$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9293/A9A38BBE147E11EDA02FDB19C4F9AE02/YC_0-oCgAKxh5tSrL3L72Wph-II.mft File: YC_0-oCgAKxh5tSrL3L72Wph-II.mft (raw, json) Hash identifier: 7nzqp20Iq80BrshgLCVZ/UwjRl9AE71xDx9evQyH8Es= Subject key identifier: B1:4B:E3:72:4C:75:D4:60:70:23:0B:FA:B7:49:82:D1:2A:F1:4C:FE Authority key identifier: 60:2F:F4:FA:80:A0:00:AC:61:E6:D4:AB:2F:72:FB:D9:6A:61:F8:82 Certificate issuer: /CN=A91B9293/serialNumber=602FF4FA80A000AC61E6D4AB2F72FBD96A61F882 Certificate serial: 025D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YC_0-oCgAKxh5tSrL3L72Wph-II.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9293/A9A38BBE147E11EDA02FDB19C4F9AE02/YC_0-oCgAKxh5tSrL3L72Wph-II.mft Manifest number: 0258 Signing time: Tue 29 Apr 2025 02:28:18 +0000 Manifest this update: Tue 29 Apr 2025 02:28:17 +0000 Manifest next update: Tue 06 May 2025 02:28:17 +0000 Files and hashes: 1: YC_0-oCgAKxh5tSrL3L72Wph-II.crl (hash: QnnA6UOdVdeeWFL/BxHa5a1X/q9d9osm3fYHVsPtXh8=) 2: 008C0876148311ED856EF438C4F9AE02.roa (hash: TaT1WGLobUSkn2V8H3yXdWE7g83qq/C9PlZR3+C38jk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9293/A9A38BBE147E11EDA02FDB19C4F9AE02/YC_0-oCgAKxh5tSrL3L72Wph-II.crl rsync://rpki.apnic.net/member_repository/A91B9293/A9A38BBE147E11EDA02FDB19C4F9AE02/YC_0-oCgAKxh5tSrL3L72Wph-II.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YC_0-oCgAKxh5tSrL3L72Wph-II.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 06 May 2025 02:28:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 605 (0x25d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9293, serialNumber=602FF4FA80A000AC61E6D4AB2F72FBD96A61F882 Validity Not Before: Apr 29 02:28:17 2025 GMT Not After : May 6 02:28:17 2025 GMT Subject: CN=68103942-d200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:82:39:a7:64:17:c1:18:87:a4:14:53:ec:3c: 97:88:9b:1c:fe:4f:35:fc:9c:93:d0:e9:9a:2d:b9: 43:84:3e:06:0c:dc:8d:ac:c6:df:9a:57:01:91:9a: 20:b8:92:8c:5b:18:fa:ea:6e:1d:d6:47:73:ce:e2: 08:19:21:3f:b0:9a:8b:b9:66:fd:fe:a9:2d:5d:29: bd:b2:e0:e2:25:a7:b7:10:fa:6f:c7:6a:47:4b:66: af:c8:6c:07:1c:4f:83:36:9a:84:79:91:30:84:17: bc:ea:85:66:1f:a8:19:f6:bf:ec:32:23:25:95:79: 92:4d:54:f4:ca:1b:21:10:7a:bd:c5:7c:15:d3:0e: 21:e6:19:e8:65:69:47:db:4d:0a:6c:ea:05:fa:87: 1c:5f:9a:42:e6:4b:de:ae:4b:77:90:c6:05:9d:30: 0f:47:9a:ac:0e:1a:03:6f:10:73:3c:c3:1d:8c:ed: 92:fc:62:a8:7f:24:c6:5d:0f:ce:d9:1c:e3:2f:dc: 3c:4c:99:0f:90:db:7b:b2:45:eb:81:6a:ac:29:af: 45:46:3c:f3:e9:44:29:25:9d:70:e2:e8:0f:35:ae: 77:4d:ff:8d:b6:fb:f4:f8:59:dc:8f:af:36:ec:59: bf:b0:97:95:55:eb:66:bd:31:5c:be:e4:88:ce:45: f4:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:4B:E3:72:4C:75:D4:60:70:23:0B:FA:B7:49:82:D1:2A:F1:4C:FE X509v3 Authority Key Identifier: keyid:60:2F:F4:FA:80:A0:00:AC:61:E6:D4:AB:2F:72:FB:D9:6A:61:F8:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9293/A9A38BBE147E11EDA02FDB19C4F9AE02/YC_0-oCgAKxh5tSrL3L72Wph-II.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YC_0-oCgAKxh5tSrL3L72Wph-II.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9293/A9A38BBE147E11EDA02FDB19C4F9AE02/YC_0-oCgAKxh5tSrL3L72Wph-II.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:10:89:07:75:ff:40:d9:dd:97:9e:00:24:fc:ea:7a:da:e1: 5e:0e:aa:ce:cd:f7:5d:49:5b:96:5e:17:1c:6e:52:5c:9e:63: c6:e8:da:83:58:fa:96:98:a4:db:75:de:43:c5:83:f8:e1:b1: 76:98:54:f0:a5:00:9f:99:9f:e0:93:3b:db:63:b7:d3:18:f8: 4d:20:99:3e:fd:42:28:65:bb:a9:e9:9b:e0:07:ac:09:c5:ed: 9e:0a:ae:bd:3c:36:2e:95:e5:61:b2:55:88:a1:47:77:e7:b8: 54:c4:9a:8e:9e:38:b7:79:2c:43:2e:8b:c7:c0:20:e5:5b:76: 31:ed:80:85:f7:58:9b:b9:78:cc:d5:e2:d8:7e:4d:3d:65:1e: a8:4a:e9:47:d6:02:2f:38:46:74:f1:80:e4:5d:ae:83:6d:b7: 1d:be:0f:bd:1b:dc:ea:7c:35:e1:83:8f:d4:a1:2e:99:77:65: 79:55:83:84:2d:9f:65:97:b4:ad:7a:d5:5b:dd:d5:d4:e6:d6: 4b:5c:4e:ca:cd:f8:da:d7:a4:1a:c4:de:4b:ce:4e:85:8e:17: e9:ae:be:e6:8f:c0:93:f9:b0:5f:7f:7a:be:ab:76:d0:50:2a: 5f:88:33:f9:c7:ec:91:86:1b:40:f5:2d:1b:86:2a:96:31:f6: 28:77:11:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAl0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjkyOTMxMTAvBgNVBAUTKDYwMkZGNEZBODBBMDAwQUM2MUU2RDRBQjJGNzJGQkQ5 NkE2MUY4ODIwHhcNMjUwNDI5MDIyODE3WhcNMjUwNTA2MDIyODE3WjAYMRYwFAYD VQQDEw02ODEwMzk0Mi1kMjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtoI5p2QXwRiHpBRT7DyXiJsc/k81/JyT0OmaLblDhD4GDNyNrMbfmlcBkZog uJKMWxj66m4d1kdzzuIIGSE/sJqLuWb9/qktXSm9suDiJae3EPpvx2pHS2avyGwH HE+DNpqEeZEwhBe86oVmH6gZ9r/sMiMllXmSTVT0yhshEHq9xXwV0w4h5hnoZWlH 200KbOoF+occX5pC5kverkt3kMYFnTAPR5qsDhoDbxBzPMMdjO2S/GKofyTGXQ/O 2RzjL9w8TJkPkNt7skXrgWqsKa9FRjzz6UQpJZ1w4ugPNa53Tf+Ntvv0+Fncj682 7Fm/sJeVVetmvTFcvuSIzkX0VQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLFL43JM ddRgcCML+rdJgtEq8Uz+MB8GA1UdIwQYMBaAFGAv9PqAoACsYebUqy9y+9lqYfiC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTI5My9BOUEzOEJCRTE0 N0UxMUVEQTAyRkRCMTlDNEY5QUUwMi9ZQ18wLW9DZ0FLeGg1dFNyTDNMNzJXcGgt SUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lDXzAtb0NnQUt4aDV0U3JMM0w3MldwaC1JSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTI5My9BOUEzOEJCRTE0N0UxMUVEQTAyRkRCMTlDNEY5QUUwMi9ZQ18wLW9DZ0FL eGg1dFNyTDNMNzJXcGgtSUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXEIkHdf9A2d2XngAk/Op62uFeDqrOzfddSVuWXhccblJcnmPG6NqD WPqWmKTbdd5DxYP44bF2mFTwpQCfmZ/gkzvbY7fTGPhNIJk+/UIoZbup6ZvgB6wJ xe2eCq69PDYuleVhslWIoUd357hUxJqOnji3eSxDLovHwCDlW3Yx7YCF91ibuXjM 1eLYfk09ZR6oSulH1gIvOEZ08YDkXa6Dbbcdvg+9G9zqfDXhg4/UoS6Zd2V5VYOE LZ9ll7StetVb3dXU5tZLXE7Kzfja16QaxN5Lzk6Fjhfprr7mj8CT+bBff3q+q3bQ UCpfiDP5x+yRhhtA9S0bhiqWMfYodxHU -----END CERTIFICATE-----Generated at Tue Apr 29 05:45:08 2025 by rpki-client