$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft File: YfjH66e1XnGy5rF3QJFCUdiM8KY.mft (raw, json) Hash identifier: +xvG+eoEGSK2/mw8vccTg/iUVOCWXsu05D1R9kT+WAQ= Subject key identifier: DF:64:AF:9B:EC:E2:37:F5:F5:47:1A:47:28:88:38:A6:AA:EB:3F:53 Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6 Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6 Certificate serial: 7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft Manifest number: 71 Signing time: Sat 09 Aug 2025 07:32:19 +0000 Manifest this update: Sat 09 Aug 2025 07:32:19 +0000 Manifest next update: Sat 16 Aug 2025 07:32:19 +0000 Files and hashes: 1: YfjH66e1XnGy5rF3QJFCUdiM8KY.crl (hash: q3v7BXCjL1up3i3EAeudjENVmyLZAqNmdtrnbEls/j8=) 2: 5FDDEE1CE34211EF8EA0CA77C4F9AE02.roa (hash: mzE4Rj9TzgxYoPFC7hLQmMNdU4o1ATX8k/0uu+bhb9g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 122 (0x7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6 Validity Not Before: Aug 9 07:32:19 2025 GMT Not After : Aug 16 07:32:19 2025 GMT Subject: CN=6896f983-7f91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:dd:81:d6:21:48:9d:eb:a3:65:8a:df:9f:8f: 2e:1b:c5:37:80:6d:b1:b8:d1:55:ad:d9:7c:0d:7f: fa:e4:15:23:1b:8f:67:d9:e9:e4:99:10:a1:1f:f4: 2d:0b:b8:a8:41:e5:0b:bd:3b:7c:98:b4:64:af:1d: 91:38:8d:16:ca:f2:7d:1a:a5:7d:2b:5c:a8:63:c2: 82:e3:76:c5:89:0e:30:9f:a4:05:be:80:cf:3c:e0: cb:aa:7a:72:9e:ac:4e:d1:56:77:31:58:70:80:4a: 9e:84:a6:60:0a:ec:09:26:b3:57:41:98:5d:ea:01: 7f:21:00:ea:c4:f9:24:98:73:c3:5b:9c:c3:22:f2: 14:e5:87:f4:13:6b:66:d6:a9:fe:35:b9:53:80:e0: 24:f5:ed:5a:6f:9b:63:2e:3d:f4:e2:20:60:74:07: fe:2b:01:79:32:90:62:f9:4e:8a:a0:30:92:87:4a: 73:a7:42:97:bc:a1:6f:e3:ce:06:f2:2b:67:92:8d: d3:89:b6:21:bf:eb:81:0f:21:4b:4d:b2:f2:0c:45: d6:cd:54:b8:bb:55:66:66:eb:ed:69:2b:22:dd:8f: 49:d0:51:64:6a:74:25:8f:d9:4d:f4:b7:69:d1:ad: 00:4f:a4:6f:40:00:ef:76:0e:c5:23:01:9d:5b:87: 87:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:64:AF:9B:EC:E2:37:F5:F5:47:1A:47:28:88:38:A6:AA:EB:3F:53 X509v3 Authority Key Identifier: keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:74:d5:d5:55:7c:f3:ae:61:63:59:fc:74:a0:88:6e:ca:3f: d5:08:0e:4d:e5:a3:6c:f9:15:99:29:23:ce:41:d5:de:6a:f4: 1a:a1:d1:13:fd:da:4a:9c:f2:54:e3:4d:41:73:5f:29:ad:52: ec:14:52:0a:03:2e:2e:9f:a1:9f:a8:c8:ae:2d:00:14:ad:52: 25:90:52:df:f8:eb:f8:35:ab:5b:ec:e4:24:31:21:34:b5:23: 80:c8:f8:8b:5d:1c:61:37:7f:3d:ed:d7:5b:01:ff:19:16:80: 9f:66:af:b5:f9:97:6d:27:7f:7c:25:82:cf:31:04:61:a4:ed: 87:07:ef:74:23:45:f3:1a:8d:f5:09:9b:a8:4d:03:42:c0:b6: dc:34:4e:a2:b0:46:78:65:33:db:73:af:62:89:53:ee:a3:07: dc:8f:1d:b8:97:7f:1d:1e:cc:dd:17:6d:a7:7f:c0:c3:f4:fb: bd:09:04:42:c8:ba:91:c6:e7:86:49:e0:e9:45:74:01:4b:e0: 47:e2:f3:db:e9:c7:99:48:99:ca:39:96:9b:c8:fe:16:7f:6d: f3:f4:9f:b5:39:b1:97:25:42:a5:e1:a9:99:9b:fa:bb:60:86: 51:f0:1b:71:b3:47:be:37:cc:8d:df:9b:fc:c6:de:48:a6:45: c8:8d:e1:63 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE ODhDRjBBNjAeFw0yNTA4MDkwNzMyMTlaFw0yNTA4MTYwNzMyMTlaMBgxFjAUBgNV BAMTDTY4OTZmOTgzLTdmOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDb3YHWIUid66Nlit+fjy4bxTeAbbG40VWt2XwNf/rkFSMbj2fZ6eSZEKEf9C0L uKhB5Qu9O3yYtGSvHZE4jRbK8n0apX0rXKhjwoLjdsWJDjCfpAW+gM884MuqenKe rE7RVncxWHCASp6EpmAK7Akms1dBmF3qAX8hAOrE+SSYc8NbnMMi8hTlh/QTa2bW qf41uVOA4CT17Vpvm2MuPfTiIGB0B/4rAXkykGL5ToqgMJKHSnOnQpe8oW/jzgby K2eSjdOJtiG/64EPIUtNsvIMRdbNVLi7VWZm6+1pKyLdj0nQUWRqdCWP2U30t2nR rQBPpG9AAO92DsUjAZ1bh4cRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU32Svm+zi N/X1RxpHKIg4pqrrP1MwHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4 NDkxLzYwREE1M0ZBREZBNTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5H eTVyRjNRSkZDVWRpTThLWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAI101dVVfPOuYWNZ/HSgiG7KP9UIDk3lo2z5FZkpI85B1d5q9Bqh0RP9 2kqc8lTjTUFzXymtUuwUUgoDLi6foZ+oyK4tABStUiWQUt/46/g1q1vs5CQxITS1 I4DI+ItdHGE3fz3t11sB/xkWgJ9mr7X5l20nf3wlgs8xBGGk7YcH73QjRfMajfUJ m6hNA0LAttw0TqKwRnhlM9tzr2KJU+6jB9yPHbiXfx0ezN0Xbad/wMP0+70JBELI upHG54ZJ4OlFdAFL4Efi89vpx5lImco5lpvI/hZ/bfP0n7U5sZclQqXhqZmb+rtg hlHwG3GzR743zI3fm/zG3kimRciN4WM= -----END CERTIFICATE-----Generated at Mon Aug 11 04:20:55 2025 by rpki-client