$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft File: YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft (raw, json) Hash identifier: ygJaYzOLsreP9mbUapVSJyWjn3kpFR+o1TW+NfRVFwQ= Subject key identifier: D4:7B:7D:7D:20:87:39:25:C9:0D:83:32:08:47:6D:62:39:DB:6A:FE Authority key identifier: 60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 Certificate issuer: /CN=A91E5A08/serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Certificate serial: 01DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft Manifest number: 01DA Signing time: Wed 05 Nov 2025 02:51:11 +0000 Manifest this update: Wed 05 Nov 2025 02:51:11 +0000 Manifest next update: Wed 12 Nov 2025 02:51:11 +0000 Files and hashes: 1: YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl (hash: LKWSNIF5Xyn7PEGhMaomtlzY3GjUGHaZ087LSf9v5xo=) 2: EC9A7C9EE26811EDBB19B85EC4F9AE02.roa (hash: b95mpJ4EM9DYq2FEBTGRF8becbveDJsLEHAflxFwbco=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:51:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 477 (0x1dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5A08, serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Validity Not Before: Nov 5 02:51:11 2025 GMT Not After : Nov 12 02:51:11 2025 GMT Subject: CN=690abb9f-161f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b1:20:c0:ad:56:40:67:d1:0f:bd:17:8c:f7: 20:59:a6:a5:1d:3c:aa:cc:29:36:f3:f3:36:45:60: ce:f3:90:c8:d4:82:d0:14:8c:30:4b:fd:f9:c2:0b: 17:71:5b:71:3d:44:bc:c7:6d:9e:5a:7c:6d:72:fa: 4e:26:4e:ac:ea:fa:7a:20:7d:ac:db:b5:32:a7:4b: 9a:94:bc:fe:2f:36:84:cc:9e:cb:da:a4:2a:b7:ab: f3:a8:e1:8b:2e:46:f2:82:5d:9a:cd:d9:0c:cf:6a: 2a:f3:96:17:0e:2b:79:39:0f:57:32:19:74:25:99: b9:f3:a0:2b:e2:5c:ed:a7:b0:8b:0d:32:3a:f9:3b: 18:de:48:e5:64:c3:9d:1d:3c:aa:e8:a5:d1:23:7b: 68:d2:a5:a8:eb:2b:ef:c0:fe:04:f8:7d:49:b0:17: a5:f0:a4:f6:a3:ed:99:bf:a6:98:df:c6:e0:c5:63: 46:3d:01:9d:0f:67:ff:45:ea:a2:63:74:92:08:33: 9a:f7:fb:4b:25:67:0a:09:52:04:c9:3b:5b:8d:d5: 91:54:30:e7:37:c2:b8:ad:6b:be:35:96:63:66:14: 02:1b:ce:e5:43:57:ee:0e:c4:17:2c:44:46:b9:c7: 2c:7e:ba:bc:59:a4:0d:c3:63:c1:23:c3:4a:14:33: b7:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:7B:7D:7D:20:87:39:25:C9:0D:83:32:08:47:6D:62:39:DB:6A:FE X509v3 Authority Key Identifier: keyid:60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:22:37:66:91:ff:f5:c2:f2:38:2c:80:36:87:3e:67:c1:83: 76:d0:5f:99:07:d3:02:28:f2:43:5d:a0:81:ab:ee:ce:0f:f8: 9d:78:b5:e4:52:d4:be:58:1a:a9:c4:22:e5:7b:fa:cf:8e:3b: 68:19:6a:0a:85:8e:f2:f4:f3:ec:20:5b:6a:e4:f0:ae:ee:14: 84:5b:20:76:1f:eb:4a:91:b0:dc:97:dd:e0:f2:42:43:dc:d1: ca:ed:5e:54:f9:df:b8:a9:57:d1:99:d1:b3:4f:80:26:4a:d6: fd:42:96:f6:ad:5e:2a:bc:0b:42:83:ac:50:d4:20:49:e5:46: df:3e:da:52:3e:cd:36:a5:b0:6d:ed:2d:ac:37:a8:f7:a4:28: 64:c1:a3:09:1d:2b:7a:bd:8e:42:3d:b0:ca:2b:64:ef:2d:0a: f4:0f:a1:83:b6:70:68:4c:83:d1:7e:13:80:e2:96:c3:06:b8: 45:ba:42:20:f0:46:11:a3:94:18:0f:36:59:db:00:e3:cf:5c: 81:4d:1a:c6:54:d5:e0:9b:27:ee:21:d9:2b:48:9e:3c:c3:34: 09:1a:4f:c7:20:e7:37:32:f9:fa:93:3f:ec:26:66:15:1e:24: 6f:03:f7:7d:57:37:63:13:33:8a:49:5b:77:be:d1:9d:81:b4: 7f:3b:d7:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVBMDgxMTAvBgNVBAUTKDYwMDZCOTY1ODMxM0Q4NjQ5OTE2MTlENjk3OUIwRjdF MDFFNEI2NjgwHhcNMjUxMTA1MDI1MTExWhcNMjUxMTEyMDI1MTExWjAYMRYwFAYD VQQDEw02OTBhYmI5Zi0xNjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvrEgwK1WQGfRD70XjPcgWaalHTyqzCk28/M2RWDO85DI1ILQFIwwS/35wgsX cVtxPUS8x22eWnxtcvpOJk6s6vp6IH2s27Uyp0ualLz+LzaEzJ7L2qQqt6vzqOGL Lkbygl2azdkMz2oq85YXDit5OQ9XMhl0JZm586Ar4lztp7CLDTI6+TsY3kjlZMOd HTyq6KXRI3to0qWo6yvvwP4E+H1JsBel8KT2o+2Zv6aY38bgxWNGPQGdD2f/Reqi Y3SSCDOa9/tLJWcKCVIEyTtbjdWRVDDnN8K4rWu+NZZjZhQCG87lQ1fuDsQXLERG uccsfrq8WaQNw2PBI8NKFDO3xQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNR7fX0g hzklyQ2DMghHbWI522r+MB8GA1UdIwQYMBaAFGAGuWWDE9hkmRYZ1pebD34B5LZo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUEwOC9CMDYwQ0M1NEUy NjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJHU1pGaG5XbDVzUGZnSGt0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lBYTVaWU1UMkdTWkZobldsNXNQZmdIa3RtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUEwOC9CMDYwQ0M1NEUyNjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJH U1pGaG5XbDVzUGZnSGt0bWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcIjdmkf/1wvI4LIA2hz5nwYN20F+ZB9MCKPJDXaCBq+7OD/ideLXk UtS+WBqpxCLle/rPjjtoGWoKhY7y9PPsIFtq5PCu7hSEWyB2H+tKkbDcl93g8kJD 3NHK7V5U+d+4qVfRmdGzT4AmStb9Qpb2rV4qvAtCg6xQ1CBJ5UbfPtpSPs02pbBt 7S2sN6j3pChkwaMJHSt6vY5CPbDKK2TvLQr0D6GDtnBoTIPRfhOA4pbDBrhFukIg 8EYRo5QYDzZZ2wDjz1yBTRrGVNXgmyfuIdkrSJ48wzQJGk/HIOc3Mvn6kz/sJmYV HiRvA/d9VzdjEzOKSVt3vtGdgbR/O9fd -----END CERTIFICATE-----Generated at Wed Nov 5 15:03:30 2025 by rpki-client