$ rpki-client -vvf rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.mft File: y-PSoWWxlLlY7sO2qURXdyo6CSo.mft (raw, json) Hash identifier: t4ElBt0zFNH1aU3Fb9hKPbr4YPs8U6V6NkFG0rO9G0U= Subject key identifier: 63:E2:41:3F:85:A5:DE:00:E3:AB:7C:6C:22:8B:E7:6E:9F:DB:E3:D6 Authority key identifier: CB:E3:D2:A1:65:B1:94:B9:58:EE:C3:B6:A9:44:57:77:2A:3A:09:2A Certificate issuer: /CN=A9154FE7/serialNumber=CBE3D2A165B194B958EEC3B6A94457772A3A092A Certificate serial: 0843 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-PSoWWxlLlY7sO2qURXdyo6CSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.mft Manifest number: 0836 Signing time: Mon 04 Aug 2025 21:02:42 +0000 Manifest this update: Mon 04 Aug 2025 21:02:41 +0000 Manifest next update: Mon 11 Aug 2025 21:02:41 +0000 Files and hashes: 1: y-PSoWWxlLlY7sO2qURXdyo6CSo.crl (hash: RHo7DLNyBIgmQi2kh7t5ujE2yuLwn0JlXsIB2Z3aoec=) 2: 4B3AC7DC5FC811ED869A6956C4F9AE02.roa (hash: hwrYZn+i2OUNCmUoK3ena1siLJOV1HVO2m5EjPVb3kw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.crl rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-PSoWWxlLlY7sO2qURXdyo6CSo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 21:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2115 (0x843) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154FE7, serialNumber=CBE3D2A165B194B958EEC3B6A94457772A3A092A Validity Not Before: Aug 4 21:02:41 2025 GMT Not After : Aug 11 21:02:41 2025 GMT Subject: CN=68911ff2-32ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:4c:88:de:d9:35:22:eb:4d:f0:b9:8e:8d:2d: 4b:ba:a3:4b:be:73:66:ff:0c:ad:ab:57:49:7b:b8: cf:6a:7c:3f:25:61:f8:c9:cf:d6:36:94:38:97:97: c1:36:d1:fb:dd:aa:77:d7:35:f7:22:37:45:c6:1d: af:29:84:fd:19:b7:d8:a2:01:fd:24:b7:15:02:d5: f9:95:02:7b:4a:c9:1e:24:08:5c:d6:32:a5:e7:c3: 44:2e:b9:0c:81:6e:5a:3c:89:57:a9:8c:74:1b:7e: 8e:61:fb:19:7b:65:e4:08:23:ae:c1:9e:e6:a6:e6: 75:81:a9:eb:c2:b7:dc:d5:03:f3:b2:ba:73:2a:b1: 44:29:b2:fc:05:2f:71:8b:75:38:e3:55:ed:df:96: 7e:37:d3:6a:f0:b1:a5:98:c1:75:67:77:83:ba:b1: 6f:fb:12:45:fc:66:a7:88:a8:f1:ca:0d:9f:24:af: b6:01:81:33:d1:d6:41:9a:43:08:c0:8f:f5:1e:6b: fa:06:94:6d:ac:e3:44:43:bb:82:90:fa:d0:0f:32: 35:0f:0b:7c:b8:6f:f2:aa:01:86:c4:b1:ca:42:1d: e8:23:5c:91:4d:52:bb:3b:9c:af:af:cc:8c:d9:4c: 4e:b3:9c:42:f2:ec:4b:9c:87:60:62:c8:f2:09:d0: fe:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:E2:41:3F:85:A5:DE:00:E3:AB:7C:6C:22:8B:E7:6E:9F:DB:E3:D6 X509v3 Authority Key Identifier: keyid:CB:E3:D2:A1:65:B1:94:B9:58:EE:C3:B6:A9:44:57:77:2A:3A:09:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-PSoWWxlLlY7sO2qURXdyo6CSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:9b:4e:b9:21:1a:0e:ad:2a:a4:21:72:af:11:69:ea:c1:04: 73:8b:5f:d8:0e:f7:d8:93:31:f1:47:95:0a:01:fc:83:f9:a1: bc:27:d0:6c:e4:4b:f2:d8:28:d9:54:b5:16:68:d5:32:5a:79: 07:e7:9d:c9:4e:bf:cb:45:84:40:c3:cc:24:08:cc:d8:ff:8f: cb:35:26:e3:d9:ec:0d:ca:86:ad:98:bc:16:46:cb:f5:49:31: e0:5a:9c:0b:05:81:a6:1e:3f:17:83:9b:16:98:04:e7:ba:7c: 7e:1b:1d:bb:8f:61:a7:e3:68:1c:03:0e:80:31:96:34:39:55: 18:80:76:39:f7:7b:9a:a6:14:46:79:b0:b5:0b:30:36:32:33: ae:7d:ef:2c:7e:8c:47:c2:df:16:f5:b2:eb:70:02:2e:72:c2: 35:37:53:45:c1:46:d3:20:c6:19:19:08:2e:45:5b:e4:09:a2: b9:6a:7a:cb:80:a0:d0:45:14:2c:5e:84:71:ea:46:42:6c:d1: fe:91:00:bb:ef:ba:2d:19:7a:f0:e7:4e:18:b6:3c:16:ef:60: b0:29:0a:2c:32:74:d8:59:8c:8d:20:f7:c8:8d:99:86:6e:6e: 9d:f5:23:86:bd:c9:74:02:e5:ad:7b:9e:2d:08:25:89:24:0e: 65:0c:96:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTRGRTcxMTAvBgNVBAUTKENCRTNEMkExNjVCMTk0Qjk1OEVFQzNCNkE5NDQ1Nzc3 MkEzQTA5MkEwHhcNMjUwODA0MjEwMjQxWhcNMjUwODExMjEwMjQxWjAYMRYwFAYD VQQDEw02ODkxMWZmMi0zMmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtUyI3tk1IutN8LmOjS1LuqNLvnNm/wytq1dJe7jPanw/JWH4yc/WNpQ4l5fB NtH73ap31zX3IjdFxh2vKYT9GbfYogH9JLcVAtX5lQJ7SskeJAhc1jKl58NELrkM gW5aPIlXqYx0G36OYfsZe2XkCCOuwZ7mpuZ1ganrwrfc1QPzsrpzKrFEKbL8BS9x i3U441Xt35Z+N9Nq8LGlmMF1Z3eDurFv+xJF/GaniKjxyg2fJK+2AYEz0dZBmkMI wI/1Hmv6BpRtrONEQ7uCkPrQDzI1Dwt8uG/yqgGGxLHKQh3oI1yRTVK7O5yvr8yM 2UxOs5xC8uxLnIdgYsjyCdD+5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGPiQT+F pd4A46t8bCKL526f2+PWMB8GA1UdIwQYMBaAFMvj0qFlsZS5WO7DtqlEV3cqOgkq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEZFNy81QTJEODlFQURC N0QxMUVBQkNGM0VDM0VDNEY5QUUwMi95LVBTb1dXeGxMbFk3c08ycVVSWGR5bzZD U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ktUFNvV1d4bExsWTdzTzJxVVJYZHlvNkNTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NEZFNy81QTJEODlFQURCN0QxMUVBQkNGM0VDM0VDNEY5QUUwMi95LVBTb1dXeGxM bFk3c08ycVVSWGR5bzZDU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+m065IRoOrSqkIXKvEWnqwQRzi1/YDvfYkzHxR5UKAfyD+aG8J9Bs 5Evy2CjZVLUWaNUyWnkH553JTr/LRYRAw8wkCMzY/4/LNSbj2ewNyoatmLwWRsv1 STHgWpwLBYGmHj8Xg5sWmATnunx+Gx27j2Gn42gcAw6AMZY0OVUYgHY593uaphRG ebC1CzA2MjOufe8sfoxHwt8W9bLrcAIucsI1N1NFwUbTIMYZGQguRVvkCaK5anrL gKDQRRQsXoRx6kZCbNH+kQC777otGXrw504YtjwW72CwKQosMnTYWYyNIPfIjZmG bm6d9SOGvcl0AuWte54tCCWJJA5lDJZZ -----END CERTIFICATE-----Generated at Wed Aug 6 14:20:02 2025 by rpki-client