$ rpki-client -vvf rpki.apnic.net/member_repository/A91BFE4E/DA3D71A87BE311EF88D9C753C4F9AE02/YB71rSfD3A1NmC22u0dsBsvHAKA.mft File: YB71rSfD3A1NmC22u0dsBsvHAKA.mft (raw, json) Hash identifier: gaCmMUgINWA4z+lBF2FQbv6P2uRtYyOaDSK4KOVCtzk= Subject key identifier: 64:B2:B2:42:95:4A:AA:16:F6:DD:F7:23:4B:87:4B:C2:72:72:25:21 Authority key identifier: 60:1E:F5:AD:27:C3:DC:0D:4D:98:2D:B6:BB:47:6C:06:CB:C7:00:A0 Certificate issuer: /CN=A91BFE4E/serialNumber=601EF5AD27C3DC0D4D982DB6BB476C06CBC700A0 Certificate serial: 6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YB71rSfD3A1NmC22u0dsBsvHAKA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BFE4E/DA3D71A87BE311EF88D9C753C4F9AE02/YB71rSfD3A1NmC22u0dsBsvHAKA.mft Manifest number: 6E Signing time: Fri 25 Apr 2025 05:51:32 +0000 Manifest this update: Fri 25 Apr 2025 05:51:32 +0000 Manifest next update: Fri 02 May 2025 05:51:32 +0000 Files and hashes: 1: YB71rSfD3A1NmC22u0dsBsvHAKA.crl (hash: eF389d8NakM0M6dvVRTnK7pKmuvO12OshIUJz9TpQCQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BFE4E/DA3D71A87BE311EF88D9C753C4F9AE02/YB71rSfD3A1NmC22u0dsBsvHAKA.crl rsync://rpki.apnic.net/member_repository/A91BFE4E/DA3D71A87BE311EF88D9C753C4F9AE02/YB71rSfD3A1NmC22u0dsBsvHAKA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YB71rSfD3A1NmC22u0dsBsvHAKA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:51:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 110 (0x6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BFE4E, serialNumber=601EF5AD27C3DC0D4D982DB6BB476C06CBC700A0 Validity Not Before: Apr 25 05:51:32 2025 GMT Not After : May 2 05:51:32 2025 GMT Subject: CN=680b22e4-ddf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0b:31:26:8f:4c:06:c4:2f:80:d9:69:e7:e1: aa:10:bd:16:d0:c5:ff:18:f0:49:0a:54:8d:21:67: 1f:44:55:69:b1:91:40:ef:bd:48:ca:41:67:76:1c: 3a:91:44:f1:f6:61:5f:bd:86:3d:dd:82:1c:0d:30: 07:58:7b:80:0d:21:0f:f2:b0:e8:57:80:dc:ee:2d: ee:78:00:37:b4:12:d7:f0:75:81:26:7b:2a:a7:df: ca:a9:41:60:d5:d8:0d:09:5c:95:56:4f:01:cb:93: 04:0d:26:3a:ab:f5:03:d0:cb:5a:30:39:27:bd:0f: 1d:35:0d:34:a0:4d:9d:07:3c:09:40:ad:d7:9a:33: 4d:10:39:7a:15:66:bb:70:aa:ad:89:74:55:be:d5: 4c:77:cd:9e:12:a6:68:49:f7:7d:7d:a2:31:db:fe: 7a:fd:14:7d:5e:53:7a:ce:2e:59:f3:19:75:99:aa: a6:ce:c0:9d:aa:2f:8e:90:a1:ca:19:79:2b:9b:38: 02:e7:a1:00:b8:10:34:ae:ea:5d:2e:b0:78:a4:21: 9d:31:7f:6a:8d:b6:3e:e2:21:e9:ad:5a:21:db:01: e2:fc:29:be:15:59:a0:b3:a0:7c:10:5d:73:e2:1d: 4d:df:6d:df:7e:fb:be:dc:ae:55:79:7c:fe:bd:8f: ce:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:B2:B2:42:95:4A:AA:16:F6:DD:F7:23:4B:87:4B:C2:72:72:25:21 X509v3 Authority Key Identifier: keyid:60:1E:F5:AD:27:C3:DC:0D:4D:98:2D:B6:BB:47:6C:06:CB:C7:00:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BFE4E/DA3D71A87BE311EF88D9C753C4F9AE02/YB71rSfD3A1NmC22u0dsBsvHAKA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YB71rSfD3A1NmC22u0dsBsvHAKA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BFE4E/DA3D71A87BE311EF88D9C753C4F9AE02/YB71rSfD3A1NmC22u0dsBsvHAKA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:ed:4e:3f:ff:81:de:5c:c4:c0:d7:a5:e5:14:d9:bf:1d:96: 2c:f0:84:43:71:e1:89:e3:c3:76:ee:ab:7a:ba:c5:50:fe:3d: ee:6e:0a:e0:ad:38:6f:b4:a9:2e:e2:d3:89:c0:21:db:bb:28: 9c:78:d0:f7:33:d4:70:bc:89:2f:f5:b7:ae:71:a1:66:59:0b: 74:32:36:6f:65:45:c9:aa:0c:72:53:f6:82:6d:c8:18:96:3f: cb:ec:02:01:a5:c8:95:c1:13:9b:19:0f:e7:b9:35:38:e6:f2: a6:cd:a6:83:7f:9c:84:85:4e:76:46:9b:a6:20:9c:a3:07:2a: 8f:34:ab:cb:f9:7b:de:b4:60:69:1a:e2:6d:a1:8f:22:a4:89: 24:db:42:4f:d2:47:e5:9c:80:bb:ed:b4:14:e1:2e:26:95:a8: 6d:70:3c:8e:9d:95:f3:73:7e:37:51:7e:c3:c7:c3:8c:cc:35: 0c:98:fa:f7:64:ac:91:0a:17:e8:57:8d:3a:38:5a:85:0f:5b: 5a:46:43:02:a4:21:eb:49:23:f1:4d:8c:6f:d4:83:ee:05:f6: 71:b4:bd:3f:48:e1:84:7d:1d:bb:37:17:3f:80:93:75:0a:17: 5d:a9:03:a0:bd:60:28:9a:0a:39:48:d3:79:b9:b6:d6:07:1b: 24:b5:24:36 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBbjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RkU0RTExMC8GA1UEBRMoNjAxRUY1QUQyN0MzREMwRDREOTgyREI2QkI0NzZDMDZD QkM3MDBBMDAeFw0yNTA0MjUwNTUxMzJaFw0yNTA1MDIwNTUxMzJaMBgxFjAUBgNV BAMTDTY4MGIyMmU0LWRkZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGCzEmj0wGxC+A2Wnn4aoQvRbQxf8Y8EkKVI0hZx9EVWmxkUDvvUjKQWd2HDqR RPH2YV+9hj3dghwNMAdYe4ANIQ/ysOhXgNzuLe54ADe0EtfwdYEmeyqn38qpQWDV 2A0JXJVWTwHLkwQNJjqr9QPQy1owOSe9Dx01DTSgTZ0HPAlArdeaM00QOXoVZrtw qq2JdFW+1Ux3zZ4SpmhJ9319ojHb/nr9FH1eU3rOLlnzGXWZqqbOwJ2qL46QocoZ eSubOALnoQC4EDSu6l0usHikIZ0xf2qNtj7iIemtWiHbAeL8Kb4VWaCzoHwQXXPi HU3fbd9++77crlV5fP69j85LAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZLKyQpVK qhb23fcjS4dLwnJyJSEwHwYDVR0jBBgwFoAUYB71rSfD3A1NmC22u0dsBsvHAKAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJGRTRFL0RBM0Q3MUE4N0JF MzExRUY4OEQ5Qzc1M0M0RjlBRTAyL1lCNzFyU2ZEM0ExTm1DMjJ1MGRzQnN2SEFL QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWUI3MXJTZkQzQTFObUMyMnUwZHNCc3ZIQUtBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJG RTRFL0RBM0Q3MUE4N0JFMzExRUY4OEQ5Qzc1M0M0RjlBRTAyL1lCNzFyU2ZEM0Ex Tm1DMjJ1MGRzQnN2SEFLQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKXtTj//gd5cxMDXpeUU2b8dlizwhENx4Ynjw3buq3q6xVD+Pe5uCuCt OG+0qS7i04nAIdu7KJx40Pcz1HC8iS/1t65xoWZZC3QyNm9lRcmqDHJT9oJtyBiW P8vsAgGlyJXBE5sZD+e5NTjm8qbNpoN/nISFTnZGm6YgnKMHKo80q8v5e960YGka 4m2hjyKkiSTbQk/SR+WcgLvttBThLiaVqG1wPI6dlfNzfjdRfsPHw4zMNQyY+vdk rJEKF+hXjTo4WoUPW1pGQwKkIetJI/FNjG/Ug+4F9nG0vT9I4YR9Hbs3Fz+Ak3UK F12pA6C9YCiaCjlI03m5ttYHGyS1JDY= -----END CERTIFICATE-----Generated at Sat Apr 26 04:23:43 2025 by rpki-client