$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft File: y1McHsaSJfDcrkTOyl41mAzpwPI.mft (raw, json) Hash identifier: XCa6uTB97ZEqBR5AsTtWFB0oWcsPAg9D++v+6C5faq4= Subject key identifier: BA:E0:08:50:DD:96:16:D0:44:0C:DB:DB:DF:62:CA:1B:64:2A:31:22 Authority key identifier: CB:53:1C:1E:C6:92:25:F0:DC:AE:44:CE:CA:5E:35:98:0C:E9:C0:F2 Certificate issuer: /CN=A91CFFCB/serialNumber=CB531C1EC69225F0DCAE44CECA5E35980CE9C0F2 Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1McHsaSJfDcrkTOyl41mAzpwPI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft Manifest number: 10 Signing time: Tue 01 Jul 2025 08:52:55 +0000 Manifest this update: Tue 01 Jul 2025 08:52:55 +0000 Manifest next update: Tue 08 Jul 2025 08:52:55 +0000 Files and hashes: 1: y1McHsaSJfDcrkTOyl41mAzpwPI.crl (hash: Px5bo9XKnq/5TJjPbJ+y0FL/wTX1h69JmlH67oFJ22M=) 2: BB8F3118497B11F096DCA14EC4F9AE02.roa (hash: n0pGyYXueEy9F7Jw89IAbICySxf38MqDCZugETeFEBQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1McHsaSJfDcrkTOyl41mAzpwPI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=CB531C1EC69225F0DCAE44CECA5E35980CE9C0F2 Validity Not Before: Jul 1 08:52:55 2025 GMT Not After : Jul 8 08:52:55 2025 GMT Subject: CN=6863a1e7-e6a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:9a:d5:8c:c3:43:33:f3:c2:d5:7b:96:48:d0: 60:19:e3:8f:bd:ce:d9:ea:df:8f:5e:d7:0c:87:4d: e5:ca:ce:13:4a:90:0f:aa:24:c8:90:ff:18:1a:cb: 0b:f2:4a:a4:4a:4c:67:a8:b0:83:2e:79:4b:42:e0: e8:1a:d3:cc:9a:0f:56:82:4a:5e:ff:a0:77:71:3d: ce:0c:2e:66:39:c9:99:6b:57:6f:00:c4:33:90:39: 1c:bf:e2:2a:0c:54:58:c7:70:c2:ec:e4:6b:f3:fd: 45:47:51:fa:d5:15:f2:ce:f9:d5:a3:78:9e:f0:8d: 7e:bd:20:3d:dc:dd:16:e2:56:89:9a:47:c2:7d:e2: a0:0a:30:1d:3f:3e:f0:aa:41:f6:84:17:1f:40:77: c9:a6:c2:d7:bc:d2:49:06:8e:b2:b6:d7:91:80:b7: f7:79:d9:da:b0:e9:f5:7c:0c:d7:56:b3:f5:64:91: e2:a3:c3:19:fc:5c:c4:1e:0c:48:23:4c:28:da:90: ea:cf:27:1c:df:a9:12:8c:d0:ab:87:f4:51:30:55: b6:51:65:b5:c5:b8:59:fe:a2:00:3e:f0:1b:1c:01: 20:3f:1c:04:48:be:fc:08:d2:90:5c:c4:13:9f:52: 14:6b:dd:70:17:c4:b1:0a:97:b3:35:76:f2:93:09: 83:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:E0:08:50:DD:96:16:D0:44:0C:DB:DB:DF:62:CA:1B:64:2A:31:22 X509v3 Authority Key Identifier: keyid:CB:53:1C:1E:C6:92:25:F0:DC:AE:44:CE:CA:5E:35:98:0C:E9:C0:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1McHsaSJfDcrkTOyl41mAzpwPI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/F5DB7A16420511F0BF7A8711C4F9AE02/y1McHsaSJfDcrkTOyl41mAzpwPI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:fb:07:b9:a1:6a:c7:80:ce:19:f7:10:d2:9c:30:10:a2:62: cc:04:01:45:70:94:a5:e4:0e:c7:b5:5c:79:24:3b:4c:8f:ef: 51:01:21:22:e7:73:98:70:85:98:68:06:aa:9c:74:e1:78:23: 77:c2:76:0a:18:30:dd:a3:ea:9f:66:9d:aa:8d:77:36:32:21: e9:a2:b9:2e:3c:b3:af:02:05:d9:a8:62:59:03:21:9a:38:3d: e8:df:13:e6:ce:e4:45:25:43:0d:6d:c4:76:7b:db:9c:05:4b: 2e:fd:36:14:84:69:99:0f:95:d5:2b:69:7e:74:cb:28:00:0e: d2:47:84:46:33:de:f7:ea:d9:b2:a6:c2:58:d9:b3:dc:b7:43: 1f:7c:76:75:ee:0f:e4:1f:c3:1c:47:51:4e:94:a4:69:b5:96: b1:65:68:4d:9e:d1:a8:b8:fc:21:a6:b3:b3:e0:a5:e4:dc:26: 1b:df:7d:fa:e3:c1:53:47:75:4a:dd:29:8e:e4:ee:3e:75:97: d4:b7:52:46:f2:08:a8:be:e9:91:c3:91:38:7e:57:f2:34:de: d5:35:b8:99:16:6f:e7:89:50:15:30:91:63:bb:29:5c:fc:82: 8c:f6:f0:3b:61:7f:81:9a:50:c2:54:ce:0d:47:a4:db:b8:59: 99:14:cc:44 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoQ0I1MzFDMUVDNjkyMjVGMERDQUU0NENFQ0E1RTM1OTgw Q0U5QzBGMjAeFw0yNTA3MDEwODUyNTVaFw0yNTA3MDgwODUyNTVaMBgxFjAUBgNV BAMTDTY4NjNhMWU3LWU2YTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQComtWMw0Mz88LVe5ZI0GAZ44+9ztnq349e1wyHTeXKzhNKkA+qJMiQ/xgaywvy SqRKTGeosIMueUtC4Oga08yaD1aCSl7/oHdxPc4MLmY5yZlrV28AxDOQORy/4ioM VFjHcMLs5Gvz/UVHUfrVFfLO+dWjeJ7wjX69ID3c3RbiVomaR8J94qAKMB0/PvCq QfaEFx9Ad8mmwte80kkGjrK215GAt/d52dqw6fV8DNdWs/VkkeKjwxn8XMQeDEgj TCjakOrPJxzfqRKM0KuH9FEwVbZRZbXFuFn+ogA+8BscASA/HARIvvwI0pBcxBOf UhRr3XAXxLEKl7M1dvKTCYMHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuuAIUN2W FtBEDNvb32LKG2QqMSIwHwYDVR0jBBgwFoAUy1McHsaSJfDcrkTOyl41mAzpwPIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0Y1REI3QTE2NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL3kxTWNIc2FTSmZEY3JrVE95bDQxbUF6cHdQ SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveTFNY0hzYVNKZkRjcmtUT3lsNDFtQXpwd1BJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0Y1REI3QTE2NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL3kxTWNIc2FTSmZE Y3JrVE95bDQxbUF6cHdQSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAX7B7mhaseAzhn3ENKcMBCiYswEAUVwlKXkDse1XHkkO0yP71EBISLn c5hwhZhoBqqcdOF4I3fCdgoYMN2j6p9mnaqNdzYyIemiuS48s68CBdmoYlkDIZo4 PejfE+bO5EUlQw1txHZ725wFSy79NhSEaZkPldUraX50yygADtJHhEYz3vfq2bKm wljZs9y3Qx98dnXuD+QfwxxHUU6UpGm1lrFlaE2e0ai4/CGms7PgpeTcJhvfffrj wVNHdUrdKY7k7j51l9S3UkbyCKi+6ZHDkTh+V/I03tU1uJkWb+eJUBUwkWO7KVz8 goz28Dthf4GaUMJUzg1HpNu4WZkUzEQ= -----END CERTIFICATE-----Generated at Tue Jul 1 15:02:13 2025 by rpki-client