$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft File: yL8GWnSCLvjMYvSlTlnVhxILb0c.mft (raw, json) Hash identifier: D3cjerEpG6A0L5B8B6EhZkIe+7JPplDIP0Ga+wwtJI4= Subject key identifier: D4:B0:56:E4:3C:DD:28:35:90:52:D5:9B:BC:05:D8:AF:F8:0C:80:7A Authority key identifier: C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 Certificate issuer: /CN=A91E85F1/serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft Manifest number: 28 Signing time: Sun 15 Jun 2025 06:52:08 +0000 Manifest this update: Sun 15 Jun 2025 06:52:08 +0000 Manifest next update: Sun 22 Jun 2025 06:52:08 +0000 Files and hashes: 1: yL8GWnSCLvjMYvSlTlnVhxILb0c.crl (hash: 5F1wmFFEGw+Wfc+nIJAjGCIXvou090Ykw9I+bmN/jyc=) 2: 4D144B780DFE11F09C46E054C4F9AE02.roa (hash: rxfflXV8vQ/KWVF6kuCP1iokmRw18P+QAjN4iDWpgsI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 06:52:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Validity Not Before: Jun 15 06:52:08 2025 GMT Not After : Jun 22 06:52:08 2025 GMT Subject: CN=684e6d98-b1b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f7:38:ba:10:af:40:12:b6:2f:50:3c:4e:b3: 52:0e:62:80:6c:25:54:6d:a1:de:f6:4b:d7:38:c7: 76:b3:ab:ae:40:f3:ef:b2:54:0c:6e:6d:7c:9e:3b: 3a:5c:ef:43:b3:1e:69:ab:9e:77:05:11:b3:68:a9: 8c:c1:10:6f:e8:f9:97:d8:f8:3b:dc:6c:c7:d8:e4: ac:9d:32:cd:fe:d0:b3:d7:fd:6d:a5:cd:f7:e9:0b: 0d:2b:ca:ff:ae:4f:e3:c0:f2:61:71:42:8a:b3:51: 5c:d8:82:04:03:a8:b9:07:e4:3b:97:d7:d9:ea:ec: a5:a6:f1:a0:2f:8c:fe:74:d9:f4:e8:0c:fc:ec:f7: 03:35:89:b8:47:bd:c4:7c:f3:7a:bc:a6:72:36:7e: c5:a5:52:c8:d2:bb:e2:9a:6a:a4:a8:e0:42:f5:56: b8:82:6a:80:f3:7a:d2:d9:63:fa:a8:f8:74:d5:18: 95:f4:bd:81:bf:6e:62:dd:49:1b:e6:3a:a7:70:eb: 37:77:63:7b:7e:bf:33:2d:d4:19:c8:16:07:ff:b0: 26:f4:8a:55:71:13:8a:d7:b9:e0:11:06:b5:9f:ef: ca:47:09:30:6d:96:71:7b:60:a5:10:42:5b:1d:86: d7:45:47:a7:7f:23:52:73:59:b9:4d:72:75:41:22: 8b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:B0:56:E4:3C:DD:28:35:90:52:D5:9B:BC:05:D8:AF:F8:0C:80:7A X509v3 Authority Key Identifier: keyid:C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:fe:c8:1e:18:1f:99:9c:5d:60:55:8b:7a:24:e4:f4:4f:ec: db:69:c0:3a:b7:65:77:0f:fe:eb:57:e2:45:0b:9f:94:28:f2: 12:d1:5f:cc:bb:af:4e:49:a9:ab:db:88:2c:99:e1:9b:bc:8e: 4d:53:44:cc:85:0b:74:6d:38:b1:48:15:d5:0c:50:f9:37:c1: 0e:3a:62:b4:5f:15:29:ac:aa:ff:0f:bd:a6:6a:97:94:04:20: 98:55:88:8c:53:6d:fe:aa:ca:45:8e:32:e1:40:00:28:63:e7: 47:70:11:b4:7d:37:f1:f7:06:03:c8:7e:2d:a4:63:84:a7:e7: 42:c3:a7:7d:5e:48:fe:cf:75:2d:f6:6a:ff:48:a0:65:bc:7c: e1:30:37:11:70:fd:b4:73:b0:2e:f6:49:43:1e:45:11:30:0d: 6d:39:8a:44:22:ec:22:a7:cf:1d:df:53:f5:54:2c:3f:bf:59: 64:56:33:c0:30:d0:aa:4b:fb:cf:60:c7:df:3b:77:23:78:5c: cd:50:eb:ca:0b:f3:84:e7:68:dc:d2:97:a2:15:ed:f9:b0:ac: 2d:9d:20:1f:c6:af:a2:40:1f:c5:33:a4:30:6f:29:dc:c4:96: 57:1a:58:5f:59:1d:64:e0:36:b4:f9:f9:15:65:65:58:ef:aa: 58:24:08:b4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoQzhCRjA2NUE3NDgyMkVGOENDNjJGNEE1NEU1OUQ1ODcx MjBCNkY0NzAeFw0yNTA2MTUwNjUyMDhaFw0yNTA2MjIwNjUyMDhaMBgxFjAUBgNV BAMTDTY4NGU2ZDk4LWIxYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDG9zi6EK9AErYvUDxOs1IOYoBsJVRtod72S9c4x3azq65A8++yVAxubXyeOzpc 70OzHmmrnncFEbNoqYzBEG/o+ZfY+DvcbMfY5KydMs3+0LPX/W2lzffpCw0ryv+u T+PA8mFxQoqzUVzYggQDqLkH5DuX19nq7KWm8aAvjP502fToDPzs9wM1ibhHvcR8 83q8pnI2fsWlUsjSu+KaaqSo4EL1VriCaoDzetLZY/qo+HTVGJX0vYG/bmLdSRvm Oqdw6zd3Y3t+vzMt1BnIFgf/sCb0ilVxE4rXueARBrWf78pHCTBtlnF7YKUQQlsd htdFR6d/I1JzWblNcnVBIoshAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1LBW5Dzd KDWQUtWbvAXYr/gMgHowHwYDVR0jBBgwFoAUyL8GWnSCLvjMYvSlTlnVhxILb0cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzZBQTRENjBBMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZqTVl2U2xUbG5WaHhJTGIw Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUw4R1duU0NMdmpNWXZTbFRsblZoeElMYjBjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzZBQTRENjBBMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZq TVl2U2xUbG5WaHhJTGIwYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFL+yB4YH5mcXWBVi3ok5PRP7NtpwDq3ZXcP/utX4kULn5Qo8hLRX8y7 r05JqavbiCyZ4Zu8jk1TRMyFC3RtOLFIFdUMUPk3wQ46YrRfFSmsqv8PvaZql5QE IJhViIxTbf6qykWOMuFAAChj50dwEbR9N/H3BgPIfi2kY4Sn50LDp31eSP7PdS32 av9IoGW8fOEwNxFw/bRzsC72SUMeRREwDW05ikQi7CKnzx3fU/VULD+/WWRWM8Aw 0KpL+89gx987dyN4XM1Q68oL84TnaNzSl6IV7fmwrC2dIB/Gr6JAH8UzpDBvKdzE llcaWF9ZHWTgNrT5+RVlZVjvqlgkCLQ= -----END CERTIFICATE-----Generated at Tue Jun 17 01:33:06 2025 by rpki-client