$ rpki-client -vvf rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft File: RyCit4x4I5km_e5zRKNoDaDYBx0.mft (raw, json) Hash identifier: H8mMkVaX0V0AWz5eH2ot8ZXYKjx91qXcWbnnqTmCULs= Subject key identifier: 79:0A:59:BB:DE:F0:2C:9C:43:95:03:F8:85:E6:48:A1:54:D8:C1:CF Authority key identifier: 47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D Certificate issuer: /CN=A91972DF/serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D Certificate serial: C8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft Manifest number: C2 Signing time: Sat 25 Oct 2025 09:30:58 +0000 Manifest this update: Sat 25 Oct 2025 09:30:57 +0000 Manifest next update: Sat 01 Nov 2025 09:30:57 +0000 Files and hashes: 1: RyCit4x4I5km_e5zRKNoDaDYBx0.crl (hash: /N7Ks9uq+lQEGX6iyRWcl1ZVEDAc5oL0Qy8fZzq0FVo=) 2: D2D7B762995611EFADA5D754C4F9AE02.roa (hash: P8Uz392/KpNavGqAZa2GAkqPLrN5Wfcp0qzBrJpnBuA=) 3: 003589503F8311F0AA4DF254C4F9AE02.roa (hash: 8eqt950PmXpP3Mdx7FgJY/zBuBaFJX67pkKFWKR83KI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Nov 2025 09:30:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91972DF, serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D Validity Not Before: Oct 25 09:30:57 2025 GMT Not After : Nov 1 09:30:57 2025 GMT Subject: CN=68fc98d2-9e4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d9:31:33:ed:65:4e:7a:08:84:26:43:51:98: d7:96:42:bf:16:2c:d8:cd:8e:c1:ca:11:05:93:d9: ca:a7:6f:80:52:3a:90:69:3b:42:0e:82:45:c6:02: af:7d:42:ee:16:35:c8:6b:b0:64:31:56:1f:31:c7: 7a:42:ef:03:ae:49:df:ac:0e:17:c2:43:f1:01:e2: db:89:9a:42:90:97:2b:42:4c:1c:4f:44:31:b7:bf: 84:a7:ae:26:9d:66:6b:61:52:1d:cf:ee:60:9f:b8: 28:cb:de:4c:9c:65:e9:5e:0e:6d:f4:06:4f:6d:fa: 28:83:cd:0d:38:29:04:7f:b3:8a:77:cf:bb:4d:f2: 0d:dd:87:1e:37:9f:86:2e:53:e0:1f:18:64:ba:ca: 11:40:90:b8:a1:c6:ff:42:db:ac:92:0e:ca:9c:fc: 7a:0f:73:c1:90:74:5d:5d:54:2e:a3:1a:6d:78:98: 18:32:5e:98:4b:45:9f:24:82:84:15:73:bc:91:04: e3:5f:a6:f6:e0:23:ed:28:30:29:17:95:4d:5e:37: 26:92:1a:dd:aa:a8:aa:ad:f6:89:58:3e:b5:84:02: 5b:b6:35:7a:11:bc:b8:85:c1:09:fa:fb:3c:86:c7: 18:4b:7c:95:ee:cc:dc:4a:06:a5:fa:52:39:26:c4: b3:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:0A:59:BB:DE:F0:2C:9C:43:95:03:F8:85:E6:48:A1:54:D8:C1:CF X509v3 Authority Key Identifier: keyid:47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:31:be:36:9d:b0:d7:b8:89:6d:a0:12:f4:c0:46:be:0b:d4: 4c:97:4a:c2:c7:ba:32:77:2f:ed:b6:a9:88:09:88:b6:61:b2: b5:ae:8d:45:66:0d:2f:1a:7a:7a:20:4b:41:1f:46:0f:ad:64: 2a:6d:d1:46:92:b8:d7:0e:bb:3b:e5:e5:26:ae:2d:22:d8:3b: bd:d8:2b:a6:49:ef:62:5e:6c:49:4f:9e:0d:51:ef:16:d4:03: ec:b2:23:1a:61:8d:4e:f3:e7:92:ba:23:00:05:f3:8f:32:d3: ae:8e:c7:19:6a:12:a9:e8:20:1f:70:7e:d2:2f:1b:32:44:c9: 15:6a:ae:67:70:86:e8:51:29:f0:a3:d0:68:e1:63:0e:3b:62: 5c:bd:6b:2e:0d:be:30:6a:f5:84:55:07:47:c1:ad:b3:ae:35: 98:58:c7:05:f4:91:a8:a1:7b:01:c3:5c:09:16:40:42:55:bf: f7:a2:d8:12:c7:1c:ed:24:7a:bc:a4:94:8e:30:f9:7d:b4:64: 56:b9:67:31:e7:a9:4d:eb:73:cf:23:f5:ac:fe:bd:42:a0:03: 6b:c1:3d:ef:15:76:42:35:e9:13:9f:57:2e:89:79:22:ae:ea: a4:53:94:90:fc:cb:89:14:23:0b:93:9a:dc:20:ce:30:78:26: 63:ba:f3:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTcyREYxMTAvBgNVBAUTKDQ3MjBBMkI3OEM3ODIzOTkyNkZERUU3MzQ0QTM2ODBE QTBEODA3MUQwHhcNMjUxMDI1MDkzMDU3WhcNMjUxMTAxMDkzMDU3WjAYMRYwFAYD VQQDEw02OGZjOThkMi05ZTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqtkxM+1lTnoIhCZDUZjXlkK/FizYzY7ByhEFk9nKp2+AUjqQaTtCDoJFxgKv fULuFjXIa7BkMVYfMcd6Qu8DrknfrA4XwkPxAeLbiZpCkJcrQkwcT0Qxt7+Ep64m nWZrYVIdz+5gn7goy95MnGXpXg5t9AZPbfoog80NOCkEf7OKd8+7TfIN3YceN5+G LlPgHxhkusoRQJC4ocb/Qtuskg7KnPx6D3PBkHRdXVQuoxpteJgYMl6YS0WfJIKE FXO8kQTjX6b24CPtKDApF5VNXjcmkhrdqqiqrfaJWD61hAJbtjV6Eby4hcEJ+vs8 hscYS3yV7szcSgal+lI5JsSzkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHkKWbve 8CycQ5UD+IXmSKFU2MHPMB8GA1UdIwQYMBaAFEcgoreMeCOZJv3uc0SjaA2g2Acd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzJERi8yN0UzRURBNDk4 MzMxMUVGODMxODlBNTdDNEY5QUUwMi9SeUNpdDR4NEk1a21fZTV6UktOb0RhRFlC eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1J5Q2l0NHg0STVrbV9lNXpSS05vRGFEWUJ4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzJERi8yN0UzRURBNDk4MzMxMUVGODMxODlBNTdDNEY5QUUwMi9SeUNpdDR4NEk1 a21fZTV6UktOb0RhRFlCeDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1Mb42nbDXuIltoBL0wEa+C9RMl0rCx7oydy/ttqmICYi2YbK1ro1F Zg0vGnp6IEtBH0YPrWQqbdFGkrjXDrs75eUmri0i2Du92CumSe9iXmxJT54NUe8W 1APssiMaYY1O8+eSuiMABfOPMtOujscZahKp6CAfcH7SLxsyRMkVaq5ncIboUSnw o9Bo4WMOO2JcvWsuDb4wavWEVQdHwa2zrjWYWMcF9JGooXsBw1wJFkBCVb/3otgS xxztJHq8pJSOMPl9tGRWuWcx56lN63PPI/Ws/r1CoANrwT3vFXZCNekTn1cuiXki ruqkU5SQ/MuJFCMLk5rcIM4weCZjuvNF -----END CERTIFICATE-----Generated at Sun Oct 26 03:12:20 2025 by rpki-client