$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE352/C8E22E8A011611EC9CCDE722C4F9AE02/yqbrmbP-Dvtl048Vsqrk3Dnasx0.mft File: yqbrmbP-Dvtl048Vsqrk3Dnasx0.mft (raw, json) Hash identifier: f2pf3r2F3S1RduOYB9E6xE/Zf50kLxclXgQvZX/HxE4= Subject key identifier: E7:45:57:DB:3A:E6:5E:82:58:62:6F:D6:7A:69:20:3E:23:FB:F4:09 Authority key identifier: CA:A6:EB:99:B3:FE:0E:FB:65:D3:8F:15:B2:AA:E4:DC:39:DA:B3:1D Certificate issuer: /CN=A91DE352/serialNumber=CAA6EB99B3FE0EFB65D38F15B2AAE4DC39DAB31D Certificate serial: 054B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yqbrmbP-Dvtl048Vsqrk3Dnasx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE352/C8E22E8A011611EC9CCDE722C4F9AE02/yqbrmbP-Dvtl048Vsqrk3Dnasx0.mft Manifest number: 0545 Signing time: Sun 10 Aug 2025 23:34:50 +0000 Manifest this update: Sun 10 Aug 2025 23:34:49 +0000 Manifest next update: Sun 17 Aug 2025 23:34:49 +0000 Files and hashes: 1: yqbrmbP-Dvtl048Vsqrk3Dnasx0.crl (hash: tyr4EO+RYMP6QOxVaOaO71x6gM7HBJyKOqElkhWZmnM=) 2: F1C77A3C73E711ECA415F87FC4F9AE02.roa (hash: azq2/w0vOg+2swjHdLzDRr5hvzTCb3H9CNSdtAvO6hc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE352/C8E22E8A011611EC9CCDE722C4F9AE02/yqbrmbP-Dvtl048Vsqrk3Dnasx0.crl rsync://rpki.apnic.net/member_repository/A91DE352/C8E22E8A011611EC9CCDE722C4F9AE02/yqbrmbP-Dvtl048Vsqrk3Dnasx0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yqbrmbP-Dvtl048Vsqrk3Dnasx0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1355 (0x54b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE352, serialNumber=CAA6EB99B3FE0EFB65D38F15B2AAE4DC39DAB31D Validity Not Before: Aug 10 23:34:49 2025 GMT Not After : Aug 17 23:34:49 2025 GMT Subject: CN=68992c99-47e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:7e:56:2e:f4:45:26:69:ea:66:ac:a0:ff:1a: aa:c6:d5:e1:bc:08:7a:26:95:b3:79:1a:fa:eb:a4: cb:57:48:92:b0:fb:da:93:cc:45:3e:3e:dd:50:c7: 19:8a:d5:a7:46:83:eb:75:8f:b1:f1:28:ef:53:18: e5:d2:c0:ec:6c:7a:29:3e:b9:fc:dd:f0:27:fd:6f: 00:64:77:4f:bd:b4:c4:12:34:30:a5:75:f5:6a:de: 58:13:93:f8:42:d8:61:54:47:59:b7:52:3c:fe:5d: bd:1d:99:1c:ca:a6:2c:96:be:3b:e1:12:95:b8:01: d9:eb:c4:1f:ac:91:7d:0b:50:0f:3e:39:15:94:76: 88:da:7e:8a:f9:05:9f:15:65:7c:71:13:f0:f1:26: 28:05:b1:9f:c6:61:8e:69:ee:86:4f:2d:20:55:dd: 14:87:50:df:0f:89:a6:5b:52:84:fb:05:3b:1f:30: f0:13:6f:4f:ee:6c:34:8b:04:00:b7:3f:c1:13:92: 6b:37:e3:df:d5:56:fa:66:79:36:9c:a0:d9:44:11: fc:88:59:14:5d:b4:8a:82:bd:54:45:11:71:55:76: 7d:00:3b:cd:e0:99:02:76:fe:a9:18:03:35:61:c3: 9b:c1:35:06:9b:60:73:18:d3:22:f4:cc:84:91:0c: c2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:45:57:DB:3A:E6:5E:82:58:62:6F:D6:7A:69:20:3E:23:FB:F4:09 X509v3 Authority Key Identifier: keyid:CA:A6:EB:99:B3:FE:0E:FB:65:D3:8F:15:B2:AA:E4:DC:39:DA:B3:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE352/C8E22E8A011611EC9CCDE722C4F9AE02/yqbrmbP-Dvtl048Vsqrk3Dnasx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yqbrmbP-Dvtl048Vsqrk3Dnasx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE352/C8E22E8A011611EC9CCDE722C4F9AE02/yqbrmbP-Dvtl048Vsqrk3Dnasx0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:c3:0e:f5:e2:c3:7a:25:89:ed:db:a4:ca:7e:b0:28:97:67: 71:25:cc:dd:bc:80:63:15:1f:ef:8e:c1:67:7a:24:ca:eb:e1: c4:81:d7:90:2e:1e:4e:48:7b:78:a7:6a:e9:ef:a3:db:35:6e: 5c:c2:20:b4:f4:21:26:b2:e5:18:5d:fe:ab:c0:05:29:79:ad: 30:00:47:7a:fb:2a:fb:ec:79:43:a8:24:8c:0d:cd:5b:17:f6: 9d:b2:b6:c0:a6:f2:80:c6:0d:2a:85:37:ce:7b:d7:b2:75:03: 27:84:03:96:41:9b:18:a9:cf:79:97:7d:a7:f2:8c:6b:76:32: 88:35:8b:17:81:dc:0f:3a:d7:c5:3a:db:4d:89:cb:35:1d:19: 1a:6f:28:d3:bc:fe:0b:45:81:f5:56:5a:ad:a2:4a:9d:d9:a1: 97:45:d1:d7:02:b1:68:c6:9d:b6:9d:47:6e:f0:03:81:52:9e: 3f:37:eb:17:fb:ed:ff:d5:9d:21:e3:ec:da:56:96:f8:a9:5f: e2:8f:22:eb:03:97:c1:fe:33:51:09:0c:30:92:d4:b9:4d:8b: 7b:e0:3b:fa:cc:f8:ed:a9:45:e9:a9:fe:b5:cd:66:07:6e:41: 2a:c7:5c:f9:bc:e6:92:bb:dc:32:28:ae:85:37:34:09:3e:17: 2f:2e:3d:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REUzNTIxMTAvBgNVBAUTKENBQTZFQjk5QjNGRTBFRkI2NUQzOEYxNUIyQUFFNERD MzlEQUIzMUQwHhcNMjUwODEwMjMzNDQ5WhcNMjUwODE3MjMzNDQ5WjAYMRYwFAYD VQQDEw02ODk5MmM5OS00N2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA435WLvRFJmnqZqyg/xqqxtXhvAh6JpWzeRr666TLV0iSsPvak8xFPj7dUMcZ itWnRoPrdY+x8SjvUxjl0sDsbHopPrn83fAn/W8AZHdPvbTEEjQwpXX1at5YE5P4 QthhVEdZt1I8/l29HZkcyqYslr474RKVuAHZ68QfrJF9C1APPjkVlHaI2n6K+QWf FWV8cRPw8SYoBbGfxmGOae6GTy0gVd0Uh1DfD4mmW1KE+wU7HzDwE29P7mw0iwQA tz/BE5JrN+Pf1Vb6Znk2nKDZRBH8iFkUXbSKgr1URRFxVXZ9ADvN4JkCdv6pGAM1 YcObwTUGm2BzGNMi9MyEkQzCBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOdFV9s6 5l6CWGJv1nppID4j+/QJMB8GA1UdIwQYMBaAFMqm65mz/g77ZdOPFbKq5Nw52rMd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTM1Mi9DOEUyMkU4QTAx MTYxMUVDOUNDREU3MjJDNEY5QUUwMi95cWJybWJQLUR2dGwwNDhWc3FyazNEbmFz eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lxYnJtYlAtRHZ0bDA0OFZzcXJrM0RuYXN4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTM1Mi9DOEUyMkU4QTAxMTYxMUVDOUNDREU3MjJDNEY5QUUwMi95cWJybWJQLUR2 dGwwNDhWc3FyazNEbmFzeDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVww714sN6JYnt26TKfrAol2dxJczdvIBjFR/vjsFneiTK6+HEgdeQ Lh5OSHt4p2rp76PbNW5cwiC09CEmsuUYXf6rwAUpea0wAEd6+yr77HlDqCSMDc1b F/adsrbApvKAxg0qhTfOe9eydQMnhAOWQZsYqc95l32n8oxrdjKINYsXgdwPOtfF OttNics1HRkabyjTvP4LRYH1Vlqtokqd2aGXRdHXArFoxp22nUdu8AOBUp4/N+sX ++3/1Z0h4+zaVpb4qV/ijyLrA5fB/jNRCQwwktS5TYt74Dv6zPjtqUXpqf61zWYH bkEqx1z5vOaSu9wyKK6FNzQJPhcvLj0m -----END CERTIFICATE-----Generated at Mon Aug 11 04:24:46 2025 by rpki-client