$ rpki-client -vvf rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft File: yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft (raw, json) Hash identifier: FdINeD7sbJnttVLPNcaESgFXOX08Yj6cYUtnp4AKMKE= Subject key identifier: 70:E7:3F:3E:8E:33:97:38:2C:79:6C:A0:65:1C:79:A2:01:08:4D:B1 Authority key identifier: C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82 Certificate issuer: /CN=A912B2EE/serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82 Certificate serial: 0F6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft Manifest number: 0F5A Signing time: Mon 12 May 2025 17:30:16 +0000 Manifest this update: Mon 12 May 2025 17:30:15 +0000 Manifest next update: Mon 19 May 2025 17:30:15 +0000 Files and hashes: 1: yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl (hash: tiEYtU21Q2z9jYtAEd67VWJ45x+9Ghun9N9MFZDwAuY=) 2: 05449490E17B11EC93AB7473C4F9AE02.roa (hash: PcZWjC6UVwgJAg7JfBerYqiOjHVIHel2AtVeK/QvypU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:30:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3950 (0xf6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B2EE, serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82 Validity Not Before: May 12 17:30:15 2025 GMT Not After : May 19 17:30:15 2025 GMT Subject: CN=68223027-a6ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:bc:55:84:a3:43:ad:fb:a1:dd:25:66:6c:81: b8:d7:c6:68:a5:b3:54:1b:0c:28:fc:4c:33:e1:62: 21:d1:02:57:52:f2:eb:69:b2:ec:31:4e:0f:8c:3d: 85:e9:f9:c2:ca:69:e0:2b:5e:55:26:cc:64:ea:33: 2f:7a:cc:9d:79:0e:e2:05:17:4f:9b:71:27:b6:0a: b5:7a:07:72:ab:c7:83:4c:a3:c1:f5:d2:cd:28:72: 0d:71:4a:5d:14:73:05:27:b8:92:90:c9:21:e2:f9: 5e:9a:8c:a5:ea:4f:0c:07:94:c8:5b:4d:f7:1b:25: 18:c2:46:55:6b:92:7b:7f:52:c2:27:6d:bd:f5:13: 71:83:5d:c0:f6:14:24:78:cd:74:ff:78:94:ec:3e: bd:54:c6:13:6b:77:65:78:cd:d7:46:79:e6:f1:37: f7:4f:b3:0c:c3:6b:3b:07:b3:1a:2f:3e:ec:a8:21: af:e8:2d:73:52:f7:f7:05:bf:f5:b4:92:eb:00:88: 15:7e:26:c8:4a:fe:c1:8a:75:73:71:18:37:a2:e1: 9f:38:6f:d3:97:5e:ca:0f:a5:29:f8:d3:90:6d:f2: 00:57:2c:3f:3b:77:1f:b7:e0:63:9b:a4:ac:a7:61: 0f:c3:f3:7d:9c:d6:bd:4e:dd:1e:fe:b4:60:30:50: ce:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:E7:3F:3E:8E:33:97:38:2C:79:6C:A0:65:1C:79:A2:01:08:4D:B1 X509v3 Authority Key Identifier: keyid:C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:3c:8d:d7:96:85:d8:74:78:e1:7a:c0:0b:d4:6b:b9:d3:9c: 4b:aa:76:bd:0f:b7:d7:27:83:60:e5:6d:1a:13:0f:7f:52:23: a5:be:1f:a3:98:31:c1:30:e2:45:5d:e7:82:a9:5d:41:78:7b: 7c:b0:15:0a:ee:f9:b3:85:6b:8c:f5:31:fd:66:89:50:21:54: 5a:ee:3e:4e:ea:51:fd:83:8b:93:f6:7f:28:dc:52:f5:36:2d: d3:76:fc:16:5b:96:dc:b6:3e:bb:7a:d8:d8:88:37:a9:e1:2d: 61:d9:55:fa:70:fd:8a:dd:d2:4d:b9:1e:de:d5:7a:90:5e:2b: 45:cb:41:dd:5b:a5:1d:cf:07:15:58:56:20:f1:ca:a1:9b:4d: f8:73:3d:88:33:17:b0:60:00:98:58:db:66:cb:73:fc:86:0b: 48:2b:e8:da:0d:47:4f:67:eb:41:f1:ac:4e:99:1b:2b:3e:15: 5a:c5:eb:63:9b:03:bf:95:ec:38:5d:da:af:c6:d2:51:51:9e: b4:10:38:c0:5e:13:67:0c:84:7f:2c:68:04:41:b6:fd:a5:d1: d9:bf:99:4c:8e:c3:fa:15:91:04:6b:3b:ec:d8:ed:d7:51:11: 88:bc:a8:9f:f4:69:2b:5b:1e:c4:28:33:d5:16:e0:aa:1b:19: 1e:b9:4f:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkIyRUUxMTAvBgNVBAUTKEM4MjQzNDc0MjVCQUM4QUY1OUI0RTE5NjZCQzEwREJG QThCREFCODIwHhcNMjUwNTEyMTczMDE1WhcNMjUwNTE5MTczMDE1WjAYMRYwFAYD VQQDEw02ODIyMzAyNy1hNmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq7xVhKNDrfuh3SVmbIG418ZopbNUGwwo/Ewz4WIh0QJXUvLrabLsMU4PjD2F 6fnCymngK15VJsxk6jMvesydeQ7iBRdPm3Entgq1egdyq8eDTKPB9dLNKHINcUpd FHMFJ7iSkMkh4vlemoyl6k8MB5TIW033GyUYwkZVa5J7f1LCJ2299RNxg13A9hQk eM10/3iU7D69VMYTa3dleM3XRnnm8Tf3T7MMw2s7B7MaLz7sqCGv6C1zUvf3Bb/1 tJLrAIgVfibISv7BinVzcRg3ouGfOG/Tl17KD6Up+NOQbfIAVyw/O3cft+Bjm6Ss p2EPw/N9nNa9Tt0e/rRgMFDOXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHDnPz6O M5c4LHlsoGUceaIBCE2xMB8GA1UdIwQYMBaAFMgkNHQlusivWbThlmvBDb+ovauC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjJFRS8xRjQxMUY1ODZD MjExMUU5Qjc2RkE5MDlDNEY5QUUwMi95Q1EwZENXNnlLOVp0T0dXYThFTnY2aTlx NEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lDUTBkQ1c2eUs5WnRPR1dhOEVOdjZpOXE0SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QjJFRS8xRjQxMUY1ODZDMjExMUU5Qjc2RkE5MDlDNEY5QUUwMi95Q1EwZENXNnlL OVp0T0dXYThFTnY2aTlxNEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPPI3XloXYdHjhesAL1Gu505xLqna9D7fXJ4Ng5W0aEw9/UiOlvh+j mDHBMOJFXeeCqV1BeHt8sBUK7vmzhWuM9TH9ZolQIVRa7j5O6lH9g4uT9n8o3FL1 Ni3TdvwWW5bctj67etjYiDep4S1h2VX6cP2K3dJNuR7e1XqQXitFy0HdW6UdzwcV WFYg8cqhm034cz2IMxewYACYWNtmy3P8hgtIK+jaDUdPZ+tB8axOmRsrPhVaxetj mwO/lew4XdqvxtJRUZ60EDjAXhNnDIR/LGgEQbb9pdHZv5lMjsP6FZEEazvs2O3X URGIvKif9GkrWx7EKDPVFuCqGxkeuU8Y -----END CERTIFICATE-----Generated at Tue May 13 11:47:22 2025 by rpki-client