$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4294/0CB5EAFAAEBE11E980FB4E63C4F9AE02/Y19XnOBVlw4BocO3dQIcjj4ieIc.mft File: Y19XnOBVlw4BocO3dQIcjj4ieIc.mft (raw, json) Hash identifier: sPEOIsxDRlkY3yZwhvDSWgroffWWP+nNL67RborcG5M= Subject key identifier: 24:58:0F:C9:7C:75:52:1D:CA:C9:B2:36:85:8D:18:E6:4B:32:18:67 Authority key identifier: 63:5F:57:9C:E0:55:97:0E:01:A1:C3:B7:75:02:1C:8E:3E:22:78:87 Certificate issuer: /CN=A91F4294/serialNumber=635F579CE055970E01A1C3B775021C8E3E227887 Certificate serial: 0DED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y19XnOBVlw4BocO3dQIcjj4ieIc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F4294/0CB5EAFAAEBE11E980FB4E63C4F9AE02/Y19XnOBVlw4BocO3dQIcjj4ieIc.mft Manifest number: 0DE5 Signing time: Thu 24 Apr 2025 17:50:20 +0000 Manifest this update: Thu 24 Apr 2025 17:50:19 +0000 Manifest next update: Thu 01 May 2025 17:50:19 +0000 Files and hashes: 1: Y19XnOBVlw4BocO3dQIcjj4ieIc.crl (hash: Tok4ZDwU7ukgTLVEVnyFqEDHw4ZoPtkMgD9I9aHEttI=) 2: 1E018994AEBF11E993F33C65C4F9AE02.roa (hash: VAz7Q8OmwNVtqjw21t41eYyn3+glN8lqbyiXL2P+yek=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F4294/0CB5EAFAAEBE11E980FB4E63C4F9AE02/Y19XnOBVlw4BocO3dQIcjj4ieIc.crl rsync://rpki.apnic.net/member_repository/A91F4294/0CB5EAFAAEBE11E980FB4E63C4F9AE02/Y19XnOBVlw4BocO3dQIcjj4ieIc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y19XnOBVlw4BocO3dQIcjj4ieIc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3565 (0xded) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F4294, serialNumber=635F579CE055970E01A1C3B775021C8E3E227887 Validity Not Before: Apr 24 17:50:19 2025 GMT Not After : May 1 17:50:19 2025 GMT Subject: CN=680a79dc-03a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:d4:4b:66:7d:8a:9b:22:55:43:f5:74:6f:f5: a8:58:74:13:a2:dd:92:d9:eb:15:75:93:06:54:0d: 9c:c0:4e:9e:60:db:4f:4e:b4:71:95:bd:85:7c:bf: 8c:c5:de:0b:98:be:ae:ed:ec:64:58:de:7a:61:e6: 6f:e9:d9:6d:5b:e9:16:82:59:4d:be:35:a0:44:0b: f4:11:48:d9:54:9c:d1:af:2b:5d:59:71:89:0c:19: c7:50:da:2e:99:05:86:e8:96:0d:7e:96:b2:27:fc: ee:c4:bc:47:8e:51:d8:17:50:f2:d4:db:0d:31:77: de:42:a5:64:3f:4b:d5:54:4f:20:92:d6:c0:1c:67: 1c:1e:4e:cf:c9:5c:fd:af:f2:f8:2f:5c:59:f8:e2: 28:b4:0f:8d:db:77:82:24:3f:38:04:f9:ac:93:3c: e4:15:23:b1:c2:49:c3:41:79:ab:28:6b:00:b0:ec: 62:fd:14:16:7b:86:da:85:d5:ca:6c:b5:d7:a2:ce: fd:10:54:15:f0:00:5c:04:0e:2a:9b:fc:1f:b8:dd: 88:c3:d6:e1:a9:78:c6:47:b1:03:5f:f0:89:1c:f9: ba:86:d6:5a:98:5a:da:21:04:fc:46:59:09:50:66: bd:d5:7a:49:2e:4d:ef:3a:87:b2:ba:58:fe:65:59: ba:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:58:0F:C9:7C:75:52:1D:CA:C9:B2:36:85:8D:18:E6:4B:32:18:67 X509v3 Authority Key Identifier: keyid:63:5F:57:9C:E0:55:97:0E:01:A1:C3:B7:75:02:1C:8E:3E:22:78:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F4294/0CB5EAFAAEBE11E980FB4E63C4F9AE02/Y19XnOBVlw4BocO3dQIcjj4ieIc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y19XnOBVlw4BocO3dQIcjj4ieIc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4294/0CB5EAFAAEBE11E980FB4E63C4F9AE02/Y19XnOBVlw4BocO3dQIcjj4ieIc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:96:bc:38:74:f4:d1:d7:d2:1a:3d:34:88:4a:3d:1a:71:b1: 84:24:56:0f:6a:b1:0e:86:dc:83:a5:f8:47:52:36:64:57:01: 62:c0:0f:31:0b:36:36:61:57:d5:51:10:db:58:41:00:7b:03: e9:a2:cd:ba:03:f5:86:d4:cc:33:31:a8:0c:68:98:2a:cb:2f: 89:5e:43:a1:bf:ca:5c:1f:f0:09:bd:00:3b:22:2c:7d:69:d5: 52:19:02:da:8b:21:44:32:4b:81:90:5b:8f:bd:b9:c4:d8:31: 00:21:c5:c5:1a:ad:35:db:d3:7c:cb:73:85:ce:8e:83:17:35: 91:c9:31:1a:ec:05:0e:8f:be:33:e4:01:c1:27:a2:7b:93:fd: cc:4a:46:4b:9c:16:0f:2a:3f:c2:da:05:2a:31:39:8b:7b:ee: b9:50:9d:0f:83:cb:1a:43:f0:86:d3:95:8d:fd:9d:d0:46:af: 34:ea:c5:1e:9a:ce:ad:ad:b1:4e:50:5b:c9:0d:d6:86:0b:95: 47:b1:9f:34:e8:43:da:bd:8f:b6:65:3d:c8:86:9e:81:2d:82: df:11:5d:18:ed:db:18:d3:23:58:4c:b1:6e:31:55:d0:eb:ac: 02:62:1a:90:28:71:c3:a5:63:62:6d:cc:ed:fb:ab:12:bd:04: ba:1d:e2:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyOTQxMTAvBgNVBAUTKDYzNUY1NzlDRTA1NTk3MEUwMUExQzNCNzc1MDIxQzhF M0UyMjc4ODcwHhcNMjUwNDI0MTc1MDE5WhcNMjUwNTAxMTc1MDE5WjAYMRYwFAYD VQQDEw02ODBhNzlkYy0wM2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5dRLZn2KmyJVQ/V0b/WoWHQTot2S2esVdZMGVA2cwE6eYNtPTrRxlb2FfL+M xd4LmL6u7exkWN56YeZv6dltW+kWgllNvjWgRAv0EUjZVJzRrytdWXGJDBnHUNou mQWG6JYNfpayJ/zuxLxHjlHYF1Dy1NsNMXfeQqVkP0vVVE8gktbAHGccHk7PyVz9 r/L4L1xZ+OIotA+N23eCJD84BPmskzzkFSOxwknDQXmrKGsAsOxi/RQWe4bahdXK bLXXos79EFQV8ABcBA4qm/wfuN2Iw9bhqXjGR7EDX/CJHPm6htZamFraIQT8RlkJ UGa91XpJLk3vOoeyulj+ZVm6UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCRYD8l8 dVIdysmyNoWNGOZLMhhnMB8GA1UdIwQYMBaAFGNfV5zgVZcOAaHDt3UCHI4+IniH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI5NC8wQ0I1RUFGQUFF QkUxMUU5ODBGQjRFNjNDNEY5QUUwMi9ZMTlYbk9CVmx3NEJvY08zZFFJY2pqNGll SWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1kxOVhuT0JWbHc0Qm9jTzNkUUljamo0aWVJYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDI5NC8wQ0I1RUFGQUFFQkUxMUU5ODBGQjRFNjNDNEY5QUUwMi9ZMTlYbk9CVmx3 NEJvY08zZFFJY2pqNGllSWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMlrw4dPTR19IaPTSISj0acbGEJFYParEOhtyDpfhHUjZkVwFiwA8x CzY2YVfVURDbWEEAewPpos26A/WG1MwzMagMaJgqyy+JXkOhv8pcH/AJvQA7Iix9 adVSGQLaiyFEMkuBkFuPvbnE2DEAIcXFGq0129N8y3OFzo6DFzWRyTEa7AUOj74z 5AHBJ6J7k/3MSkZLnBYPKj/C2gUqMTmLe+65UJ0Pg8saQ/CG05WN/Z3QRq806sUe ms6trbFOUFvJDdaGC5VHsZ806EPavY+2ZT3Ihp6BLYLfEV0Y7dsY0yNYTLFuMVXQ 66wCYhqQKHHDpWNibczt+6sSvQS6HeIi -----END CERTIFICATE-----Generated at Sat Apr 26 16:37:54 2025 by rpki-client