$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft File: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft (raw, json) Hash identifier: 87xFqzMuFnHlJv00ReKJKIrUJAifowPSX1DSk2WM2mY= Subject key identifier: E3:A4:70:47:44:8A:9F:8D:0F:E1:64:66:E3:CB:05:C3:B1:E2:29:A7 Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Certificate serial: 04C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft Manifest number: 04A9 Signing time: Wed 03 Sep 2025 00:17:05 +0000 Manifest this update: Wed 03 Sep 2025 00:17:04 +0000 Manifest next update: Wed 10 Sep 2025 00:17:04 +0000 Files and hashes: 1: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl (hash: NhfrZm7WvA3+sBHKRe6JSGrbP7Lm1oyhzl1vxZpPjpg=) 2: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (hash: 4by10ick3aOPoEwL9MxmYZych/O61DB95JCCfpjs2l0=) 3: 52B98FDA46AF11ECB113AA4BC4F9AE02.roa (hash: zdWwyK62ezTqtldMx3AFhd08v1ee56JEEEGh/b+1bK8=) 4: 35A2418C45AE11ECB857890EC4F9AE02.roa (hash: yt5ul2v37If2OMAgvwlcXNvNlpOeU9vk4N82gRjp7ro=) 5: 9896BA2EB6DE11EC8DB17172C4F9AE02.roa (hash: tkC8VFhPaMMB7xHukmlTC8vVY5Lai1noTB/JDIdLAEc=) 6: 351AC73E45AE11ECB857890EC4F9AE02.roa (hash: ofwlwfDv/f2slgSdPa6hT78BUtn3LBZ837QvOITSXas=) 7: 346A2B4045AE11ECB857890EC4F9AE02.roa (hash: y6Yo94bVO58GlNbuqBWAfuC5sCH6iiyxweKo6sloNrk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 00:17:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1218 (0x4c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4357, serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Validity Not Before: Sep 3 00:17:04 2025 GMT Not After : Sep 10 00:17:04 2025 GMT Subject: CN=68b78901-c452 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:66:04:4a:a1:17:b4:4c:0c:46:6a:61:d8:a3: f1:7d:0e:32:19:8b:73:b5:09:3a:16:8d:0c:d0:99: 54:a5:43:f8:95:e5:03:8d:10:ad:2e:27:f6:cb:e6: 2e:39:12:36:0a:17:94:07:4e:a0:bb:6e:d3:90:b2: 7f:3e:0b:92:d1:37:df:f0:ff:51:db:47:24:2c:6f: 82:b5:49:45:0a:88:95:c3:11:0f:af:3d:fe:b3:b7: b7:21:84:5d:b6:06:34:e8:b1:bc:ae:43:38:2a:ac: ab:28:ff:59:a3:fb:d4:75:45:84:03:ca:a5:0d:b8: 07:56:42:d4:55:b6:c9:08:32:ec:06:22:60:6e:49: e3:af:48:07:63:69:2a:e0:fe:d8:63:f4:87:2e:70: 4d:51:44:c5:8c:e9:bf:65:b7:67:14:2c:54:d2:72: 2d:69:d0:4b:4b:0a:93:eb:48:70:d2:78:88:a0:6d: 57:a8:da:0a:6f:5e:c0:61:2b:fe:fc:c4:c3:0f:81: 3a:0d:26:d1:1c:df:13:54:eb:2e:64:0f:28:ec:d1: 0c:9d:59:93:aa:8e:fb:5e:f7:83:ca:4e:db:1e:ca: 8a:ae:2f:01:3c:79:ae:ac:a8:ea:81:7d:38:ff:08: e2:2a:e9:08:05:ab:9d:b0:40:38:f9:be:30:1b:e6: 34:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A4:70:47:44:8A:9F:8D:0F:E1:64:66:E3:CB:05:C3:B1:E2:29:A7 X509v3 Authority Key Identifier: keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:18:d2:a6:3d:e9:a0:98:4a:0c:0d:09:b8:d5:76:2e:27:aa: 2b:09:ec:3d:ef:b9:46:5a:5f:cc:38:82:d6:33:13:b0:fa:52: a5:48:23:5c:59:12:90:dc:d3:4b:f3:06:69:42:23:dc:71:a2: 41:29:b4:d9:5a:1d:41:7f:c2:2c:95:a6:14:17:0e:a5:5b:77: b7:2e:a3:b2:ca:18:2e:2d:b1:c0:17:20:63:e2:8e:a8:75:6f: 9d:f2:8d:7c:83:78:b8:a4:bd:a4:06:40:a6:70:35:26:63:59: f9:ed:cf:30:cb:27:a7:5a:78:de:ff:76:95:e8:d7:0f:36:69: ce:dc:c0:0f:04:75:4a:55:bc:50:10:16:90:c9:8d:61:e6:1e: 7a:38:52:cf:06:b9:98:9d:60:2f:24:62:2b:3a:c8:3f:dd:67: e4:a5:0e:d3:76:be:e0:52:9f:c3:e4:af:4e:fc:68:25:0d:3b: 9c:f1:83:6b:33:7f:cc:c0:9a:67:86:b9:b2:4c:a0:4b:14:b3: ba:30:a8:87:48:b3:39:dd:87:ad:4d:ef:65:ec:3f:76:6a:ec: 1f:b2:00:61:ab:aa:af:21:d2:6c:87:fc:2f:1d:55:e4:fc:55: ca:66:e9:bd:25:7b:94:e9:ae:74:9a:a5:ec:29:2b:67:d3:c2: 62:bb:6f:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB RDYxNjk3MUEwHhcNMjUwOTAzMDAxNzA0WhcNMjUwOTEwMDAxNzA0WjAYMRYwFAYD VQQDEw02OGI3ODkwMS1jNDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1WYESqEXtEwMRmph2KPxfQ4yGYtztQk6Fo0M0JlUpUP4leUDjRCtLif2y+Yu ORI2CheUB06gu27TkLJ/PguS0Tff8P9R20ckLG+CtUlFCoiVwxEPrz3+s7e3IYRd tgY06LG8rkM4KqyrKP9Zo/vUdUWEA8qlDbgHVkLUVbbJCDLsBiJgbknjr0gHY2kq 4P7YY/SHLnBNUUTFjOm/ZbdnFCxU0nItadBLSwqT60hw0niIoG1XqNoKb17AYSv+ /MTDD4E6DSbRHN8TVOsuZA8o7NEMnVmTqo77XveDyk7bHsqKri8BPHmurKjqgX04 /wjiKukIBaudsEA4+b4wG+Y07QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOkcEdE ip+ND+FkZuPLBcOx4imnMB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1 QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDM1Ny9CODRCMTBFQzQ1QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJY bVQ2TmdibjVlWTJ0WVdseG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDGNKmPemgmEoMDQm41XYuJ6orCew977lGWl/MOILWMxOw+lKlSCNc WRKQ3NNL8wZpQiPccaJBKbTZWh1Bf8IslaYUFw6lW3e3LqOyyhguLbHAFyBj4o6o dW+d8o18g3i4pL2kBkCmcDUmY1n57c8wyyenWnje/3aV6NcPNmnO3MAPBHVKVbxQ EBaQyY1h5h56OFLPBrmYnWAvJGIrOsg/3WfkpQ7Tdr7gUp/D5K9O/GglDTuc8YNr M3/MwJpnhrmyTKBLFLO6MKiHSLM53YetTe9l7D92auwfsgBhq6qvIdJsh/wvHVXk /FXKZum9JXuU6a50mqXsKStn08Jiu29s -----END CERTIFICATE-----Generated at Wed Sep 3 16:18:51 2025 by rpki-client