$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft File: YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft (raw, json) Hash identifier: o8Z5iA/Z9lZtYfI+xzAscj2LCQbz1q81OE4BZl8cnI4= Subject key identifier: 15:AB:9A:6E:4B:FE:96:BD:A1:7C:1A:25:F4:96:28:57:C1:5A:F4:9D Authority key identifier: 60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 Certificate issuer: /CN=A91E5A08/serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Certificate serial: 017C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft Manifest number: 0179 Signing time: Fri 25 Apr 2025 02:53:12 +0000 Manifest this update: Fri 25 Apr 2025 02:53:11 +0000 Manifest next update: Fri 02 May 2025 02:53:11 +0000 Files and hashes: 1: YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl (hash: 1KaDqwHSDEqi84X5qQvUXJjGmGZ98Gi/xGsjgHiJmno=) 2: EC9A7C9EE26811EDBB19B85EC4F9AE02.roa (hash: b95mpJ4EM9DYq2FEBTGRF8becbveDJsLEHAflxFwbco=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:53:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 380 (0x17c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5A08, serialNumber=6006B9658313D864991619D6979B0F7E01E4B668 Validity Not Before: Apr 25 02:53:11 2025 GMT Not After : May 2 02:53:11 2025 GMT Subject: CN=680af917-c4f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:ab:ce:64:79:3a:4e:e2:cd:0f:a4:10:cc:f0: 32:93:4b:ff:c8:22:30:f3:5c:e6:8f:52:c9:65:f6: 55:45:c2:5d:c3:e6:0b:23:38:b1:f3:77:70:ae:47: 91:53:ea:45:e7:fd:01:39:40:3b:5a:cb:0a:8a:b1: ab:9d:99:f4:c3:50:fc:18:07:1c:bb:02:b3:de:1c: 9d:a9:f9:56:ae:d4:83:85:39:22:34:5e:d2:05:20: 5f:22:4f:65:6b:13:91:7d:73:3e:2f:f9:5b:fa:e4: f9:90:c6:a2:08:91:d6:68:1e:9b:e7:7e:fd:21:80: 39:43:fc:b5:22:5a:fb:62:a9:71:c0:37:62:dd:ee: 0b:65:0e:1b:10:4b:b9:22:c9:be:f1:95:2a:55:12: af:d1:71:ff:40:aa:6d:3a:35:6a:76:82:8c:38:61: af:77:f9:ab:09:c0:88:6c:f8:08:c5:c2:93:ab:8f: 73:bc:5d:d6:4e:ce:11:f4:ba:5c:ff:2c:d4:3b:01: 32:ad:a0:62:45:9d:89:92:03:54:d0:1f:cb:a7:ab: 11:2d:cb:79:87:2b:96:4d:48:c6:b9:ff:53:91:76: b8:41:07:2e:6a:20:8f:74:da:fd:2f:bb:6f:c5:6d: cd:75:6b:a3:d8:7c:3b:c3:c2:a4:ae:f1:b2:b2:a9: 91:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:AB:9A:6E:4B:FE:96:BD:A1:7C:1A:25:F4:96:28:57:C1:5A:F4:9D X509v3 Authority Key Identifier: keyid:60:06:B9:65:83:13:D8:64:99:16:19:D6:97:9B:0F:7E:01:E4:B6:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YAa5ZYMT2GSZFhnWl5sPfgHktmg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5A08/B060CC54E26511ED850CDE54C4F9AE02/YAa5ZYMT2GSZFhnWl5sPfgHktmg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:2f:00:85:de:f3:c9:84:6f:f5:01:8c:93:13:f2:33:e8:6e: 3a:5a:1e:bd:b9:07:e7:e2:3d:c7:35:54:7e:c8:ce:59:37:fe: 53:23:74:b7:75:ee:be:b6:08:35:9f:44:d7:c1:da:b9:2f:41: aa:7d:44:49:01:84:e6:43:2f:02:d1:b2:62:74:28:ec:06:4f: fd:be:07:d7:c4:95:7e:c1:2b:03:a4:7d:55:26:95:01:5b:96: 38:07:4b:6b:24:37:a6:9b:87:4e:57:dc:45:b4:26:32:85:fb: 0b:af:74:b3:3e:17:76:49:3e:61:41:eb:d6:0d:6d:ce:f0:76: 59:0b:67:e8:c9:64:93:9e:b8:75:a7:88:be:9e:1a:28:da:70: f7:70:8a:96:44:72:92:8a:89:58:95:c6:83:4b:a4:2c:27:c8: 6e:ed:04:fe:4f:1e:37:54:e5:ae:1c:ff:ad:4e:11:08:da:1e: b0:69:c8:25:24:ac:17:be:83:63:02:da:86:bb:93:15:5e:73: 15:df:64:ac:61:e9:e4:92:9a:d9:b0:5b:58:6a:de:f0:e3:4a: 19:a5:9f:1d:3e:9a:e6:3b:be:8d:bc:07:bd:64:e2:61:24:bd: f8:7f:4d:ef:1e:4b:24:2a:6e:0e:a3:36:80:91:2e:03:c0:f1: ea:71:e6:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVBMDgxMTAvBgNVBAUTKDYwMDZCOTY1ODMxM0Q4NjQ5OTE2MTlENjk3OUIwRjdF MDFFNEI2NjgwHhcNMjUwNDI1MDI1MzExWhcNMjUwNTAyMDI1MzExWjAYMRYwFAYD VQQDEw02ODBhZjkxNy1jNGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA26vOZHk6TuLND6QQzPAyk0v/yCIw81zmj1LJZfZVRcJdw+YLIzix83dwrkeR U+pF5/0BOUA7WssKirGrnZn0w1D8GAccuwKz3hydqflWrtSDhTkiNF7SBSBfIk9l axORfXM+L/lb+uT5kMaiCJHWaB6b5379IYA5Q/y1Ilr7YqlxwDdi3e4LZQ4bEEu5 Ism+8ZUqVRKv0XH/QKptOjVqdoKMOGGvd/mrCcCIbPgIxcKTq49zvF3WTs4R9Lpc /yzUOwEyraBiRZ2JkgNU0B/Lp6sRLct5hyuWTUjGuf9TkXa4QQcuaiCPdNr9L7tv xW3NdWuj2Hw7w8KkrvGysqmRJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBWrmm5L /pa9oXwaJfSWKFfBWvSdMB8GA1UdIwQYMBaAFGAGuWWDE9hkmRYZ1pebD34B5LZo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUEwOC9CMDYwQ0M1NEUy NjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJHU1pGaG5XbDVzUGZnSGt0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lBYTVaWU1UMkdTWkZobldsNXNQZmdIa3RtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUEwOC9CMDYwQ0M1NEUyNjUxMUVEODUwQ0RFNTRDNEY5QUUwMi9ZQWE1WllNVDJH U1pGaG5XbDVzUGZnSGt0bWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOLwCF3vPJhG/1AYyTE/Iz6G46Wh69uQfn4j3HNVR+yM5ZN/5TI3S3 de6+tgg1n0TXwdq5L0GqfURJAYTmQy8C0bJidCjsBk/9vgfXxJV+wSsDpH1VJpUB W5Y4B0trJDemm4dOV9xFtCYyhfsLr3SzPhd2ST5hQevWDW3O8HZZC2foyWSTnrh1 p4i+nhoo2nD3cIqWRHKSiolYlcaDS6QsJ8hu7QT+Tx43VOWuHP+tThEI2h6wacgl JKwXvoNjAtqGu5MVXnMV32SsYenkkprZsFtYat7w40oZpZ8dPprmO76NvAe9ZOJh JL34f03vHkskKm4OozaAkS4DwPHqceZV -----END CERTIFICATE-----Generated at Sat Apr 26 04:31:43 2025 by rpki-client