$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft File: 0ypa3AVCwugXwgK-a3KB6GnReJc.mft (raw, json) Hash identifier: pfXaIedQMMLZMME959sKJc+LFz3cVPVKb7lykHlWq0E= Subject key identifier: FE:6F:C0:C0:D0:43:87:58:44:76:6B:FE:1F:09:D7:58:4D:83:4A:18 Authority key identifier: D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97 Certificate issuer: /CN=A91E0855/serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897 Certificate serial: C4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft Manifest number: C1 Signing time: Mon 21 Jul 2025 08:06:34 +0000 Manifest this update: Mon 21 Jul 2025 08:06:33 +0000 Manifest next update: Mon 28 Jul 2025 08:06:33 +0000 Files and hashes: 1: 0ypa3AVCwugXwgK-a3KB6GnReJc.crl (hash: MxToEvpYJnvv+xlYWr0yJV1UjOJQ4sc0nGncWsBEFT0=) 2: A717F73658B911F085B39880C4F9AE02.roa (hash: GRaZt0pedz3CCCklqX2hkq6cs1hiTnf3botIHYa4ZiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.crl rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 08:06:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 196 (0xc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0855, serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897 Validity Not Before: Jul 21 08:06:33 2025 GMT Not After : Jul 28 08:06:33 2025 GMT Subject: CN=687df509-00ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6f:ee:ed:78:b2:9e:0c:8c:c2:38:e2:cf:3e: d4:27:46:6f:93:6c:4c:bc:15:d8:e0:97:ea:92:18: 17:98:90:70:0d:37:3b:ef:d3:7d:69:cc:53:b7:4c: 32:e6:d9:2c:9d:41:06:56:ac:4f:a7:89:ce:95:55: 65:ce:60:a9:ba:1a:02:25:ae:ff:99:67:6a:64:7f: a4:fe:9e:98:8c:90:85:86:65:7f:56:e4:2b:2a:f2: 33:1c:e8:d3:d2:57:f3:52:45:97:e6:3b:0c:7a:1d: 13:fa:68:f8:71:c1:60:e7:f7:e0:55:49:85:57:26: bb:81:8b:c4:4a:f8:fa:db:a5:bb:5c:85:0a:02:4b: f8:7b:c6:e1:c3:e0:3a:8f:c0:df:9b:cc:d9:32:20: 13:1e:3d:ff:9f:98:eb:c4:8a:6c:e8:ef:11:57:85: 97:bf:cd:bb:46:52:8d:44:30:8a:00:a0:08:4d:41: 5f:bd:16:92:16:ff:12:24:4a:59:23:9e:cc:bf:ce: 37:f3:47:a2:1c:74:8a:8d:0c:66:13:30:f7:7e:b1: e2:6a:59:2b:99:11:18:8d:dc:c2:81:e7:76:1e:fd: 43:b0:d8:e7:88:f7:14:aa:42:88:7e:dc:05:0a:72: 44:23:84:07:5f:ea:0a:bf:5b:c8:29:e1:b8:fb:a8: 02:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:6F:C0:C0:D0:43:87:58:44:76:6B:FE:1F:09:D7:58:4D:83:4A:18 X509v3 Authority Key Identifier: keyid:D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:78:6e:c1:17:a0:76:15:d7:42:f6:7b:aa:10:83:75:58:26: dd:99:33:f5:0b:ce:97:ab:d9:a8:63:62:12:90:26:8e:26:3f: 57:74:cf:0b:27:fd:58:8d:b4:c3:1b:19:2a:02:a5:75:c0:44: 71:ff:81:71:96:e4:4f:07:9d:ab:16:8f:f3:d9:0e:7b:c4:46: 9a:29:35:66:98:2b:14:29:e1:08:ea:66:04:fb:dc:fd:84:6a: 0e:09:25:2e:e7:a3:46:58:50:18:af:7d:b3:ac:53:c7:7f:29: 09:a2:4b:82:50:a9:d3:a3:0c:02:27:08:b8:7e:46:ff:d6:42: f1:47:61:28:14:15:d6:48:f7:fa:98:90:df:8b:38:6a:94:6b: 49:16:aa:1c:92:71:61:f2:42:b8:ef:fe:2d:31:41:6f:46:c4: da:69:bb:fe:5a:73:d5:ec:46:a9:54:1a:8f:a0:e7:f1:08:6c: 03:ef:cb:11:25:0c:cd:a4:09:f5:28:96:4e:f5:5e:70:6b:3f: 6f:70:5d:24:ef:7b:32:ba:9b:5e:d8:bd:1a:ec:32:f2:b7:6c: 7e:33:0e:8d:0d:37:4a:aa:da:94:45:b2:d6:41:17:87:a7:b8: d2:5b:4b:c0:90:00:8d:eb:06:2a:e0:cb:ad:31:af:07:b8:a8: 31:a6:8a:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTA4NTUxMTAvBgNVBAUTKEQzMkE1QURDMDU0MkMyRTgxN0MyMDJCRTZCNzI4MUU4 NjlEMTc4OTcwHhcNMjUwNzIxMDgwNjMzWhcNMjUwNzI4MDgwNjMzWjAYMRYwFAYD VQQDEw02ODdkZjUwOS0wMGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnW/u7XiyngyMwjjizz7UJ0Zvk2xMvBXY4JfqkhgXmJBwDTc779N9acxTt0wy 5tksnUEGVqxPp4nOlVVlzmCpuhoCJa7/mWdqZH+k/p6YjJCFhmV/VuQrKvIzHOjT 0lfzUkWX5jsMeh0T+mj4ccFg5/fgVUmFVya7gYvESvj626W7XIUKAkv4e8bhw+A6 j8Dfm8zZMiATHj3/n5jrxIps6O8RV4WXv827RlKNRDCKAKAITUFfvRaSFv8SJEpZ I57Mv84380eiHHSKjQxmEzD3frHialkrmREYjdzCged2Hv1DsNjniPcUqkKIftwF CnJEI4QHX+oKv1vIKeG4+6gCBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP5vwMDQ Q4dYRHZr/h8J11hNg0oYMB8GA1UdIwQYMBaAFNMqWtwFQsLoF8ICvmtygehp0XiX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDg1NS81MDRDRkZFMjQ0 OTYxMUVGOEU4NEU2M0RDNEY5QUUwMi8weXBhM0FWQ3d1Z1h3Z0stYTNLQjZHblJl SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzB5cGEzQVZDd3VnWHdnSy1hM0tCNkduUmVKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MDg1NS81MDRDRkZFMjQ0OTYxMUVGOEU4NEU2M0RDNEY5QUUwMi8weXBhM0FWQ3d1 Z1h3Z0stYTNLQjZHblJlSmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9eG7BF6B2FddC9nuqEIN1WCbdmTP1C86Xq9moY2ISkCaOJj9XdM8L J/1YjbTDGxkqAqV1wERx/4FxluRPB52rFo/z2Q57xEaaKTVmmCsUKeEI6mYE+9z9 hGoOCSUu56NGWFAYr32zrFPHfykJokuCUKnTowwCJwi4fkb/1kLxR2EoFBXWSPf6 mJDfizhqlGtJFqocknFh8kK47/4tMUFvRsTaabv+WnPV7EapVBqPoOfxCGwD78sR JQzNpAn1KJZO9V5waz9vcF0k73syupte2L0a7DLyt2x+Mw6NDTdKqtqURbLWQReH p7jSW0vAkACN6wYq4MutMa8HuKgxpopT -----END CERTIFICATE-----Generated at Mon Jul 21 12:43:40 2025 by rpki-client