$ rpki-client -vvf rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft File: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft (raw, json) Hash identifier: 6BwSgfGFDsdOt9Yet23bqL5fQSELMvwrxucxc+W1ykc= Subject key identifier: 93:CB:1E:64:23:17:D0:DD:8F:12:B7:91:47:CF:36:B7:18:E5:57:C5 Authority key identifier: CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 Certificate issuer: /CN=A919B5BB/serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Certificate serial: 20C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft Manifest number: 20B6 Signing time: Thu 24 Apr 2025 15:58:23 +0000 Manifest this update: Thu 24 Apr 2025 15:58:22 +0000 Manifest next update: Thu 01 May 2025 15:58:22 +0000 Files and hashes: 1: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl (hash: yhPyiYPjgDuwMVg6VAqKOKzYgyCmmiqKZCJcqw9xaEs=) 2: C49E2E22FF0111E591C15659C4F9AE02.roa (hash: 8rysbZt21FvuQ0omuoFXFp8YfdP5EnJpmuu61zguRxM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:58:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8385 (0x20c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B5BB, serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Validity Not Before: Apr 24 15:58:22 2025 GMT Not After : May 1 15:58:22 2025 GMT Subject: CN=680a5f9f-d3cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:f3:7c:86:b7:bb:de:ad:5b:b5:7c:1a:1b:6a: 27:86:f9:68:c3:f1:71:85:dc:c5:dd:81:6a:a3:c1: d6:b9:1f:ab:17:52:69:1b:20:51:b5:92:55:13:53: 56:08:27:d0:f0:94:6d:c6:72:f8:67:3d:47:bc:0e: 06:12:7c:6b:28:7c:89:8b:3c:d5:85:38:61:fd:55: 39:9c:d4:a2:91:06:28:3d:d0:90:9c:81:b4:7c:2c: 6a:12:0c:f0:ad:36:c9:bf:90:2f:89:3d:4d:fc:d5: 9f:ef:76:4f:10:9b:05:78:a5:ae:7e:67:d4:bd:91: 55:af:47:04:4b:e7:1c:94:2c:ed:4c:ab:a5:cb:01: 4a:73:d1:82:58:64:13:be:2d:f6:48:9d:61:e3:dc: 25:2a:81:53:40:fd:ee:61:ca:ad:23:85:1c:38:1f: 8a:d8:7f:88:18:fb:ce:de:d0:6a:c2:ae:e4:92:bb: ce:44:0b:3d:b4:87:4f:cc:ed:a3:e1:c7:88:ee:f6: bd:c1:76:81:71:c8:63:63:0b:75:89:80:05:88:b0: b4:9d:50:89:db:d9:02:1a:93:39:7a:56:cd:54:48: 24:28:75:5d:c6:cb:c6:e0:8a:c3:fb:79:a5:7b:b2: 68:99:91:9c:0c:77:73:7c:ae:5f:cb:3c:6c:23:22: 21:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:CB:1E:64:23:17:D0:DD:8F:12:B7:91:47:CF:36:B7:18:E5:57:C5 X509v3 Authority Key Identifier: keyid:CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:4e:e3:b7:33:d3:eb:6d:82:36:3a:e7:30:a1:7a:fa:db:6b: a6:24:c4:ce:a8:b7:bb:c6:0d:49:e7:c4:0b:fa:96:a6:f2:45: bf:b8:09:72:b2:f1:ac:ea:33:04:d6:c5:59:6b:56:f2:95:92: 0b:87:41:26:7e:25:44:40:57:21:ad:08:13:08:06:01:fc:db: 42:83:d0:13:84:c7:0a:01:50:fa:ef:58:c1:36:c2:b1:c2:a2: bc:ad:17:bd:e3:2b:13:1e:f0:4f:72:09:1b:81:1f:f2:0b:49: c6:ea:87:95:4c:46:32:f5:6e:cb:e1:d0:63:ec:be:7e:81:30: dc:b0:36:66:b4:a1:e2:23:9d:ca:8d:3d:11:f1:54:7d:dd:d0: cb:bb:96:58:d5:8e:86:74:8f:a5:55:5a:80:bb:f0:fd:9d:23: 4a:c0:6a:a0:fe:72:62:86:39:54:f8:55:5a:c4:d5:e7:9d:f6: 77:a4:a8:ad:f6:8e:ad:f3:d0:2d:47:13:83:bb:05:80:33:82: 7a:b6:ff:66:0c:a6:13:af:c2:2d:65:1c:d1:1f:d9:9d:fc:98: a9:f1:21:c1:9e:3b:af:22:d0:ee:e9:cb:90:fe:b8:e1:f7:a4: 91:53:46:b9:4d:71:2b:bd:36:95:80:7c:b0:fc:fe:8c:0f:10: de:4c:86:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUI1QkIxMTAvBgNVBAUTKENBQzQ0NzhGMEZERDlBRTQxRTI0RTlGQzY3Rjg1MUZG NDNDMzMzMDkwHhcNMjUwNDI0MTU1ODIyWhcNMjUwNTAxMTU1ODIyWjAYMRYwFAYD VQQDEw02ODBhNWY5Zi1kM2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnvN8hre73q1btXwaG2onhvlow/FxhdzF3YFqo8HWuR+rF1JpGyBRtZJVE1NW CCfQ8JRtxnL4Zz1HvA4GEnxrKHyJizzVhThh/VU5nNSikQYoPdCQnIG0fCxqEgzw rTbJv5AviT1N/NWf73ZPEJsFeKWufmfUvZFVr0cES+cclCztTKulywFKc9GCWGQT vi32SJ1h49wlKoFTQP3uYcqtI4UcOB+K2H+IGPvO3tBqwq7kkrvORAs9tIdPzO2j 4ceI7va9wXaBcchjYwt1iYAFiLC0nVCJ29kCGpM5elbNVEgkKHVdxsvG4IrD+3ml e7JomZGcDHdzfK5fyzxsIyIhpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPLHmQj F9DdjxK3kUfPNrcY5VfFMB8GA1UdIwQYMBaAFMrER48P3ZrkHiTp/Gf4Uf9DwzMJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjVCQi80NEJCQzE0Q0ZG MDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11UWVKT244Wl9oUl8wUERN d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzUkhqd19kbXVRZUpPbjhaX2hSXzBQRE13ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QjVCQi80NEJCQzE0Q0ZGMDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11 UWVKT244Wl9oUl8wUERNd2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnTuO3M9PrbYI2OucwoXr622umJMTOqLe7xg1J58QL+pam8kW/uAly svGs6jME1sVZa1bylZILh0EmfiVEQFchrQgTCAYB/NtCg9AThMcKAVD671jBNsKx wqK8rRe94ysTHvBPcgkbgR/yC0nG6oeVTEYy9W7L4dBj7L5+gTDcsDZmtKHiI53K jT0R8VR93dDLu5ZY1Y6GdI+lVVqAu/D9nSNKwGqg/nJihjlU+FVaxNXnnfZ3pKit 9o6t89AtRxODuwWAM4J6tv9mDKYTr8ItZRzRH9md/Jip8SHBnjuvItDu6cuQ/rjh 96SRU0a5TXErvTaVgHyw/P6MDxDeTIYN -----END CERTIFICATE-----Generated at Sat Apr 26 14:50:05 2025 by rpki-client