$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft File: ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft (raw, json) Hash identifier: ERImkWemtr3M9wcMCotvON2aCFWCU2thncHgRgm1LqI= Subject key identifier: 2E:0B:6C:DD:58:57:E7:6E:F3:4A:73:55:ED:0E:99:9C:A6:F4:53:CA Authority key identifier: 67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D Certificate issuer: /CN=A91CAA4E/serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Certificate serial: 135E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft Manifest number: 1A9D Signing time: Sun 24 Aug 2025 16:58:16 +0000 Manifest this update: Sun 24 Aug 2025 16:58:16 +0000 Manifest next update: Sun 31 Aug 2025 16:58:16 +0000 Files and hashes: 1: ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl (hash: 5aicfm7RN29JCQdyJUnO4Dx9YNOyv/7mGDr8scJoEK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 16:58:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4958 (0x135e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAA4E, serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Validity Not Before: Aug 24 16:58:16 2025 GMT Not After : Aug 31 16:58:16 2025 GMT Subject: CN=68ab44a8-359c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:bb:4d:25:13:25:f9:7e:0f:ce:e4:5c:73:9a: d9:78:39:f2:14:9c:a9:6a:86:31:7e:cc:b9:32:40: 8a:db:21:67:a0:6f:66:f7:e4:5f:cd:ed:ec:6a:ca: 72:24:cd:c0:d4:f9:d9:0f:24:e7:6a:f6:e0:90:5b: 29:08:43:f9:d8:13:17:49:a3:d1:59:c9:a2:cf:de: f9:cc:b0:2b:8c:84:82:35:87:00:22:e4:ed:ca:de: d2:b4:4e:55:d8:c4:bc:17:5b:88:9e:6f:14:99:6e: 66:b7:e4:06:0a:f0:e2:23:76:94:24:43:2a:6e:9c: 1d:9c:99:08:1d:34:8e:5b:4b:3f:a5:d2:c2:88:69: 04:e3:be:96:32:50:78:85:6c:c7:12:06:16:c6:04: 1e:38:37:b3:4e:8d:92:6d:ad:6a:12:cc:a7:14:fc: 7a:41:b2:e4:61:c9:bc:9c:bc:3c:88:f9:f8:68:29: 9d:1a:70:e0:b1:5e:ab:1d:07:c6:e9:bb:20:03:df: 19:cb:6d:13:6c:c8:4e:6f:8c:63:d0:fa:7e:3c:7e: dc:da:59:a8:07:eb:fc:d9:27:7c:7a:1c:93:50:aa: ba:03:44:2b:17:69:93:14:c6:aa:88:b8:48:0e:8f: 84:68:26:63:1c:5a:33:b1:c0:fd:55:e3:80:cb:db: 50:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:0B:6C:DD:58:57:E7:6E:F3:4A:73:55:ED:0E:99:9C:A6:F4:53:CA X509v3 Authority Key Identifier: keyid:67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:e4:e1:21:18:3d:ca:26:51:70:c4:ca:fd:0e:74:1a:0d:1a: c9:55:ef:b0:dd:e7:e8:13:33:99:07:61:0c:85:75:59:f6:a3: e2:30:8a:ec:a2:4a:4b:37:07:57:98:77:9d:0e:ef:39:7b:7d: ca:d6:13:95:31:2d:25:6f:55:7c:3c:27:c3:4b:dc:ca:98:65: f8:3d:42:b2:bf:73:99:ad:27:b4:9c:8c:74:96:b8:82:cd:fd: 87:ae:b2:37:3f:68:34:e0:a0:92:eb:c5:18:1a:fe:06:9d:ab: 57:74:d3:a1:00:36:94:cf:1f:e9:67:ff:e7:be:00:68:d5:98: 99:3b:26:85:84:05:eb:32:6e:9c:62:59:54:c1:40:4c:dd:2d: 97:08:8c:b0:47:e9:7d:77:b7:d9:87:56:07:e5:de:cb:a9:92: a9:39:2b:07:60:80:79:36:f2:97:31:84:47:7e:fc:c7:dc:a7: 75:4b:f0:5d:b5:8b:3e:e3:57:c2:ab:3b:cf:2a:e3:39:35:e5: 4c:d9:ff:18:fa:23:f8:53:ea:37:15:54:6a:08:19:1e:ab:b6: 46:2e:0d:b9:c5:23:ee:51:72:9f:8b:6c:bd:51:51:c3:f7:bd: a1:fc:5e:04:3e:12:36:c3:d4:85:38:0b:44:41:d8:bf:94:6c: 36:b3:3c:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FBNEUxMTAvBgNVBAUTKDY3MjEyNEY2MzNDODkxOUNBNUQ3NjZEODlFOUNDRkYw QjIxRjBDOEQwHhcNMjUwODI0MTY1ODE2WhcNMjUwODMxMTY1ODE2WjAYMRYwFAYD VQQDEw02OGFiNDRhOC0zNTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5rtNJRMl+X4PzuRcc5rZeDnyFJypaoYxfsy5MkCK2yFnoG9m9+Rfze3saspy JM3A1PnZDyTnavbgkFspCEP52BMXSaPRWcmiz975zLArjISCNYcAIuTtyt7StE5V 2MS8F1uInm8UmW5mt+QGCvDiI3aUJEMqbpwdnJkIHTSOW0s/pdLCiGkE476WMlB4 hWzHEgYWxgQeODezTo2Sba1qEsynFPx6QbLkYcm8nLw8iPn4aCmdGnDgsV6rHQfG 6bsgA98Zy20TbMhOb4xj0Pp+PH7c2lmoB+v82Sd8ehyTUKq6A0QrF2mTFMaqiLhI Do+EaCZjHFozscD9VeOAy9tQ4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC4LbN1Y V+du80pzVe0OmZym9FPKMB8GA1UdIwQYMBaAFGchJPYzyJGcpddm2J6cz/CyHwyN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUE0RS81NUU5Nzk1QUE5 NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWtaeWwxMmJZbnB6UDhMSWZE STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p5RWs5alBJa1p5bDEyYllucHpQOExJZkRJMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUE0RS81NUU5Nzk1QUE5NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWta eWwxMmJZbnB6UDhMSWZESTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBO5OEhGD3KJlFwxMr9DnQaDRrJVe+w3efoEzOZB2EMhXVZ9qPiMIrs okpLNwdXmHedDu85e33K1hOVMS0lb1V8PCfDS9zKmGX4PUKyv3OZrSe0nIx0lriC zf2HrrI3P2g04KCS68UYGv4GnatXdNOhADaUzx/pZ//nvgBo1ZiZOyaFhAXrMm6c YllUwUBM3S2XCIywR+l9d7fZh1YH5d7LqZKpOSsHYIB5NvKXMYRHfvzH3Kd1S/Bd tYs+41fCqzvPKuM5NeVM2f8Y+iP4U+o3FVRqCBkeq7ZGLg25xSPuUXKfi2y9UVHD 972h/F4EPhI2w9SFOAtEQdi/lGw2szxG -----END CERTIFICATE-----Generated at Sun Aug 24 22:05:03 2025 by rpki-client