$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft File: y_Kp2oisCPjVEG3svXLW-gnIGOk.mft (raw, json) Hash identifier: IE4LUO+/U2YsA3hKHGqCxkT8+kbyITBLlneWwJ6xog0= Subject key identifier: 22:9C:4D:6B:FF:4C:6A:97:24:A9:62:5F:66:9A:2B:A2:7D:F6:F5:89 Authority key identifier: CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 Certificate issuer: /CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Certificate serial: 0F11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft Manifest number: 0F08 Signing time: Thu 24 Apr 2025 17:37:39 +0000 Manifest this update: Thu 24 Apr 2025 17:37:38 +0000 Manifest next update: Thu 01 May 2025 17:37:38 +0000 Files and hashes: 1: y_Kp2oisCPjVEG3svXLW-gnIGOk.crl (hash: iZ8h4YOhqKrLU5kqrg1jJ7xic3KEeK9CUGRGdQKW8mc=) 2: 4ECF0A4C765C11E9A01A6E34C4F9AE02.roa (hash: pLwEgd+VwWLgIg3V6a+yYMrZGmHsHcB345LFbQql9+8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:37:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3857 (0xf11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5C25, serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Validity Not Before: Apr 24 17:37:38 2025 GMT Not After : May 1 17:37:38 2025 GMT Subject: CN=680a76e2-1898 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f2:29:ff:a1:0d:a7:c7:f5:a5:86:d8:8f:e6: c5:30:e6:dc:68:4c:a8:92:1e:a1:bc:2f:6a:94:a8: e2:17:8d:56:8e:05:04:f8:4c:06:92:a1:7e:ca:d0: c9:5b:84:16:11:ac:27:ed:03:d2:9b:12:d6:dd:51: 54:9f:32:29:1b:be:75:1b:8d:eb:3e:b5:6f:af:54: fb:66:85:da:4c:8b:b9:7f:0d:20:22:9f:95:ec:ba: 40:e9:7a:5d:d7:0c:83:7e:c4:92:54:f3:40:20:5e: d3:7e:a7:66:fd:a7:22:72:df:8e:30:92:5e:3a:54: 3a:c4:40:b5:80:6d:3b:57:43:63:3d:ca:7d:db:09: de:7f:fb:fc:d1:a9:88:c5:2e:d4:67:7f:68:f5:a4: 2e:5d:2b:04:0e:2b:f5:10:93:0e:bd:ca:ec:7e:7a: 5d:9b:28:c5:83:87:8c:50:e3:24:fd:61:2d:3a:45: 20:7f:8b:32:26:ec:b2:76:9b:d6:31:e5:66:d0:72: 2a:72:6a:83:03:ee:7d:a2:31:d6:eb:df:dc:ba:fe: cd:a0:6d:09:cc:95:2e:b6:b5:8c:21:a8:c3:b6:ac: 93:ae:b8:3b:16:b0:9c:a0:e2:82:a4:a1:ea:24:b0: 84:88:43:47:8e:67:16:ab:c8:79:5a:76:90:3d:50: 05:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:9C:4D:6B:FF:4C:6A:97:24:A9:62:5F:66:9A:2B:A2:7D:F6:F5:89 X509v3 Authority Key Identifier: keyid:CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:b3:41:ad:39:9b:86:33:ed:c9:eb:8f:d2:ba:bb:a6:e5:e3: 8d:3a:5a:0a:b2:b2:27:3e:6e:c5:bb:86:5b:50:84:72:75:33: 17:db:6c:fd:60:c9:d2:6a:42:12:50:ca:09:64:47:ad:2c:35: eb:d8:e6:76:af:3b:ce:c2:67:53:c6:bc:4c:31:d7:94:4e:66: ba:5c:cd:8b:07:7b:70:db:6a:3d:d6:b9:7c:02:1b:89:47:b4: ec:e2:29:21:e3:df:d7:9b:96:15:b9:b7:dd:32:9e:8d:4f:a9: 72:a5:31:74:8b:44:76:fe:3b:76:ed:bf:75:29:26:e1:1c:c0: 4e:97:75:97:ce:95:61:c4:e8:6e:07:b7:f6:cd:e2:35:60:f2: 07:7a:4d:2f:9e:19:46:19:19:ee:f5:ab:d7:df:06:63:dc:f6: 10:1d:c0:b0:c4:47:cc:c5:19:28:07:c8:17:1b:a4:f9:15:02: 82:e1:17:50:16:81:7e:c4:92:da:a4:5e:e0:cc:49:4c:ce:45: 7c:82:db:99:c3:23:57:90:24:1d:77:f3:3e:f1:bc:aa:e0:ec: a3:9c:4f:07:f9:d2:d8:8d:fb:c6:80:62:69:ef:19:e9:6c:ce: a8:8f:aa:f8:f0:e9:8e:8c:15:1d:90:46:dd:a9:15:19:21:07: 3e:16:da:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVDMjUxMTAvBgNVBAUTKENCRjJBOURBODhBQzA4RjhENTEwNkRFQ0JENzJENkZB MDlDODE4RTkwHhcNMjUwNDI0MTczNzM4WhcNMjUwNTAxMTczNzM4WjAYMRYwFAYD VQQDEw02ODBhNzZlMi0xODk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy/Ip/6ENp8f1pYbYj+bFMObcaEyokh6hvC9qlKjiF41WjgUE+EwGkqF+ytDJ W4QWEawn7QPSmxLW3VFUnzIpG751G43rPrVvr1T7ZoXaTIu5fw0gIp+V7LpA6Xpd 1wyDfsSSVPNAIF7Tfqdm/acict+OMJJeOlQ6xEC1gG07V0NjPcp92wnef/v80amI xS7UZ39o9aQuXSsEDiv1EJMOvcrsfnpdmyjFg4eMUOMk/WEtOkUgf4syJuyydpvW MeVm0HIqcmqDA+59ojHW69/cuv7NoG0JzJUutrWMIajDtqyTrrg7FrCcoOKCpKHq JLCEiENHjmcWq8h5WnaQPVAF5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCKcTWv/ TGqXJKliX2aaK6J99vWJMB8GA1UdIwQYMBaAFMvyqdqIrAj41RBt7L1y1voJyBjp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUMyNS82ODdBMTBBNjc2 NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQalZFRzNzdlhMVy1nbklH T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lfS3Ayb2lzQ1BqVkVHM3N2WExXLWduSUdPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUMyNS82ODdBMTBBNjc2NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQ alZFRzNzdlhMVy1nbklHT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDs0GtOZuGM+3J64/Surum5eONOloKsrInPm7Fu4ZbUIRydTMX22z9 YMnSakISUMoJZEetLDXr2OZ2rzvOwmdTxrxMMdeUTma6XM2LB3tw22o91rl8AhuJ R7Ts4ikh49/Xm5YVubfdMp6NT6lypTF0i0R2/jt27b91KSbhHMBOl3WXzpVhxOhu B7f2zeI1YPIHek0vnhlGGRnu9avX3wZj3PYQHcCwxEfMxRkoB8gXG6T5FQKC4RdQ FoF+xJLapF7gzElMzkV8gtuZwyNXkCQdd/M+8byq4OyjnE8H+dLYjfvGgGJp7xnp bM6oj6r48OmOjBUdkEbdqRUZIQc+Ftqx -----END CERTIFICATE-----Generated at Sat Apr 26 12:39:34 2025 by rpki-client