$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft File: YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft (raw, json) Hash identifier: queHctlN+24AoprU8X2ki6E/RI7WMx/pFj/htHyRDIk= Subject key identifier: 41:D5:55:CF:23:C8:E0:89:1D:83:E4:D3:B4:98:6F:E6:9F:5D:D8:1F Authority key identifier: 60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 Certificate issuer: /CN=A91E5A08/serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Certificate serial: 0197 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft Manifest number: 0194 Signing time: Thu 19 Jun 2025 02:52:01 +0000 Manifest this update: Thu 19 Jun 2025 02:52:00 +0000 Manifest next update: Thu 26 Jun 2025 02:52:00 +0000 Files and hashes: 1: YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl (hash: xG0m2pcA7+X0rqB2zv3/AkpoUM3R597sltxNu3wk2Kk=) 2: EC9A7C9EE26811EDBB19B85EC4F9AE02.roa (hash: b95mpJ4EM9DYq2FEBTGRF8becbveDJsLEHAflxFwbco=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 02:52:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 407 (0x197) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5A08, serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Validity Not Before: Jun 19 02:52:00 2025 GMT Not After : Jun 26 02:52:00 2025 GMT Subject: CN=68537b51-da2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e2:b5:9a:05:e0:df:96:e5:ba:c3:07:e2:d3: d4:7d:97:96:3f:53:e6:3c:d2:47:55:01:1d:7a:c5: 3a:a0:c2:0e:83:f6:d7:db:b7:f2:11:db:0d:12:64: 1e:24:a1:53:f3:83:04:c0:c2:bc:fe:06:ae:56:7d: 7b:0b:fa:68:f4:ce:7d:55:ea:56:a8:dd:fc:c7:f7: dd:8c:51:a9:bb:d7:ad:d7:41:5e:64:01:2c:b8:bb: 18:27:f8:a0:05:33:94:d3:53:ce:d3:fe:a8:fc:a8: 42:e2:94:f4:90:b0:fd:6d:06:46:c7:e6:ea:a1:ff: ad:aa:ee:4f:99:7c:97:86:e4:11:dc:1f:69:50:ee: 06:e5:61:eb:2f:0a:e8:9f:8d:b2:35:59:e2:6c:27: 58:1f:50:f5:74:9f:6c:ab:da:f6:f4:d1:c4:e7:ed: be:c2:ac:9f:c4:ba:b8:89:d5:fa:e7:39:3a:1c:c7: eb:ca:38:ad:ae:01:0e:0b:b2:3f:63:9d:33:5a:fa: 0f:0c:c8:e8:9a:5c:ff:b5:02:e9:b5:53:c0:39:92: c8:cd:7c:9a:0d:0b:91:5e:1f:eb:95:1d:e8:95:5e: 96:c7:45:ea:54:03:8f:ef:00:50:9c:18:e4:04:67: 8b:04:cd:6f:2d:93:ce:7f:36:aa:87:86:59:c6:7f: 49:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D5:55:CF:23:C8:E0:89:1D:83:E4:D3:B4:98:6F:E6:9F:5D:D8:1F X509v3 Authority Key Identifier: keyid:60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:06:4a:5b:6f:7b:60:40:fe:2e:b1:8f:e2:a6:99:90:9b:4e: 19:5b:ee:27:49:0d:fa:f6:a4:6b:da:b2:63:da:af:9e:50:9a: a7:cf:3a:ae:3e:99:02:51:33:25:28:5d:57:ea:ef:ad:5a:cf: 0e:79:a4:22:fa:a5:56:24:32:02:65:e7:9e:48:8b:9d:e0:39: 2f:5a:76:f3:4b:9d:0f:8b:60:f9:07:80:01:12:2d:45:5d:75: 6a:9b:c7:c7:6c:c0:29:ba:71:53:d7:96:03:94:6a:0c:ec:88: 35:f8:e1:70:2e:a1:5b:65:ab:1f:ee:42:e7:98:d2:a5:3e:23: f7:4b:0a:c3:70:61:d5:97:0b:3c:7f:7d:ac:6e:88:d0:43:16: e6:00:b4:3d:8c:6a:c4:71:92:10:02:c4:d9:24:40:99:e3:38: b9:a9:ed:c0:68:bd:2f:8e:4a:dc:37:78:fa:5a:07:28:3e:cc: ca:77:9f:1e:c0:0f:a7:a0:f5:ef:71:ef:06:84:42:f4:b6:84: d0:aa:7e:10:bb:6c:45:62:39:59:3d:72:7b:a6:4b:2c:bd:b9: df:41:ad:7d:18:52:76:f5:12:e8:5a:ec:08:8d:70:ac:22:8b: 25:08:bd:ee:8b:7c:9d:0d:c0:cb:ce:32:0f:c0:51:98:a7:af: 14:36:84:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVBMDgxMTAvBgNVBAUTKDYwMDZCOTY1ODMxM0Q4NjQ5OTE2MTlENjk3OUIwRjdF MDFFNEI2NjgwHhcNMjUwNjE5MDI1MjAwWhcNMjUwNjI2MDI1MjAwWjAYMRYwFAYD VQQDEw02ODUzN2I1MS1kYTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2eK1mgXg35blusMH4tPUfZeWP1PmPNJHVQEdesU6oMIOg/bX27fyEdsNEmQe JKFT84MEwMK8/gauVn17C/po9M59VepWqN38x/fdjFGpu9et10FeZAEsuLsYJ/ig BTOU01PO0/6o/KhC4pT0kLD9bQZGx+bqof+tqu5PmXyXhuQR3B9pUO4G5WHrLwro n42yNVnibCdYH1D1dJ9sq9r29NHE5+2+wqyfxLq4idX65zk6HMfryjitrgEOC7I/ Y50zWvoPDMjomlz/tQLptVPAOZLIzXyaDQuRXh/rlR3olV6Wx0XqVAOP7wBQnBjk BGeLBM1vLZPOfzaqh4ZZxn9JmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEHVVc8j yOCJHYPk07SYb+afXdgfMB8GA1UdIwQYMBaAFGAGuWWDE9hkmRYZ1pebD34B5LZo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUEwOC9CMDYwQ0M1NEUy NjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJHU1pGaG5XbDVzUGZnSGt0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lBYTVaWU1UMkdTWkZobldsNXNQZmdIa3RtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUEwOC9CMDYwQ0M1NEUyNjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJH U1pGaG5XbDVzUGZnSGt0bWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMBkpbb3tgQP4usY/ippmQm04ZW+4nSQ369qRr2rJj2q+eUJqnzzqu PpkCUTMlKF1X6u+tWs8OeaQi+qVWJDICZeeeSIud4DkvWnbzS50Pi2D5B4ABEi1F XXVqm8fHbMApunFT15YDlGoM7Ig1+OFwLqFbZasf7kLnmNKlPiP3SwrDcGHVlws8 f32sbojQQxbmALQ9jGrEcZIQAsTZJECZ4zi5qe3AaL0vjkrcN3j6WgcoPszKd58e wA+noPXvce8GhEL0toTQqn4Qu2xFYjlZPXJ7pkssvbnfQa19GFJ29RLoWuwIjXCs IoslCL3ui3ydDcDLzjIPwFGYp68UNoRo -----END CERTIFICATE-----Generated at Thu Jun 19 15:40:13 2025 by rpki-client