$ rpki-client -vvf rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.mft File: yil3R0MKG-s0C8o51iIv0mQZt9s.mft (raw, json) Hash identifier: 0AWYxqATvfphIpmULQgda3lbz7zDEtVDAD9seawm2Z0= Subject key identifier: 5E:0B:08:E8:4D:D5:56:6F:AF:D1:CD:E0:D8:24:B6:85:31:80:D1:23 Authority key identifier: CA:29:77:47:43:0A:1B:EB:34:0B:CA:39:D6:22:2F:D2:64:19:B7:DB Certificate issuer: /CN=A91417B0/serialNumber=CA297747430A1BEB340BCA39D6222FD26419B7DB Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.mft Manifest number: 35 Signing time: Fri 25 Apr 2025 06:38:47 +0000 Manifest this update: Fri 25 Apr 2025 06:38:47 +0000 Manifest next update: Fri 02 May 2025 06:38:47 +0000 Files and hashes: 1: yil3R0MKG-s0C8o51iIv0mQZt9s.crl (hash: 8Peh1ri/SacLZHcvj9vezVDJFQZ3+E+fpqD7jCp3yr0=) 2: 5909D86203DB11F0B7D5DD29C4F9AE02.roa (hash: vXg2V9oSq+UecV6UR/hi4Z0CckYReJT3wpjl4H/MqsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.crl rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:38:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91417B0, serialNumber=CA297747430A1BEB340BCA39D6222FD26419B7DB Validity Not Before: Apr 25 06:38:47 2025 GMT Not After : May 2 06:38:47 2025 GMT Subject: CN=680b2df7-a3ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:8e:f5:32:5f:43:de:02:e7:94:4f:b3:bc:61: 28:9c:a5:67:35:0b:98:6b:6f:2d:bb:41:58:db:cd: f7:26:c8:a6:fd:15:33:93:68:06:35:cb:6d:b3:84: 08:ba:31:fc:cf:0d:7d:0d:d9:95:52:a0:37:45:0a: e4:bc:c7:05:e7:84:49:d8:a7:f0:57:a5:5f:73:aa: 34:ad:12:76:a8:26:21:d3:b1:6b:62:df:f2:b5:3a: 4d:20:e3:2d:ad:9f:ee:21:e4:76:78:49:8e:2e:91: b3:a7:2b:73:db:8a:a9:a5:15:24:6e:d8:a8:4a:12: 74:67:a3:3c:6b:3f:1c:f2:59:b2:7f:22:36:44:a2: f6:4a:66:f3:ec:93:d7:a4:c1:c2:4a:45:3f:6f:b6: da:54:c6:c8:42:cf:ab:5e:ad:fc:87:0c:a8:c9:0f: 66:74:b6:c3:22:de:52:20:56:f9:a8:a0:b4:bc:42: 4a:ad:b6:c0:77:d1:6e:a0:dc:04:b0:d6:ba:31:eb: 67:75:d5:f9:da:cb:de:2f:60:e4:d1:34:59:79:ae: fb:da:a2:31:96:36:c2:99:bc:c6:2e:90:c1:10:12: a2:4f:51:4f:21:a2:3a:3c:41:2b:3a:1e:8f:95:03: 5a:1b:7d:7c:b4:fa:d2:ab:f2:fe:80:f8:d5:32:e7: 22:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:0B:08:E8:4D:D5:56:6F:AF:D1:CD:E0:D8:24:B6:85:31:80:D1:23 X509v3 Authority Key Identifier: keyid:CA:29:77:47:43:0A:1B:EB:34:0B:CA:39:D6:22:2F:D2:64:19:B7:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:15:c7:c5:9d:2f:2c:94:88:15:9a:de:ee:71:09:43:6f:dd: 40:10:e3:f6:d5:5e:4e:8c:e1:e1:af:03:b8:50:f1:77:41:19: 27:ac:5b:47:10:5a:f9:21:b3:5f:25:a7:46:a1:00:50:5d:f9: 8c:3a:cc:5d:c9:c2:47:6b:62:27:d0:a7:f4:b3:49:f3:fa:ce: dc:4b:93:f2:a9:bd:ef:5e:d5:e3:87:94:3b:8b:35:39:9a:27: f8:ca:cc:dc:67:35:66:e7:b5:0e:29:a0:b4:0f:b8:3b:07:5e: 61:5b:28:17:de:c3:d0:9c:61:3e:3d:22:ed:3d:de:b6:ca:90: 15:63:e4:fc:08:7b:3f:11:7c:3b:c2:16:c8:c5:fa:39:89:35: 13:96:a0:5f:cf:be:08:26:56:92:3d:08:07:f7:a8:b2:af:e6: 49:6e:9a:ef:39:fd:65:ec:fa:63:e9:f2:34:4f:56:10:56:52: d6:13:b4:ae:3a:9d:46:fe:01:b7:71:e9:af:20:e9:9e:ca:b9: ee:35:55:ac:8b:2a:d8:7a:e2:18:7a:fa:d4:36:8d:1d:f5:dc: 98:f0:ac:5e:49:22:87:29:fe:72:3a:e3:d2:a8:2a:eb:9d:05: 10:ba:e5:b6:c1:f0:ea:96:bd:ed:ee:e0:ae:64:73:53:ac:4e: 2a:cc:73:56 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MTdCMDExMC8GA1UEBRMoQ0EyOTc3NDc0MzBBMUJFQjM0MEJDQTM5RDYyMjJGRDI2 NDE5QjdEQjAeFw0yNTA0MjUwNjM4NDdaFw0yNTA1MDIwNjM4NDdaMBgxFjAUBgNV BAMTDTY4MGIyZGY3LWEzZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCZjvUyX0PeAueUT7O8YSicpWc1C5hrby27QVjbzfcmyKb9FTOTaAY1y22zhAi6 MfzPDX0N2ZVSoDdFCuS8xwXnhEnYp/BXpV9zqjStEnaoJiHTsWti3/K1Ok0g4y2t n+4h5HZ4SY4ukbOnK3PbiqmlFSRu2KhKEnRnozxrPxzyWbJ/IjZEovZKZvPsk9ek wcJKRT9vttpUxshCz6terfyHDKjJD2Z0tsMi3lIgVvmooLS8QkqttsB30W6g3ASw 1rox62d11fnay94vYOTRNFl5rvvaojGWNsKZvMYukMEQEqJPUU8hojo8QSs6Ho+V A1obfXy0+tKr8v6A+NUy5yK9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXgsI6E3V Vm+v0c3g2CS2hTGA0SMwHwYDVR0jBBgwFoAUyil3R0MKG+s0C8o51iIv0mQZt9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxN0IwL0UxQUM4MjEwRDg4 MzExRUY5NTRBM0Q3MEM0RjlBRTAyL3lpbDNSME1LRy1zMEM4bzUxaUl2MG1RWnQ5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveWlsM1IwTUtHLXMwQzhvNTFpSXYwbVFadDlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQx N0IwL0UxQUM4MjEwRDg4MzExRUY5NTRBM0Q3MEM0RjlBRTAyL3lpbDNSME1LRy1z MEM4bzUxaUl2MG1RWnQ5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMgVx8WdLyyUiBWa3u5xCUNv3UAQ4/bVXk6M4eGvA7hQ8XdBGSesW0cQ Wvkhs18lp0ahAFBd+Yw6zF3JwkdrYifQp/SzSfP6ztxLk/Kpve9e1eOHlDuLNTma J/jKzNxnNWbntQ4poLQPuDsHXmFbKBfew9CcYT49Iu093rbKkBVj5PwIez8RfDvC FsjF+jmJNROWoF/PvggmVpI9CAf3qLKv5klumu85/WXs+mPp8jRPVhBWUtYTtK46 nUb+Abdx6a8g6Z7Kue41VayLKth64hh6+tQ2jR313JjwrF5JIocp/nI649KoKuud BRC65bbB8OqWve3u4K5kc1OsTirMc1Y= -----END CERTIFICATE-----Generated at Sat Apr 26 15:25:09 2025 by rpki-client