$ rpki-client -vvf rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft File: yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft (raw, json) Hash identifier: oU52Xa0VjC1PckOtROLYtCUGuza7Q6O5d72Ci9WHQgw= Subject key identifier: 23:F3:84:BF:E1:52:13:4C:84:A0:83:43:E6:4B:39:6A:BF:F0:82:57 Authority key identifier: C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82 Certificate issuer: /CN=A912B2EE/serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82 Certificate serial: 0F65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft Manifest number: 0F51 Signing time: Thu 24 Apr 2025 17:34:58 +0000 Manifest this update: Thu 24 Apr 2025 17:34:57 +0000 Manifest next update: Thu 01 May 2025 17:34:57 +0000 Files and hashes: 1: yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl (hash: qpde/LW8IqFcr7mnGixx2PzCmDhEnzxJfdkk/5flb0Y=) 2: 05449490E17B11EC93AB7473C4F9AE02.roa (hash: PcZWjC6UVwgJAg7JfBerYqiOjHVIHel2AtVeK/QvypU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3941 (0xf65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B2EE, serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82 Validity Not Before: Apr 24 17:34:57 2025 GMT Not After : May 1 17:34:57 2025 GMT Subject: CN=680a7642-3e83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3c:f5:98:16:78:52:d2:2d:3c:0e:64:f0:08: a3:21:3f:c9:dd:24:3f:59:28:6c:62:3b:22:fb:28: bc:91:cc:60:12:b7:68:b7:4d:27:fc:f2:d2:27:64: 12:21:86:95:7a:45:31:e8:9c:76:7c:6f:f1:13:d8: 30:36:0c:5c:5a:b0:c3:e3:c3:a1:0b:ef:5d:c0:12: 81:03:81:2d:f1:77:89:78:37:55:d0:29:33:46:73: 53:42:2c:bf:31:4f:01:5f:38:48:93:c0:3b:8e:07: d5:42:1e:85:ad:94:d1:e6:ba:d5:a8:b2:6e:6e:9c: 9c:9c:de:82:ee:3d:43:cd:6f:80:d6:5f:e4:20:b2: 91:c0:9d:9e:18:1a:60:a5:1e:ad:b3:a3:dc:18:88: 80:76:0b:97:18:30:a5:b5:28:bc:02:2d:9b:3e:44: 5e:51:84:51:1d:b4:6d:62:70:96:59:49:92:b2:d5: 58:d4:f3:5c:a6:12:98:59:8f:c1:84:27:66:2d:f9: f2:2c:83:43:8d:0d:ca:fa:09:37:cd:cb:a2:44:0f: 5b:09:8d:cd:c3:c8:5e:55:a9:dc:f0:83:6b:c7:67: 52:f8:79:4c:cf:dc:32:a8:0b:2d:88:59:f9:5f:37: 16:b0:9a:cc:4d:49:05:c1:2b:bc:bd:a0:dc:d9:61: 7f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:F3:84:BF:E1:52:13:4C:84:A0:83:43:E6:4B:39:6A:BF:F0:82:57 X509v3 Authority Key Identifier: keyid:C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:39:95:f6:bd:9d:cb:0a:46:0a:4d:4f:f8:b9:f1:51:65:fc: 87:ca:24:5d:37:97:eb:87:6e:2a:0a:ad:52:f8:de:f7:88:6c: 88:09:66:2b:e2:d1:a6:26:51:81:92:67:be:78:0a:90:8b:a2: 36:12:a1:a7:3e:75:b5:df:43:a9:d4:08:5b:1b:13:26:1a:7d: 7f:33:f7:e1:74:ca:0e:4c:7e:36:51:52:f0:48:26:90:e0:97: 43:79:c1:0c:c2:6f:e9:e8:4f:ab:da:78:7c:2e:6a:22:2b:fe: 47:70:92:c2:4a:3f:2a:2e:30:f8:e6:bd:64:2a:d4:8d:3a:99: c5:7a:03:ea:0e:33:c6:fb:21:8e:20:fd:81:46:5a:8b:5e:79: e5:88:2b:b1:4f:69:6e:c4:b6:0c:2a:90:ce:18:67:34:5c:31: 4c:2b:59:71:8b:5b:1a:da:ae:18:7c:3b:55:02:a8:d3:3a:04: 84:6c:64:3f:d2:94:79:ba:c5:86:b5:43:02:63:d1:16:c1:26: 47:2e:ec:10:a6:e3:9e:66:1c:5e:14:d6:b8:9e:33:ad:cf:7b: 25:ae:89:2d:1f:2c:60:f4:c8:c4:85:22:38:45:dc:e4:43:cf: 71:f9:ba:94:5c:c0:9f:ed:d6:a0:14:4e:37:8f:d7:9b:66:e5: 29:10:36:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkIyRUUxMTAvBgNVBAUTKEM4MjQzNDc0MjVCQUM4QUY1OUI0RTE5NjZCQzEwREJG QThCREFCODIwHhcNMjUwNDI0MTczNDU3WhcNMjUwNTAxMTczNDU3WjAYMRYwFAYD VQQDEw02ODBhNzY0Mi0zZTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxjz1mBZ4UtItPA5k8AijIT/J3SQ/WShsYjsi+yi8kcxgErdot00n/PLSJ2QS IYaVekUx6Jx2fG/xE9gwNgxcWrDD48OhC+9dwBKBA4Et8XeJeDdV0CkzRnNTQiy/ MU8BXzhIk8A7jgfVQh6FrZTR5rrVqLJubpycnN6C7j1DzW+A1l/kILKRwJ2eGBpg pR6ts6PcGIiAdguXGDCltSi8Ai2bPkReUYRRHbRtYnCWWUmSstVY1PNcphKYWY/B hCdmLfnyLINDjQ3K+gk3zcuiRA9bCY3Nw8heVanc8INrx2dS+HlMz9wyqAstiFn5 XzcWsJrMTUkFwSu8vaDc2WF/wwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCPzhL/h UhNMhKCDQ+ZLOWq/8IJXMB8GA1UdIwQYMBaAFMgkNHQlusivWbThlmvBDb+ovauC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjJFRS8xRjQxMUY1ODZD MjExMUU5Qjc2RkE5MDlDNEY5QUUwMi95Q1EwZENXNnlLOVp0T0dXYThFTnY2aTlx NEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lDUTBkQ1c2eUs5WnRPR1dhOEVOdjZpOXE0SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QjJFRS8xRjQxMUY1ODZDMjExMUU5Qjc2RkE5MDlDNEY5QUUwMi95Q1EwZENXNnlL OVp0T0dXYThFTnY2aTlxNEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArOZX2vZ3LCkYKTU/4ufFRZfyHyiRdN5frh24qCq1S+N73iGyICWYr 4tGmJlGBkme+eAqQi6I2EqGnPnW130Op1AhbGxMmGn1/M/fhdMoOTH42UVLwSCaQ 4JdDecEMwm/p6E+r2nh8LmoiK/5HcJLCSj8qLjD45r1kKtSNOpnFegPqDjPG+yGO IP2BRlqLXnnliCuxT2luxLYMKpDOGGc0XDFMK1lxi1sa2q4YfDtVAqjTOgSEbGQ/ 0pR5usWGtUMCY9EWwSZHLuwQpuOeZhxeFNa4njOtz3slroktHyxg9MjEhSI4Rdzk Q89x+bqUXMCf7dagFE43j9ebZuUpEDbf -----END CERTIFICATE-----Generated at Sat Apr 26 13:03:31 2025 by rpki-client