$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft File: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft (raw, json) Hash identifier: Ku0rN5mvgAZrlpnc7aSMAeI7sPx01CuCfM4TSQu8HAI= Subject key identifier: D9:A9:5D:97:EE:89:88:D8:41:4C:AD:E7:29:49:17:B3:0B:7A:91:07 Authority key identifier: 63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D Certificate issuer: /CN=A9147B58/serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Certificate serial: 05E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft Manifest number: 05DF Signing time: Sat 06 Sep 2025 23:20:08 +0000 Manifest this update: Sat 06 Sep 2025 23:20:07 +0000 Manifest next update: Sat 13 Sep 2025 23:20:07 +0000 Files and hashes: 1: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl (hash: UkqXkV2uxhAmSwurpUzvcNjh2txD6A55BOc1RbKNVRU=) 2: 657BCA62CABC11EB8D6D063BC4F9AE02.roa (hash: tl2kppVQ05tVhEGA0iZghAdvk5il8hkt04HkORheCWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 23:20:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1509 (0x5e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147B58, serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Validity Not Before: Sep 6 23:20:07 2025 GMT Not After : Sep 13 23:20:07 2025 GMT Subject: CN=68bcc1a8-deb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:9d:11:7c:d6:9d:be:cd:05:8b:34:92:2c:71: dd:fa:9e:f5:9c:12:81:7f:16:98:29:4e:8e:3e:80: b0:18:c7:90:62:b9:7c:b8:ec:de:79:64:66:2f:5f: dc:19:48:ed:fb:99:94:44:11:cb:30:31:8d:e4:56: d0:ea:00:57:14:1c:e1:4e:af:91:89:10:6d:a1:50: 59:8b:b9:94:08:9c:c9:a3:08:e9:f1:e7:7d:b4:58: f3:7b:9b:7e:08:25:1a:2d:f8:18:55:6c:4c:63:7e: d5:76:be:e6:5e:65:dd:60:d0:b9:cd:c9:44:1e:d0: 8d:0c:8a:fa:d8:2e:84:69:a3:b3:75:c3:23:1a:9a: b8:77:7c:68:db:80:63:aa:c5:4c:f1:3b:88:97:ad: 12:17:14:c6:46:c2:83:86:86:9b:2a:98:02:af:04: db:83:b4:18:a5:ed:21:2a:5d:79:9e:36:0c:b6:04: ba:ef:b9:a3:42:2c:86:f9:a5:04:b2:40:c4:bb:bf: 2b:c4:24:6d:98:72:37:69:4b:e2:90:a8:4a:b1:0e: 23:26:77:85:0b:fc:4d:89:2e:42:15:ef:51:dd:10: 6a:5a:c1:fc:c9:f2:18:8c:3c:bb:8b:8c:1b:1d:17: 4e:3d:19:6c:8f:22:55:4c:10:a9:0b:a8:ea:92:d6: d6:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:A9:5D:97:EE:89:88:D8:41:4C:AD:E7:29:49:17:B3:0B:7A:91:07 X509v3 Authority Key Identifier: keyid:63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:34:34:b9:4e:4d:04:14:bf:42:45:8b:1c:1e:f6:31:56:c0: e9:90:d0:f1:5f:48:bd:6c:15:cc:a2:cf:e0:b2:09:57:e0:31: f0:f6:ae:e4:e3:6a:a3:e8:94:f5:1c:ac:d5:76:e1:64:d1:12: 0b:db:a7:01:d1:8e:d0:7d:91:ea:55:22:77:95:5c:da:fb:b1: b3:86:aa:cc:09:87:b7:8b:e0:79:96:1a:56:5d:82:24:7c:eb: 89:e5:8c:ea:ec:b6:a6:98:52:7a:ef:79:70:fb:40:c6:b3:df: 1d:58:d1:33:92:2b:e3:c4:a6:c4:b9:02:d2:92:36:3b:a0:e3: c3:17:0b:d8:ea:35:bd:2e:03:6c:04:a2:dd:a4:71:58:9c:ba: 24:42:1b:61:ba:f1:89:1f:34:8c:b1:8a:a5:04:ac:eb:0e:cc: 88:7a:bb:70:ab:f4:b0:4a:69:2b:f4:f6:0c:63:4f:d9:c6:6c: df:de:55:dd:90:8a:cf:25:38:4e:c0:bd:cc:1c:da:5e:35:06: a0:35:ed:31:20:db:15:a3:c6:ef:ea:44:3e:d8:2f:84:12:7a: 16:45:68:d1:e3:3c:aa:de:27:ff:f6:2f:15:93:05:33:9a:59: b3:1c:e1:0a:34:1f:0a:20:5c:51:cc:b1:d0:20:f4:9f:fa:d4: 9b:7c:3b:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdCNTgxMTAvBgNVBAUTKDYzRTQ4NzYyQTg5MzA4MDk2NzczRDlFMUM5RDFBOTk5 ODAzNTY3MEQwHhcNMjUwOTA2MjMyMDA3WhcNMjUwOTEzMjMyMDA3WjAYMRYwFAYD VQQDEw02OGJjYzFhOC1kZWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm50RfNadvs0FizSSLHHd+p71nBKBfxaYKU6OPoCwGMeQYrl8uOzeeWRmL1/c GUjt+5mURBHLMDGN5FbQ6gBXFBzhTq+RiRBtoVBZi7mUCJzJowjp8ed9tFjze5t+ CCUaLfgYVWxMY37Vdr7mXmXdYNC5zclEHtCNDIr62C6EaaOzdcMjGpq4d3xo24Bj qsVM8TuIl60SFxTGRsKDhoabKpgCrwTbg7QYpe0hKl15njYMtgS677mjQiyG+aUE skDEu78rxCRtmHI3aUvikKhKsQ4jJneFC/xNiS5CFe9R3RBqWsH8yfIYjDy7i4wb HRdOPRlsjyJVTBCpC6jqktbWAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNmpXZfu iYjYQUyt5ylJF7MLepEHMB8GA1UdIwQYMBaAFGPkh2KokwgJZ3PZ4cnRqZmANWcN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0I1OC9BQUMyMUM3RUNB QjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENBbG5jOW5oeWRHcG1ZQTFa dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ktU0hZcWlUQ0FsbmM5bmh5ZEdwbVlBMVp3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0I1OC9BQUMyMUM3RUNBQjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENB bG5jOW5oeWRHcG1ZQTFadzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaNDS5Tk0EFL9CRYscHvYxVsDpkNDxX0i9bBXMos/gsglX4DHw9q7k 42qj6JT1HKzVduFk0RIL26cB0Y7QfZHqVSJ3lVza+7GzhqrMCYe3i+B5lhpWXYIk fOuJ5Yzq7LammFJ673lw+0DGs98dWNEzkivjxKbEuQLSkjY7oOPDFwvY6jW9LgNs BKLdpHFYnLokQhthuvGJHzSMsYqlBKzrDsyIertwq/SwSmkr9PYMY0/Zxmzf3lXd kIrPJThOwL3MHNpeNQagNe0xINsVo8bv6kQ+2C+EEnoWRWjR4zyq3if/9i8VkwUz mlmzHOEKNB8KIFxRzLHQIPSf+tSbfDtS -----END CERTIFICATE-----Generated at Sun Sep 7 14:22:30 2025 by rpki-client