$ rpki-client -vvf rpki.apnic.net/member_repository/A913F2E2/C5B6B936440411EFB9A62C0DC4F9AE02/ISYbiXSYk8OzGEG5b-P7YyMDLxg.mft File: ISYbiXSYk8OzGEG5b-P7YyMDLxg.mft (raw, json) Hash identifier: dLs7rGkjrJqFctXeA1aQFQfZYkLbCkrKr90rqlsyPIE= Subject key identifier: 1A:85:F2:F3:E6:45:EB:A4:FE:96:7C:97:C6:E9:84:85:12:12:E7:D1 Authority key identifier: 21:26:1B:89:74:98:93:C3:B3:18:41:B9:6F:E3:FB:63:23:03:2F:18 Certificate issuer: /CN=A913F2E2/serialNumber=21261B89749893C3B31841B96FE3FB6323032F18 Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ISYbiXSYk8OzGEG5b-P7YyMDLxg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F2E2/C5B6B936440411EFB9A62C0DC4F9AE02/ISYbiXSYk8OzGEG5b-P7YyMDLxg.mft Manifest number: D2 Signing time: Sat 23 Aug 2025 05:49:32 +0000 Manifest this update: Sat 23 Aug 2025 05:49:32 +0000 Manifest next update: Sat 30 Aug 2025 05:49:32 +0000 Files and hashes: 1: ISYbiXSYk8OzGEG5b-P7YyMDLxg.crl (hash: wFtXVBInpre24KqFqiHaECGTgyivPFBzfqUusx2tdYI=) 2: A8051CC4508011EF81053074C4F9AE02.roa (hash: cDS5FdTBOYoVAs3WZmJDzExZ2RFGAHrfOHhqQyrBupo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F2E2/C5B6B936440411EFB9A62C0DC4F9AE02/ISYbiXSYk8OzGEG5b-P7YyMDLxg.crl rsync://rpki.apnic.net/member_repository/A913F2E2/C5B6B936440411EFB9A62C0DC4F9AE02/ISYbiXSYk8OzGEG5b-P7YyMDLxg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ISYbiXSYk8OzGEG5b-P7YyMDLxg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:49:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F2E2, serialNumber=21261B89749893C3B31841B96FE3FB6323032F18 Validity Not Before: Aug 23 05:49:32 2025 GMT Not After : Aug 30 05:49:32 2025 GMT Subject: CN=68a9566c-4df2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:03:ad:73:2f:e9:f9:cf:73:45:2d:18:6c:d8: 66:55:db:db:0d:a7:a1:2d:b4:1c:b4:e3:bd:b0:aa: f4:f4:dc:48:1e:72:09:b2:d0:d3:e1:30:ac:82:9a: dc:ea:8a:38:38:1f:34:13:c8:d4:73:eb:65:fd:00: cb:c2:8d:6c:75:22:11:9e:74:93:ca:5f:6d:3d:0a: a2:98:0c:1f:6c:d3:c7:a0:b2:4a:61:62:1e:f1:90: 8e:40:83:47:11:89:2c:68:da:f8:49:6d:19:b7:e8: 96:c1:5e:58:92:92:a9:b8:29:79:b9:24:f6:89:5d: 23:bf:28:2b:40:aa:3c:5c:5d:c0:f8:0c:8d:9c:db: 6b:d8:2c:07:c6:1b:3d:6b:d5:03:b8:7b:b5:d7:69: cd:ac:1b:f6:99:dc:7c:21:e9:f0:3d:83:b7:02:d1: e5:12:ea:eb:dd:86:fd:58:76:a3:cb:2e:c5:35:7a: 48:a2:f8:40:e3:90:ef:67:ef:43:70:0e:30:fc:72: df:a2:61:81:76:81:ca:13:2e:5f:a3:db:13:3a:cd: fe:a5:2f:0a:3e:72:08:21:e3:56:2c:a7:4b:0c:51: 9b:94:68:5d:d6:54:12:c8:ef:9a:dc:40:e4:e7:0a: 3a:99:59:c8:d5:0d:19:ce:9a:1e:58:d6:3d:ce:8e: d5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:85:F2:F3:E6:45:EB:A4:FE:96:7C:97:C6:E9:84:85:12:12:E7:D1 X509v3 Authority Key Identifier: keyid:21:26:1B:89:74:98:93:C3:B3:18:41:B9:6F:E3:FB:63:23:03:2F:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F2E2/C5B6B936440411EFB9A62C0DC4F9AE02/ISYbiXSYk8OzGEG5b-P7YyMDLxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ISYbiXSYk8OzGEG5b-P7YyMDLxg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F2E2/C5B6B936440411EFB9A62C0DC4F9AE02/ISYbiXSYk8OzGEG5b-P7YyMDLxg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:d2:7c:c6:74:dd:04:43:4a:ca:77:86:22:ce:e6:2e:09:44: 8f:e3:b9:7f:d6:b4:21:f5:f5:42:35:b3:ee:da:5a:51:3e:58: 9a:c3:1a:20:29:dc:76:fb:8f:6f:04:d7:9e:1e:68:fd:83:6a: 4f:28:c4:d8:0a:12:4a:03:85:39:b4:6c:f2:08:6f:3f:87:f9: d2:f2:e9:70:50:19:cb:ba:15:25:79:0c:bc:e0:1a:e7:8d:88: d1:bb:0c:30:be:af:24:d6:9f:61:99:31:42:41:95:55:64:bb: 92:ee:a0:6d:3b:3e:e8:d0:25:e9:da:6c:e6:3a:75:f1:8f:28: db:be:fe:a4:a0:d2:06:85:eb:8a:c4:64:b1:17:84:7d:97:d3: 2a:0c:62:d0:85:ac:69:4f:40:52:30:ad:fa:8f:bc:ca:ab:bf: 72:ae:fa:f3:16:02:df:d5:0b:11:cc:2e:ba:c9:6e:4d:f0:1c: 05:87:e2:10:7d:bd:06:48:da:83:ea:d9:b6:7e:ba:2f:71:27: 16:d9:b2:ed:e2:f9:81:96:d9:ac:dd:30:69:13:33:cf:3f:40: 16:06:bc:fb:ed:e1:55:f6:cc:ba:b5:a1:2f:98:f1:b0:48:b9: 03:81:cc:48:40:0b:52:7e:c7:24:00:e2:b7:9f:ea:4b:d2:5c: b8:d2:50:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0YyRTIxMTAvBgNVBAUTKDIxMjYxQjg5NzQ5ODkzQzNCMzE4NDFCOTZGRTNGQjYz MjMwMzJGMTgwHhcNMjUwODIzMDU0OTMyWhcNMjUwODMwMDU0OTMyWjAYMRYwFAYD VQQDEw02OGE5NTY2Yy00ZGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2QOtcy/p+c9zRS0YbNhmVdvbDaehLbQctOO9sKr09NxIHnIJstDT4TCsgprc 6oo4OB80E8jUc+tl/QDLwo1sdSIRnnSTyl9tPQqimAwfbNPHoLJKYWIe8ZCOQINH EYksaNr4SW0Zt+iWwV5YkpKpuCl5uST2iV0jvygrQKo8XF3A+AyNnNtr2CwHxhs9 a9UDuHu112nNrBv2mdx8IenwPYO3AtHlEurr3Yb9WHajyy7FNXpIovhA45DvZ+9D cA4w/HLfomGBdoHKEy5fo9sTOs3+pS8KPnIIIeNWLKdLDFGblGhd1lQSyO+a3EDk 5wo6mVnI1Q0ZzpoeWNY9zo7V0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBqF8vPm Reuk/pZ8l8bphIUSEufRMB8GA1UdIwQYMBaAFCEmG4l0mJPDsxhBuW/j+2MjAy8Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjJFMi9DNUI2QjkzNjQ0 MDQxMUVGQjlBNjJDMERDNEY5QUUwMi9JU1liaVhTWWs4T3pHRUc1Yi1QN1l5TURM eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lTWWJpWFNZazhPekdFRzViLVA3WXlNREx4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjJFMi9DNUI2QjkzNjQ0MDQxMUVGQjlBNjJDMERDNEY5QUUwMi9JU1liaVhTWWs4 T3pHRUc1Yi1QN1l5TURMeGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDA0nzGdN0EQ0rKd4YizuYuCUSP47l/1rQh9fVCNbPu2lpRPliawxog Kdx2+49vBNeeHmj9g2pPKMTYChJKA4U5tGzyCG8/h/nS8ulwUBnLuhUleQy84Brn jYjRuwwwvq8k1p9hmTFCQZVVZLuS7qBtOz7o0CXp2mzmOnXxjyjbvv6koNIGheuK xGSxF4R9l9MqDGLQhaxpT0BSMK36j7zKq79yrvrzFgLf1QsRzC66yW5N8BwFh+IQ fb0GSNqD6tm2frovcScW2bLt4vmBltms3TBpEzPPP0AWBrz77eFV9sy6taEvmPGw SLkDgcxIQAtSfsckAOK3n+pL0ly40lB4 -----END CERTIFICATE-----Generated at Sun Aug 24 21:33:08 2025 by rpki-client