$ rpki-client -vvf rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.mft File: ymLkOPmNhRjS8qXZ9nZWUeWtpg4.mft (raw, json) Hash identifier: 5znLuwbnEZ3+uZrIWCexBLPNjs8zZBgvnSMCECP4SQE= Subject key identifier: 3F:08:E9:B9:59:74:D3:F3:7A:BF:92:B1:B1:A9:A9:64:6D:AD:71:68 Authority key identifier: CA:62:E4:38:F9:8D:85:18:D2:F2:A5:D9:F6:76:56:51:E5:AD:A6:0E Certificate issuer: /CN=A9168BA2/serialNumber=CA62E438F98D8518D2F2A5D9F6765651E5ADA60E Certificate serial: 0B14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.mft Manifest number: 0AFC Signing time: Sat 06 Sep 2025 19:36:58 +0000 Manifest this update: Sat 06 Sep 2025 19:36:58 +0000 Manifest next update: Sat 13 Sep 2025 19:36:58 +0000 Files and hashes: 1: ymLkOPmNhRjS8qXZ9nZWUeWtpg4.crl (hash: Do/Wf5Hr+snChzPrDdi8zRd+LBoDThUPjvQ0c34fVco=) 2: EF29C95E69C311EF82BCE77AC4F9AE02.roa (hash: b6XLk77YmW0zXiOErVi5OmWJQw5FWv6IwcAZrV/V3KA=) 3: BA7B024C04D811EDBE98F982C4F9AE02.roa (hash: GniYTYc+rkB55fqBkTbtJuPpFjVN9/DglrpXWuCGSdc=) 4: A2AF0622853711EFA09C892EC4F9AE02.roa (hash: DBysmfWMy9lYVGepCi0Ma5VGyIIRzRfP58+h2cMR+Ls=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.crl rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 19:36:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2836 (0xb14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168BA2, serialNumber=CA62E438F98D8518D2F2A5D9F6765651E5ADA60E Validity Not Before: Sep 6 19:36:58 2025 GMT Not After : Sep 13 19:36:58 2025 GMT Subject: CN=68bc8d5a-50d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3f:47:b6:8d:a8:78:63:7f:56:f4:2a:71:f3: 51:b1:cd:80:f2:f5:39:67:94:91:bb:06:00:d5:f2: 76:e1:03:4a:67:7b:12:02:08:03:a3:ab:3d:4d:eb: 2e:75:90:7f:89:1c:d0:04:55:8f:b1:94:cd:38:80: c4:b6:2b:b3:ed:53:9e:7c:bc:bc:02:8a:e9:57:5b: ce:f7:99:3e:49:9e:bf:3d:34:4d:44:da:96:9c:b5: cf:99:1c:08:e1:12:81:d8:4a:1e:1b:c0:8b:de:9d: e5:40:be:aa:94:44:fa:79:04:17:b5:08:14:73:f2: 3a:87:3d:82:ed:96:67:bb:ef:bb:f6:36:ad:d0:a0: 4e:27:e0:7d:4d:2b:ee:ac:77:d7:de:77:ba:98:87: 59:2c:12:61:4f:b4:37:18:7d:b4:31:84:99:bf:25: bd:13:06:ec:16:b1:d8:46:a8:fd:dc:45:41:05:ae: 41:b5:a9:b6:7c:a4:2a:36:3f:41:40:91:ae:2c:05: ec:92:a7:d5:3e:54:75:25:4a:00:30:70:fd:8f:fd: 3a:8f:e5:06:c3:1a:14:55:34:21:96:bc:a8:47:92: 55:86:1a:0c:35:4f:0f:08:9c:29:8f:77:09:b5:07: 1a:f6:61:ae:16:8e:7b:93:e5:8e:9e:19:09:59:ad: 72:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:08:E9:B9:59:74:D3:F3:7A:BF:92:B1:B1:A9:A9:64:6D:AD:71:68 X509v3 Authority Key Identifier: keyid:CA:62:E4:38:F9:8D:85:18:D2:F2:A5:D9:F6:76:56:51:E5:AD:A6:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:a4:78:b9:20:2c:64:5f:a7:59:7e:26:ea:ae:1f:4c:ec:55: 14:22:47:be:fd:21:ce:f6:34:cc:b0:0d:1c:a2:ef:47:32:31: 79:17:a8:ab:f4:19:93:5f:b2:47:f6:1d:ad:f7:ca:d2:4b:12: de:ce:78:ad:7f:92:33:a1:11:e0:91:01:b8:75:96:6b:24:dd: 65:d1:8a:1e:35:20:59:e7:fc:37:f9:9c:c2:93:f4:21:96:e5: cd:ea:74:ad:29:f5:79:47:76:7d:af:45:47:d3:00:85:99:5d: b9:94:de:c4:6e:df:3e:ce:24:93:86:a5:7f:c5:b9:2a:cd:47: c2:64:03:9c:dd:8c:30:4f:25:94:9e:4d:83:e0:67:77:63:b4: d9:91:49:24:8d:75:4f:17:b5:c2:f7:82:00:cf:25:14:88:d0: f8:5e:92:4f:7d:cb:b5:d8:6c:7a:f5:1b:a3:db:e7:f8:f7:fa: d2:ce:49:a3:77:1c:c8:d2:02:02:9c:b9:ca:2e:ad:70:fc:e4: 41:b7:dd:6d:2d:1f:ba:0e:3e:f9:1c:4f:99:8f:9b:bf:a0:c6: 10:3d:48:c9:7b:50:2e:f6:6b:8f:e9:71:b3:11:4b:64:44:bb: c2:df:9c:c6:59:3e:d8:cb:93:59:1e:64:63:01:d3:09:b8:f5: 2d:de:45:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCxQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjhCQTIxMTAvBgNVBAUTKENBNjJFNDM4Rjk4RDg1MThEMkYyQTVEOUY2NzY1NjUx RTVBREE2MEUwHhcNMjUwOTA2MTkzNjU4WhcNMjUwOTEzMTkzNjU4WjAYMRYwFAYD VQQDEw02OGJjOGQ1YS01MGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzj9Hto2oeGN/VvQqcfNRsc2A8vU5Z5SRuwYA1fJ24QNKZ3sSAggDo6s9Tesu dZB/iRzQBFWPsZTNOIDEtiuz7VOefLy8AorpV1vO95k+SZ6/PTRNRNqWnLXPmRwI 4RKB2EoeG8CL3p3lQL6qlET6eQQXtQgUc/I6hz2C7ZZnu++79jat0KBOJ+B9TSvu rHfX3ne6mIdZLBJhT7Q3GH20MYSZvyW9EwbsFrHYRqj93EVBBa5Btam2fKQqNj9B QJGuLAXskqfVPlR1JUoAMHD9j/06j+UGwxoUVTQhlryoR5JVhhoMNU8PCJwpj3cJ tQca9mGuFo57k+WOnhkJWa1yEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD8I6blZ dNPzer+SsbGpqWRtrXFoMB8GA1UdIwQYMBaAFMpi5Dj5jYUY0vKl2fZ2VlHlraYO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEJBMi85OURGMzg2MjU0 QzQxMUVBODRGNEU3MkRDNEY5QUUwMi95bUxrT1BtTmhSalM4cVhaOW5aV1VlV3Rw ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ltTGtPUG1OaFJqUzhxWFo5blpXVWVXdHBnNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OEJBMi85OURGMzg2MjU0QzQxMUVBODRGNEU3MkRDNEY5QUUwMi95bUxrT1BtTmhS alM4cVhaOW5aV1VlV3RwZzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBIpHi5ICxkX6dZfibqrh9M7FUUIke+/SHO9jTMsA0cou9HMjF5F6ir 9BmTX7JH9h2t98rSSxLeznitf5IzoRHgkQG4dZZrJN1l0YoeNSBZ5/w3+ZzCk/Qh luXN6nStKfV5R3Z9r0VH0wCFmV25lN7Ebt8+ziSThqV/xbkqzUfCZAOc3YwwTyWU nk2D4Gd3Y7TZkUkkjXVPF7XC94IAzyUUiND4XpJPfcu12Gx69Ruj2+f49/rSzkmj dxzI0gICnLnKLq1w/ORBt91tLR+6Dj75HE+Zj5u/oMYQPUjJe1Au9muP6XGzEUtk RLvC35zGWT7Yy5NZHmRjAdMJuPUt3kVZ -----END CERTIFICATE-----Generated at Mon Sep 8 02:24:48 2025 by rpki-client