$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2ACF/5AC62B2A73E311EA9B59436EC4F9AE02/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.mft File: ye1Ldnbj9aWx-Kag3X4iG2PlNKs.mft (raw, json) Hash identifier: xM3Kr+zwyxmlpq7Hj24h2Aptkv6HxDkx+lQXx5kSB28= Subject key identifier: BF:31:C5:28:A2:9A:9E:9C:A2:48:4A:F0:1C:EC:83:B4:39:02:7E:B9 Authority key identifier: C9:ED:4B:76:76:E3:F5:A5:B1:F8:A6:A0:DD:7E:22:1B:63:E5:34:AB Certificate issuer: /CN=A91D2ACF/serialNumber=C9ED4B7676E3F5A5B1F8A6A0DD7E221B63E534AB Certificate serial: 0A06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D2ACF/5AC62B2A73E311EA9B59436EC4F9AE02/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.mft Manifest number: 09FA Signing time: Thu 24 Apr 2025 19:45:09 +0000 Manifest this update: Thu 24 Apr 2025 19:45:08 +0000 Manifest next update: Thu 01 May 2025 19:45:08 +0000 Files and hashes: 1: ye1Ldnbj9aWx-Kag3X4iG2PlNKs.crl (hash: NxhOzUjbSAPSHyymAxUbFHX/s8rgBGD6Ssc7pBbPX2U=) 2: F22D283A9B3B11EBA5C76B80C4F9AE02.roa (hash: egvdAkYLzu5gxxKonGYdt5g+UPStKzivhdsfzC6knl8=) 3: 3A851EE273E411EA9572F76EC4F9AE02.roa (hash: vR/hsH9Zhb8FIZHjA0oIM8YiJ7UXh8ADZ/D+wU+8mAM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D2ACF/5AC62B2A73E311EA9B59436EC4F9AE02/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.crl rsync://rpki.apnic.net/member_repository/A91D2ACF/5AC62B2A73E311EA9B59436EC4F9AE02/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:45:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2566 (0xa06) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D2ACF, serialNumber=C9ED4B7676E3F5A5B1F8A6A0DD7E221B63E534AB Validity Not Before: Apr 24 19:45:08 2025 GMT Not After : May 1 19:45:08 2025 GMT Subject: CN=680a94c4-bfce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:af:d6:08:b2:c0:33:5c:6e:9d:ad:0f:2a:43: a5:54:71:4f:1e:40:ae:c8:2b:ba:1c:5d:04:56:c7: 97:27:39:96:d3:32:77:42:85:bc:95:4d:30:02:82: ca:7b:1b:93:6b:ab:21:fa:27:18:e2:bd:0c:3f:62: 23:3e:1b:81:9e:15:65:02:e5:fb:c0:e5:40:b8:59: 80:95:53:cd:04:4f:d8:ba:f9:57:ac:33:9c:bf:71: b6:aa:96:2f:86:09:d6:13:c7:3e:9b:81:57:fb:d7: e3:b6:2e:5a:ef:3f:ff:dc:db:86:c3:30:72:f9:97: 23:9e:53:46:cb:b0:06:32:eb:43:0b:b2:55:4e:84: 77:64:95:63:52:57:08:db:82:10:7a:53:2d:08:7c: 15:79:fa:29:28:77:8a:26:43:ec:a7:8a:ba:d7:2e: 83:55:87:92:59:13:fb:a5:26:ac:b6:a6:26:ef:ed: 53:d8:67:44:4d:1b:b6:85:49:85:d6:92:37:7c:b1: 34:0f:75:67:7c:d0:8c:4c:e3:9a:17:18:80:ba:55: ec:12:e9:25:59:91:58:cf:38:7c:cd:e9:9b:31:88: 5a:af:25:32:e8:ad:7f:f5:4c:54:51:c4:ef:98:0d: e0:49:e3:75:d5:53:05:d4:20:e2:1a:3a:1a:4a:7c: 88:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:31:C5:28:A2:9A:9E:9C:A2:48:4A:F0:1C:EC:83:B4:39:02:7E:B9 X509v3 Authority Key Identifier: keyid:C9:ED:4B:76:76:E3:F5:A5:B1:F8:A6:A0:DD:7E:22:1B:63:E5:34:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D2ACF/5AC62B2A73E311EA9B59436EC4F9AE02/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2ACF/5AC62B2A73E311EA9B59436EC4F9AE02/ye1Ldnbj9aWx-Kag3X4iG2PlNKs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:6d:ec:ea:0f:2e:15:3f:1a:51:c9:e9:21:e0:83:12:b8:ab: 6e:2d:df:d0:b1:da:b8:61:66:b4:5a:a0:d3:ff:3e:e7:e4:51: 31:4b:2d:55:78:a0:ef:9b:75:0a:24:03:6d:b3:86:3e:d3:26: 2c:30:36:e3:28:e8:01:46:17:cb:b9:2d:d8:9e:81:3f:22:6b: e4:a8:7f:8c:d0:2a:5d:24:3c:2e:5b:ce:5f:5b:a2:41:5b:74: d9:9c:0b:41:cc:d6:85:40:25:7a:92:92:e1:17:ec:39:62:27: 04:76:0e:8f:a8:7c:8c:be:a2:7c:a7:6b:9d:0e:39:6b:f0:f1: 3a:27:90:3d:fd:0d:a0:67:df:17:c3:0a:f9:d4:3e:fd:21:05: 6c:bc:97:8d:0f:ae:4f:36:8e:fd:66:5c:94:63:f8:66:ff:04: 16:2e:ef:00:1e:76:72:4c:40:d3:56:c6:eb:64:5c:d7:5d:2c: cd:c0:ed:91:2e:3e:98:28:8b:5f:1f:20:a9:be:b3:bb:ae:1e: 4c:77:3b:d6:fa:d3:b1:35:6a:3b:5b:19:2b:2e:f7:f0:bc:be: 77:c0:55:3d:4c:c9:46:80:f8:00:5a:1c:f9:85:bd:db:dd:fc: f7:46:5d:00:13:eb:bd:24:2d:80:59:bc:c4:b1:51:f9:b2:b7: ac:5f:0c:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDJBQ0YxMTAvBgNVBAUTKEM5RUQ0Qjc2NzZFM0Y1QTVCMUY4QTZBMEREN0UyMjFC NjNFNTM0QUIwHhcNMjUwNDI0MTk0NTA4WhcNMjUwNTAxMTk0NTA4WjAYMRYwFAYD VQQDEw02ODBhOTRjNC1iZmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy6/WCLLAM1xuna0PKkOlVHFPHkCuyCu6HF0EVseXJzmW0zJ3QoW8lU0wAoLK exuTa6sh+icY4r0MP2IjPhuBnhVlAuX7wOVAuFmAlVPNBE/YuvlXrDOcv3G2qpYv hgnWE8c+m4FX+9fjti5a7z//3NuGwzBy+ZcjnlNGy7AGMutDC7JVToR3ZJVjUlcI 24IQelMtCHwVefopKHeKJkPsp4q61y6DVYeSWRP7pSastqYm7+1T2GdETRu2hUmF 1pI3fLE0D3VnfNCMTOOaFxiAulXsEuklWZFYzzh8zembMYharyUy6K1/9UxUUcTv mA3gSeN11VMF1CDiGjoaSnyIEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL8xxSii mp6cokhK8Bzsg7Q5An65MB8GA1UdIwQYMBaAFMntS3Z24/WlsfimoN1+Ihtj5TSr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMkFDRi81QUM2MkIyQTcz RTMxMUVBOUI1OTQzNkVDNEY5QUUwMi95ZTFMZG5iajlhV3gtS2FnM1g0aUcyUGxO S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3llMUxkbmJqOWFXeC1LYWczWDRpRzJQbE5Lcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MkFDRi81QUM2MkIyQTczRTMxMUVBOUI1OTQzNkVDNEY5QUUwMi95ZTFMZG5iajlh V3gtS2FnM1g0aUcyUGxOS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnbezqDy4VPxpRyekh4IMSuKtuLd/Qsdq4YWa0WqDT/z7n5FExSy1V eKDvm3UKJANts4Y+0yYsMDbjKOgBRhfLuS3YnoE/ImvkqH+M0CpdJDwuW85fW6JB W3TZnAtBzNaFQCV6kpLhF+w5YicEdg6PqHyMvqJ8p2udDjlr8PE6J5A9/Q2gZ98X wwr51D79IQVsvJeND65PNo79ZlyUY/hm/wQWLu8AHnZyTEDTVsbrZFzXXSzNwO2R Lj6YKItfHyCpvrO7rh5MdzvW+tOxNWo7WxkrLvfwvL53wFU9TMlGgPgAWhz5hb3b 3fz3Rl0AE+u9JC2AWbzEsVH5sresXwz0 -----END CERTIFICATE-----Generated at Sat Apr 26 12:33:42 2025 by rpki-client