$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft File: yoXhM8HiOWFMnFd4ARi9swlSjnY.mft (raw, json) Hash identifier: gbp/a1U7vs6I2DC9lUcGzLOewRUkTiFl5ayOgqnUlog= Subject key identifier: 46:03:91:59:72:29:5C:DA:F0:8A:AD:76:18:14:4C:55:AA:F1:20:37 Authority key identifier: CA:85:E1:33:C1:E2:39:61:4C:9C:57:78:01:18:BD:B3:09:52:8E:76 Certificate issuer: /CN=A91DC42E/serialNumber=CA85E133C1E239614C9C57780118BDB309528E76 Certificate serial: 0781 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft Manifest number: 077B Signing time: Thu 24 Apr 2025 21:14:23 +0000 Manifest this update: Thu 24 Apr 2025 21:14:22 +0000 Manifest next update: Thu 01 May 2025 21:14:22 +0000 Files and hashes: 1: yoXhM8HiOWFMnFd4ARi9swlSjnY.crl (hash: ZLRbrKMKF91b20ZkMMsgKuJ5b+t30kx28vMVMVNmz2s=) 2: 4AAD8CFE0D1E11EB83C9B637C4F9AE02.roa (hash: SKKgbqIxO8h2gMjhNkPa/ZI17L9sik+EpFHik6yG+pU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.crl rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:14:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1921 (0x781) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC42E, serialNumber=CA85E133C1E239614C9C57780118BDB309528E76 Validity Not Before: Apr 24 21:14:22 2025 GMT Not After : May 1 21:14:22 2025 GMT Subject: CN=680aa9ae-47d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ba:18:0e:f7:e9:3d:cb:44:a7:aa:d3:b0:da: f7:29:64:46:79:31:c5:ad:62:17:de:a1:19:07:1b: 72:49:a8:89:ee:b8:f2:a9:77:28:27:b6:fe:b8:15: b9:a9:d9:9a:5b:0f:e9:b5:09:e4:9b:92:e6:ca:50: dd:27:45:ee:a8:4a:80:db:28:c7:6c:d3:a5:22:87: 3e:3c:c9:31:5c:40:55:f9:55:59:14:ef:d3:3a:9e: b1:47:64:2f:29:4f:bd:2b:45:b1:dd:75:0d:e2:de: c2:9a:3b:95:35:b0:bc:cb:b9:f3:aa:1b:e3:96:25: d7:cf:be:8f:81:15:d9:65:3e:a4:50:a5:a4:72:fe: f1:55:bf:04:02:1d:47:0b:5c:26:fc:ab:e3:83:ac: 38:36:bb:8d:7d:72:b4:3f:2e:d3:d7:fa:09:12:8f: f8:02:cd:b1:40:74:11:bf:1d:0e:2e:3d:f5:a4:36: 8c:7f:3e:38:64:59:e2:14:c9:bb:37:50:a3:72:21: e6:0c:3a:52:f6:b5:c9:f8:21:9e:29:de:73:ef:a3: 72:d1:3c:9b:76:d4:60:9b:fd:8d:e5:e8:2c:62:80: 5c:05:54:5e:58:42:ab:42:47:e9:14:44:77:37:cf: 42:98:ce:fb:22:58:b8:6e:df:07:d5:e6:62:d3:e3: 9e:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:03:91:59:72:29:5C:DA:F0:8A:AD:76:18:14:4C:55:AA:F1:20:37 X509v3 Authority Key Identifier: keyid:CA:85:E1:33:C1:E2:39:61:4C:9C:57:78:01:18:BD:B3:09:52:8E:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:73:11:eb:b8:0f:75:1e:0f:1d:84:86:89:50:07:db:1b:bb: f3:1e:e2:c6:31:d3:1d:ab:bd:94:88:8d:bc:2f:0a:a8:3a:5e: 81:4c:ee:e2:de:e0:b2:a4:ce:ae:16:c0:02:9d:e2:de:8b:12: 2b:5b:83:ce:4f:47:e7:e2:f0:e8:98:90:5e:af:5a:3c:6e:e1: 5f:8b:76:bc:68:33:4b:7e:47:bd:cc:bf:eb:a2:eb:53:b1:68: 5c:c0:8e:ee:9f:c4:3c:db:75:1f:c7:b6:96:da:ec:d4:73:6e: 8b:69:10:55:38:d3:aa:01:85:b6:57:92:d7:fc:34:25:12:2c: 36:e5:61:08:cc:1e:f7:d6:6e:e9:c5:d2:3e:00:bb:d2:f5:50: 5e:5d:a1:22:bb:70:64:b9:98:dc:15:4e:81:4f:ae:9e:2d:63: 05:39:6f:41:db:6a:e4:94:67:24:e9:32:eb:5f:57:63:06:2e: f8:8c:a0:dc:0b:56:c3:d8:c1:e7:17:03:a1:46:41:ca:e5:76: db:bf:69:99:28:78:35:88:d0:95:1c:15:68:c5:6e:f9:a5:9a: be:86:ce:d1:78:20:be:8e:df:85:3d:bb:48:08:34:4d:99:f9: 64:ad:40:b8:b1:ec:e7:65:15:0e:e8:a5:f6:2b:79:82:01:08: 72:04:ca:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0MkUxMTAvBgNVBAUTKENBODVFMTMzQzFFMjM5NjE0QzlDNTc3ODAxMThCREIz MDk1MjhFNzYwHhcNMjUwNDI0MjExNDIyWhcNMjUwNTAxMjExNDIyWjAYMRYwFAYD VQQDEw02ODBhYTlhZS00N2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoboYDvfpPctEp6rTsNr3KWRGeTHFrWIX3qEZBxtySaiJ7rjyqXcoJ7b+uBW5 qdmaWw/ptQnkm5LmylDdJ0XuqEqA2yjHbNOlIoc+PMkxXEBV+VVZFO/TOp6xR2Qv KU+9K0Wx3XUN4t7CmjuVNbC8y7nzqhvjliXXz76PgRXZZT6kUKWkcv7xVb8EAh1H C1wm/Kvjg6w4NruNfXK0Py7T1/oJEo/4As2xQHQRvx0OLj31pDaMfz44ZFniFMm7 N1CjciHmDDpS9rXJ+CGeKd5z76Ny0TybdtRgm/2N5egsYoBcBVReWEKrQkfpFER3 N89CmM77Ili4bt8H1eZi0+Oe3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEYDkVly KVza8IqtdhgUTFWq8SA3MB8GA1UdIwQYMBaAFMqF4TPB4jlhTJxXeAEYvbMJUo52 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQyRS9ENkE3RkY0ODBE MTcxMUVCQTc0MUE1MEFDNEY5QUUwMi95b1hoTThIaU9XRk1uRmQ0QVJpOXN3bFNq blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvWGhNOEhpT1dGTW5GZDRBUmk5c3dsU2puWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzQyRS9ENkE3RkY0ODBEMTcxMUVCQTc0MUE1MEFDNEY5QUUwMi95b1hoTThIaU9X Rk1uRmQ0QVJpOXN3bFNqblkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbcxHruA91Hg8dhIaJUAfbG7vzHuLGMdMdq72UiI28LwqoOl6BTO7i 3uCypM6uFsACneLeixIrW4POT0fn4vDomJBer1o8buFfi3a8aDNLfke9zL/routT sWhcwI7un8Q823Ufx7aW2uzUc26LaRBVONOqAYW2V5LX/DQlEiw25WEIzB731m7p xdI+ALvS9VBeXaEiu3BkuZjcFU6BT66eLWMFOW9B22rklGck6TLrX1djBi74jKDc C1bD2MHnFwOhRkHK5Xbbv2mZKHg1iNCVHBVoxW75pZq+hs7ReCC+jt+FPbtICDRN mflkrUC4seznZRUO6KX2K3mCAQhyBMpB -----END CERTIFICATE-----Generated at Sat Apr 26 12:34:29 2025 by rpki-client