$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft File: yozvXh2MPaWsm67lsZbvBmCaOVk.mft (raw, json) Hash identifier: 8BnvbOaxUjad3CzMqZ4kELvGm5AtOCBzE6WMTw/zEUs= Subject key identifier: C7:B0:F6:A4:A0:8C:71:DF:FB:49:CA:AD:69:7C:A2:C1:8E:55:FF:BD Authority key identifier: CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 Certificate issuer: /CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Certificate serial: 0B16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft Manifest number: 0B14 Signing time: Sat 10 May 2025 18:59:58 +0000 Manifest this update: Sat 10 May 2025 18:59:57 +0000 Manifest next update: Sat 17 May 2025 18:59:57 +0000 Files and hashes: 1: yozvXh2MPaWsm67lsZbvBmCaOVk.crl (hash: WWKPcHUddjm9dG/AzaZvm3BjQ+TLVMOVRGXD8ijtt5E=) 2: 410BAD2095F011EFA9137C67C4F9AE02.roa (hash: SNO/bBZDGGjsIOKkc1Q9a6n7NxtIrWP6e7L/IhWULh8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 18:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2838 (0xb16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5BA, serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Validity Not Before: May 10 18:59:57 2025 GMT Not After : May 17 18:59:57 2025 GMT Subject: CN=681fa22e-efd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:9e:cc:76:4c:86:45:8a:f2:c0:0b:08:38:ae: 78:9f:ef:ad:b1:e6:eb:9b:02:0c:a7:2a:cb:b3:4d: 97:b3:da:56:9e:c0:ef:ac:33:54:04:9f:18:8b:f4: 00:57:04:a1:32:eb:61:6b:a4:9f:2e:b8:f6:91:af: ee:a5:f2:b7:d2:2a:85:f3:2a:57:a3:11:4d:a4:2e: 89:c5:63:4f:04:08:31:b2:4e:8c:ca:21:79:7b:f3: 7a:25:95:d9:54:18:b6:86:3e:d9:70:f7:24:ad:61: 7c:a5:a1:38:6b:b4:7c:99:5c:dd:0d:90:cc:56:0a: 4a:8b:a4:f6:45:fe:e6:2a:b3:02:b3:aa:58:ee:1a: 86:f6:ba:c1:d4:46:4a:56:5a:57:51:2a:01:5b:b2: cd:03:e8:be:53:99:44:55:db:a1:2e:68:bd:17:36: 68:ba:fe:18:02:eb:cd:54:64:2f:0f:a8:fc:af:55: 50:92:fc:e5:60:96:19:c3:8e:2f:7b:9a:fd:25:41: 4a:91:e5:00:9c:83:be:1d:60:a7:15:14:6c:6e:6b: 82:f1:ca:58:9c:da:c0:88:5e:7c:e6:32:e6:fb:37: 8b:5e:3b:bb:4c:8b:c2:de:43:fe:53:cf:71:8a:9e: 8a:3a:4e:6d:b0:45:2c:17:43:da:1c:6d:3f:c3:f7: b3:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B0:F6:A4:A0:8C:71:DF:FB:49:CA:AD:69:7C:A2:C1:8E:55:FF:BD X509v3 Authority Key Identifier: keyid:CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:b1:35:8a:00:d8:d9:47:1a:40:54:ea:35:f3:0c:36:a7:63: 54:5e:e2:55:97:8f:88:b9:ab:6b:67:90:83:78:1d:98:d4:11: 5e:65:5a:fe:2f:bd:14:ec:bb:6d:2d:3f:ff:90:ac:cc:92:61: 24:5a:43:f7:8b:61:93:7a:2f:78:2f:c3:ad:7b:66:2d:ed:bb: 50:90:43:e3:47:79:40:a6:60:11:8a:3a:b8:2c:37:68:36:84: ba:b7:03:02:8a:29:2f:aa:0b:f1:f7:db:1a:f8:f4:3d:96:7b: c3:9b:66:c2:22:a9:2f:dc:3b:64:0e:6e:30:16:81:be:f2:0c: fb:80:2e:a0:da:dd:d8:74:96:fc:d0:7e:8c:f5:e6:55:4b:ed: c2:35:bb:94:e6:b7:a0:68:f9:49:c6:e4:ca:82:56:55:c4:4d: 22:71:d7:0c:88:e5:26:e3:7c:79:3e:57:a1:db:6a:a5:0f:36: 90:97:5b:09:ad:0e:a2:ce:5e:03:c9:e2:0b:89:8b:08:8b:97: cf:10:37:43:8d:9a:57:71:29:94:f0:83:e7:6a:d7:9b:24:63: 9c:a2:08:96:4c:71:c9:c3:87:cd:a7:e3:2d:19:ee:3b:5c:54: a4:f9:82:22:75:cd:c8:22:0f:6e:5c:ab:dd:fd:5e:1e:fe:e7: 51:ff:89:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCxYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QkExMTAvBgNVBAUTKENBOENFRjVFMUQ4QzNEQTVBQzlCQUVFNUIxOTZFRjA2 NjA5QTM5NTkwHhcNMjUwNTEwMTg1OTU3WhcNMjUwNTE3MTg1OTU3WjAYMRYwFAYD VQQDEw02ODFmYTIyZS1lZmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnp7MdkyGRYrywAsIOK54n++tsebrmwIMpyrLs02Xs9pWnsDvrDNUBJ8Yi/QA VwShMutha6SfLrj2ka/upfK30iqF8ypXoxFNpC6JxWNPBAgxsk6MyiF5e/N6JZXZ VBi2hj7ZcPckrWF8paE4a7R8mVzdDZDMVgpKi6T2Rf7mKrMCs6pY7hqG9rrB1EZK VlpXUSoBW7LNA+i+U5lEVduhLmi9FzZouv4YAuvNVGQvD6j8r1VQkvzlYJYZw44v e5r9JUFKkeUAnIO+HWCnFRRsbmuC8cpYnNrAiF585jLm+zeLXju7TIvC3kP+U89x ip6KOk5tsEUsF0PaHG0/w/ezSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMew9qSg jHHf+0nKrWl8osGOVf+9MB8GA1UdIwQYMBaAFMqM714djD2lrJuu5bGW7wZgmjlZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCQS85M0UyRkIwQzNE QTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBhV3NtNjdsc1pidkJtQ2FP VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvenZYaDJNUGFXc202N2xzWmJ2Qm1DYU9Way5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjVCQS85M0UyRkIwQzNEQTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBh V3NtNjdsc1pidkJtQ2FPVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6sTWKANjZRxpAVOo18ww2p2NUXuJVl4+IuatrZ5CDeB2Y1BFeZVr+ L70U7LttLT//kKzMkmEkWkP3i2GTei94L8Ote2Yt7btQkEPjR3lApmARijq4LDdo NoS6twMCiikvqgvx99sa+PQ9lnvDm2bCIqkv3DtkDm4wFoG+8gz7gC6g2t3YdJb8 0H6M9eZVS+3CNbuU5regaPlJxuTKglZVxE0icdcMiOUm43x5Pleh22qlDzaQl1sJ rQ6izl4DyeILiYsIi5fPEDdDjZpXcSmU8IPnatebJGOcogiWTHHJw4fNp+MtGe47 XFSk+YIidc3IIg9uXKvd/V4e/udR/4l9 -----END CERTIFICATE-----Generated at Mon May 12 03:59:06 2025 by rpki-client