$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft File: y8ZgM3D76EzM4GToT08m7b7CZ7E.mft (raw, json) Hash identifier: /fZRtI9r6KxYEXXfC6l1P9yRbt0WyldEGkryziEcOWk= Subject key identifier: C3:F3:4C:C7:7C:DC:44:97:7D:E5:40:59:25:42:59:9D:2D:E9:EE:4A Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 Certificate issuer: /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1 Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft Manifest number: 2A Signing time: Fri 25 Apr 2025 06:43:30 +0000 Manifest this update: Fri 25 Apr 2025 06:43:29 +0000 Manifest next update: Fri 02 May 2025 06:43:29 +0000 Files and hashes: 1: y8ZgM3D76EzM4GToT08m7b7CZ7E.crl (hash: gpzJE1gSQlb60wTc1BRfWZIq+CFUJBkZw6e+Ig6Pj50=) 2: B97BD74AE4FF11EFB75F5836C4F9AE02.roa (hash: KR4Tx3kFeLSQKCW18mb5WqFjOSaFssRkJQn1FwH+pqg=) 3: EF512526E6D711EF8D300475C4F9AE02.roa (hash: G+h7ToXq8XsAorxWYN7LBRMYmAjacElCFrNbKrsrwaE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:43:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9CA8, serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1 Validity Not Before: Apr 25 06:43:29 2025 GMT Not After : May 2 06:43:29 2025 GMT Subject: CN=680b2f12-f84c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:a9:c0:24:34:af:62:22:39:73:07:86:5f:69: a2:40:b1:b8:ab:03:db:73:45:08:b8:fe:73:7d:e5: d0:25:e7:34:87:0f:79:80:c9:01:a6:7e:c1:48:fc: 4d:fc:cc:40:a4:b4:d0:49:4c:a7:5a:c5:9e:72:d6: 4c:ee:56:b8:c5:6c:81:e7:20:3e:9a:52:f1:f2:3d: ab:5b:95:7f:22:29:5d:fc:33:31:9d:04:79:02:c4: 22:60:9a:0c:57:4d:c1:9b:6d:03:a2:71:36:70:59: 5a:36:cc:63:40:68:b1:83:fd:b6:3f:dd:47:c8:33: 7b:b9:4a:c8:c0:63:3c:b5:97:01:12:0d:97:9f:f0: 08:15:5d:ad:58:01:bb:d0:23:73:6f:f0:a9:90:0b: a2:25:c4:f8:75:87:7e:85:bb:e3:e0:e0:f2:2f:26: dc:9d:58:7b:5b:13:74:3d:3f:08:c4:34:63:5e:a6: df:c1:91:f9:0a:ae:ce:5b:6d:57:e0:f0:65:47:61: 36:6a:f9:14:d2:b4:f0:78:4b:a7:5f:6c:1e:22:d0: b3:2d:d4:7f:45:b9:d1:b6:cd:05:e5:a2:5b:eb:c4: 98:ae:fc:9a:0d:ba:6c:16:11:a6:31:df:1e:91:31: 27:da:da:2b:ff:e4:53:7a:9a:85:9f:58:3d:f5:23: 23:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:F3:4C:C7:7C:DC:44:97:7D:E5:40:59:25:42:59:9D:2D:E9:EE:4A X509v3 Authority Key Identifier: keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:73:21:5e:12:47:76:16:2a:f8:a9:68:4b:9f:94:7e:df:cb: 7f:ee:f6:1f:2c:f8:84:48:d7:6d:90:00:d8:a9:63:34:d9:99: ac:75:41:fd:88:11:cd:25:d8:46:6c:03:3f:25:7b:7e:d5:3c: f5:d9:27:eb:36:f2:aa:50:13:3c:5d:80:fd:92:68:09:37:19: eb:b5:6d:04:a2:7d:85:1a:6a:67:f1:e5:e8:84:1d:99:07:c1: b1:e8:70:0e:e6:72:ef:fa:32:64:c3:48:19:1a:0b:4f:4b:30: 88:db:9f:a2:f8:ed:70:9f:fa:ec:b3:0d:10:ad:b1:6f:bf:8e: f5:7a:53:a6:e2:3a:4e:ec:60:cf:34:33:6e:15:9d:ba:e8:30: 84:4e:1d:1d:9e:04:50:65:79:61:19:5c:72:f3:e5:ca:62:86: 81:7f:0b:3d:2d:aa:04:a6:98:54:7f:3f:3a:a7:0d:d5:55:a7: 41:0e:08:de:cb:c4:3f:5b:e0:c0:66:14:dc:c5:f7:a8:db:d1: c8:c3:38:aa:cd:ca:a2:ce:bd:11:fe:85:fe:70:bf:a0:19:60: 42:b6:52:62:6a:75:e2:d3:de:53:8e:b6:5c:0f:77:ed:07:78: 5b:ed:94:c9:f5:95:b2:86:00:61:4d:46:30:da:00:d4:73:80: dd:61:0d:66 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC RUMyNjdCMTAeFw0yNTA0MjUwNjQzMjlaFw0yNTA1MDIwNjQzMjlaMBgxFjAUBgNV BAMTDTY4MGIyZjEyLWY4NGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDxqcAkNK9iIjlzB4ZfaaJAsbirA9tzRQi4/nN95dAl5zSHD3mAyQGmfsFI/E38 zECktNBJTKdaxZ5y1kzuVrjFbIHnID6aUvHyPatblX8iKV38MzGdBHkCxCJgmgxX TcGbbQOicTZwWVo2zGNAaLGD/bY/3UfIM3u5SsjAYzy1lwESDZef8AgVXa1YAbvQ I3Nv8KmQC6IlxPh1h36Fu+Pg4PIvJtydWHtbE3Q9PwjENGNept/BkfkKrs5bbVfg 8GVHYTZq+RTStPB4S6dfbB4i0LMt1H9FudG2zQXlolvrxJiu/JoNumwWEaYx3x6R MSfa2iv/5FN6moWfWD31IyNDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUw/NMx3zc RJd95UBZJUJZnS3p7kowHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5 Q0E4LzIwREEyNzQ2RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6 TTRHVG9UMDhtN2I3Q1o3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEhzIV4SR3YWKvipaEuflH7fy3/u9h8s+IRI122QANipYzTZmax1Qf2I Ec0l2EZsAz8le37VPPXZJ+s28qpQEzxdgP2SaAk3Geu1bQSifYUaamfx5eiEHZkH wbHocA7mcu/6MmTDSBkaC09LMIjbn6L47XCf+uyzDRCtsW+/jvV6U6biOk7sYM80 M24VnbroMIROHR2eBFBleWEZXHLz5cpihoF/Cz0tqgSmmFR/PzqnDdVVp0EOCN7L xD9b4MBmFNzF96jb0cjDOKrNyqLOvRH+hf5wv6AZYEK2UmJqdeLT3lOOtlwPd+0H eFvtlMn1lbKGAGFNRjDaANRzgN1hDWY= -----END CERTIFICATE-----Generated at Sat Apr 26 12:58:24 2025 by rpki-client