$ rpki-client -vvf rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft File: lyuQ2cUZIlatlkdbOSurGnp5zC0.mft (raw, json) Hash identifier: Kzlr6A4BSqMiga1iH83jeRQmUMDDw3j/w5/0Gw/ZzLc= Subject key identifier: 74:5C:2D:E9:BF:EC:0C:F8:B2:6F:36:06:AB:EA:88:31:2F:87:78:75 Authority key identifier: 97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D Certificate issuer: /CN=A9132FD9/serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft Manifest number: 33 Signing time: Tue 05 Aug 2025 08:19:30 +0000 Manifest this update: Tue 05 Aug 2025 08:19:29 +0000 Manifest next update: Tue 12 Aug 2025 08:19:29 +0000 Files and hashes: 1: lyuQ2cUZIlatlkdbOSurGnp5zC0.crl (hash: /WMHHKWfJddnjAc1gqXSYrA8BdqnXxmzs/HyRuo7W9g=) 2: DCC2224A313011F0BE214A64C4F9AE02.roa (hash: boAAaQY0nzMtC8MdALGWU7uiMFPgsCoPJLOiVmNOgmU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 08:19:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132FD9, serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Validity Not Before: Aug 5 08:19:29 2025 GMT Not After : Aug 12 08:19:29 2025 GMT Subject: CN=6891be91-a3c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:9a:1b:40:f8:7d:2b:54:ac:3f:22:b0:b9:00: 03:59:e4:ea:12:62:61:85:66:88:04:bf:67:b6:06: 40:19:2d:84:82:c6:29:3f:3f:c5:35:23:ba:6b:53: 13:ae:5f:65:dd:d5:b5:cd:81:f6:af:3c:5a:ce:90: b2:af:2b:1d:5f:13:2f:76:18:3f:e6:7f:51:97:1e: 0c:1a:e7:98:29:40:28:c8:53:04:c3:b8:e2:63:44: a7:c2:d6:f4:d0:37:50:11:0a:58:82:4e:07:88:2b: bb:c1:7b:b8:9f:e8:2b:b8:b3:ae:22:ec:46:33:fb: 28:a1:91:92:f8:dd:d4:55:57:11:b2:eb:26:ca:87: 17:c1:1a:8f:0f:98:5e:6a:97:23:97:38:00:d9:7c: 53:a1:1d:22:ca:0a:f2:2f:ac:22:98:26:bc:d7:ad: 67:7c:51:8a:19:f0:ef:4b:7d:bd:cd:83:6e:ac:da: a9:4e:f7:2d:76:6e:9d:b2:07:08:7e:04:a6:47:69: 9a:5f:46:3a:c0:18:66:b6:a6:10:75:9c:da:3b:c9: bf:f6:cc:2d:2e:db:59:5d:f2:0f:ed:37:36:73:e5: 44:37:24:6d:12:e2:77:7f:2a:bd:f6:dd:cb:5e:22: 14:b8:45:ca:5f:cf:f1:94:50:82:6a:c4:ef:9b:c1: 9c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:5C:2D:E9:BF:EC:0C:F8:B2:6F:36:06:AB:EA:88:31:2F:87:78:75 X509v3 Authority Key Identifier: keyid:97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:9b:52:e3:5f:9c:a1:fa:1a:b6:58:35:11:8c:ec:c0:61:c4: 24:41:da:46:26:ca:29:93:fe:03:1d:94:25:7b:3c:46:3c:af: 47:42:3f:0a:ea:4f:c5:6e:15:a9:0c:48:b5:57:3c:b8:fe:b7: 01:d3:33:95:0f:6d:cb:27:65:2a:d2:13:cb:90:7e:21:df:7f: 61:23:cc:17:45:ed:3e:ba:fe:9e:37:04:46:fd:54:2b:9f:be: 1c:56:5f:0e:95:c5:53:e7:eb:a0:99:5e:c3:a3:cb:42:70:37: 72:de:7f:df:9b:88:95:24:d6:9f:49:93:fb:97:66:da:70:30: c5:51:50:1c:8e:8f:95:94:a3:19:0a:b2:42:48:e7:26:5e:c5: 1f:9d:0b:c4:e4:43:83:03:95:91:d3:f1:84:d2:0e:03:5e:a3: 80:22:29:5a:9a:c2:d6:9f:b2:48:e4:57:57:24:4c:c9:9f:71: c3:38:25:0e:c7:10:2b:a9:8f:4f:08:da:d1:9f:9d:11:d7:1f: 39:ad:d6:59:ca:1c:52:18:46:27:e7:45:4a:3b:16:7d:e5:6a: fa:45:81:15:83:b0:4f:73:3c:59:93:9e:2e:31:54:02:55:da: 7f:fb:23:e3:02:84:54:b0:39:48:95:e8:0b:df:87:a8:3d:3d: c7:96:da:c6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MkZEOTExMC8GA1UEBRMoOTcyQjkwRDlDNTE5MjI1NkFEOTY0NzVCMzkyQkFCMUE3 QTc5Q0MyRDAeFw0yNTA4MDUwODE5MjlaFw0yNTA4MTIwODE5MjlaMBgxFjAUBgNV BAMTDTY4OTFiZTkxLWEzYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDnmhtA+H0rVKw/IrC5AANZ5OoSYmGFZogEv2e2BkAZLYSCxik/P8U1I7prUxOu X2Xd1bXNgfavPFrOkLKvKx1fEy92GD/mf1GXHgwa55gpQCjIUwTDuOJjRKfC1vTQ N1ARCliCTgeIK7vBe7if6Cu4s64i7EYz+yihkZL43dRVVxGy6ybKhxfBGo8PmF5q lyOXOADZfFOhHSLKCvIvrCKYJrzXrWd8UYoZ8O9Lfb3Ng26s2qlO9y12bp2yBwh+ BKZHaZpfRjrAGGa2phB1nNo7yb/2zC0u21ld8g/tNzZz5UQ3JG0S4nd/Kr323cte IhS4Rcpfz/GUUIJqxO+bwZxdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUdFwt6b/s DPiybzYGq+qIMS+HeHUwHwYDVR0jBBgwFoAUlyuQ2cUZIlatlkdbOSurGnp5zC0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyRkQ5LzdGOUE3MDM0MkJC NTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxhdGxrZGJPU3VyR25wNXpD MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbHl1UTJjVVpJbGF0bGtkYk9TdXJHbnA1ekMwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMy RkQ5LzdGOUE3MDM0MkJCNTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxh dGxrZGJPU3VyR25wNXpDMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGabUuNfnKH6GrZYNRGM7MBhxCRB2kYmyimT/gMdlCV7PEY8r0dCPwrq T8VuFakMSLVXPLj+twHTM5UPbcsnZSrSE8uQfiHff2EjzBdF7T66/p43BEb9VCuf vhxWXw6VxVPn66CZXsOjy0JwN3Lef9+biJUk1p9Jk/uXZtpwMMVRUByOj5WUoxkK skJI5yZexR+dC8TkQ4MDlZHT8YTSDgNeo4AiKVqawtafskjkV1ckTMmfccM4JQ7H ECupj08I2tGfnRHXHzmt1lnKHFIYRifnRUo7Fn3lavpFgRWDsE9zPFmTni4xVAJV 2n/7I+MChFSwOUiV6Avfh6g9PceW2sY= -----END CERTIFICATE-----Generated at Thu Aug 7 03:22:32 2025 by rpki-client