$ rpki-client -vvf rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft File: YZBA6DW609z1wgE5bYVxmVp6zFA.mft (raw, json) Hash identifier: UQlI9eL32SRKWJU/hqaSCesv+a0iugaPaJA15SETl8A= Subject key identifier: 8F:44:7A:FC:87:49:3B:4B:D1:27:25:8B:13:BD:1D:F6:A0:FA:95:5C Authority key identifier: 61:90:40:E8:35:BA:D3:DC:F5:C2:01:39:6D:85:71:99:5A:7A:CC:50 Certificate issuer: /CN=A91FABEF/serialNumber=619040E835BAD3DCF5C201396D8571995A7ACC50 Certificate serial: E8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YZBA6DW609z1wgE5bYVxmVp6zFA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft Manifest number: E4 Signing time: Fri 25 Apr 2025 04:32:48 +0000 Manifest this update: Fri 25 Apr 2025 04:32:48 +0000 Manifest next update: Fri 02 May 2025 04:32:48 +0000 Files and hashes: 1: YZBA6DW609z1wgE5bYVxmVp6zFA.crl (hash: AIWme+wwW1Mp4Rz6h9g+mPhij7tBrjbJRhPI5W2I7GA=) 2: 8045E9A4CEEC11EEAFFC5E36C4F9AE02.roa (hash: QQ0CP8HHmI7PCShWjhNg26xSyERliRPL6u4e6U+9a/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.crl rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YZBA6DW609z1wgE5bYVxmVp6zFA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:32:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 232 (0xe8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FABEF, serialNumber=619040E835BAD3DCF5C201396D8571995A7ACC50 Validity Not Before: Apr 25 04:32:48 2025 GMT Not After : May 2 04:32:48 2025 GMT Subject: CN=680b1070-00ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f2:09:e0:44:9d:1f:0a:f7:cf:86:a6:28:5c: 3e:5e:fe:8c:65:dd:8e:33:d5:ea:b4:fb:25:98:db: f2:d3:40:fa:c4:02:79:7f:12:60:32:77:ab:ea:3d: b4:e2:08:82:e1:72:e2:16:35:72:65:04:51:5c:32: f2:4b:d4:61:f7:85:ff:14:56:1a:1e:39:b8:d8:02: a4:52:2e:e4:3b:0c:f9:a3:99:9e:dc:3f:50:99:f7: 8b:80:0e:fe:5d:14:bf:52:e8:ae:ee:2e:45:28:80: e7:99:15:32:1e:f6:a5:db:a6:ff:73:b2:55:6f:5d: 90:0c:8d:1f:d0:da:ce:6b:43:97:43:df:ea:1e:6b: 70:ed:cf:29:40:c4:a8:6d:94:9d:4a:67:6c:c9:38: 3a:f8:1d:5c:ee:2b:8e:65:9f:be:d9:12:b2:6a:e7: a5:a2:44:5f:1f:74:87:fd:d0:42:d3:e7:02:23:3e: 3a:0b:1e:00:4a:84:09:c9:cb:09:bc:e5:37:42:2d: 62:80:3a:be:69:e3:c2:e2:4f:96:c8:19:09:07:fc: 4e:af:4a:2d:b9:f4:a1:57:d2:b0:d1:c2:65:c2:32: 24:8c:e2:97:94:20:5b:c2:bd:18:d2:c2:64:09:7c: b3:48:65:61:ac:ca:72:69:21:69:9e:6a:ab:9e:6e: af:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:44:7A:FC:87:49:3B:4B:D1:27:25:8B:13:BD:1D:F6:A0:FA:95:5C X509v3 Authority Key Identifier: keyid:61:90:40:E8:35:BA:D3:DC:F5:C2:01:39:6D:85:71:99:5A:7A:CC:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YZBA6DW609z1wgE5bYVxmVp6zFA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FABEF/C0764572CB1911EE815FAB68C4F9AE02/YZBA6DW609z1wgE5bYVxmVp6zFA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:bd:28:62:e2:a3:b3:03:b8:cb:e5:48:a7:c3:bb:f9:e0:8b: c7:59:94:fb:dc:d7:52:31:72:7a:b9:1e:b0:a0:21:d2:e6:5d: 53:72:6c:d3:02:16:ae:1b:3f:98:03:1e:48:9d:e0:c3:69:af: dc:09:62:fa:6a:93:76:44:03:98:e3:f0:6f:fb:11:f2:0d:a6: 18:af:9f:ac:18:2d:82:3d:af:a6:eb:86:be:3c:ed:26:d3:8a: e4:fa:de:9e:a7:44:f6:a6:d9:6d:42:90:de:8f:7c:2d:04:77: 7b:cc:6d:d7:d0:9b:27:bc:6d:4b:c9:60:4e:50:af:27:c0:ef: c8:33:e7:e7:48:4f:67:dc:4f:b8:26:dd:49:95:82:c3:80:d3: 27:22:37:07:17:25:b8:7d:59:0a:68:22:ec:3c:cc:81:63:09: c7:75:06:a0:e8:5f:62:a1:c3:f2:43:b8:b1:ba:19:42:0e:1a: 30:b2:9f:cc:0e:1a:22:c5:f9:1e:77:31:63:c4:d2:2c:ed:69: d7:7d:8e:7c:3b:a0:3d:df:e1:a5:97:68:03:a8:19:90:2b:87: 87:a3:62:fb:d7:1a:49:58:64:1a:16:ad:7f:42:13:32:9a:c1: 8e:b6:14:d1:b2:07:cb:ce:29:35:ce:6a:58:fd:f6:4f:f0:7f: 1b:ac:d5:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFCRUYxMTAvBgNVBAUTKDYxOTA0MEU4MzVCQUQzRENGNUMyMDEzOTZEODU3MTk5 NUE3QUNDNTAwHhcNMjUwNDI1MDQzMjQ4WhcNMjUwNTAyMDQzMjQ4WjAYMRYwFAYD VQQDEw02ODBiMTA3MC0wMGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtvIJ4ESdHwr3z4amKFw+Xv6MZd2OM9XqtPslmNvy00D6xAJ5fxJgMner6j20 4giC4XLiFjVyZQRRXDLyS9Rh94X/FFYaHjm42AKkUi7kOwz5o5me3D9QmfeLgA7+ XRS/Uuiu7i5FKIDnmRUyHval26b/c7JVb12QDI0f0NrOa0OXQ9/qHmtw7c8pQMSo bZSdSmdsyTg6+B1c7iuOZZ++2RKyauelokRfH3SH/dBC0+cCIz46Cx4ASoQJycsJ vOU3Qi1igDq+aePC4k+WyBkJB/xOr0otufShV9Kw0cJlwjIkjOKXlCBbwr0Y0sJk CXyzSGVhrMpyaSFpnmqrnm6vdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI9EevyH STtL0SclixO9Hfag+pVcMB8GA1UdIwQYMBaAFGGQQOg1utPc9cIBOW2FcZlaesxQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUJFRi9DMDc2NDU3MkNC MTkxMUVFODE1RkFCNjhDNEY5QUUwMi9ZWkJBNkRXNjA5ejF3Z0U1YllWeG1WcDZ6 RkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1laQkE2RFc2MDl6MXdnRTViWVZ4bVZwNnpGQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUJFRi9DMDc2NDU3MkNCMTkxMUVFODE1RkFCNjhDNEY5QUUwMi9ZWkJBNkRXNjA5 ejF3Z0U1YllWeG1WcDZ6RkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6vShi4qOzA7jL5Uinw7v54IvHWZT73NdSMXJ6uR6woCHS5l1TcmzT AhauGz+YAx5IneDDaa/cCWL6apN2RAOY4/Bv+xHyDaYYr5+sGC2CPa+m64a+PO0m 04rk+t6ep0T2ptltQpDej3wtBHd7zG3X0JsnvG1LyWBOUK8nwO/IM+fnSE9n3E+4 Jt1JlYLDgNMnIjcHFyW4fVkKaCLsPMyBYwnHdQag6F9iocPyQ7ixuhlCDhowsp/M DhoixfkedzFjxNIs7WnXfY58O6A93+Gll2gDqBmQK4eHo2L71xpJWGQaFq1/QhMy msGOthTRsgfLzik1zmpY/fZP8H8brNUO -----END CERTIFICATE-----Generated at Sat Apr 26 14:08:20 2025 by rpki-client