$ rpki-client -vvf rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft File: ny5XiO95WFurdhmHfTlierLl1Rk.mft (raw, json) Hash identifier: 4a2XFWwzQAODUQsRrxeDD/2lgCkGyPnaVjmltVJfpmo= Subject key identifier: A3:F6:18:1E:41:86:53:91:05:5C:28:69:12:04:A3:CF:9F:39:B1:99 Authority key identifier: 9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19 Certificate issuer: /CN=A913A7A6/serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519 Certificate serial: 0A2E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft Manifest number: 0A27 Signing time: Sun 20 Jul 2025 19:52:07 +0000 Manifest this update: Sun 20 Jul 2025 19:52:07 +0000 Manifest next update: Sun 27 Jul 2025 19:52:07 +0000 Files and hashes: 1: ny5XiO95WFurdhmHfTlierLl1Rk.crl (hash: 2qKtJDNupWth2/RU1dZLs/kX8z3D5D04JEBrdgaCHJQ=) 2: 4DAFC184ADC011ED897A4050C4F9AE02.roa (hash: /BGVJbRRDfivu1c+fyECLgKysqOT6aaM0UL54g9lwQ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:52:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2606 (0xa2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913A7A6, serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519 Validity Not Before: Jul 20 19:52:07 2025 GMT Not After : Jul 27 19:52:07 2025 GMT Subject: CN=687d48e7-6fdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:81:b3:f3:c0:dd:97:9b:e9:6a:a0:75:22:2e: 38:27:03:7f:07:6a:e4:ba:18:71:30:24:d2:57:07: f6:c7:a4:ee:9f:81:78:e9:d0:45:9d:10:08:20:b3: 48:2c:ea:16:b0:f2:1c:e4:6f:d2:77:e5:20:48:60: c1:64:d1:6c:a8:b6:bb:fa:ec:34:59:2d:5a:eb:7e: 8a:b1:08:bb:b6:84:6c:96:1d:15:f9:b1:fb:df:7b: 53:e1:d2:4b:73:e0:59:2e:9d:d7:01:08:85:a8:c3: 69:3a:57:29:00:d1:96:84:e5:1c:4b:3d:d4:3d:16: cd:63:34:bb:2e:4e:40:c6:b0:14:d6:3e:c1:39:a4: 22:0e:33:00:9c:9a:c0:c5:c9:3c:a0:9a:4e:fa:71: 5d:8f:95:4f:b0:5f:73:97:df:fc:9f:c7:d9:9a:07: b4:89:0f:2c:cd:52:a2:14:cd:a8:cb:1d:38:d2:38: e4:34:e3:02:9d:a5:c3:0c:c5:15:ff:96:2f:a8:56: c3:20:82:74:f3:b0:78:6b:e0:de:a6:6e:bb:7a:e7: 5a:35:94:2a:4f:b7:14:d7:f4:3b:f4:a9:3a:18:0e: bd:6b:d1:52:b6:89:72:2b:c4:fa:6c:fa:71:0c:78: d1:60:dc:60:34:4d:91:a9:4b:46:bc:58:53:5d:f1: 61:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:F6:18:1E:41:86:53:91:05:5C:28:69:12:04:A3:CF:9F:39:B1:99 X509v3 Authority Key Identifier: keyid:9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:30:37:15:fc:0d:a9:dd:f5:26:fe:64:a2:02:e2:6c:05:80: 98:ce:48:99:6b:fd:de:b4:77:97:5e:64:2e:69:4a:f0:95:33: 5c:b6:f4:d4:82:96:dc:9e:41:b7:23:f6:69:fe:6d:15:ec:a5: 3c:79:70:69:5f:ee:ba:07:3c:aa:75:d0:63:b0:2f:2d:4b:3c: 23:11:cf:d2:fe:46:46:e2:9a:07:b7:e8:20:05:1e:22:c4:fc: 8c:d1:14:1c:14:0d:c3:4f:ae:4c:53:fb:5c:db:a7:0b:47:e9: 80:53:52:21:63:56:01:20:5a:eb:e7:6b:4b:6b:93:df:e8:5d: ca:b7:92:3c:14:34:56:c1:0e:14:dd:3a:8f:68:5f:04:3e:7a: 73:ac:ec:79:e8:0d:e9:c1:38:5e:bc:f4:80:a4:56:65:67:93: c9:a7:a9:7f:54:59:2f:50:78:42:23:62:d1:88:fc:e0:2e:52: 85:ea:59:64:b5:91:0c:d3:2e:8b:d0:e7:bf:94:c6:9a:2d:8e: 20:8c:a3:4e:60:b5:6e:22:9f:4f:a6:7b:21:91:0c:44:53:7b: 3f:95:59:3d:88:b2:07:3a:60:c8:6b:30:8e:4e:1a:c7:59:02: b7:68:5c:96:7a:c3:a4:d3:5f:4d:e2:05:85:bd:8e:cc:e2:c4: 95:2f:0f:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0E3QTYxMTAvBgNVBAUTKDlGMkU1Nzg4RUY3OTU4NUJBQjc2MTk4NzdEMzk2MjdB QjJFNUQ1MTkwHhcNMjUwNzIwMTk1MjA3WhcNMjUwNzI3MTk1MjA3WjAYMRYwFAYD VQQDEw02ODdkNDhlNy02ZmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0oGz88Ddl5vpaqB1Ii44JwN/B2rkuhhxMCTSVwf2x6Tun4F46dBFnRAIILNI LOoWsPIc5G/Sd+UgSGDBZNFsqLa7+uw0WS1a636KsQi7toRslh0V+bH733tT4dJL c+BZLp3XAQiFqMNpOlcpANGWhOUcSz3UPRbNYzS7Lk5AxrAU1j7BOaQiDjMAnJrA xck8oJpO+nFdj5VPsF9zl9/8n8fZmge0iQ8szVKiFM2oyx040jjkNOMCnaXDDMUV /5YvqFbDIIJ087B4a+Depm67eudaNZQqT7cU1/Q79Kk6GA69a9FStolyK8T6bPpx DHjRYNxgNE2RqUtGvFhTXfFhewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKP2GB5B hlORBVwoaRIEo8+fObGZMB8GA1UdIwQYMBaAFJ8uV4jveVhbq3YZh305Ynqy5dUZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQTdBNi80NTdBOEU4Mjcz QjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdGdXJkaG1IZlRsaWVyTGwx UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL255NVhpTzk1V0Z1cmRobUhmVGxpZXJMbDFSay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QTdBNi80NTdBOEU4MjczQjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdG dXJkaG1IZlRsaWVyTGwxUmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6MDcV/A2p3fUm/mSiAuJsBYCYzkiZa/3etHeXXmQuaUrwlTNctvTU gpbcnkG3I/Zp/m0V7KU8eXBpX+66BzyqddBjsC8tSzwjEc/S/kZG4poHt+ggBR4i xPyM0RQcFA3DT65MU/tc26cLR+mAU1IhY1YBIFrr52tLa5Pf6F3Kt5I8FDRWwQ4U 3TqPaF8EPnpzrOx56A3pwThevPSApFZlZ5PJp6l/VFkvUHhCI2LRiPzgLlKF6llk tZEM0y6L0Oe/lMaaLY4gjKNOYLVuIp9PpnshkQxEU3s/lVk9iLIHOmDIazCOThrH WQK3aFyWesOk019N4gWFvY7M4sSVLw8X -----END CERTIFICATE-----Generated at Mon Jul 21 07:46:15 2025 by rpki-client