$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft File: cYQNfZjFz5vWvrRIatRnQGXxR0E.mft (raw, json) Hash identifier: mP8sXZonJEqY0c9RycbmGkT2wytGf2bG2cCFZAnek+Y= Subject key identifier: 1C:77:FC:53:6C:45:73:4E:02:12:A3:13:90:36:63:10:B1:8E:AB:61 Authority key identifier: 71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 Certificate issuer: /CN=A91B7B61/serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Certificate serial: 05D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft Manifest number: 05D1 Signing time: Tue 12 Aug 2025 23:27:38 +0000 Manifest this update: Tue 12 Aug 2025 23:27:38 +0000 Manifest next update: Tue 19 Aug 2025 23:27:38 +0000 Files and hashes: 1: cYQNfZjFz5vWvrRIatRnQGXxR0E.crl (hash: Ai9DYjLke5DCVdps9dmlb0SdwBgY9j3o9u14mjTQqPs=) 2: C2EFC706CAAE11EBA95C5E64C4F9AE02.roa (hash: dMeJp28zx6FUq76ao4qK+ptEjKQRepLswYRFFIdTn7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 23:27:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1494 (0x5d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B61, serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Validity Not Before: Aug 12 23:27:38 2025 GMT Not After : Aug 19 23:27:38 2025 GMT Subject: CN=689bcdea-65e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:15:0d:ca:91:6d:35:b3:a1:70:85:8b:20:67: 80:ae:2b:79:f1:3c:5e:88:17:4f:f2:c1:b1:4e:63: 33:aa:6a:6b:17:46:ab:25:bd:e7:b0:e3:b7:ad:3f: 58:36:b3:20:28:e6:82:f8:f1:f7:87:2c:ee:07:ae: bc:02:93:90:9c:e5:53:a1:63:e8:54:e7:ce:ab:a8: c6:d2:88:ae:6a:6f:25:90:98:67:82:78:84:53:64: 06:8c:ff:04:ea:28:76:44:ab:66:8c:65:fa:b9:46: eb:5c:2f:5e:6d:57:4b:7c:46:b2:2e:63:dc:80:1a: aa:1e:cc:56:f0:aa:ba:9e:0b:73:74:ac:19:77:5e: 5e:ac:a1:fc:45:fe:54:c5:1a:b6:c9:57:66:4d:bf: 2b:eb:c0:95:a5:de:ef:92:4e:2a:06:bb:ad:ba:e0: 79:5a:3b:ec:0c:78:1e:1f:e4:e6:1e:b1:8d:82:4e: 06:dc:16:41:eb:ff:22:2a:a9:f7:03:dd:5b:32:b7: 39:23:fa:a8:1f:09:6a:f1:7f:e1:d2:18:8a:7c:02: af:05:c7:51:8e:22:d7:ce:c4:c5:61:f8:ce:68:30: 5e:79:b8:e8:7b:8a:d3:a1:94:31:b9:9f:0e:15:f7: f7:19:0c:27:23:a4:05:f1:f9:ac:3b:53:c8:53:86: 03:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:77:FC:53:6C:45:73:4E:02:12:A3:13:90:36:63:10:B1:8E:AB:61 X509v3 Authority Key Identifier: keyid:71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:83:85:d3:4a:3f:be:c5:5f:43:3a:0b:2f:80:f2:0b:ca:28: 25:bd:0b:65:dd:53:cc:6a:cf:b1:04:26:93:a2:ff:4b:a7:4b: 83:5a:b1:87:03:55:05:4d:a0:7b:1e:e3:de:41:6b:bb:fe:10: 75:1b:7a:06:66:e9:19:2f:a9:b9:33:de:a3:f9:1b:c5:be:1f: bc:27:8a:b2:1a:52:5e:b5:b1:06:96:cf:d8:7c:cc:62:b8:de: 78:73:e4:03:c6:2f:18:e6:8c:ba:e0:c4:b1:bf:e8:86:8a:b0: 4b:05:ae:b2:d0:93:76:c4:1a:0e:ef:d6:4d:4b:eb:60:f5:1a: f8:6e:53:dd:9c:5a:0b:fc:00:dd:4b:71:15:b8:b8:73:56:4f: 91:f3:c7:1d:7c:79:ad:65:2d:cd:5c:a1:cf:11:93:48:ed:a5: 89:03:e9:73:20:a8:58:73:dd:7a:29:2c:b6:f7:d3:30:8a:d9: 7e:35:02:52:00:96:3e:f5:4c:c1:ed:2d:d4:f4:5e:1a:2d:55: 54:c7:d3:21:61:0d:21:58:c3:1f:fd:7b:6c:b7:33:2c:8b:28: ab:7c:a8:d3:74:25:ac:c3:ad:be:47:10:60:b0:9c:dc:ce:e2: 6a:56:cf:af:18:17:46:d9:98:1b:1b:ec:ac:e8:fd:cd:73:de: 98:8e:bf:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCNjExMTAvBgNVBAUTKDcxODQwRDdEOThDNUNGOUJENkJFQjQ0ODZBRDQ2NzQw NjVGMTQ3NDEwHhcNMjUwODEyMjMyNzM4WhcNMjUwODE5MjMyNzM4WjAYMRYwFAYD VQQDEw02ODliY2RlYS02NWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0RUNypFtNbOhcIWLIGeArit58TxeiBdP8sGxTmMzqmprF0arJb3nsOO3rT9Y NrMgKOaC+PH3hyzuB668ApOQnOVToWPoVOfOq6jG0oiuam8lkJhngniEU2QGjP8E 6ih2RKtmjGX6uUbrXC9ebVdLfEayLmPcgBqqHsxW8Kq6ngtzdKwZd15erKH8Rf5U xRq2yVdmTb8r68CVpd7vkk4qBrutuuB5WjvsDHgeH+TmHrGNgk4G3BZB6/8iKqn3 A91bMrc5I/qoHwlq8X/h0hiKfAKvBcdRjiLXzsTFYfjOaDBeebjoe4rToZQxuZ8O Fff3GQwnI6QF8fmsO1PIU4YDbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBx3/FNs RXNOAhKjE5A2YxCxjqthMB8GA1UdIwQYMBaAFHGEDX2Yxc+b1r60SGrUZ0Bl8UdB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0I2MS9CRTY4RDMwMkNB QUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1dld2clJJYXRSblFHWHhS MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NZUU5mWmpGejV2V3ZyUklhdFJuUUdYeFIwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0I2MS9CRTY4RDMwMkNBQUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1 dld2clJJYXRSblFHWHhSMEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQg4XTSj++xV9DOgsvgPILyiglvQtl3VPMas+xBCaTov9Lp0uDWrGH A1UFTaB7HuPeQWu7/hB1G3oGZukZL6m5M96j+RvFvh+8J4qyGlJetbEGls/YfMxi uN54c+QDxi8Y5oy64MSxv+iGirBLBa6y0JN2xBoO79ZNS+tg9Rr4blPdnFoL/ADd S3EVuLhzVk+R88cdfHmtZS3NXKHPEZNI7aWJA+lzIKhYc916KSy299Mwitl+NQJS AJY+9UzB7S3U9F4aLVVUx9MhYQ0hWMMf/XtstzMsiyirfKjTdCWsw62+RxBgsJzc zuJqVs+vGBdG2ZgbG+ys6P3Nc96Yjr8T -----END CERTIFICATE-----Generated at Wed Aug 13 05:29:17 2025 by rpki-client