$ rpki-client -vvf rpki.apnic.net/member_repository/A91F65C7/ED0FB686C3E411EE9613F583C4F9AE02/hYtkVOIiRseB5RNSswVkEJhoV34.mft File: hYtkVOIiRseB5RNSswVkEJhoV34.mft (raw, json) Hash identifier: y+t2VXnray1UeMBvHyC66IM/e6MC2RSVWQak3o+QDdk= Subject key identifier: 0A:F1:44:E0:F9:3A:99:72:83:44:23:EF:19:AD:04:7E:11:47:77:40 Authority key identifier: 85:8B:64:54:E2:22:46:C7:81:E5:13:52:B3:05:64:10:98:68:57:7E Certificate issuer: /CN=A91F65C7/serialNumber=858B6454E22246C781E51352B30564109868577E Certificate serial: 011F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYtkVOIiRseB5RNSswVkEJhoV34.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F65C7/ED0FB686C3E411EE9613F583C4F9AE02/hYtkVOIiRseB5RNSswVkEJhoV34.mft Manifest number: 011F Signing time: Thu 21 Aug 2025 04:53:16 +0000 Manifest this update: Thu 21 Aug 2025 04:53:16 +0000 Manifest next update: Thu 28 Aug 2025 04:53:16 +0000 Files and hashes: 1: hYtkVOIiRseB5RNSswVkEJhoV34.crl (hash: YnLvtgaOnwJzxRJw/pxqwafhXkpduV85XTxw0TOKVI0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F65C7/ED0FB686C3E411EE9613F583C4F9AE02/hYtkVOIiRseB5RNSswVkEJhoV34.crl rsync://rpki.apnic.net/member_repository/A91F65C7/ED0FB686C3E411EE9613F583C4F9AE02/hYtkVOIiRseB5RNSswVkEJhoV34.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYtkVOIiRseB5RNSswVkEJhoV34.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 04:53:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 287 (0x11f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F65C7, serialNumber=858B6454E22246C781E51352B30564109868577E Validity Not Before: Aug 21 04:53:16 2025 GMT Not After : Aug 28 04:53:16 2025 GMT Subject: CN=68a6a63c-340c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d5:82:77:f6:a3:a9:ac:18:b4:7c:82:45:f8: 5b:54:2c:fd:89:3a:c2:b3:86:09:56:3e:7c:65:24: bb:69:95:2a:ae:e4:4f:24:2a:21:9e:d6:01:02:84: 25:40:8c:81:45:87:fb:ae:2d:20:35:96:0a:4a:4c: 89:bf:48:73:93:fb:ad:73:ff:58:83:46:3a:75:25: 81:2b:52:48:75:22:62:b2:a4:54:ec:b9:e5:5f:0a: a3:64:5d:68:14:1f:8e:50:e3:2c:dc:07:6a:f1:ba: 8f:49:c5:bb:32:e0:d3:ed:13:8b:44:27:52:60:ee: 1b:5e:62:5d:98:46:99:47:e9:ab:ca:2a:75:e9:b1: 8c:9a:3f:d8:06:56:0c:6e:4f:30:c0:48:a3:fd:f4: 6a:a5:1d:81:80:aa:2d:92:aa:bb:69:08:1c:a2:1a: 99:0f:44:c2:5e:f0:10:7f:6a:59:eb:40:b1:16:9d: 84:61:cf:be:75:f1:ad:10:66:5a:b8:28:4b:27:16: 3c:ef:57:36:98:ca:01:3f:e9:a3:ac:80:10:8f:70: e3:05:7c:01:c5:38:90:66:2c:cc:ce:15:55:69:34: a0:11:e1:e3:1e:3d:09:c0:a7:7d:58:14:4a:d7:d7: 5a:30:0d:ee:8f:76:3a:04:ae:77:dc:c7:6f:f6:fe: cd:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:F1:44:E0:F9:3A:99:72:83:44:23:EF:19:AD:04:7E:11:47:77:40 X509v3 Authority Key Identifier: keyid:85:8B:64:54:E2:22:46:C7:81:E5:13:52:B3:05:64:10:98:68:57:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F65C7/ED0FB686C3E411EE9613F583C4F9AE02/hYtkVOIiRseB5RNSswVkEJhoV34.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYtkVOIiRseB5RNSswVkEJhoV34.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F65C7/ED0FB686C3E411EE9613F583C4F9AE02/hYtkVOIiRseB5RNSswVkEJhoV34.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:4c:56:e7:a9:11:b2:2e:ed:c4:b6:9c:ce:c3:0b:48:e9:9e: e5:cf:8a:9d:70:ff:0d:26:70:f2:ed:ac:08:1e:df:ab:81:e1: f0:ac:29:24:b7:b0:95:44:f0:f8:2f:b4:c3:ea:74:a7:1c:3f: e5:7b:8b:e3:0b:6e:4e:c6:37:eb:b0:9d:2a:d9:78:b6:3d:19: 82:ac:9c:55:75:2a:da:a3:32:d7:1f:99:e9:1e:8a:ae:fd:7e: 22:94:e9:e5:72:1a:70:cd:cb:95:c6:c0:46:20:0b:e0:8c:99: bb:ce:5e:cd:42:48:60:a2:ee:0e:8c:c5:d4:b9:3e:9a:90:7a: 30:52:75:f3:16:d0:71:f5:ae:42:25:7e:58:d6:39:4a:ae:3f: 3e:bf:ee:82:09:17:69:b5:b9:56:98:ca:3c:56:01:44:55:31: 3d:c6:54:8e:01:f4:23:85:37:76:0d:f9:83:b2:03:9b:8d:81: b3:b5:5d:30:be:e9:6a:85:15:b2:50:e6:12:20:94:4e:9f:19: 39:6d:ca:fa:c7:c0:b9:4e:d3:c7:9b:32:7b:1c:f7:8f:2e:63: 7a:b4:c6:c2:1f:9e:d7:05:1b:c4:44:aa:3f:19:78:14:ff:22: 2d:47:ac:fd:40:52:8d:bd:4a:88:d1:32:91:1a:9f:49:7d:64: 93:a3:e7:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY1QzcxMTAvBgNVBAUTKDg1OEI2NDU0RTIyMjQ2Qzc4MUU1MTM1MkIzMDU2NDEw OTg2ODU3N0UwHhcNMjUwODIxMDQ1MzE2WhcNMjUwODI4MDQ1MzE2WjAYMRYwFAYD VQQDEw02OGE2YTYzYy0zNDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv9WCd/ajqawYtHyCRfhbVCz9iTrCs4YJVj58ZSS7aZUqruRPJCohntYBAoQl QIyBRYf7ri0gNZYKSkyJv0hzk/utc/9Yg0Y6dSWBK1JIdSJisqRU7LnlXwqjZF1o FB+OUOMs3Adq8bqPScW7MuDT7ROLRCdSYO4bXmJdmEaZR+mryip16bGMmj/YBlYM bk8wwEij/fRqpR2BgKotkqq7aQgcohqZD0TCXvAQf2pZ60CxFp2EYc++dfGtEGZa uChLJxY871c2mMoBP+mjrIAQj3DjBXwBxTiQZizMzhVVaTSgEeHjHj0JwKd9WBRK 19daMA3uj3Y6BK533Mdv9v7N6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArxROD5 Oplyg0Qj7xmtBH4RR3dAMB8GA1UdIwQYMBaAFIWLZFTiIkbHgeUTUrMFZBCYaFd+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjVDNy9FRDBGQjY4NkMz RTQxMUVFOTYxM0Y1ODNDNEY5QUUwMi9oWXRrVk9JaVJzZUI1Uk5Tc3dWa0VKaG9W MzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hZdGtWT0lpUnNlQjVSTlNzd1ZrRUpob1YzNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjVDNy9FRDBGQjY4NkMzRTQxMUVFOTYxM0Y1ODNDNEY5QUUwMi9oWXRrVk9JaVJz ZUI1Uk5Tc3dWa0VKaG9WMzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGTFbnqRGyLu3EtpzOwwtI6Z7lz4qdcP8NJnDy7awIHt+rgeHwrCkk t7CVRPD4L7TD6nSnHD/le4vjC25OxjfrsJ0q2Xi2PRmCrJxVdSraozLXH5npHoqu /X4ilOnlchpwzcuVxsBGIAvgjJm7zl7NQkhgou4OjMXUuT6akHowUnXzFtBx9a5C JX5Y1jlKrj8+v+6CCRdptblWmMo8VgFEVTE9xlSOAfQjhTd2DfmDsgObjYGztV0w vulqhRWyUOYSIJROnxk5bcr6x8C5TtPHmzJ7HPePLmN6tMbCH57XBRvERKo/GXgU /yItR6z9QFKNvUqI0TKRGp9JfWSTo+fn -----END CERTIFICATE-----Generated at Fri Aug 22 16:15:02 2025 by rpki-client