$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft File: yL8GWnSCLvjMYvSlTlnVhxILb0c.mft (raw, json) Hash identifier: rKZtXLHM5huvZWJ5mTsFInMSnXOhnidHA7ToZFiMwys= Subject key identifier: 1C:BB:C2:42:3B:9D:99:D2:A7:53:90:12:D0:79:96:BC:D2:22:10:F9 Authority key identifier: C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 Certificate issuer: /CN=A91E85F1/serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Certificate serial: 54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft Manifest number: 53 Signing time: Sun 07 Sep 2025 07:46:28 +0000 Manifest this update: Sun 07 Sep 2025 07:46:27 +0000 Manifest next update: Sun 14 Sep 2025 07:46:27 +0000 Files and hashes: 1: yL8GWnSCLvjMYvSlTlnVhxILb0c.crl (hash: Ao5FwbkrYLEqSu859k3WXeNeIqj1gPfXRvopc9mHnVY=) 2: 4D144B780DFE11F09C46E054C4F9AE02.roa (hash: rxfflXV8vQ/KWVF6kuCP1iokmRw18P+QAjN4iDWpgsI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 07:46:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 84 (0x54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Validity Not Before: Sep 7 07:46:27 2025 GMT Not After : Sep 14 07:46:27 2025 GMT Subject: CN=68bd3853-c480 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4a:bb:1e:94:73:93:fd:c6:12:1b:e2:d1:9c: 0e:17:c3:e4:9f:22:d2:8f:8f:24:5a:88:62:a1:d4: 8f:f7:d9:fa:cd:3f:bb:26:84:e7:5e:44:6e:30:19: 41:08:9a:58:33:a0:4f:12:8f:f2:30:ec:e6:b7:61: 43:d3:16:d9:47:a2:c6:cb:2d:ea:d7:2f:82:6c:05: b4:8e:dd:a0:e3:ba:d4:9d:b1:26:6a:02:ac:70:76: 86:2e:d4:ab:da:63:64:fb:c3:7c:98:e9:7b:2f:69: 12:c5:02:57:d8:b7:a6:71:32:9d:7f:7d:88:42:92: 4c:98:0f:21:0b:05:e6:fd:24:23:58:77:0c:b9:54: 03:0f:dd:87:af:a6:8b:0f:87:21:e9:bd:33:11:67: 22:a6:52:2a:92:45:df:f3:cb:eb:4d:9f:bf:49:90: ea:ee:3c:22:80:44:41:4b:f8:0b:a6:62:30:70:1c: 04:39:46:ed:e1:20:05:80:d3:12:59:65:71:67:d0: cb:b4:77:e4:0e:76:61:9a:7f:3c:c2:0f:f3:37:e3: 04:db:b8:39:0d:3d:6f:12:93:2d:1d:4a:83:1e:62: ce:40:c5:5e:29:11:47:e5:99:23:0a:7c:39:12:71: 7a:73:a2:a2:78:d8:ac:80:f8:5b:a0:6d:22:1d:fb: d6:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:BB:C2:42:3B:9D:99:D2:A7:53:90:12:D0:79:96:BC:D2:22:10:F9 X509v3 Authority Key Identifier: keyid:C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:69:2d:7e:bc:61:73:f7:f3:96:52:e1:54:2f:ad:3c:15:f4: 3a:25:91:ce:a6:21:e0:5a:5f:44:e7:bc:98:31:4a:45:9c:fb: e4:bc:e7:74:6e:8b:aa:bf:02:ec:fb:b8:f7:82:62:aa:c7:8e: 08:90:97:ef:de:22:24:d2:c3:ed:b2:48:58:61:bf:ff:d4:e0: 14:10:a3:c8:2a:fa:c0:17:5a:6b:8c:a3:46:4d:ad:0d:00:de: fc:87:14:4f:01:b9:67:0f:1e:fb:da:0c:b8:6f:3f:0e:dd:1b: a6:90:25:25:78:cd:37:cd:a6:fa:2a:e3:97:09:aa:22:f6:9b: f9:29:91:2e:b4:a8:69:1f:63:07:c4:5f:23:bf:9c:96:c8:9c: c2:4f:14:c3:8f:a1:88:5a:cb:34:a2:79:86:11:55:c8:14:6f: c5:b9:39:79:02:13:4c:c2:2d:f4:ee:80:32:fe:a1:47:74:17: 94:39:9f:f9:e9:3f:a8:50:8a:c6:9a:31:03:e8:a7:f0:2a:3a: fc:11:f7:1f:b5:b1:65:9c:ed:8a:00:fc:b0:d1:3e:b3:73:05: 23:84:d2:35:3e:ad:40:c1:8c:92:a7:2c:3b:27:d4:c1:ec:78: 97:7f:f7:8c:cd:58:38:eb:0d:ec:6b:47:5a:df:5e:84:cb:78: 9d:27:49:cf -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoQzhCRjA2NUE3NDgyMkVGOENDNjJGNEE1NEU1OUQ1ODcx MjBCNkY0NzAeFw0yNTA5MDcwNzQ2MjdaFw0yNTA5MTQwNzQ2MjdaMBgxFjAUBgNV BAMTDTY4YmQzODUzLWM0ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVSrselHOT/cYSG+LRnA4Xw+SfItKPjyRaiGKh1I/32frNP7smhOdeRG4wGUEI mlgzoE8Sj/Iw7Oa3YUPTFtlHosbLLerXL4JsBbSO3aDjutSdsSZqAqxwdoYu1Kva Y2T7w3yY6XsvaRLFAlfYt6ZxMp1/fYhCkkyYDyELBeb9JCNYdwy5VAMP3YevposP hyHpvTMRZyKmUiqSRd/zy+tNn79JkOruPCKAREFL+AumYjBwHAQ5Ru3hIAWA0xJZ ZXFn0Mu0d+QOdmGafzzCD/M34wTbuDkNPW8Sky0dSoMeYs5AxV4pEUflmSMKfDkS cXpzoqJ42KyA+FugbSId+9YvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHLvCQjud mdKnU5AS0HmWvNIiEPkwHwYDVR0jBBgwFoAUyL8GWnSCLvjMYvSlTlnVhxILb0cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzZBQTRENjBBMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZqTVl2U2xUbG5WaHhJTGIw Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUw4R1duU0NMdmpNWXZTbFRsblZoeElMYjBjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzZBQTRENjBBMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZq TVl2U2xUbG5WaHhJTGIwYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAElpLX68YXP385ZS4VQvrTwV9Dolkc6mIeBaX0TnvJgxSkWc++S853Ru i6q/Auz7uPeCYqrHjgiQl+/eIiTSw+2ySFhhv//U4BQQo8gq+sAXWmuMo0ZNrQ0A 3vyHFE8BuWcPHvvaDLhvPw7dG6aQJSV4zTfNpvoq45cJqiL2m/kpkS60qGkfYwfE XyO/nJbInMJPFMOPoYhayzSieYYRVcgUb8W5OXkCE0zCLfTugDL+oUd0F5Q5n/np P6hQisaaMQPop/AqOvwR9x+1sWWc7YoA/LDRPrNzBSOE0jU+rUDBjJKnLDsn1MHs eJd/94zNWDjrDexrR1rfXoTLeJ0nSc8= -----END CERTIFICATE-----Generated at Mon Sep 8 18:25:05 2025 by rpki-client