$ rpki-client -vvf rpki.apnic.net/member_repository/A917877E/389A62D25D5D11F0B49A7847C4F9AE02/bYq2_eUh3BBvlIKStQL9Wgc0g3w.mft File: bYq2_eUh3BBvlIKStQL9Wgc0g3w.mft (raw, json) Hash identifier: PBauN83q/BX9Myr6uPnuTIIPUIkRXSHaEqmoAyJKa1o= Subject key identifier: 04:57:B4:AC:A2:1B:09:56:C1:FB:B0:1F:B0:9C:48:EB:AA:FC:16:01 Authority key identifier: 6D:8A:B6:FD:E5:21:DC:10:6F:94:82:92:B5:02:FD:5A:07:34:83:7C Certificate issuer: /CN=A917877E/serialNumber=6D8AB6FDE521DC106F948292B502FD5A0734837C Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bYq2_eUh3BBvlIKStQL9Wgc0g3w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917877E/389A62D25D5D11F0B49A7847C4F9AE02/bYq2_eUh3BBvlIKStQL9Wgc0g3w.mft Manifest number: 20 Signing time: Fri 05 Sep 2025 08:21:36 +0000 Manifest this update: Fri 05 Sep 2025 08:21:36 +0000 Manifest next update: Fri 12 Sep 2025 08:21:36 +0000 Files and hashes: 1: bYq2_eUh3BBvlIKStQL9Wgc0g3w.crl (hash: gOArAmD1PdX/DtWOgrh4pEBO2XXBzfrref1H2mSLQ+k=) 2: 9EA96DF25D5D11F08A574048C4F9AE02.roa (hash: q6ZblRMV0uyhkappWvL+RGy5XexsiemwGej/lfgL9RI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917877E/389A62D25D5D11F0B49A7847C4F9AE02/bYq2_eUh3BBvlIKStQL9Wgc0g3w.crl rsync://rpki.apnic.net/member_repository/A917877E/389A62D25D5D11F0B49A7847C4F9AE02/bYq2_eUh3BBvlIKStQL9Wgc0g3w.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bYq2_eUh3BBvlIKStQL9Wgc0g3w.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 08:21:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917877E, serialNumber=6D8AB6FDE521DC106F948292B502FD5A0734837C Validity Not Before: Sep 5 08:21:36 2025 GMT Not After : Sep 12 08:21:36 2025 GMT Subject: CN=68ba9d90-1e2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b8:4f:a1:39:d7:c2:8f:31:a3:a1:a7:08:de: 1c:ea:c1:cd:65:b8:3d:c2:92:08:83:fb:4e:8f:59: 27:ab:2f:9d:84:ea:0d:f6:64:b8:ed:dc:76:31:46: ec:4b:ac:2c:db:76:1f:5f:e4:90:79:24:8d:35:39: 14:29:51:c0:de:1c:dd:67:07:59:c6:67:ed:1e:51: 27:d1:bf:84:e6:a2:4f:b1:de:f8:e0:c8:95:6f:89: fb:c7:2e:c7:d4:7b:b8:b7:28:9d:8d:b2:f5:97:7f: 92:fc:00:80:66:be:99:cc:3e:bb:43:3b:71:54:14: db:a1:32:b0:f6:80:b4:3d:78:c1:94:a0:fb:dd:c8: e0:ff:83:6b:d9:7d:bc:1a:6e:22:a4:9b:ec:1c:b3: 34:5e:8e:2b:82:b5:0c:5f:6a:8d:22:22:89:63:30: 70:d1:68:7a:33:f0:1d:42:a9:48:14:c9:89:a6:70: 63:54:27:5c:f0:cc:b4:38:b5:3b:ad:1d:0e:82:eb: 84:b4:9b:b5:a3:d6:35:a5:19:95:ea:39:5a:cc:78: bf:15:cc:a1:3c:9e:96:e9:18:b8:0d:d4:59:0f:75: 2a:80:9b:b9:7b:77:a1:50:48:a6:0d:0c:b5:85:2e: 52:98:b3:dc:84:34:ce:d9:6d:de:cc:29:88:c2:9c: 47:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:57:B4:AC:A2:1B:09:56:C1:FB:B0:1F:B0:9C:48:EB:AA:FC:16:01 X509v3 Authority Key Identifier: keyid:6D:8A:B6:FD:E5:21:DC:10:6F:94:82:92:B5:02:FD:5A:07:34:83:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917877E/389A62D25D5D11F0B49A7847C4F9AE02/bYq2_eUh3BBvlIKStQL9Wgc0g3w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bYq2_eUh3BBvlIKStQL9Wgc0g3w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917877E/389A62D25D5D11F0B49A7847C4F9AE02/bYq2_eUh3BBvlIKStQL9Wgc0g3w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:0e:ba:12:7d:75:dd:e6:e7:25:65:7e:71:6c:c8:5f:67:ad: 85:af:a0:9f:ca:31:9b:41:10:ad:9f:c9:27:a9:04:fa:47:b0: a6:65:52:54:14:2a:ed:de:7a:ea:0a:78:25:01:fb:f3:49:82: f5:5a:32:e4:8f:99:d6:95:07:71:5e:37:f2:85:8f:fa:74:85: b5:77:36:15:af:55:3f:a0:0d:bb:83:ce:fc:b5:e0:ac:b5:66: 19:fe:f0:8c:6f:21:c2:9c:55:26:74:91:37:69:ac:1e:dc:d2: 1c:15:62:cc:fe:6c:cd:34:2b:28:b1:a2:a2:b6:7b:ee:09:f7: bc:02:96:d7:f9:92:35:b8:0e:f3:a3:34:5b:8c:c2:f2:34:64: c2:09:01:27:43:9c:39:c5:8b:8f:e5:e7:8c:06:41:0d:9d:75: 5b:d0:31:fc:dc:5e:09:42:79:61:70:41:1f:34:2b:da:da:0f: 7b:4c:8b:2a:f1:fd:77:03:39:33:c4:c2:ed:fd:8e:26:85:f0: 2b:d0:3b:c0:fa:cc:57:06:b3:6a:79:08:4f:0d:f0:0a:0d:49: 88:50:ca:6f:09:ce:a3:89:d1:fe:ee:74:cd:6e:c1:8f:d1:b5: a1:14:c5:59:4d:52:0d:87:0d:f4:ad:4a:48:f0:17:71:1a:3f: a6:eb:0a:40 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 ODc3RTExMC8GA1UEBRMoNkQ4QUI2RkRFNTIxREMxMDZGOTQ4MjkyQjUwMkZENUEw NzM0ODM3QzAeFw0yNTA5MDUwODIxMzZaFw0yNTA5MTIwODIxMzZaMBgxFjAUBgNV BAMTDTY4YmE5ZDkwLTFlMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBuE+hOdfCjzGjoacI3hzqwc1luD3CkgiD+06PWSerL52E6g32ZLjt3HYxRuxL rCzbdh9f5JB5JI01ORQpUcDeHN1nB1nGZ+0eUSfRv4Tmok+x3vjgyJVvifvHLsfU e7i3KJ2NsvWXf5L8AIBmvpnMPrtDO3FUFNuhMrD2gLQ9eMGUoPvdyOD/g2vZfbwa biKkm+wcszRejiuCtQxfao0iIoljMHDRaHoz8B1CqUgUyYmmcGNUJ1zwzLQ4tTut HQ6C64S0m7Wj1jWlGZXqOVrMeL8VzKE8npbpGLgN1FkPdSqAm7l7d6FQSKYNDLWF LlKYs9yENM7Zbd7MKYjCnEedAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBFe0rKIb CVbB+7AfsJxI66r8FgEwHwYDVR0jBBgwFoAUbYq2/eUh3BBvlIKStQL9Wgc0g3ww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc4NzdFLzM4OUE2MkQyNUQ1 RDExRjBCNDlBNzg0N0M0RjlBRTAyL2JZcTJfZVVoM0JCdmxJS1N0UUw5V2djMGcz dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYllxMl9lVWgzQkJ2bElLU3RRTDlXZ2MwZzN3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc4 NzdFLzM4OUE2MkQyNUQ1RDExRjBCNDlBNzg0N0M0RjlBRTAyL2JZcTJfZVVoM0JC dmxJS1N0UUw5V2djMGczdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEgOuhJ9dd3m5yVlfnFsyF9nrYWvoJ/KMZtBEK2fySepBPpHsKZlUlQU Ku3eeuoKeCUB+/NJgvVaMuSPmdaVB3FeN/KFj/p0hbV3NhWvVT+gDbuDzvy14Ky1 Zhn+8IxvIcKcVSZ0kTdprB7c0hwVYsz+bM00KyixoqK2e+4J97wCltf5kjW4DvOj NFuMwvI0ZMIJASdDnDnFi4/l54wGQQ2ddVvQMfzcXglCeWFwQR80K9raD3tMiyrx /XcDOTPEwu39jiaF8CvQO8D6zFcGs2p5CE8N8AoNSYhQym8JzqOJ0f7udM1uwY/R taEUxVlNUg2HDfStSkjwF3EaP6brCkA= -----END CERTIFICATE-----Generated at Sat Sep 6 15:24:06 2025 by rpki-client