest this update: Wed 17 Sep 2025 02:53:06 +0000 Manifest next update: Wed 24 Sep 2025 02:53:06 +0000 Files and hashes: 1: y1sC0Pxzbip6stKIoPwzFnpLvO0.crl (hash: uElz0SPkl1ONTyO1iGKOwly1BAsBMtrOdk8TJz7RjDY=) 2: 3E122AE0876011ED84335D46C4F9AE02.roa (hash: bMGYEkxmsNwyimLtEml2g/yxjeK2QwKmxudQ/0mQEOc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.crl rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 02:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 510 (0x1fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9129F1D, serialNumber=CB5B02D0FC736E2A7AB2D288A0FC33167A4BBCED Validity Not Before: Sep 17 02:53:06 2025 GMT Not After : Sep 24 02:53:06 2025 GMT Subject: CN=68ca2292-d53c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:51:7e:33:b1:31:83:23:b6:c6:51:27:30:1e: 53:e7:9d:38:ea:bc:d9:59:b9:49:ad:6d:bf:1d:69: 43:0a:70:d2:36:81:cf:08:8c:84:31:79:d0:6f:cc: 3d:61:58:91:c9:ad:0c:3c:21:d0:c2:56:d6:32:3a: d2:c1:d2:c9:a1:05:12:42:67:6a:ac:fe:8c:75:bd: 22:2c:4f:4d:6c:c2:38:70:7e:62:4e:d0:65:87:f8: 80:6d:89:37:34:4d:2b:48:e1:1e:30:da:e2:22:7f: eb:d1:ea:96:bf:1b:60:6a:73:b4:cd:1a:6a:df:11: f3:88:25:88:22:e6:4c:c6:1c:03:b0:fc:bb:33:43: e3:59:7a:41:de:74:08:11:ef:9e:d5:e0:29:12:90: 18:5d:9c:f6:53:ae:86:00:8c:37:8d:21:b0:ce:a1: 0f:0f:a9:df:67:48:94:ab:99:d3:a0:37:e9:d9:75: 5d:f1:90:17:50:ea:56:52:f7:8f:56:c7:0e:72:72: 9b:b7:b4:d9:e1:4f:ef:fe:2a:5f:11:a7:c5:55:f2: 9a:b0:34:e8:ab:3b:15:ae:cd:4c:95:f6:24:6f:3d: 3e:31:a7:20:5e:69:da:d3:ab:b4:84:a9:6b:27:43: 6c:ca:12:43:20:f5:f2:f9:da:a0:7d:50:d5:cc:5c: 9a:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:F3:03:C3:0D:4E:16:68:C7:AD:3E:F3:55:85:10:B0:3E:5F:3C:A9 X509v3 Authority Key Identifier: keyid:CB:5B:02:D0:FC:73:6E:2A:7A:B2:D2:88:A0:FC:33:16:7A:4B:BC:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:1f:51:fb:ae:d1:d7:00:11:37:1c:35:31:5d:b6:64:a4:b4: 8b:65:1b:15:db:38:e7:ea:0a:bd:72:fe:5e:8b:3c:18:d3:5a: 33:a0:52:96:d9:d1:af:8f:52:5f:8b:e8:26:c6:1f:3c:1d:0b: 2b:67:d5:09:e4:20:5d:39:ff:3d:ca:49:6b:e7:51:8f:2a:8c: 1f:07:25:a4:f8:91:a1:66:77:72:70:42:8d:3d:bd:25:49:8b: 0e:48:27:57:4d:2d:3d:51:f7:f7:05:96:3b:13:84:ac:df:6d: eb:2a:00:e5:bf:47:a5:b6:a3:27:39:33:d5:0c:10:d2:5a:a2: 27:81:30:a5:e7:f5:81:40:ce:ae:40:c2:ec:17:44:81:3d:b5: d5:a8:ec:4a:d4:f8:35:61:25:bc:35:55:d7:a9:ba:38:6e:9e: 40:65:95:92:42:61:8c:7b:58:a7:bd:ce:16:e4:2a:bb:f8:97: 1d:f2:71:68:d5:f9:35:ec:cc:84:7a:77:73:43:53:75:75:9a: ac:30:e8:5c:b2:b4:6e:c7:dc:ef:5e:f8:c7:8a:e5:d3:80:80: 12:5e:2a:49:c5:37:27:32:f1:63:7f:cc:5b:63:da:b5:9b:6c: 9c:c9:ac:34:72:42:a4:32:44:29:cc:13:61:89:d2:aa:08:38: 88:17:f1:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjlGMUQxMTAvBgNVBAUTKENCNUIwMkQwRkM3MzZFMkE3QUIyRDI4OEEwRkMzMzE2 N0E0QkJDRUQwHhcNMjUwOTE3MDI1MzA2WhcNMjUwOTI0MDI1MzA2WjAYMRYwFAYD VQQDEw02OGNhMjI5Mi1kNTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp1F+M7ExgyO2xlEnMB5T55046rzZWblJrW2/HWlDCnDSNoHPCIyEMXnQb8w9 YViRya0MPCHQwlbWMjrSwdLJoQUSQmdqrP6Mdb0iLE9NbMI4cH5iTtBlh/iAbYk3 NE0rSOEeMNriIn/r0eqWvxtganO0zRpq3xHziCWIIuZMxhwDsPy7M0PjWXpB3nQI Ee+e1eApEpAYXZz2U66GAIw3jSGwzqEPD6nfZ0iUq5nToDfp2XVd8ZAXUOpWUveP VscOcnKbt7TZ4U/v/ipfEafFVfKasDToqzsVrs1MlfYkbz0+MacgXmna06u0hKlr J0NsyhJDIPXy+dqgfVDVzFya7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGXzA8MN ThZox60+81WFELA+XzypMB8GA1UdIwQYMBaAFMtbAtD8c24qerLSiKD8MxZ6S7zt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUYxRC8yMUNBQkE1Qzg3 NUUxMUVEQkRDNjQ5NDZDNEY5QUUwMi95MXNDMFB4emJpcDZzdEtJb1B3ekZucEx2 TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3kxc0MwUHh6YmlwNnN0S0lvUHd6Rm5wTHZPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OUYxRC8yMUNBQkE1Qzg3NUUxMUVEQkRDNjQ5NDZDNEY5QUUwMi95MXNDMFB4emJp cDZzdEtJb1B3ekZucEx2TzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5H1H7rtHXABE3HDUxXbZkpLSLZRsV2zjn6gq9cv5eizwY01ozoFKW 2dGvj1Jfi+gmxh88HQsrZ9UJ5CBdOf89yklr51GPKowfByWk+JGhZndycEKNPb0l SYsOSCdXTS09Uff3BZY7E4Ss323rKgDlv0eltqMnOTPVDBDSWqIngTCl5/WBQM6u QMLsF0SBPbXVqOxK1Pg1YSW8NVXXqbo4bp5AZZWSQmGMe1invc4W5Cq7+Jcd8nFo 1fk17MyEendzQ1N1dZqsMOhcsrRux9zvXvjHiuXTgIASXipJxTcnMvFjf8xbY9q1 m2ycyaw0ckKkMkQpzBNhidKqCDiIF/HG -----END CERTIFICATE-----Generated at Fri Sep 19 02:32:50 2025 by rpki-client