$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft File: YfjH66e1XnGy5rF3QJFCUdiM8KY.mft (raw, json) Hash identifier: 2vdZDiEM22T4WJfxCz8btmJH0ne/d1Qrvm/y7q1Sp0w= Subject key identifier: EF:35:70:BB:DF:33:64:07:0A:DB:72:AD:4D:21:04:63:CD:08:20:7D Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6 Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6 Certificate serial: 42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft Manifest number: 3A Signing time: Fri 25 Apr 2025 06:41:08 +0000 Manifest this update: Fri 25 Apr 2025 06:41:07 +0000 Manifest next update: Fri 02 May 2025 06:41:07 +0000 Files and hashes: 1: YfjH66e1XnGy5rF3QJFCUdiM8KY.crl (hash: SDI9y2iU7GnvU6OU5LlrYETK+MN01+k+1NRL7IWalpY=) 2: 5FDDEE1CE34211EF8EA0CA77C4F9AE02.roa (hash: U1IGaFhELlQWY/Ln876qk8JzJ3sNkyrrUJbwE+5NxYc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6 Validity Not Before: Apr 25 06:41:07 2025 GMT Not After : May 2 06:41:07 2025 GMT Subject: CN=680b2e83-96a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a5:0b:7e:15:d1:6a:7f:fb:6a:e7:34:6d:50: a1:f3:6f:24:9d:24:03:31:10:21:82:b2:44:80:d3: 1f:7c:e3:ed:6e:76:b3:a5:a8:3e:4a:c0:13:70:31: 99:f8:39:5a:00:6c:c0:64:b9:dc:9d:c8:a2:25:10: d4:8f:43:ca:7e:2a:39:84:0f:df:43:d8:7f:f6:bd: 16:ce:ad:95:7f:ac:c4:8d:2d:3d:3e:08:60:c6:c4: 00:00:6e:fb:8b:37:ef:4e:2e:61:8d:f3:74:ba:87: 95:3d:86:26:08:e9:c6:cd:a6:b2:95:00:bd:9d:84: 6a:2c:36:70:ea:34:4e:88:40:2d:ef:26:5f:9e:f1: 5a:25:fc:04:5d:7a:32:fc:c2:31:06:71:4e:2b:6a: d5:23:64:72:d7:fe:2e:42:8e:7a:03:4e:12:ec:41: bb:7f:68:96:73:27:5f:bd:65:1d:83:a9:d9:59:53: e0:ad:35:d6:78:fc:34:a2:02:e6:d1:86:fa:27:41: 9f:bd:af:b1:17:78:de:5f:dc:b3:fa:a8:13:bc:8e: 77:c6:7b:82:80:49:a9:28:6a:f8:61:48:b1:57:41: 8b:e4:03:51:28:0a:6c:d9:b5:6e:6c:d4:06:22:b1: 1e:9a:ff:2f:a0:25:e6:cd:08:91:fd:48:56:74:a3: 8e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:35:70:BB:DF:33:64:07:0A:DB:72:AD:4D:21:04:63:CD:08:20:7D X509v3 Authority Key Identifier: keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:30:e2:38:d0:7f:72:25:49:8f:b0:ef:b1:32:53:38:bd:0a: 12:94:6e:ed:01:ca:d6:fd:09:dc:12:d0:6c:57:3c:ab:b6:5e: c5:4b:a0:d2:7e:12:ee:01:eb:05:02:e0:fb:5b:31:e3:4f:d7: 1b:95:d7:98:91:89:5e:67:3a:34:9c:ac:f1:01:d7:0d:c0:c2: f1:79:bf:9c:ce:f2:ee:0e:8e:65:ed:84:47:9d:8b:29:2d:50: 09:c8:ad:23:26:b9:10:0b:fb:59:2f:24:6f:e8:7a:cc:bc:e6: a6:4a:f9:dd:d9:0a:41:fe:b2:d6:52:78:74:e9:da:42:6b:e0: 60:05:1a:e8:38:b2:1d:3b:5f:7f:77:95:21:f0:f5:f4:62:e7: 71:65:ed:a3:70:5b:1c:fd:81:13:4a:0f:35:58:36:cf:96:fb: c6:d5:aa:b5:30:ca:9e:f8:02:b8:17:7b:ce:88:80:0b:a1:d3: cb:93:69:c4:32:de:4c:23:6b:a8:1e:c2:98:18:d1:b0:a1:95: 10:eb:5b:14:07:56:a0:16:8d:50:63:30:1b:f2:5a:5c:37:83: 6b:a5:24:a4:fb:f7:d7:2d:b3:ab:f1:1e:ec:eb:b7:d8:d6:cf: 10:83:e2:89:bb:d0:ad:cc:cc:9f:6c:99:40:84:57:c2:82:89: cd:94:ad:8c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE ODhDRjBBNjAeFw0yNTA0MjUwNjQxMDdaFw0yNTA1MDIwNjQxMDdaMBgxFjAUBgNV BAMTDTY4MGIyZTgzLTk2YTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJpQt+FdFqf/tq5zRtUKHzbySdJAMxECGCskSA0x984+1udrOlqD5KwBNwMZn4 OVoAbMBkudydyKIlENSPQ8p+KjmED99D2H/2vRbOrZV/rMSNLT0+CGDGxAAAbvuL N+9OLmGN83S6h5U9hiYI6cbNprKVAL2dhGosNnDqNE6IQC3vJl+e8Vol/ARdejL8 wjEGcU4ratUjZHLX/i5CjnoDThLsQbt/aJZzJ1+9ZR2DqdlZU+CtNdZ4/DSiAubR hvonQZ+9r7EXeN5f3LP6qBO8jnfGe4KASakoavhhSLFXQYvkA1EoCmzZtW5s1AYi sR6a/y+gJebNCJH9SFZ0o46LAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7zVwu98z ZAcK23KtTSEEY80IIH0wHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4 NDkxLzYwREE1M0ZBREZBNTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5H eTVyRjNRSkZDVWRpTThLWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGQw4jjQf3IlSY+w77EyUzi9ChKUbu0Bytb9CdwS0GxXPKu2XsVLoNJ+ Eu4B6wUC4PtbMeNP1xuV15iRiV5nOjScrPEB1w3AwvF5v5zO8u4OjmXthEediykt UAnIrSMmuRAL+1kvJG/oesy85qZK+d3ZCkH+stZSeHTp2kJr4GAFGug4sh07X393 lSHw9fRi53Fl7aNwWxz9gRNKDzVYNs+W+8bVqrUwyp74ArgXe86IgAuh08uTacQy 3kwja6gewpgY0bChlRDrWxQHVqAWjVBjMBvyWlw3g2ulJKT799cts6vxHuzrt9jW zxCD4om70K3MzJ9smUCEV8KCic2UrYw= -----END CERTIFICATE-----Generated at Sat Apr 26 13:08:49 2025 by rpki-client