$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft File: cYQNfZjFz5vWvrRIatRnQGXxR0E.mft (raw, json) Hash identifier: ovpdM624gT8FDfrbwIXWiC5ajXdsXxw4AomSbXrWKj8= Subject key identifier: AC:8A:01:01:04:B6:02:99:DD:D4:F6:F0:D3:D0:23:95:B4:69:9D:3F Authority key identifier: 71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 Certificate issuer: /CN=A91B7B61/serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Certificate serial: 059C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft Manifest number: 0598 Signing time: Thu 24 Apr 2025 23:00:30 +0000 Manifest this update: Thu 24 Apr 2025 23:00:30 +0000 Manifest next update: Thu 01 May 2025 23:00:30 +0000 Files and hashes: 1: cYQNfZjFz5vWvrRIatRnQGXxR0E.crl (hash: 38dikvaFI+rV6ptbvlkz3yGl0Dgrat9/4yyTING+5b4=) 2: C2EFC706CAAE11EBA95C5E64C4F9AE02.roa (hash: CjCSmslBUSukL+VQeriKJzpmD5FpwHuT7xL5fJExCAg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1436 (0x59c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B61, serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Validity Not Before: Apr 24 23:00:30 2025 GMT Not After : May 1 23:00:30 2025 GMT Subject: CN=680ac28e-7df5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7b:a9:d6:cf:90:bd:26:c5:3d:8b:f2:84:12: 97:47:3b:3a:51:e7:35:f2:9f:ab:c6:0a:50:81:17: 39:4a:d4:2d:0d:4d:c6:d8:67:98:ce:b2:82:a6:24: 24:07:e8:26:cd:59:84:15:b3:54:ff:c0:78:f4:04: 8e:64:ac:4d:7c:95:73:99:63:d3:6b:72:1e:ae:4e: 94:36:40:ca:f3:44:6a:59:24:75:77:7c:69:55:ba: 90:ec:e1:05:e2:1a:00:a8:88:ce:a9:25:5e:7c:4e: f3:74:26:db:4c:9d:96:da:6d:d9:55:3a:d1:5e:33: e1:53:1e:91:f8:c8:36:21:1a:04:88:df:c9:a8:ac: 9a:f4:15:3a:3a:2e:8e:10:90:00:17:ff:3e:8e:75: a5:ec:c9:be:e1:a4:be:22:47:9f:cb:36:25:73:d8: ad:40:63:8c:76:37:35:5a:47:5d:0a:4d:47:1a:c4: 2c:b1:67:99:3d:25:37:86:61:c3:ef:b9:ad:13:a6: da:d0:bb:46:e1:aa:8c:6d:e4:d5:b9:66:c8:6f:cb: 3b:7f:9a:2a:73:15:ba:17:08:f5:f8:25:9b:41:a9: 08:d1:31:66:14:a3:b4:94:c3:e3:9c:9f:96:a2:6f: 15:5f:98:99:a7:2e:4b:fa:17:cd:5f:3e:a3:ff:fb: 90:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:8A:01:01:04:B6:02:99:DD:D4:F6:F0:D3:D0:23:95:B4:69:9D:3F X509v3 Authority Key Identifier: keyid:71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:e5:04:61:88:da:fb:3e:61:34:13:73:0a:2b:64:65:ed:3b: dc:f0:70:b1:ee:99:e9:d9:37:9a:94:5c:4d:f3:3a:b5:b4:77: 5c:6c:47:68:ae:bc:6a:d5:e4:9a:aa:50:25:a0:9f:6f:51:05: 4c:2e:bb:54:97:88:ef:f5:da:23:a7:b3:36:e2:b5:d2:50:3f: ff:b6:9b:fc:46:7c:a6:75:72:02:d5:1c:1a:4e:a5:86:1c:d3: a8:0c:ba:a3:f5:75:6d:20:47:1b:48:5f:a1:e3:6c:2c:6b:3e: 46:48:73:63:98:aa:86:a8:65:b9:e4:47:4e:bd:71:10:8a:cb: 8c:0d:c1:4c:51:11:f1:53:0f:cc:65:44:bb:5d:8c:30:07:03: 63:ff:80:d3:b8:4c:5d:70:93:ce:4f:e3:c8:3a:2f:64:c0:b4: 77:d7:d4:21:6a:2e:e4:55:2e:cf:15:49:52:38:b7:ae:98:de: 9a:15:37:71:3d:ae:45:1e:0a:7d:3e:c0:ff:e2:81:dc:f2:16: 1c:5c:25:61:96:ff:c1:ee:e0:5e:ab:ec:c0:04:5b:8d:ba:c4: 2d:85:a0:5d:0c:fe:15:ab:3e:b1:bd:cf:ab:bc:99:d8:08:a1: 5a:3a:ec:cc:93:2a:cf:0d:22:f3:db:cc:6c:28:5e:ff:00:c6: 0b:b8:94:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCNjExMTAvBgNVBAUTKDcxODQwRDdEOThDNUNGOUJENkJFQjQ0ODZBRDQ2NzQw NjVGMTQ3NDEwHhcNMjUwNDI0MjMwMDMwWhcNMjUwNTAxMjMwMDMwWjAYMRYwFAYD VQQDEw02ODBhYzI4ZS03ZGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Xup1s+QvSbFPYvyhBKXRzs6Uec18p+rxgpQgRc5StQtDU3G2GeYzrKCpiQk B+gmzVmEFbNU/8B49ASOZKxNfJVzmWPTa3Ierk6UNkDK80RqWSR1d3xpVbqQ7OEF 4hoAqIjOqSVefE7zdCbbTJ2W2m3ZVTrRXjPhUx6R+Mg2IRoEiN/JqKya9BU6Oi6O EJAAF/8+jnWl7Mm+4aS+IkefyzYlc9itQGOMdjc1WkddCk1HGsQssWeZPSU3hmHD 77mtE6ba0LtG4aqMbeTVuWbIb8s7f5oqcxW6Fwj1+CWbQakI0TFmFKO0lMPjnJ+W om8VX5iZpy5L+hfNXz6j//uQtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKyKAQEE tgKZ3dT28NPQI5W0aZ0/MB8GA1UdIwQYMBaAFHGEDX2Yxc+b1r60SGrUZ0Bl8UdB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0I2MS9CRTY4RDMwMkNB QUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1dld2clJJYXRSblFHWHhS MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NZUU5mWmpGejV2V3ZyUklhdFJuUUdYeFIwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0I2MS9CRTY4RDMwMkNBQUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1 dld2clJJYXRSblFHWHhSMEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDN5QRhiNr7PmE0E3MKK2Rl7Tvc8HCx7pnp2TealFxN8zq1tHdcbEdo rrxq1eSaqlAloJ9vUQVMLrtUl4jv9dojp7M24rXSUD//tpv8RnymdXIC1RwaTqWG HNOoDLqj9XVtIEcbSF+h42wsaz5GSHNjmKqGqGW55EdOvXEQisuMDcFMURHxUw/M ZUS7XYwwBwNj/4DTuExdcJPOT+PIOi9kwLR319Qhai7kVS7PFUlSOLeumN6aFTdx Pa5FHgp9PsD/4oHc8hYcXCVhlv/B7uBeq+zABFuNusQthaBdDP4Vqz6xvc+rvJnY CKFaOuzMkyrPDSLz28xsKF7/AMYLuJSY -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:11 2025 by rpki-client