$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft File: Y3kC4bqWiB1HLuyt-kW1V348HDE.mft (raw, json) Hash identifier: fe1AhR1BnJwW0jjF3Q6U+njlfDYUc82U7/FxMoVeavk= Subject key identifier: 02:1F:30:BE:6D:4F:E2:59:8E:E4:72:D7:CC:7A:07:08:10:26:A3:7E Authority key identifier: 63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31 Certificate issuer: /CN=A91CE524/serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31 Certificate serial: 010E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft Manifest number: 010C Signing time: Fri 25 Apr 2025 04:02:02 +0000 Manifest this update: Fri 25 Apr 2025 04:02:01 +0000 Manifest next update: Fri 02 May 2025 04:02:01 +0000 Files and hashes: 1: Y3kC4bqWiB1HLuyt-kW1V348HDE.crl (hash: p7my95KsJkYpl3Y4s9hyQiSh3fGV82z+js5pLmRmPD8=) 2: FF1FE402898011EEB3403779C4F9AE02.roa (hash: WhOLdJmONFcVyaVlMrHX886HXRKh0RLcsl55SUDqRa4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.crl rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:02:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 270 (0x10e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE524, serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31 Validity Not Before: Apr 25 04:02:01 2025 GMT Not After : May 2 04:02:01 2025 GMT Subject: CN=680b093a-4a2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:39:06:c1:dd:70:fd:c1:9f:7c:d9:5a:43:b7: 36:fe:64:d2:ae:0f:7a:41:98:dc:88:85:74:f8:47: 6e:44:28:95:ac:30:58:64:86:d2:de:07:85:b0:db: c0:89:67:16:35:2a:28:28:61:61:38:56:e4:5b:2c: 4d:03:ab:3c:9a:94:b2:e8:b4:41:f1:a8:b9:0f:01: 6a:ce:e7:a1:83:52:8a:cb:3c:5a:4d:de:d5:72:7f: e4:ed:2d:ad:7e:1d:65:f7:58:b8:4f:d7:c7:c1:da: 87:1b:c2:87:8c:2f:34:3b:39:18:6e:de:66:0e:a3: fb:14:bb:41:0e:c5:d6:f5:90:4d:9e:ea:fd:03:36: be:2f:da:09:82:e1:46:2e:c9:ac:70:5f:07:da:af: 3a:01:ba:ff:3b:64:f1:be:e8:bf:91:4b:72:a7:15: 11:5b:32:c9:c3:02:a3:93:e2:c1:58:80:79:54:5f: db:c1:96:1a:3d:e9:3f:41:c8:19:8c:49:4e:17:63: e7:7a:de:a4:12:05:8a:05:1d:8b:bf:8b:02:46:67: c7:86:98:90:49:90:ce:cf:9d:a3:94:1e:8e:12:79: cb:46:c5:12:f9:98:9b:40:8a:d2:85:21:2d:81:4a: d0:09:b2:d2:55:47:da:b5:a2:b9:76:7e:d0:fc:67: bf:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:1F:30:BE:6D:4F:E2:59:8E:E4:72:D7:CC:7A:07:08:10:26:A3:7E X509v3 Authority Key Identifier: keyid:63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:a6:38:2b:e3:b8:a2:e7:14:af:46:71:72:5a:ab:b7:c2:f8: 33:c7:1b:ec:c2:cd:23:b6:5e:73:f7:d2:8f:30:a2:ad:1c:bc: 14:e6:12:ea:df:8c:fc:03:aa:5f:ae:84:a8:8f:91:f2:19:ff: 57:8c:c1:82:6e:bd:86:2d:09:97:c8:63:ca:3a:4c:68:55:5e: 52:85:3d:46:d5:4e:d8:fc:cd:a1:2f:f0:40:da:04:85:d5:0f: 64:b5:68:e6:a7:1e:12:d2:85:d6:f9:dd:7e:40:22:2a:43:74: bd:36:c8:20:f7:c0:42:ad:7d:11:a9:54:7c:e6:b8:e0:63:5c: c9:86:1b:6d:77:11:a2:17:0b:83:96:59:98:bf:ed:14:fc:81: 0a:d6:7e:c6:5a:62:81:90:ab:a7:32:f5:54:be:5c:b3:29:35: 74:09:b8:09:c6:fd:36:af:1e:63:fa:4b:31:2f:e9:eb:d5:ee: f0:a4:af:95:55:2e:5d:a6:00:2e:19:a6:bf:17:d7:64:2e:f4: 13:19:2b:1a:10:43:0b:17:ef:21:b2:06:65:2d:e9:16:a2:11: da:2b:23:9f:84:be:cb:67:e6:b9:a7:54:b6:ec:e1:e1:0f:d3: bc:ff:26:9a:57:b3:5a:52:d4:c6:c0:b2:40:93:ba:3d:e3:17: 2f:bd:10:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U1MjQxMTAvBgNVBAUTKDYzNzkwMkUxQkE5Njg4MUQ0NzJFRUNBREZBNDVCNTU3 N0UzQzFDMzEwHhcNMjUwNDI1MDQwMjAxWhcNMjUwNTAyMDQwMjAxWjAYMRYwFAYD VQQDEw02ODBiMDkzYS00YTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApTkGwd1w/cGffNlaQ7c2/mTSrg96QZjciIV0+EduRCiVrDBYZIbS3geFsNvA iWcWNSooKGFhOFbkWyxNA6s8mpSy6LRB8ai5DwFqzuehg1KKyzxaTd7Vcn/k7S2t fh1l91i4T9fHwdqHG8KHjC80OzkYbt5mDqP7FLtBDsXW9ZBNnur9Aza+L9oJguFG LsmscF8H2q86Abr/O2Txvui/kUtypxURWzLJwwKjk+LBWIB5VF/bwZYaPek/QcgZ jElOF2Pnet6kEgWKBR2Lv4sCRmfHhpiQSZDOz52jlB6OEnnLRsUS+ZibQIrShSEt gUrQCbLSVUfataK5dn7Q/Ge/RwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAIfML5t T+JZjuRy18x6BwgQJqN+MB8GA1UdIwQYMBaAFGN5AuG6logdRy7srfpFtVd+PBwx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTUyNC8wQzJDMkJENjg4 QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJxV2lCMUhMdXl0LWtXMVYzNDhI REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1kza0M0YnFXaUIxSEx1eXQta1cxVjM0OEhERS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTUyNC8wQzJDMkJENjg4QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJxV2lC MUhMdXl0LWtXMVYzNDhIREUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3pjgr47ii5xSvRnFyWqu3wvgzxxvsws0jtl5z99KPMKKtHLwU5hLq 34z8A6pfroSoj5HyGf9XjMGCbr2GLQmXyGPKOkxoVV5ShT1G1U7Y/M2hL/BA2gSF 1Q9ktWjmpx4S0oXW+d1+QCIqQ3S9Nsgg98BCrX0RqVR85rjgY1zJhhttdxGiFwuD llmYv+0U/IEK1n7GWmKBkKunMvVUvlyzKTV0CbgJxv02rx5j+ksxL+nr1e7wpK+V VS5dpgAuGaa/F9dkLvQTGSsaEEMLF+8hsgZlLekWohHaKyOfhL7LZ+a5p1S27OHh D9O8/yaaV7NaUtTGwLJAk7o94xcvvRC2 -----END CERTIFICATE-----Generated at Sat Apr 26 12:39:38 2025 by rpki-client