$ rpki-client -vvf rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft File: ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft (raw, json) Hash identifier: KbRpLcqtBpZI/RgzRzU9+XkS8cRfg+/yiOWo1uiu0lg= Subject key identifier: 23:0C:17:7E:9E:B4:6D:E2:6A:F0:DC:89:D4:9F:D4:A5:7B:27:8D:31 Authority key identifier: C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC Certificate issuer: /CN=A91597E8/serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC Certificate serial: 347C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft Manifest number: 347C Signing time: Thu 24 Apr 2025 14:43:34 +0000 Manifest this update: Thu 24 Apr 2025 14:43:34 +0000 Manifest next update: Thu 01 May 2025 14:43:34 +0000 Files and hashes: 1: ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl (hash: XAP0SryeVIwCStMj9JDgd7T+6k9R1HkcwlllHg3fqTM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:43:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13436 (0x347c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91597E8, serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC Validity Not Before: Apr 24 14:43:34 2025 GMT Not After : May 1 14:43:34 2025 GMT Subject: CN=680a4e16-c205 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:86:f3:5c:d6:98:c2:fd:e6:f0:38:ef:2e:c3: 29:72:86:54:62:6c:0f:92:d5:bd:d1:a2:2f:bf:40: c5:31:1d:a2:13:eb:50:03:30:27:5f:04:ef:22:6a: 92:85:88:6b:72:79:33:df:fa:1b:a0:d9:73:ef:d7: 8b:ca:61:25:51:1e:52:34:dd:9a:95:0e:48:0e:a7: f7:31:06:4d:28:f8:79:51:2c:a0:6c:d4:69:24:15: f5:5f:be:26:dc:08:6e:e2:91:5f:87:93:15:87:dd: 4c:e1:4b:2d:a9:b1:84:65:2f:a2:a7:e8:c3:b8:ff: 59:b9:ca:53:b7:9c:d5:ff:1a:b0:8b:24:4d:c2:12: 0f:0e:95:6b:c3:ae:af:9f:8f:41:94:37:de:bb:e8: 56:95:81:40:9e:b2:54:6a:0e:16:e4:e0:eb:21:ff: 59:d4:7e:c1:52:22:c5:47:f5:e1:dd:93:95:47:31: 4b:19:f7:3c:5c:82:89:25:d3:ac:40:27:12:c5:88: 56:b7:64:25:7a:65:63:85:15:8a:2c:cb:7e:2f:f4: 64:cf:82:78:3b:88:8a:8b:04:39:db:0a:2f:18:eb: 23:50:b2:30:fa:6b:f4:48:73:6c:e0:20:df:a8:8b: 21:e6:06:8c:96:fe:2a:e0:10:07:66:5a:22:30:66: d3:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:0C:17:7E:9E:B4:6D:E2:6A:F0:DC:89:D4:9F:D4:A5:7B:27:8D:31 X509v3 Authority Key Identifier: keyid:C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:cb:dd:cb:f9:04:b4:dc:d4:97:2f:5f:bc:13:40:98:b8:d9: 91:78:8d:99:83:8c:97:a8:b7:57:cb:a6:df:99:8c:09:37:e4: 41:db:aa:e1:cf:76:7e:f4:f2:d5:9c:6f:c5:96:4f:37:d9:cd: f3:5b:db:b3:48:cc:a7:fd:42:a7:4b:e3:c7:a9:46:97:42:fd: 05:e8:7c:c2:c7:8f:5b:ff:36:83:a7:8a:21:ab:63:d8:e5:ea: 99:66:9d:df:aa:4b:35:79:71:b2:91:7b:b7:25:72:0c:d3:32: 1c:e2:e3:56:36:45:ca:b6:c1:b4:f1:9c:46:44:0f:c4:c1:4a: 19:93:f9:ae:83:a4:c0:cc:2d:38:e5:24:5f:37:63:ba:99:fd: 07:02:7b:04:f4:2d:10:68:cb:35:0b:b7:3d:22:39:70:f3:3d: c9:36:ac:38:d5:17:b0:c0:4c:a9:75:08:fa:7c:ea:4f:0d:29: 4b:1a:f3:6a:04:5a:ca:27:54:58:b6:f9:31:4d:52:77:fb:c4: 75:1c:dd:50:ea:3d:db:3c:21:f2:f7:87:67:f2:42:0e:6a:1b: 4b:6d:d7:f5:ba:a8:2e:fa:94:ad:97:d3:b4:6d:d0:99:af:5f: 64:05:c1:b1:cb:a4:74:2a:7b:77:a1:ce:58:48:e0:03:80:c9: cb:f6:07:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTk3RTgxMTAvBgNVBAUTKEM5QzI4Rjk5MEI2Mjc0MTJDOTdDMkRDRUM3QzkwNkU2 MUFEMzI1QUMwHhcNMjUwNDI0MTQ0MzM0WhcNMjUwNTAxMTQ0MzM0WjAYMRYwFAYD VQQDEw02ODBhNGUxNi1jMjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1YbzXNaYwv3m8DjvLsMpcoZUYmwPktW90aIvv0DFMR2iE+tQAzAnXwTvImqS hYhrcnkz3/oboNlz79eLymElUR5SNN2alQ5IDqf3MQZNKPh5USygbNRpJBX1X74m 3Ahu4pFfh5MVh91M4UstqbGEZS+ip+jDuP9ZucpTt5zV/xqwiyRNwhIPDpVrw66v n49BlDfeu+hWlYFAnrJUag4W5ODrIf9Z1H7BUiLFR/Xh3ZOVRzFLGfc8XIKJJdOs QCcSxYhWt2QlemVjhRWKLMt+L/Rkz4J4O4iKiwQ52wovGOsjULIw+mv0SHNs4CDf qIsh5gaMlv4q4BAHZloiMGbT4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCMMF36e tG3iavDcidSf1KV7J40xMB8GA1UdIwQYMBaAFMnCj5kLYnQSyXwtzsfJBuYa0yWs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTdFOC83QTBGRTdGQTFE OTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRCTEpmQzNPeDhrRzVoclRK YXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ljS1BtUXRpZEJMSmZDM094OGtHNWhyVEphdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OTdFOC83QTBGRTdGQTFEOTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRC TEpmQzNPeDhrRzVoclRKYXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6y93L+QS03NSXL1+8E0CYuNmReI2Zg4yXqLdXy6bfmYwJN+RB26rh z3Z+9PLVnG/Flk832c3zW9uzSMyn/UKnS+PHqUaXQv0F6HzCx49b/zaDp4ohq2PY 5eqZZp3fqks1eXGykXu3JXIM0zIc4uNWNkXKtsG08ZxGRA/EwUoZk/mug6TAzC04 5SRfN2O6mf0HAnsE9C0QaMs1C7c9Ijlw8z3JNqw41RewwEypdQj6fOpPDSlLGvNq BFrKJ1RYtvkxTVJ3+8R1HN1Q6j3bPCHy94dn8kIOahtLbdf1uqgu+pStl9O0bdCZ r19kBcGxy6R0Knt3oc5YSOADgMnL9gc1 -----END CERTIFICATE-----Generated at Sat Apr 26 12:58:16 2025 by rpki-client