$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1E29/DD13F8F0B29F11EA9380C04BC4F9AE02/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.mft File: W_YkOZCpRkyFt4I9tCbiq5ZyCjw.mft (raw, json) Hash identifier: tFOiTGAQzUlTTIp722VTHR7xhlED0F31NDydx3sWohQ= Subject key identifier: 72:3E:D5:7E:3A:1A:43:58:7B:2C:A7:00:4B:C4:08:E5:46:C4:9D:A3 Authority key identifier: 5B:F6:24:39:90:A9:46:4C:85:B7:82:3D:B4:26:E2:AB:96:72:0A:3C Certificate issuer: /CN=A91D1E29/serialNumber=5BF6243990A9464C85B7823DB426E2AB96720A3C Certificate serial: 08F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1E29/DD13F8F0B29F11EA9380C04BC4F9AE02/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.mft Manifest number: 08F1 Signing time: Wed 20 Aug 2025 20:25:52 +0000 Manifest this update: Wed 20 Aug 2025 20:25:52 +0000 Manifest next update: Wed 27 Aug 2025 20:25:52 +0000 Files and hashes: 1: W_YkOZCpRkyFt4I9tCbiq5ZyCjw.crl (hash: 4JiGai/JHfibrb674MsDIVI84QBLuCzhEZkmppXgXoc=) 2: 108B7DAAB2A711EAABBE8663C4F9AE02.roa (hash: qTuGE1JcRtd/cW9n5J8BXF2j1PTZne38og2GGYl8DqM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1E29/DD13F8F0B29F11EA9380C04BC4F9AE02/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.crl rsync://rpki.apnic.net/member_repository/A91D1E29/DD13F8F0B29F11EA9380C04BC4F9AE02/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 20:25:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2295 (0x8f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1E29, serialNumber=5BF6243990A9464C85B7823DB426E2AB96720A3C Validity Not Before: Aug 20 20:25:52 2025 GMT Not After : Aug 27 20:25:52 2025 GMT Subject: CN=68a62f50-d3c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a8:6b:6e:52:6d:b8:fe:c0:d2:b6:2d:9f:94: 5d:33:b9:1d:25:32:7a:31:50:43:da:ad:7e:45:cf: dc:38:e2:83:7f:80:89:06:0e:fb:dc:d2:ef:6a:27: 05:e4:c0:d6:fd:08:f3:dc:f6:8b:6d:c1:33:d3:03: 62:60:f5:ef:51:1c:6a:24:a6:23:d1:f2:92:2d:73: 31:5e:e7:6d:9a:2b:32:cc:a2:c1:bb:97:87:ad:30: ee:10:ed:50:61:20:fb:7f:77:7a:9d:9d:d8:03:30: 30:aa:b0:66:d5:ce:ea:82:be:8f:55:a2:b9:10:18: 3b:44:7d:d4:0d:3b:de:30:bd:75:b2:f9:20:79:2a: f5:22:a5:dd:13:e4:f2:2a:45:72:f9:45:72:59:a1: 40:2d:bd:84:c5:46:a5:a2:44:49:de:af:42:4b:89: ca:9e:0f:10:fe:5c:fa:21:36:b1:2a:09:ed:39:6e: 9a:a6:0b:d6:c8:d4:6b:79:57:cd:b8:11:1c:2d:a5: 2c:4a:54:2f:10:82:0f:e3:d6:9a:eb:b8:c4:b0:44: 76:a8:a2:c6:b1:7c:39:67:d1:35:c4:a2:c0:9d:2f: 80:20:f5:69:e6:14:01:1a:be:2b:f3:c9:59:ef:ca: 91:dd:9d:6b:d6:83:2f:4f:13:58:ff:99:92:44:37: c8:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:3E:D5:7E:3A:1A:43:58:7B:2C:A7:00:4B:C4:08:E5:46:C4:9D:A3 X509v3 Authority Key Identifier: keyid:5B:F6:24:39:90:A9:46:4C:85:B7:82:3D:B4:26:E2:AB:96:72:0A:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1E29/DD13F8F0B29F11EA9380C04BC4F9AE02/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1E29/DD13F8F0B29F11EA9380C04BC4F9AE02/W_YkOZCpRkyFt4I9tCbiq5ZyCjw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:76:84:1c:44:94:08:0c:fd:42:ec:06:51:df:ad:6e:b6:43: f8:87:40:e7:65:3f:b2:0f:c9:87:9e:7b:8d:91:49:3a:0b:8e: 9a:96:1f:0a:5e:69:68:30:06:0f:a4:03:47:87:0d:31:7f:bb: e6:3c:19:58:df:a4:c7:65:cd:e7:0c:c3:1e:01:6b:48:50:06: 9b:36:16:6f:e9:b2:cd:4a:52:7f:06:1c:b3:6d:eb:80:12:35: a9:c9:8c:92:77:cc:fc:7f:dd:b0:97:8e:fe:63:fd:96:1e:a0: 37:66:5b:b6:37:a7:8c:f3:3a:68:e0:1b:63:45:8b:71:08:4b: c6:d0:7a:78:4b:59:0a:a5:d9:a9:ac:cd:9d:c9:62:f0:10:b7: b6:55:0f:7a:5e:33:f2:05:06:4e:30:b5:7d:52:72:2a:90:07: 0c:34:aa:70:12:9d:59:91:82:63:33:d5:68:95:a8:70:ee:d2: 08:d9:43:95:cf:40:ef:db:4e:42:56:78:26:1a:cc:9b:37:5b: f3:7a:27:7b:cb:52:e9:c7:18:66:4c:97:ce:09:c8:b0:48:ef: 8b:92:27:51:45:74:7c:49:0e:60:7e:ec:80:c4:20:ac:2a:d8: 49:e9:d5:e8:99:6f:26:e5:22:31:5b:14:a2:f1:49:17:4d:af: 33:1f:f6:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDFFMjkxMTAvBgNVBAUTKDVCRjYyNDM5OTBBOTQ2NEM4NUI3ODIzREI0MjZFMkFC OTY3MjBBM0MwHhcNMjUwODIwMjAyNTUyWhcNMjUwODI3MjAyNTUyWjAYMRYwFAYD VQQDEw02OGE2MmY1MC1kM2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA06hrblJtuP7A0rYtn5RdM7kdJTJ6MVBD2q1+Rc/cOOKDf4CJBg773NLvaicF 5MDW/Qjz3PaLbcEz0wNiYPXvURxqJKYj0fKSLXMxXudtmisyzKLBu5eHrTDuEO1Q YSD7f3d6nZ3YAzAwqrBm1c7qgr6PVaK5EBg7RH3UDTveML11svkgeSr1IqXdE+Ty KkVy+UVyWaFALb2ExUalokRJ3q9CS4nKng8Q/lz6ITaxKgntOW6apgvWyNRreVfN uBEcLaUsSlQvEIIP49aa67jEsER2qKLGsXw5Z9E1xKLAnS+AIPVp5hQBGr4r88lZ 78qR3Z1r1oMvTxNY/5mSRDfIGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHI+1X46 GkNYeyynAEvECOVGxJ2jMB8GA1UdIwQYMBaAFFv2JDmQqUZMhbeCPbQm4quWcgo8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUUyOS9ERDEzRjhGMEIy OUYxMUVBOTM4MEMwNEJDNEY5QUUwMi9XX1lrT1pDcFJreUZ0NEk5dENiaXE1WnlD ancuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dfWWtPWkNwUmt5RnQ0STl0Q2JpcTVaeUNqdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MUUyOS9ERDEzRjhGMEIyOUYxMUVBOTM4MEMwNEJDNEY5QUUwMi9XX1lrT1pDcFJr eUZ0NEk5dENiaXE1WnlDancubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOdoQcRJQIDP1C7AZR361utkP4h0DnZT+yD8mHnnuNkUk6C46alh8K XmloMAYPpANHhw0xf7vmPBlY36THZc3nDMMeAWtIUAabNhZv6bLNSlJ/BhyzbeuA EjWpyYySd8z8f92wl47+Y/2WHqA3Zlu2N6eM8zpo4BtjRYtxCEvG0Hp4S1kKpdmp rM2dyWLwELe2VQ96XjPyBQZOMLV9UnIqkAcMNKpwEp1ZkYJjM9Volahw7tII2UOV z0Dv205CVngmGsybN1vzeid7y1LpxxhmTJfOCciwSO+LkidRRXR8SQ5gfuyAxCCs KthJ6dXomW8m5SIxWxSi8UkXTa8zH/bQ -----END CERTIFICATE-----Generated at Fri Aug 22 16:32:13 2025 by rpki-client