$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft File: y8ZgM3D76EzM4GToT08m7b7CZ7E.mft (raw, json) Hash identifier: 1rp1qXX3XMGjhzU+pxHLY8UypTJFY/JPU1VzT06ky4M= Subject key identifier: D6:B9:9D:4D:6A:AE:E3:EB:EF:2C:88:40:16:23:9F:64:9E:C4:74:BA Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 Certificate issuer: /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1 Certificate serial: 2E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft Manifest number: 2C Signing time: Tue 29 Apr 2025 07:40:57 +0000 Manifest this update: Tue 29 Apr 2025 07:40:57 +0000 Manifest next update: Tue 06 May 2025 07:40:57 +0000 Files and hashes: 1: y8ZgM3D76EzM4GToT08m7b7CZ7E.crl (hash: 8++RTM36QYvX8qQ+bUY49RqTRtOLJ2K6T5dx5Qqud5A=) 2: B97BD74AE4FF11EFB75F5836C4F9AE02.roa (hash: KR4Tx3kFeLSQKCW18mb5WqFjOSaFssRkJQn1FwH+pqg=) 3: EF512526E6D711EF8D300475C4F9AE02.roa (hash: G+h7ToXq8XsAorxWYN7LBRMYmAjacElCFrNbKrsrwaE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 06 May 2025 07:40:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9CA8, serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1 Validity Not Before: Apr 29 07:40:57 2025 GMT Not After : May 6 07:40:57 2025 GMT Subject: CN=68108289-61bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f5:fe:f6:e8:e7:b2:5b:f2:39:31:80:ef:d5: 6f:21:49:59:cf:7d:91:f4:c2:bd:a7:92:fe:d5:97: 16:18:14:54:e4:55:a2:9c:18:23:54:d3:b9:3b:4a: 1e:b8:4d:36:b4:0d:d4:30:97:f3:78:19:78:a1:66: 3c:64:c7:86:d1:81:a4:f4:78:2e:f6:9b:d1:33:c4: bf:e7:48:c7:0f:a1:e0:84:d1:60:b0:68:3a:a8:08: ca:94:09:d7:f0:98:7d:bf:df:32:d9:2e:90:94:dc: 7c:2a:fa:66:a2:8b:f9:e2:1d:b7:11:1f:d4:4a:b3: c6:20:61:59:df:10:a7:52:25:80:24:7c:e8:67:2d: 15:f5:bd:02:09:d4:29:31:7d:5d:4a:ea:5c:b2:d1: a7:7d:4c:d1:31:9d:18:a2:71:50:4f:58:b6:26:d7: 84:99:d0:b1:d4:2c:28:03:90:05:8b:23:63:46:de: 65:2c:9b:f9:31:cd:c3:47:72:e4:a1:e6:de:4c:31: 3c:08:44:f2:49:85:6a:57:9e:0a:11:aa:0e:b4:09: 19:d0:8f:dd:1c:a9:d3:05:7a:fc:0f:04:11:91:26: f0:ac:07:4b:75:c6:60:ff:89:ec:79:0e:97:1e:45: 31:49:aa:eb:6c:fe:c6:fd:82:b5:04:38:6e:7d:da: 29:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:B9:9D:4D:6A:AE:E3:EB:EF:2C:88:40:16:23:9F:64:9E:C4:74:BA X509v3 Authority Key Identifier: keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:f4:6e:2b:6b:51:07:83:0a:21:15:69:48:26:97:5f:da:c4: 00:e7:bc:1b:84:70:7b:7f:3e:30:4a:72:61:8b:4f:ad:2d:a1: 0e:01:e6:c8:c4:43:03:ed:13:04:ef:49:03:ca:58:28:c6:f6: bb:ec:ae:d8:3a:ef:54:be:18:32:16:3d:9b:4b:49:c5:7e:7c: 6d:d7:50:19:f5:74:e3:da:e4:69:f0:fc:0e:32:e3:e2:df:d8: 1c:81:f9:f9:31:67:7e:2c:d8:a6:db:73:8b:8e:0d:85:0e:60: e7:59:36:10:da:d9:11:8c:79:ae:d9:b8:94:61:0e:c9:01:4b: b0:b6:e0:7d:0a:3f:13:93:27:ed:6e:f8:87:87:d2:bb:ab:68: 34:46:f3:a5:1a:ce:13:5c:69:c7:48:10:13:4f:66:63:d0:ef: 1c:3f:2b:83:3c:10:aa:42:f8:00:19:c1:0e:0f:f7:f5:ff:19: d6:2d:33:7f:f8:94:d0:31:68:d4:e8:2c:33:b8:db:51:4a:93: 26:11:97:eb:6d:29:74:bc:fe:d6:8d:08:ca:8c:92:9c:04:f6: 21:68:fd:62:ca:28:0a:3e:90:16:b2:66:15:41:a8:43:96:f2: b8:68:f0:56:22:5b:ec:00:cd:fb:36:12:ff:f7:a8:63:89:fe: dd:0b:73:aa -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC RUMyNjdCMTAeFw0yNTA0MjkwNzQwNTdaFw0yNTA1MDYwNzQwNTdaMBgxFjAUBgNV BAMTDTY4MTA4Mjg5LTYxYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/9f726OeyW/I5MYDv1W8hSVnPfZH0wr2nkv7VlxYYFFTkVaKcGCNU07k7Sh64 TTa0DdQwl/N4GXihZjxkx4bRgaT0eC72m9EzxL/nSMcPoeCE0WCwaDqoCMqUCdfw mH2/3zLZLpCU3Hwq+maii/niHbcRH9RKs8YgYVnfEKdSJYAkfOhnLRX1vQIJ1Ckx fV1K6lyy0ad9TNExnRiicVBPWLYm14SZ0LHULCgDkAWLI2NG3mUsm/kxzcNHcuSh 5t5MMTwIRPJJhWpXngoRqg60CRnQj90cqdMFevwPBBGRJvCsB0t1xmD/iex5Dpce RTFJquts/sb9grUEOG592ikdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1rmdTWqu 4+vvLIhAFiOfZJ7EdLowHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5 Q0E4LzIwREEyNzQ2RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6 TTRHVG9UMDhtN2I3Q1o3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALf0bitrUQeDCiEVaUgml1/axADnvBuEcHt/PjBKcmGLT60toQ4B5sjE QwPtEwTvSQPKWCjG9rvsrtg671S+GDIWPZtLScV+fG3XUBn1dOPa5Gnw/A4y4+Lf 2ByB+fkxZ34s2Kbbc4uODYUOYOdZNhDa2RGMea7ZuJRhDskBS7C24H0KPxOTJ+1u +IeH0ruraDRG86UazhNcacdIEBNPZmPQ7xw/K4M8EKpC+AAZwQ4P9/X/GdYtM3/4 lNAxaNToLDO421FKkyYRl+ttKXS8/taNCMqMkpwE9iFo/WLKKAo+kBayZhVBqEOW 8rho8FYiW+wAzfs2Ev/3qGOJ/t0Lc6o= -----END CERTIFICATE-----Generated at Wed Apr 30 09:43:09 2025 by rpki-client