$ rpki-client -vvf rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft File: y1sC0Pxzbip6stKIoPwzFnpLvO0.mft (raw, json) Hash identifier: ubwHQugHohCU3YiFAMfsRQSQq5ZhFv46/+c+kpHeooY= Subject key identifier: 80:6A:51:50:26:F9:CC:3E:78:F6:47:21:E5:D3:54:A6:F9:82:8F:85 Authority key identifier: CB:5B:02:D0:FC:73:6E:2A:7A:B2:D2:88:A0:FC:33:16:7A:4B:BC:ED Certificate issuer: /CN=A9129F1D/serialNumber=CB5B02D0FC736E2A7AB2D288A0FC33167A4BBCED Certificate serial: 01B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft Manifest number: 01B1 Signing time: Fri 25 Apr 2025 02:19:21 +0000 Manifest this update: Fri 25 Apr 2025 02:19:21 +0000 Manifest next update: Fri 02 May 2025 02:19:21 +0000 Files and hashes: 1: y1sC0Pxzbip6stKIoPwzFnpLvO0.crl (hash: u1kl2sVXXMaM7HYrnBWdU9g9MBybUuFOFfBTb71/S+4=) 2: 3E122AE0876011ED84335D46C4F9AE02.roa (hash: bMGYEkxmsNwyimLtEml2g/yxjeK2QwKmxudQ/0mQEOc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.crl rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:19:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9129F1D, serialNumber=CB5B02D0FC736E2A7AB2D288A0FC33167A4BBCED Validity Not Before: Apr 25 02:19:21 2025 GMT Not After : May 2 02:19:21 2025 GMT Subject: CN=680af129-bc7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f8:7e:29:33:13:b8:e7:d3:0d:10:c3:35:47: 89:c7:53:52:29:e2:11:c1:76:93:64:96:4e:c3:04: b6:c2:45:31:e5:96:30:45:32:ef:59:e7:71:ad:2a: 36:3d:8c:f5:28:ef:40:2b:16:1d:80:28:44:ce:8c: 7c:e7:52:ad:df:8c:5e:eb:29:38:9a:8a:9b:f9:cb: be:cb:98:d2:69:d2:2e:43:19:7a:8e:0c:d3:13:e2: 61:68:d6:0f:0a:70:05:4c:1f:d9:37:a8:d4:8b:c5: 76:1b:71:aa:16:59:39:0d:62:4a:80:e9:43:34:a0: 97:ea:89:03:d5:4c:e9:d4:ff:4a:05:60:66:ac:db: 55:09:41:5d:7c:a4:c8:79:ac:cb:42:9a:b9:37:88: 4c:5e:e4:ac:bd:0a:cc:63:35:27:51:fe:8c:57:7e: 8b:db:b1:2b:f0:57:4c:bd:bc:28:9b:5f:c1:8b:8a: 13:ae:d7:7b:ca:83:b8:8d:d8:f9:c3:fc:9f:df:5a: ff:da:98:95:56:f0:96:e4:fe:a4:79:86:62:d5:69: df:6d:ad:66:92:d9:fa:d4:eb:b1:d0:98:06:c3:36: 13:39:80:a7:78:7b:41:82:06:9d:02:c6:ca:96:1a: 3e:db:f7:8c:6f:53:4a:d8:63:63:c5:58:22:7e:ef: e8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:6A:51:50:26:F9:CC:3E:78:F6:47:21:E5:D3:54:A6:F9:82:8F:85 X509v3 Authority Key Identifier: keyid:CB:5B:02:D0:FC:73:6E:2A:7A:B2:D2:88:A0:FC:33:16:7A:4B:BC:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:1c:9f:70:64:1b:47:3e:e9:36:ea:3d:c8:42:8a:25:82:4a: d1:9e:0c:34:12:c6:2a:5b:8b:8b:e9:08:db:8f:ae:b7:52:75: e8:8b:eb:bc:05:dd:86:07:fe:a9:d4:24:8b:7c:7f:bc:4f:a6: 66:fd:c3:73:51:e0:b9:9a:51:14:b3:4c:1e:74:37:e0:b5:27: 3e:25:71:d1:0b:be:23:de:03:4a:43:52:ec:69:0e:fb:07:36: b6:a8:7d:3a:a3:c5:7d:77:f3:e7:55:01:02:68:87:94:ba:ac: 73:9c:36:58:63:c8:c2:95:49:ba:51:46:3d:c0:2f:53:90:be: a0:c6:b2:05:0a:0b:a3:d4:52:42:69:b9:77:e6:97:5a:0b:ca: 72:a2:b7:e9:2d:07:fb:a5:f9:87:8f:5b:d0:fc:d7:2a:53:8c: 6f:62:71:8b:67:74:67:3f:c1:3a:29:b2:df:ee:95:6d:cd:64: 25:41:44:1a:31:e7:c1:63:73:bd:c4:26:50:98:44:37:13:09: 50:d3:4e:39:a1:00:ae:b2:63:c8:2d:c6:fa:f6:31:c7:0c:8b: 98:bd:91:cc:d3:ac:7f:fb:e8:b2:48:e4:a4:81:d1:18:61:bb: d9:a5:e0:e1:e7:e4:13:1f:40:07:55:36:17:bc:f0:a2:9d:1c: 77:f4:90:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjlGMUQxMTAvBgNVBAUTKENCNUIwMkQwRkM3MzZFMkE3QUIyRDI4OEEwRkMzMzE2 N0E0QkJDRUQwHhcNMjUwNDI1MDIxOTIxWhcNMjUwNTAyMDIxOTIxWjAYMRYwFAYD VQQDEw02ODBhZjEyOS1iYzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3fh+KTMTuOfTDRDDNUeJx1NSKeIRwXaTZJZOwwS2wkUx5ZYwRTLvWedxrSo2 PYz1KO9AKxYdgChEzox851Kt34xe6yk4moqb+cu+y5jSadIuQxl6jgzTE+JhaNYP CnAFTB/ZN6jUi8V2G3GqFlk5DWJKgOlDNKCX6okD1Uzp1P9KBWBmrNtVCUFdfKTI eazLQpq5N4hMXuSsvQrMYzUnUf6MV36L27Er8FdMvbwom1/Bi4oTrtd7yoO4jdj5 w/yf31r/2piVVvCW5P6keYZi1Wnfba1mktn61Oux0JgGwzYTOYCneHtBggadAsbK lho+2/eMb1NK2GNjxVgifu/oQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIBqUVAm +cw+ePZHIeXTVKb5go+FMB8GA1UdIwQYMBaAFMtbAtD8c24qerLSiKD8MxZ6S7zt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUYxRC8yMUNBQkE1Qzg3 NUUxMUVEQkRDNjQ5NDZDNEY5QUUwMi95MXNDMFB4emJpcDZzdEtJb1B3ekZucEx2 TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3kxc0MwUHh6YmlwNnN0S0lvUHd6Rm5wTHZPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OUYxRC8yMUNBQkE1Qzg3NUUxMUVEQkRDNjQ5NDZDNEY5QUUwMi95MXNDMFB4emJp cDZzdEtJb1B3ekZucEx2TzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgHJ9wZBtHPuk26j3IQoolgkrRngw0EsYqW4uL6Qjbj663UnXoi+u8 Bd2GB/6p1CSLfH+8T6Zm/cNzUeC5mlEUs0wedDfgtSc+JXHRC74j3gNKQ1LsaQ77 Bza2qH06o8V9d/PnVQECaIeUuqxznDZYY8jClUm6UUY9wC9TkL6gxrIFCguj1FJC abl35pdaC8pyorfpLQf7pfmHj1vQ/NcqU4xvYnGLZ3RnP8E6KbLf7pVtzWQlQUQa MefBY3O9xCZQmEQ3EwlQ0045oQCusmPILcb69jHHDIuYvZHM06x/++iySOSkgdEY YbvZpeDh5+QTH0AHVTYXvPCinRx39JCv -----END CERTIFICATE-----Generated at Sat Apr 26 16:49:47 2025 by rpki-client