$ rpki-client -vvf rpki.apnic.net/member_repository/A917FACB/25D11886B46511EF9BFBAA67C4F9AE02/NYFLFfuDSTnuqFzEpnxOGmqFpPU.mft File: NYFLFfuDSTnuqFzEpnxOGmqFpPU.mft (raw, json) Hash identifier: rrmENuK1F+toXXvyHlv4iWMQfTHFmxfomMVaPX418Mw= Subject key identifier: 57:A8:5D:AC:9D:18:C6:67:E9:A1:26:2A:5F:D1:43:FB:FC:71:DE:42 Authority key identifier: 35:81:4B:15:FB:83:49:39:EE:A8:5C:C4:A6:7C:4E:1A:6A:85:A4:F5 Certificate issuer: /CN=A917FACB/serialNumber=35814B15FB834939EEA85CC4A67C4E1A6A85A4F5 Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYFLFfuDSTnuqFzEpnxOGmqFpPU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917FACB/25D11886B46511EF9BFBAA67C4F9AE02/NYFLFfuDSTnuqFzEpnxOGmqFpPU.mft Manifest number: 4B Signing time: Fri 25 Apr 2025 06:22:08 +0000 Manifest this update: Fri 25 Apr 2025 06:22:08 +0000 Manifest next update: Fri 02 May 2025 06:22:08 +0000 Files and hashes: 1: NYFLFfuDSTnuqFzEpnxOGmqFpPU.crl (hash: HsvXkFAh66G+QT+8oHkfJHbiudFOqQz1B8riuPf453Q=) 2: 81FC16A6B46511EF86BEAC6BC4F9AE02.roa (hash: 3WNjmfHJVoQBd0rENGvmjv5pVSXIpaYmoJ+4Year8YI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917FACB/25D11886B46511EF9BFBAA67C4F9AE02/NYFLFfuDSTnuqFzEpnxOGmqFpPU.crl rsync://rpki.apnic.net/member_repository/A917FACB/25D11886B46511EF9BFBAA67C4F9AE02/NYFLFfuDSTnuqFzEpnxOGmqFpPU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYFLFfuDSTnuqFzEpnxOGmqFpPU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:22:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917FACB, serialNumber=35814B15FB834939EEA85CC4A67C4E1A6A85A4F5 Validity Not Before: Apr 25 06:22:08 2025 GMT Not After : May 2 06:22:08 2025 GMT Subject: CN=680b2a10-afd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:df:df:7e:6a:19:f9:b8:70:de:d1:cf:9b:ea: ab:67:da:18:86:96:68:39:2d:62:b7:17:cc:b7:e8: 41:1f:93:d6:3d:93:b6:f1:11:0f:ee:c0:30:84:b8: 93:d3:02:33:53:c1:f0:c5:cb:f0:2e:99:3c:1a:96: df:f3:89:ba:f4:b0:ca:b1:3c:ff:d9:ea:db:c6:eb: 50:dc:ea:96:a7:21:3a:8b:59:d9:bf:6f:07:58:26: f8:db:c0:ff:6b:1b:2b:72:9f:4e:d2:9b:2f:0a:1d: 65:ed:8a:82:99:7c:87:f7:c7:d9:0f:ef:d6:53:21: d9:30:9c:51:c8:14:1f:af:b3:57:e4:5a:dc:bb:70: 97:da:83:3d:8e:3f:53:1b:47:61:70:51:5f:87:b1: 20:9c:e3:e5:7b:e0:5e:68:1e:d6:49:bc:30:6a:94: bf:36:47:f2:bb:e8:46:b5:17:15:b1:1a:88:05:5f: e4:4a:83:30:73:1a:22:72:03:35:46:69:29:fd:71: ff:dc:ce:cc:0f:48:32:65:eb:eb:31:5e:9f:c1:22: 38:af:4d:06:ec:1d:df:8c:44:ad:a7:08:72:36:25: b6:7f:2b:ff:76:65:71:07:a0:4f:81:ed:fa:99:f6: b8:36:08:ff:ff:bd:4e:b2:c1:ef:0f:4c:9e:5b:c0: a6:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:A8:5D:AC:9D:18:C6:67:E9:A1:26:2A:5F:D1:43:FB:FC:71:DE:42 X509v3 Authority Key Identifier: keyid:35:81:4B:15:FB:83:49:39:EE:A8:5C:C4:A6:7C:4E:1A:6A:85:A4:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917FACB/25D11886B46511EF9BFBAA67C4F9AE02/NYFLFfuDSTnuqFzEpnxOGmqFpPU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYFLFfuDSTnuqFzEpnxOGmqFpPU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917FACB/25D11886B46511EF9BFBAA67C4F9AE02/NYFLFfuDSTnuqFzEpnxOGmqFpPU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:f4:71:05:cb:fb:ae:53:11:c1:e2:d1:54:71:3f:9a:14:eb: f5:d3:ff:45:27:a8:bd:96:7a:32:cc:e7:3c:8a:62:10:3b:ae: ac:90:45:72:83:fe:db:fe:03:c4:77:e7:e0:44:c4:5c:a0:3f: f4:ac:d0:d9:38:d4:aa:47:d6:d3:fe:b8:ab:5f:64:9f:b5:d9: 12:a2:c5:70:5e:87:21:9b:8a:68:c8:21:20:09:0f:4c:08:f5: af:a1:81:ae:81:12:70:4a:fa:0d:87:99:76:90:87:46:d8:e8: 98:0e:12:f6:4a:86:f6:98:47:9b:db:88:46:58:16:41:72:04: 9f:b1:87:e4:8c:93:6c:40:4c:8e:b1:1f:99:bb:92:b4:32:a8: 92:2c:a9:ec:79:05:23:fb:cb:6f:9f:39:2f:44:a5:36:23:4f: 16:78:3d:c0:0f:6f:7e:1a:b8:50:0a:73:f6:0c:2c:a7:ae:22: 78:45:b6:98:f0:6c:9a:e3:2d:eb:b9:77:97:58:9a:76:03:cc: 83:f4:04:92:ed:39:ba:25:15:cc:86:a7:e4:98:5c:32:06:21: f0:b7:33:e3:bd:1a:17:c0:6d:45:fa:37:0b:26:4e:69:3f:d2: e0:2e:de:af:45:08:1e:b9:7c:11:24:df:6d:f1:b1:d1:53:2b: 4a:6d:3c:fa -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RkFDQjExMC8GA1UEBRMoMzU4MTRCMTVGQjgzNDkzOUVFQTg1Q0M0QTY3QzRFMUE2 QTg1QTRGNTAeFw0yNTA0MjUwNjIyMDhaFw0yNTA1MDIwNjIyMDhaMBgxFjAUBgNV BAMTDTY4MGIyYTEwLWFmZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCt399+ahn5uHDe0c+b6qtn2hiGlmg5LWK3F8y36EEfk9Y9k7bxEQ/uwDCEuJPT AjNTwfDFy/AumTwalt/zibr0sMqxPP/Z6tvG61Dc6panITqLWdm/bwdYJvjbwP9r Gytyn07Smy8KHWXtioKZfIf3x9kP79ZTIdkwnFHIFB+vs1fkWty7cJfagz2OP1Mb R2FwUV+HsSCc4+V74F5oHtZJvDBqlL82R/K76Ea1FxWxGogFX+RKgzBzGiJyAzVG aSn9cf/czswPSDJl6+sxXp/BIjivTQbsHd+MRK2nCHI2JbZ/K/92ZXEHoE+B7fqZ 9rg2CP//vU6ywe8PTJ5bwKaTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUV6hdrJ0Y xmfpoSYqX9FD+/xx3kIwHwYDVR0jBBgwFoAUNYFLFfuDSTnuqFzEpnxOGmqFpPUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGQUNCLzI1RDExODg2QjQ2 NTExRUY5QkZCQUE2N0M0RjlBRTAyL05ZRkxGZnVEU1RudXFGekVwbnhPR21xRnBQ VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTllGTEZmdURTVG51cUZ6RXBueE9HbXFGcFBVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdG QUNCLzI1RDExODg2QjQ2NTExRUY5QkZCQUE2N0M0RjlBRTAyL05ZRkxGZnVEU1Ru dXFGekVwbnhPR21xRnBQVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABn0cQXL+65TEcHi0VRxP5oU6/XT/0UnqL2WejLM5zyKYhA7rqyQRXKD /tv+A8R35+BExFygP/Ss0Nk41KpH1tP+uKtfZJ+12RKixXBehyGbimjIISAJD0wI 9a+hga6BEnBK+g2HmXaQh0bY6JgOEvZKhvaYR5vbiEZYFkFyBJ+xh+SMk2xATI6x H5m7krQyqJIsqex5BSP7y2+fOS9EpTYjTxZ4PcAPb34auFAKc/YMLKeuInhFtpjw bJrjLeu5d5dYmnYDzIP0BJLtObolFcyGp+SYXDIGIfC3M+O9GhfAbUX6NwsmTmk/ 0uAu3q9FCB65fBEk323xsdFTK0ptPPo= -----END CERTIFICATE-----Generated at Sat Apr 26 05:06:52 2025 by rpki-client