$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft File: yozvXh2MPaWsm67lsZbvBmCaOVk.mft (raw, json) Hash identifier: BmPdFcO4CJl8XVr1tV/ZzOhFizmdIgVHFGbdcJ34EB8= Subject key identifier: D6:49:68:99:89:9D:AB:2F:86:C4:72:53:9C:8F:B1:90:4F:28:0D:39 Authority key identifier: CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 Certificate issuer: /CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Certificate serial: 0B0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft Manifest number: 0B0C Signing time: Thu 24 Apr 2025 19:08:54 +0000 Manifest this update: Thu 24 Apr 2025 19:08:53 +0000 Manifest next update: Thu 01 May 2025 19:08:53 +0000 Files and hashes: 1: yozvXh2MPaWsm67lsZbvBmCaOVk.crl (hash: BeWjkeZexbMbCAFYtberlqyLeBbtFPTOdJCUdEzyDW0=) 2: 410BAD2095F011EFA9137C67C4F9AE02.roa (hash: SNO/bBZDGGjsIOKkc1Q9a6n7NxtIrWP6e7L/IhWULh8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:08:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2830 (0xb0e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5BA, serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Validity Not Before: Apr 24 19:08:53 2025 GMT Not After : May 1 19:08:53 2025 GMT Subject: CN=680a8c45-a137 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:dd:90:2e:0f:52:bb:c1:19:4a:95:d2:0e:e9: c8:df:09:20:f7:82:80:63:1e:de:8f:ff:29:84:88: 72:68:ca:43:60:2d:5d:8c:10:aa:cd:27:0a:33:0d: bc:ae:25:2d:f6:25:94:96:d0:0f:89:bf:20:dd:35: 1f:66:94:57:bc:e2:f7:fb:eb:3f:f0:54:6f:fe:8f: c1:e0:f2:28:8e:d1:6b:36:84:ce:96:e1:62:30:bc: 6a:74:e7:e9:28:17:c9:6e:53:d9:c2:c1:ab:90:d0: 90:85:c7:32:c9:60:7d:88:8c:18:2b:5d:c4:d8:99: f0:b4:b4:5c:80:e4:d6:51:80:a7:68:79:08:68:a8: 10:37:fe:00:73:17:c0:cc:11:59:5e:44:07:c1:76: 74:f0:9d:26:a3:d7:c3:79:d4:21:7d:40:25:e1:40: ea:a6:96:59:79:1e:35:5e:b3:1f:5a:73:96:b7:3d: b4:01:e5:44:29:4c:c3:99:de:49:49:c0:8f:a2:ce: 39:a4:38:74:a2:e7:85:47:e7:c1:e3:b0:6a:7a:cb: ba:b1:d3:6c:f3:09:39:66:34:72:c9:23:9a:6e:2f: ad:ce:26:c9:06:5c:2f:eb:c3:79:65:5d:32:f2:f6: 76:7a:af:2c:fd:ef:48:7b:b3:a0:c2:40:78:c9:28: 34:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:49:68:99:89:9D:AB:2F:86:C4:72:53:9C:8F:B1:90:4F:28:0D:39 X509v3 Authority Key Identifier: keyid:CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:64:67:a4:95:b9:7d:d4:3f:33:8f:d2:23:86:88:ea:de:26: 20:99:95:29:e1:46:45:fd:c4:56:d1:d2:9d:26:18:fb:70:44: 5b:65:c2:ca:03:7b:6c:53:06:10:e4:7c:b1:f8:a4:cd:41:5f: e6:7a:ff:bd:9d:00:55:63:66:4d:27:78:93:34:3b:9e:95:5e: 51:da:2f:d9:12:37:d6:0c:95:d6:f9:67:54:38:18:44:c0:38: 8f:34:88:f1:e6:6c:f9:20:0a:0b:28:e9:7e:03:30:6f:0b:03: 50:4d:d8:c7:13:ef:75:aa:f6:2d:bc:62:8d:15:bd:83:92:8c: 7a:d1:61:65:3b:b4:a5:67:21:14:b8:94:49:d6:ab:f1:39:42: a6:ca:37:20:d7:f7:8f:dc:18:d6:84:50:82:c9:b9:29:50:6b: d1:3c:7e:75:f1:69:4a:ae:55:00:4a:82:84:45:69:0f:a9:fb: 95:0e:29:3e:5e:4f:e4:ab:fc:c4:00:b4:5b:97:84:1f:cd:23: 13:1d:a7:cb:22:55:56:53:b2:1c:62:35:cf:ac:f7:71:a5:da: a5:e0:e7:f8:c1:56:ce:0e:91:f8:d2:7a:a5:0a:ba:4b:08:ed: b6:d1:77:74:f5:93:5c:fa:fe:38:ec:56:91:da:c5:90:2d:de: f8:77:a7:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCw4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QkExMTAvBgNVBAUTKENBOENFRjVFMUQ4QzNEQTVBQzlCQUVFNUIxOTZFRjA2 NjA5QTM5NTkwHhcNMjUwNDI0MTkwODUzWhcNMjUwNTAxMTkwODUzWjAYMRYwFAYD VQQDEw02ODBhOGM0NS1hMTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1N2QLg9Su8EZSpXSDunI3wkg94KAYx7ej/8phIhyaMpDYC1djBCqzScKMw28 riUt9iWUltAPib8g3TUfZpRXvOL3++s/8FRv/o/B4PIojtFrNoTOluFiMLxqdOfp KBfJblPZwsGrkNCQhccyyWB9iIwYK13E2JnwtLRcgOTWUYCnaHkIaKgQN/4AcxfA zBFZXkQHwXZ08J0mo9fDedQhfUAl4UDqppZZeR41XrMfWnOWtz20AeVEKUzDmd5J ScCPos45pDh0oueFR+fB47Bqesu6sdNs8wk5ZjRyySOabi+tzibJBlwv68N5ZV0y 8vZ2eq8s/e9Ie7OgwkB4ySg06QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNZJaJmJ nasvhsRyU5yPsZBPKA05MB8GA1UdIwQYMBaAFMqM714djD2lrJuu5bGW7wZgmjlZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCQS85M0UyRkIwQzNE QTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBhV3NtNjdsc1pidkJtQ2FP VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvenZYaDJNUGFXc202N2xzWmJ2Qm1DYU9Way5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjVCQS85M0UyRkIwQzNEQTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBh V3NtNjdsc1pidkJtQ2FPVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEZGeklbl91D8zj9Ijhojq3iYgmZUp4UZF/cRW0dKdJhj7cERbZcLK A3tsUwYQ5Hyx+KTNQV/mev+9nQBVY2ZNJ3iTNDuelV5R2i/ZEjfWDJXW+WdUOBhE wDiPNIjx5mz5IAoLKOl+AzBvCwNQTdjHE+91qvYtvGKNFb2Dkox60WFlO7SlZyEU uJRJ1qvxOUKmyjcg1/eP3BjWhFCCybkpUGvRPH518WlKrlUASoKERWkPqfuVDik+ Xk/kq/zEALRbl4QfzSMTHafLIlVWU7IcYjXPrPdxpdql4Of4wVbODpH40nqlCrpL CO220Xd09ZNc+v447FaR2sWQLd74d6eQ -----END CERTIFICATE-----Generated at Sat Apr 26 04:23:57 2025 by rpki-client