$ rpki-client -vvf rpki.apnic.net/member_repository/A91362A0/8032CBF0E3A111E6BF3B0068C4F9AE02/gyAF3EXYwTKohRVcQx0zMZrPbY0.mft File: gyAF3EXYwTKohRVcQx0zMZrPbY0.mft (raw, json) Hash identifier: UQcdN1gAzXaWSSUOKFOJder5nHe1JIuUvC0W9S5EbB4= Subject key identifier: 49:4D:3F:D5:79:19:E9:26:5A:09:12:16:D1:79:58:DA:00:AC:A6:DD Authority key identifier: 83:20:05:DC:45:D8:C1:32:A8:85:15:5C:43:1D:33:31:9A:CF:6D:8D Certificate issuer: /CN=A91362A0/serialNumber=832005DC45D8C132A885155C431D33319ACF6D8D Certificate serial: 1C3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gyAF3EXYwTKohRVcQx0zMZrPbY0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91362A0/8032CBF0E3A111E6BF3B0068C4F9AE02/gyAF3EXYwTKohRVcQx0zMZrPbY0.mft Manifest number: 1C2C Signing time: Thu 24 Apr 2025 16:12:52 +0000 Manifest this update: Thu 24 Apr 2025 16:12:51 +0000 Manifest next update: Thu 01 May 2025 16:12:51 +0000 Files and hashes: 1: gyAF3EXYwTKohRVcQx0zMZrPbY0.crl (hash: b6bkagORnB8inLQic7KuVDOb4rJM7e685zfO1bEV3ZM=) 2: B21D3C5AE21311E8B9660E3EC4F9AE02.roa (hash: X/4GCRMZ/gVyKNef6s/CyH3yqYjWWcRQZHTiFuRUpcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91362A0/8032CBF0E3A111E6BF3B0068C4F9AE02/gyAF3EXYwTKohRVcQx0zMZrPbY0.crl rsync://rpki.apnic.net/member_repository/A91362A0/8032CBF0E3A111E6BF3B0068C4F9AE02/gyAF3EXYwTKohRVcQx0zMZrPbY0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gyAF3EXYwTKohRVcQx0zMZrPbY0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:12:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7228 (0x1c3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91362A0, serialNumber=832005DC45D8C132A885155C431D33319ACF6D8D Validity Not Before: Apr 24 16:12:51 2025 GMT Not After : May 1 16:12:51 2025 GMT Subject: CN=680a6304-d25e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:08:08:89:e3:a5:85:fe:8a:fe:b1:ab:71:3c: 93:3f:41:33:e1:19:3a:b7:8e:90:ab:98:5f:39:3f: c1:9e:a6:fc:a2:e5:05:d8:f5:19:aa:21:a1:ba:28: 02:45:c5:5a:e1:b5:fb:2c:d8:4d:39:f4:b5:6c:fa: 62:2d:64:93:b3:5e:09:cd:5f:41:f8:f3:a2:b1:25: fb:8b:61:16:aa:f9:18:f1:a0:a3:af:c7:c0:46:41: aa:2d:d6:c8:1c:56:c6:ac:ac:c6:08:08:4c:fc:83: 7c:67:68:8d:66:82:c0:bc:cd:e1:3b:68:0f:61:8c: 84:1a:eb:d3:80:e0:51:99:ab:e5:a9:f9:ee:96:5b: 49:d3:d2:c4:17:54:66:e3:21:eb:3b:a2:f7:1e:6b: b4:2a:2e:37:de:a1:75:59:46:37:6a:3d:68:c6:3a: 1a:d2:55:ce:d1:71:e2:fc:81:08:dc:ec:20:47:40: 46:26:22:91:db:5d:47:de:fd:89:4b:49:ab:cd:c0: cf:2c:6a:6e:8d:7a:57:7d:be:2a:bd:cb:8b:d1:0b: 1b:5a:67:c7:de:a6:b9:c0:b1:76:8a:28:49:4b:9b: c4:60:cb:32:60:67:6a:c3:57:22:19:66:dd:75:b4: c5:86:d0:42:d0:35:65:c4:d9:3a:0e:5e:d0:3a:05: c4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:4D:3F:D5:79:19:E9:26:5A:09:12:16:D1:79:58:DA:00:AC:A6:DD X509v3 Authority Key Identifier: keyid:83:20:05:DC:45:D8:C1:32:A8:85:15:5C:43:1D:33:31:9A:CF:6D:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91362A0/8032CBF0E3A111E6BF3B0068C4F9AE02/gyAF3EXYwTKohRVcQx0zMZrPbY0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gyAF3EXYwTKohRVcQx0zMZrPbY0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91362A0/8032CBF0E3A111E6BF3B0068C4F9AE02/gyAF3EXYwTKohRVcQx0zMZrPbY0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:b4:cc:f0:4d:72:57:15:10:2b:a5:2d:0f:73:3a:77:fb:95: 86:0d:94:c3:49:d2:62:20:b3:0c:a9:f8:02:b9:04:91:e6:55: fe:23:89:bd:ab:0d:9b:77:25:ab:4c:e1:85:6f:f4:30:d8:d0: e5:2d:e9:63:c8:a9:be:a4:1d:ab:c4:d0:7d:b0:7c:44:f5:d3: 44:95:a4:94:28:28:27:2a:61:cd:6f:a3:cf:e6:cc:c9:d7:bf: 10:20:c8:18:8a:95:dc:5d:f1:2f:4e:13:94:cb:32:de:0e:8c: 78:98:5e:b7:fc:6a:dd:b9:23:10:17:a2:b4:2a:88:93:07:ad: 12:4b:d3:13:0f:44:84:c2:a7:c4:ee:0e:b7:48:5a:e0:6e:ef: ac:25:bf:e5:87:ff:04:68:26:14:38:9b:94:31:fd:31:1d:14: 81:87:f0:d8:bf:10:2d:4b:40:68:78:88:17:81:5c:64:b1:7a: 73:0d:94:b4:75:0d:2a:6c:f2:f1:32:c1:bd:21:1e:d4:31:68: c1:63:53:c7:76:de:43:b6:70:b4:f0:c1:9a:2c:98:24:9e:36: 7f:2a:f6:11:41:0e:4e:1a:2f:b3:0c:9c:57:6d:68:02:8b:8d: fc:30:c4:a2:41:4a:58:12:38:53:c3:66:9f:ba:3d:21:37:e1: ad:38:eb:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzYyQTAxMTAvBgNVBAUTKDgzMjAwNURDNDVEOEMxMzJBODg1MTU1QzQzMUQzMzMx OUFDRjZEOEQwHhcNMjUwNDI0MTYxMjUxWhcNMjUwNTAxMTYxMjUxWjAYMRYwFAYD VQQDEw02ODBhNjMwNC1kMjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvQgIieOlhf6K/rGrcTyTP0Ez4Rk6t46Qq5hfOT/Bnqb8ouUF2PUZqiGhuigC RcVa4bX7LNhNOfS1bPpiLWSTs14JzV9B+POisSX7i2EWqvkY8aCjr8fARkGqLdbI HFbGrKzGCAhM/IN8Z2iNZoLAvM3hO2gPYYyEGuvTgOBRmavlqfnulltJ09LEF1Rm 4yHrO6L3Hmu0Ki433qF1WUY3aj1oxjoa0lXO0XHi/IEI3OwgR0BGJiKR211H3v2J S0mrzcDPLGpujXpXfb4qvcuL0QsbWmfH3qa5wLF2iihJS5vEYMsyYGdqw1ciGWbd dbTFhtBC0DVlxNk6Dl7QOgXEowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFElNP9V5 GekmWgkSFtF5WNoArKbdMB8GA1UdIwQYMBaAFIMgBdxF2MEyqIUVXEMdMzGaz22N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjJBMC84MDMyQ0JGMEUz QTExMUU2QkYzQjAwNjhDNEY5QUUwMi9neUFGM0VYWXdUS29oUlZjUXgwek1aclBi WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2d5QUYzRVhZd1RLb2hSVmNReDB6TVpyUGJZMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NjJBMC84MDMyQ0JGMEUzQTExMUU2QkYzQjAwNjhDNEY5QUUwMi9neUFGM0VYWXdU S29oUlZjUXgwek1aclBiWTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArtMzwTXJXFRArpS0Pczp3+5WGDZTDSdJiILMMqfgCuQSR5lX+I4m9 qw2bdyWrTOGFb/Qw2NDlLeljyKm+pB2rxNB9sHxE9dNElaSUKCgnKmHNb6PP5szJ 178QIMgYipXcXfEvThOUyzLeDox4mF63/GrduSMQF6K0KoiTB60SS9MTD0SEwqfE 7g63SFrgbu+sJb/lh/8EaCYUOJuUMf0xHRSBh/DYvxAtS0BoeIgXgVxksXpzDZS0 dQ0qbPLxMsG9IR7UMWjBY1PHdt5DtnC08MGaLJgknjZ/KvYRQQ5OGi+zDJxXbWgC i438MMSiQUpYEjhTw2afuj0hN+GtOOsm -----END CERTIFICATE-----Generated at Sat Apr 26 12:35:46 2025 by rpki-client