$ rpki-client -vvf rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft File: yAlz0WzMyeGME6aIAz3E0PDmHEo.mft (raw, json) Hash identifier: O0YNJflN6Ivm7zxkZ/3w70WZpEEvZa/+BwI3IOHgLkw= Subject key identifier: 0A:66:5B:B8:1C:A8:FE:AF:B4:E3:D5:8C:0D:D2:AD:BD:2A:E1:F1:1F Authority key identifier: C8:09:73:D1:6C:CC:C9:E1:8C:13:A6:88:03:3D:C4:D0:F0:E6:1C:4A Certificate issuer: /CN=A91657FE/serialNumber=C80973D16CCCC9E18C13A688033DC4D0F0E61C4A Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAlz0WzMyeGME6aIAz3E0PDmHEo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft Manifest number: 24 Signing time: Thu 21 Aug 2025 08:03:56 +0000 Manifest this update: Thu 21 Aug 2025 08:03:56 +0000 Manifest next update: Thu 28 Aug 2025 08:03:56 +0000 Files and hashes: 1: yAlz0WzMyeGME6aIAz3E0PDmHEo.crl (hash: 9ydy2Y1UYpe4nMFy1F0hyxc4t9C39+ZrlblK0Epx0lE=) 2: BFEE74284D9811F0930F6465C4F9AE02.roa (hash: utYcBcFgJK+aEaHZM9pNCTgsikhCHuFU4gRIhVACRLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.crl rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAlz0WzMyeGME6aIAz3E0PDmHEo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 08:03:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91657FE, serialNumber=C80973D16CCCC9E18C13A688033DC4D0F0E61C4A Validity Not Before: Aug 21 08:03:56 2025 GMT Not After : Aug 28 08:03:56 2025 GMT Subject: CN=68a6d2ec-df79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:9a:29:42:02:a5:91:b5:fb:7d:ea:c3:9c:d6: 8c:12:ef:16:a6:54:d3:ab:c7:a2:94:e2:d6:ad:5b: 0b:6e:f0:24:4d:cc:54:dc:84:7f:dd:aa:45:b4:b9: 6d:bf:42:af:b4:43:a8:69:bb:3e:62:5e:b7:7c:bb: 30:67:8a:7e:63:c6:98:d9:72:9b:70:48:83:d6:b6: 43:3f:22:10:4b:93:ff:f7:6c:69:19:23:9d:a5:af: 68:a6:40:83:86:ad:ac:92:d0:49:c4:d0:a6:4a:5c: 5b:59:7d:b0:92:93:08:60:34:ad:79:83:03:7e:80: 59:49:db:8b:e7:cf:06:55:40:2d:59:a9:9a:c8:18: d6:ed:8e:d6:c1:6f:78:cb:19:05:a9:02:c7:fa:19: 82:48:36:1c:15:55:26:38:8c:8e:ee:5f:fa:a8:05: ba:63:b6:62:8e:18:c3:ef:fc:74:c3:a2:f0:40:47: 20:5f:8e:dd:fc:4c:b5:ed:02:23:d4:06:60:6e:ae: 85:9d:d0:67:56:14:f4:de:3b:41:6c:b0:fb:4c:b2: 6a:05:64:12:2a:71:b8:0f:09:15:f3:f8:a6:83:fc: af:f6:d1:71:6a:20:03:a0:32:99:08:67:2f:0c:76: 5f:21:66:57:9c:71:9a:08:cd:53:3c:0b:d8:30:e1: c8:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:66:5B:B8:1C:A8:FE:AF:B4:E3:D5:8C:0D:D2:AD:BD:2A:E1:F1:1F X509v3 Authority Key Identifier: keyid:C8:09:73:D1:6C:CC:C9:E1:8C:13:A6:88:03:3D:C4:D0:F0:E6:1C:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAlz0WzMyeGME6aIAz3E0PDmHEo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657FE/C08757224D8B11F08EAC5823C4F9AE02/yAlz0WzMyeGME6aIAz3E0PDmHEo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:7c:a3:d5:c7:57:05:14:0a:ad:46:14:23:7b:66:b0:ba:ec: f9:50:81:eb:fa:55:85:34:bf:c4:ac:f8:c4:ff:95:ba:0c:66: c3:dc:7b:c6:b0:3f:6a:9b:ae:93:a6:b7:1b:8a:b6:41:9e:f8: 65:b9:19:84:e1:50:28:cd:06:0d:7a:75:60:07:fe:36:f8:28: 42:30:0a:60:8e:df:f7:0d:57:48:7d:55:a9:03:5f:bc:51:8a: 90:91:64:6a:69:b0:b7:4d:cb:55:95:2c:55:f7:ee:1d:49:08: 9e:47:d4:03:94:be:ef:e4:7b:0c:bf:07:95:eb:fd:7a:4f:d4: 21:92:80:d8:19:7c:d9:e5:4a:d4:8e:ad:1d:2b:19:d1:b5:b0: 9c:db:28:d6:96:71:93:97:4d:5d:c9:42:6c:06:fb:31:05:14: eb:ed:fa:fb:3c:1b:0a:e7:2f:17:0e:88:12:7b:40:f4:da:27: 0f:7b:23:ee:0d:75:c6:0e:b1:7f:e2:e5:32:bd:ac:6d:5c:6e: b0:20:f9:51:1f:3e:49:fd:bd:14:e5:aa:55:46:6b:ef:e9:e9: 37:48:84:05:a8:91:dd:83:02:bb:88:48:00:c9:25:7d:a9:83: 7d:39:fd:f7:03:44:e9:ec:15:bd:5e:b0:cd:eb:ab:5c:8d:79: 7f:12:3b:cd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NTdGRTExMC8GA1UEBRMoQzgwOTczRDE2Q0NDQzlFMThDMTNBNjg4MDMzREM0RDBG MEU2MUM0QTAeFw0yNTA4MjEwODAzNTZaFw0yNTA4MjgwODAzNTZaMBgxFjAUBgNV BAMTDTY4YTZkMmVjLWRmNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFmilCAqWRtft96sOc1owS7xamVNOrx6KU4tatWwtu8CRNzFTchH/dqkW0uW2/ Qq+0Q6hpuz5iXrd8uzBnin5jxpjZcptwSIPWtkM/IhBLk//3bGkZI52lr2imQIOG rayS0EnE0KZKXFtZfbCSkwhgNK15gwN+gFlJ24vnzwZVQC1ZqZrIGNbtjtbBb3jL GQWpAsf6GYJINhwVVSY4jI7uX/qoBbpjtmKOGMPv/HTDovBARyBfjt38TLXtAiPU BmBuroWd0GdWFPTeO0FssPtMsmoFZBIqcbgPCRXz+KaD/K/20XFqIAOgMpkIZy8M dl8hZleccZoIzVM8C9gw4ch9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUCmZbuByo /q+049WMDdKtvSrh8R8wHwYDVR0jBBgwFoAUyAlz0WzMyeGME6aIAz3E0PDmHEow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1N0ZFL0MwODc1NzIyNEQ4 QjExRjA4RUFDNTgyM0M0RjlBRTAyL3lBbHowV3pNeWVHTUU2YUlBejNFMFBEbUhF by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUFsejBXek15ZUdNRTZhSUF6M0UwUERtSEVvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1 N0ZFL0MwODc1NzIyNEQ4QjExRjA4RUFDNTgyM0M0RjlBRTAyL3lBbHowV3pNeWVH TUU2YUlBejNFMFBEbUhFby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIV8o9XHVwUUCq1GFCN7ZrC67PlQgev6VYU0v8Ss+MT/lboMZsPce8aw P2qbrpOmtxuKtkGe+GW5GYThUCjNBg16dWAH/jb4KEIwCmCO3/cNV0h9VakDX7xR ipCRZGppsLdNy1WVLFX37h1JCJ5H1AOUvu/kewy/B5Xr/XpP1CGSgNgZfNnlStSO rR0rGdG1sJzbKNaWcZOXTV3JQmwG+zEFFOvt+vs8GwrnLxcOiBJ7QPTaJw97I+4N dcYOsX/i5TK9rG1cbrAg+VEfPkn9vRTlqlVGa+/p6TdIhAWokd2DAruISADJJX2p g305/fcDROnsFb1esM3rq1yNeX8SO80= -----END CERTIFICATE-----Generated at Fri Aug 22 16:28:49 2025 by rpki-client