$ rpki-client -vvf rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft File: P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft (raw, json) Hash identifier: IaM6hWSnriGKQ794LBl/RaowFVy7Va62+tMBQ+z0AWg= Subject key identifier: C9:04:65:AA:62:64:82:CF:E7:05:B6:12:4D:2A:58:0F:2C:F6:24:05 Authority key identifier: 3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 Certificate issuer: /CN=A914988F/serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Certificate serial: 07AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft Manifest number: 07A6 Signing time: Thu 24 Apr 2025 21:03:57 +0000 Manifest this update: Thu 24 Apr 2025 21:03:56 +0000 Manifest next update: Thu 01 May 2025 21:03:56 +0000 Files and hashes: 1: P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl (hash: vpTtPdv73r/QkRRimYKPnPrmLBVXGe42Q/p5Ha0bvyI=) 2: 4ED5A00CFE2611EAA4F3424DC4F9AE02.roa (hash: qdn4Rx6KYVWRsCXtm49GAL/TWxFXG2srvh1gEG2saCQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1965 (0x7ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914988F, serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Validity Not Before: Apr 24 21:03:56 2025 GMT Not After : May 1 21:03:56 2025 GMT Subject: CN=680aa73d-0ba5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:13:45:69:7d:24:c5:15:74:9e:5e:23:37:98: 52:77:9f:46:50:8d:56:f2:3b:52:77:30:7b:73:cf: 84:e5:ed:79:7f:11:bf:b8:4c:7d:14:2e:6a:ff:b7: bf:c5:a0:b5:9f:a9:29:19:92:16:47:15:c8:a9:a4: ac:5e:ab:d2:0e:de:94:ee:7b:a0:76:81:07:c7:dd: be:9d:7c:d7:f7:0f:a6:b3:c7:4a:7c:47:a4:da:ab: f2:3c:28:96:c0:c2:d5:42:77:e8:af:4e:0a:f3:27: 95:ec:eb:eb:b1:05:e5:f1:3c:03:77:06:66:7b:0b: ea:f4:c3:ef:05:f6:39:45:ff:60:99:3c:b2:f2:28: 8b:1d:23:11:5c:e2:37:a3:29:c7:4a:f3:b9:1f:29: b3:6b:7c:ca:b1:d4:fd:c4:db:7d:6f:c8:b4:71:08: c0:2f:61:42:07:70:ac:25:06:3c:e1:47:6a:58:db: 40:04:c9:4f:36:2e:b9:26:9b:e5:37:a7:d4:ac:51: 30:c2:50:b9:55:2f:1d:93:74:0f:e2:03:82:d9:91: a9:69:22:5e:d2:a9:95:fd:0e:d3:ff:59:c6:9e:a5: c4:63:63:5e:d7:f7:08:7c:69:93:69:b5:7a:b8:bf: 57:57:33:ad:f2:64:f9:9b:f6:53:7f:fc:b5:0b:7b: 78:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:04:65:AA:62:64:82:CF:E7:05:B6:12:4D:2A:58:0F:2C:F6:24:05 X509v3 Authority Key Identifier: keyid:3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:4e:15:c5:0d:07:82:75:c2:03:b3:ec:27:a3:89:7e:e2:87: 70:41:f2:db:fa:0f:45:c8:dc:3e:74:c3:07:0a:07:55:52:58: 14:d4:ce:f4:07:34:6f:9f:53:af:8f:4d:51:fb:f0:fb:2d:a2: da:bd:e5:ce:16:17:00:b9:83:1e:7a:c9:f4:39:b0:88:f6:dc: 26:da:74:70:78:c0:f3:cc:29:a2:5f:03:3d:c4:5f:6c:fe:05: 52:ea:ca:57:53:be:61:60:85:09:0e:16:ea:8a:92:8a:81:70: 44:44:e4:00:f2:20:e2:32:92:76:6e:16:24:5f:db:6b:c7:75: 80:eb:4a:69:19:d0:34:9a:66:54:4b:bb:3d:7d:4e:6c:12:9b: 59:47:d3:8d:f7:11:59:33:ff:b1:e4:8d:52:9f:54:4d:93:0a: 6f:48:c2:d7:82:bb:47:31:8f:87:44:7c:83:e6:14:c1:c7:67: 16:f0:94:5a:17:6c:2c:33:f6:bb:24:e2:e9:ce:a1:33:f7:2e: 8a:12:dd:a7:83:43:dd:e0:c3:90:27:19:bc:bf:a7:2e:4a:97: 34:41:0e:aa:13:d0:7d:b6:eb:b5:4a:f0:a1:e0:99:f3:44:fc: 1b:cd:36:37:ab:51:c4:c4:9a:06:01:b4:5d:52:11:54:e4:2a: 35:df:4f:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB60wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4OEYxMTAvBgNVBAUTKDNGRTYwMzFGMjU1NjdBNDU0N0NERTE3MzFBMkQ4MTRE Qjg2RTIwOTQwHhcNMjUwNDI0MjEwMzU2WhcNMjUwNTAxMjEwMzU2WjAYMRYwFAYD VQQDEw02ODBhYTczZC0wYmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtRNFaX0kxRV0nl4jN5hSd59GUI1W8jtSdzB7c8+E5e15fxG/uEx9FC5q/7e/ xaC1n6kpGZIWRxXIqaSsXqvSDt6U7nugdoEHx92+nXzX9w+ms8dKfEek2qvyPCiW wMLVQnfor04K8yeV7OvrsQXl8TwDdwZmewvq9MPvBfY5Rf9gmTyy8iiLHSMRXOI3 oynHSvO5Hymza3zKsdT9xNt9b8i0cQjAL2FCB3CsJQY84UdqWNtABMlPNi65Jpvl N6fUrFEwwlC5VS8dk3QP4gOC2ZGpaSJe0qmV/Q7T/1nGnqXEY2Ne1/cIfGmTabV6 uL9XVzOt8mT5m/ZTf/y1C3t4OwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMkEZapi ZILP5wW2Ek0qWA8s9iQFMB8GA1UdIwQYMBaAFD/mAx8lVnpFR83hcxotgU24biCU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OTg4Ri8xOTI0N0ZCQUZF MjUxMUVBOUNDMTBDNENDNEY5QUUwMi9QLVlESHlWV2VrVkh6ZUZ6R2kyQlRiaHVJ SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtWURIeVZXZWtWSHplRnpHaTJCVGJodUlKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OTg4Ri8xOTI0N0ZCQUZFMjUxMUVBOUNDMTBDNENDNEY5QUUwMi9QLVlESHlWV2Vr Vkh6ZUZ6R2kyQlRiaHVJSlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKThXFDQeCdcIDs+wno4l+4odwQfLb+g9FyNw+dMMHCgdVUlgU1M70 BzRvn1Ovj01R+/D7LaLaveXOFhcAuYMeesn0ObCI9twm2nRweMDzzCmiXwM9xF9s /gVS6spXU75hYIUJDhbqipKKgXBEROQA8iDiMpJ2bhYkX9trx3WA60ppGdA0mmZU S7s9fU5sEptZR9ON9xFZM/+x5I1Sn1RNkwpvSMLXgrtHMY+HRHyD5hTBx2cW8JRa F2wsM/a7JOLpzqEz9y6KEt2ng0Pd4MOQJxm8v6cuSpc0QQ6qE9B9tuu1SvCh4Jnz RPwbzTY3q1HExJoGAbRdUhFU5Co1308G -----END CERTIFICATE-----Generated at Sat Apr 26 04:31:21 2025 by rpki-client