$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft File: y_Kp2oisCPjVEG3svXLW-gnIGOk.mft (raw, json) Hash identifier: GYQyP4UXiSwBNAt5NugEr9rJabNn/3FXxTELdvWq4go= Subject key identifier: 41:E3:BD:59:77:1B:82:EC:6D:D1:08:A0:C3:87:51:BF:5B:98:A0:E6 Authority key identifier: CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 Certificate issuer: /CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Certificate serial: 0F4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft Manifest number: 0F43 Signing time: Wed 20 Aug 2025 17:40:51 +0000 Manifest this update: Wed 20 Aug 2025 17:40:50 +0000 Manifest next update: Wed 27 Aug 2025 17:40:50 +0000 Files and hashes: 1: y_Kp2oisCPjVEG3svXLW-gnIGOk.crl (hash: N84r4m/4kI88hsVoZV0DBQKrtJ560SflJ8qFwrsamrk=) 2: 4ECF0A4C765C11E9A01A6E34C4F9AE02.roa (hash: pLwEgd+VwWLgIg3V6a+yYMrZGmHsHcB345LFbQql9+8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 17:40:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3916 (0xf4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5C25, serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Validity Not Before: Aug 20 17:40:50 2025 GMT Not After : Aug 27 17:40:50 2025 GMT Subject: CN=68a608a2-f7d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2c:e0:d4:c5:d2:25:e2:13:aa:e7:e7:c9:67: e8:1c:75:69:98:c6:44:d6:da:1a:02:26:a4:04:e6: c8:fa:3e:4c:6c:a6:b9:1e:13:b9:f1:33:75:41:85: 45:b2:04:2e:65:a9:8d:83:93:8c:14:e5:b8:d2:ce: 57:43:ba:f8:da:d2:f3:7a:03:e4:a2:98:32:91:fc: 14:0f:fa:57:ad:d7:22:7e:e3:f9:a2:19:c7:38:de: 52:c1:a1:df:45:e2:cd:ea:12:d4:8a:0d:f8:9a:d4: af:2b:51:26:a0:ad:09:a3:17:71:b7:cd:ff:2d:02: 67:92:5f:c3:3b:5a:4b:8c:d5:a1:5e:d2:bc:44:02: 12:75:21:1a:1f:e3:78:db:26:96:7b:77:3b:3b:5e: 16:07:d9:04:b1:50:3d:4e:11:b4:ed:45:96:db:51: f6:46:58:f1:da:bc:bc:4f:a8:b2:0d:e2:c8:0e:32: 27:f9:64:f9:f5:55:cf:18:9d:0c:93:3a:d4:10:ff: 38:25:89:25:43:3e:d4:cd:aa:6b:2e:48:f9:9b:61: 79:eb:03:15:1d:c6:fd:86:5e:67:1f:b7:7e:24:13: d4:15:ba:9c:23:14:ac:cf:7c:be:1d:42:be:79:55: 68:f7:25:7e:bd:f6:09:16:e3:ec:31:4f:ba:14:15: 0e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:E3:BD:59:77:1B:82:EC:6D:D1:08:A0:C3:87:51:BF:5B:98:A0:E6 X509v3 Authority Key Identifier: keyid:CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:b0:cc:f2:d6:6b:8a:47:52:00:69:f7:12:a8:41:78:64:6b: c5:df:9a:23:a1:f1:a8:35:dd:68:5f:31:82:aa:b6:0d:6b:3c: 60:d8:3b:cb:2d:42:61:51:13:1d:9e:c2:fb:32:4c:23:54:4d: 47:5d:b1:2b:cb:0b:3a:d4:85:82:c6:05:c4:25:b0:14:60:e0: 83:ac:cf:59:5c:5e:dd:41:9e:bd:99:95:e2:64:dd:34:56:d0: 12:45:9b:9e:81:b3:05:a4:d9:b5:40:68:53:b8:ca:0a:b4:56: ef:17:8c:df:1e:75:47:fc:e1:5b:d3:17:13:b6:77:47:db:f2: d6:22:44:75:14:21:af:b0:8a:14:3e:dd:e2:2b:61:e2:28:4b: 83:e5:09:4b:67:07:34:fd:80:6f:0d:5a:61:92:14:76:0d:0c: 53:0b:8e:3d:fb:3c:e0:86:e9:59:c8:35:c7:f2:6f:eb:29:a4: 91:84:c9:d9:dd:41:ad:df:59:3f:2a:e8:a0:3b:c1:7a:f6:a8: 45:ad:87:a1:ce:e1:08:20:b2:ae:11:45:2c:33:27:64:ac:54: f7:f1:8d:96:e4:69:4e:08:76:39:66:e2:ef:78:32:1c:4b:84: 07:36:4f:f8:9d:9b:ae:e5:0d:25:f8:b7:20:a3:fc:83:b3:83: aa:67:03:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD0wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVDMjUxMTAvBgNVBAUTKENCRjJBOURBODhBQzA4RjhENTEwNkRFQ0JENzJENkZB MDlDODE4RTkwHhcNMjUwODIwMTc0MDUwWhcNMjUwODI3MTc0MDUwWjAYMRYwFAYD VQQDEw02OGE2MDhhMi1mN2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqizg1MXSJeITqufnyWfoHHVpmMZE1toaAiakBObI+j5MbKa5HhO58TN1QYVF sgQuZamNg5OMFOW40s5XQ7r42tLzegPkopgykfwUD/pXrdcifuP5ohnHON5SwaHf ReLN6hLUig34mtSvK1EmoK0Joxdxt83/LQJnkl/DO1pLjNWhXtK8RAISdSEaH+N4 2yaWe3c7O14WB9kEsVA9ThG07UWW21H2Rljx2ry8T6iyDeLIDjIn+WT59VXPGJ0M kzrUEP84JYklQz7UzaprLkj5m2F56wMVHcb9hl5nH7d+JBPUFbqcIxSsz3y+HUK+ eVVo9yV+vfYJFuPsMU+6FBUOwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEHjvVl3 G4LsbdEIoMOHUb9bmKDmMB8GA1UdIwQYMBaAFMvyqdqIrAj41RBt7L1y1voJyBjp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUMyNS82ODdBMTBBNjc2 NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQalZFRzNzdlhMVy1nbklH T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lfS3Ayb2lzQ1BqVkVHM3N2WExXLWduSUdPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUMyNS82ODdBMTBBNjc2NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQ alZFRzNzdlhMVy1nbklHT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwsMzy1muKR1IAafcSqEF4ZGvF35ojofGoNd1oXzGCqrYNazxg2DvL LUJhURMdnsL7MkwjVE1HXbEryws61IWCxgXEJbAUYOCDrM9ZXF7dQZ69mZXiZN00 VtASRZuegbMFpNm1QGhTuMoKtFbvF4zfHnVH/OFb0xcTtndH2/LWIkR1FCGvsIoU Pt3iK2HiKEuD5QlLZwc0/YBvDVphkhR2DQxTC449+zzghulZyDXH8m/rKaSRhMnZ 3UGt31k/KuigO8F69qhFrYehzuEIILKuEUUsMydkrFT38Y2W5GlOCHY5ZuLveDIc S4QHNk/4nZuu5Q0l+Lcgo/yDs4OqZwMT -----END CERTIFICATE-----Generated at Fri Aug 22 16:35:14 2025 by rpki-client