$ rpki-client -vvf rpki.apnic.net/member_repository/A918BFB8/AB95B5A877D511E9ABC63A65C4F9AE02/SkTgEhvolIv3vEnLA6Y4F6W60YY.mft File: SkTgEhvolIv3vEnLA6Y4F6W60YY.mft (raw, json) Hash identifier: kSFxVlVHFkMIUrwXGbhR6CALV/RJI08Gyc7boD9dA1U= Subject key identifier: F0:FA:59:E6:F8:AB:D3:1F:4A:35:D5:81:E3:D9:B6:81:68:B2:B8:A3 Authority key identifier: 4A:44:E0:12:1B:E8:94:8B:F7:BC:49:CB:03:A6:38:17:A5:BA:D1:86 Certificate issuer: /CN=A918BFB8/serialNumber=4A44E0121BE8948BF7BC49CB03A63817A5BAD186 Certificate serial: 0F07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SkTgEhvolIv3vEnLA6Y4F6W60YY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918BFB8/AB95B5A877D511E9ABC63A65C4F9AE02/SkTgEhvolIv3vEnLA6Y4F6W60YY.mft Manifest number: 0EFE Signing time: Thu 24 Apr 2025 17:37:53 +0000 Manifest this update: Thu 24 Apr 2025 17:37:52 +0000 Manifest next update: Thu 01 May 2025 17:37:52 +0000 Files and hashes: 1: SkTgEhvolIv3vEnLA6Y4F6W60YY.crl (hash: Iv4f8Q4R240xA7qWSAfqFyVBkt7bdujeppexGStHj14=) 2: DBB5A81E77D611E98792C466C4F9AE02.roa (hash: l1aL436ui+DSs7MhbbXkGIT5+J+EKVHo8IJU3TtL4kk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918BFB8/AB95B5A877D511E9ABC63A65C4F9AE02/SkTgEhvolIv3vEnLA6Y4F6W60YY.crl rsync://rpki.apnic.net/member_repository/A918BFB8/AB95B5A877D511E9ABC63A65C4F9AE02/SkTgEhvolIv3vEnLA6Y4F6W60YY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SkTgEhvolIv3vEnLA6Y4F6W60YY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:37:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3847 (0xf07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918BFB8, serialNumber=4A44E0121BE8948BF7BC49CB03A63817A5BAD186 Validity Not Before: Apr 24 17:37:52 2025 GMT Not After : May 1 17:37:52 2025 GMT Subject: CN=680a76f0-25e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:dc:7a:67:61:c6:ce:4b:68:aa:51:7f:9a:de: 69:b7:23:09:d9:5f:af:00:57:c1:8b:0f:48:a3:c1: 89:2d:0b:ca:f8:6b:86:c9:3e:b1:88:3a:13:4a:77: 47:f7:e8:b2:ce:1e:34:fc:75:e1:25:f4:2d:09:6e: 85:67:59:cb:55:9f:28:ba:7e:4a:c1:a5:d7:08:f8: 48:93:2f:d4:ac:d1:7c:75:4e:94:c5:58:81:5c:55: ca:8a:45:a8:be:e9:a4:68:1a:ef:af:52:df:a5:bd: b8:c2:5f:47:9f:bb:9a:ea:d9:f6:d4:a1:3a:ff:00: 7a:6c:99:78:5a:28:db:0f:55:e6:86:51:89:b1:e7: 7b:ff:f1:3a:d3:2b:40:26:37:08:7c:c1:f2:20:f7: 1d:bf:02:06:9c:4f:43:e7:22:7d:c9:92:48:c9:a1: c0:1f:d3:b5:6e:24:ef:ef:aa:54:79:4b:12:01:ec: 0d:a7:0c:18:18:c7:5c:81:c8:75:ad:10:3d:f3:5b: b8:f2:3d:65:26:d7:79:aa:53:5a:86:57:5f:37:17: a5:d8:e1:24:4a:c6:80:bf:86:ea:4d:0d:9a:71:f8: 79:c6:4d:da:34:2d:c0:48:51:83:e9:79:4d:a5:c8: 32:7d:dd:f5:db:26:14:e3:6e:a2:b2:cb:98:c6:07: 2b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:FA:59:E6:F8:AB:D3:1F:4A:35:D5:81:E3:D9:B6:81:68:B2:B8:A3 X509v3 Authority Key Identifier: keyid:4A:44:E0:12:1B:E8:94:8B:F7:BC:49:CB:03:A6:38:17:A5:BA:D1:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918BFB8/AB95B5A877D511E9ABC63A65C4F9AE02/SkTgEhvolIv3vEnLA6Y4F6W60YY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SkTgEhvolIv3vEnLA6Y4F6W60YY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BFB8/AB95B5A877D511E9ABC63A65C4F9AE02/SkTgEhvolIv3vEnLA6Y4F6W60YY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e8:f5:fe:b4:ff:d3:3c:e6:f9:a3:05:d8:34:03:d7:f2:04:63: d8:ff:50:d4:c6:c5:1b:7f:be:d6:5b:40:e5:e8:57:f5:b5:a7: 02:c5:e9:aa:77:a8:a5:c8:8c:78:3d:cb:f0:15:fa:bc:39:ea: ec:4e:f2:d4:6a:41:23:04:da:0d:da:3a:4d:c1:5d:7f:db:6d: 13:bf:03:c8:43:90:f0:2e:17:b6:68:63:d0:a7:ba:97:47:07: f6:c8:8b:c9:35:cd:3e:fc:be:84:f0:03:9f:ef:8d:70:33:cd: 00:19:5c:61:30:1f:85:e4:dd:ae:e0:ef:9c:fa:b4:3c:3d:ba: d3:06:3d:cd:54:92:65:f6:a5:b0:75:c1:31:01:c9:54:c6:ab: 47:db:c3:75:79:bc:5b:58:38:c6:6b:20:4d:11:76:4d:56:80: 51:67:f9:a7:75:70:2d:ef:9b:aa:cd:10:88:bd:34:35:0f:85: 6b:db:3b:16:70:e0:fb:72:3a:49:a6:e5:3e:f8:1c:84:d2:7a: a9:2b:34:38:a7:cf:ba:ac:fc:28:37:d5:71:3e:5a:d4:02:25: f5:2b:e8:6d:3b:89:f1:e3:f9:30:0b:c3:99:69:56:2d:f1:52: 61:2c:39:29:c3:59:89:3f:3e:25:5f:1a:74:e2:44:fe:51:a8: 3a:22:e8:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDwcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEJGQjgxMTAvBgNVBAUTKDRBNDRFMDEyMUJFODk0OEJGN0JDNDlDQjAzQTYzODE3 QTVCQUQxODYwHhcNMjUwNDI0MTczNzUyWhcNMjUwNTAxMTczNzUyWjAYMRYwFAYD VQQDEw02ODBhNzZmMC0yNWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApNx6Z2HGzktoqlF/mt5ptyMJ2V+vAFfBiw9Io8GJLQvK+GuGyT6xiDoTSndH 9+iyzh40/HXhJfQtCW6FZ1nLVZ8oun5KwaXXCPhIky/UrNF8dU6UxViBXFXKikWo vumkaBrvr1Lfpb24wl9Hn7ua6tn21KE6/wB6bJl4WijbD1XmhlGJsed7//E60ytA JjcIfMHyIPcdvwIGnE9D5yJ9yZJIyaHAH9O1biTv76pUeUsSAewNpwwYGMdcgch1 rRA981u48j1lJtd5qlNahldfNxel2OEkSsaAv4bqTQ2acfh5xk3aNC3ASFGD6XlN pcgyfd312yYU426issuYxgcrqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPD6Web4 q9MfSjXVgePZtoFosrijMB8GA1UdIwQYMBaAFEpE4BIb6JSL97xJywOmOBelutGG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkZCOC9BQjk1QjVBODc3 RDUxMUU5QUJDNjNBNjVDNEY5QUUwMi9Ta1RnRWh2b2xJdjN2RW5MQTZZNEY2VzYw WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NrVGdFaHZvbEl2M3ZFbkxBNlk0RjZXNjBZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QkZCOC9BQjk1QjVBODc3RDUxMUU5QUJDNjNBNjVDNEY5QUUwMi9Ta1RnRWh2b2xJ djN2RW5MQTZZNEY2VzYwWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDo9f60/9M85vmjBdg0A9fyBGPY/1DUxsUbf77WW0Dl6Ff1tacCxemq d6ilyIx4PcvwFfq8OersTvLUakEjBNoN2jpNwV1/220TvwPIQ5DwLhe2aGPQp7qX Rwf2yIvJNc0+/L6E8AOf741wM80AGVxhMB+F5N2u4O+c+rQ8PbrTBj3NVJJl9qWw dcExAclUxqtH28N1ebxbWDjGayBNEXZNVoBRZ/mndXAt75uqzRCIvTQ1D4Vr2zsW cOD7cjpJpuU++ByE0nqpKzQ4p8+6rPwoN9VxPlrUAiX1K+htO4nx4/kwC8OZaVYt 8VJhLDkpw1mJPz4lXxp04kT+Uag6Iuiw -----END CERTIFICATE-----Generated at Sat Apr 26 14:49:22 2025 by rpki-client