$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft File: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft (raw, json) Hash identifier: INKS7UlkxjginA21WqA5SdyWLd1QyT7BQPAp663fnnE= Subject key identifier: 00:48:5F:4B:C0:BD:5A:DF:D8:BB:2E:AB:9A:71:7F:37:EB:8D:2F:31 Authority key identifier: 63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D Certificate issuer: /CN=A9147B58/serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Certificate serial: 05A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft Manifest number: 05A3 Signing time: Sat 10 May 2025 22:47:45 +0000 Manifest this update: Sat 10 May 2025 22:47:45 +0000 Manifest next update: Sat 17 May 2025 22:47:45 +0000 Files and hashes: 1: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl (hash: NFeuxo3WX/vlQV8/prJ8X7mN3/1Su3n7ux5yG9wBAOU=) 2: 657BCA62CABC11EB8D6D063BC4F9AE02.roa (hash: tl2kppVQ05tVhEGA0iZghAdvk5il8hkt04HkORheCWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:47:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1449 (0x5a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147B58, serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Validity Not Before: May 10 22:47:45 2025 GMT Not After : May 17 22:47:45 2025 GMT Subject: CN=681fd791-5680 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:57:42:d1:ee:d3:2c:eb:9a:b1:16:9d:95:76: 0b:df:da:78:29:5e:a2:bc:b7:15:64:3a:b7:26:c7: 68:ab:6e:99:17:db:79:87:f6:9c:e5:86:f2:2c:6b: 9e:f8:42:d8:97:27:ae:8a:e8:b8:b2:15:a8:a0:c7: 69:84:12:f4:fc:a7:7c:d5:64:80:e7:bf:33:f4:d1: 3a:2c:b1:20:9c:66:24:12:56:80:2b:80:01:5b:36: bf:1a:9b:1d:94:97:7c:ec:6c:e1:a4:ec:3d:4c:db: 48:88:5b:0b:b0:ba:2f:fd:d1:d6:77:fc:e3:10:7a: 7e:fd:9b:3f:8b:4a:17:d8:f2:91:41:82:a8:68:05: 88:2d:82:70:dc:4f:9c:db:ca:d5:a6:6b:a3:e1:37: 82:12:64:4b:8a:d7:c2:51:2e:c0:6f:f6:8f:47:66: 47:c9:f5:1e:fc:f2:59:bf:11:cc:0a:8d:e8:d6:57: e5:ce:8a:4d:6d:62:7c:27:4c:de:95:fe:36:69:ab: f5:52:fe:c9:14:e6:cf:d7:42:66:62:63:d0:34:16: af:42:85:d3:db:c7:0c:a2:17:6d:9f:87:03:e9:e6: 30:2e:0c:61:3a:c1:62:a1:20:95:cd:1c:6d:1f:20: 44:ae:90:f8:fb:e3:e9:30:15:99:da:66:42:79:9f: e2:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:48:5F:4B:C0:BD:5A:DF:D8:BB:2E:AB:9A:71:7F:37:EB:8D:2F:31 X509v3 Authority Key Identifier: keyid:63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:55:5f:3a:a6:39:49:ad:9d:59:9a:13:b7:c3:73:1d:c5:97: e5:11:28:83:ce:c7:a9:72:dc:75:27:b7:b4:9a:b7:96:07:87: a6:c9:2b:6d:b4:76:0f:07:90:eb:86:37:34:80:6e:96:59:76: f0:77:4e:be:83:d9:ad:f3:cd:70:b1:8e:40:ea:92:06:ea:f7: fd:e0:d7:b7:1d:52:f3:6e:fb:e5:aa:c2:df:0c:b9:01:2f:66: c2:d3:1d:a1:94:70:9a:18:74:05:83:3a:c7:36:44:75:8e:1d: cb:4e:97:4b:cf:4c:93:5a:1a:88:8d:87:88:0c:da:aa:9e:c8: 0d:a6:b7:6f:9e:82:29:69:bf:f6:3a:6b:1b:e4:34:90:19:63: 41:d3:5f:b8:f9:c0:7f:ed:c8:14:23:1d:ba:2b:87:d8:7f:62: 99:b5:f1:3d:29:32:6a:11:33:f9:0f:53:e4:86:ff:87:0e:d3: b1:b0:bd:3f:14:0f:f2:72:c7:1f:da:06:64:92:e4:1f:9b:4c: 3f:a8:04:3c:79:fb:1b:e9:b6:44:35:43:09:b4:e7:9e:d8:ad: cb:8e:a9:4f:b5:19:17:2a:a9:56:b4:2a:d4:7c:74:14:7d:15: 8b:5d:19:03:e9:2f:d4:f3:4e:ed:fa:ac:7d:cb:2e:2f:d4:2a: de:ea:c0:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdCNTgxMTAvBgNVBAUTKDYzRTQ4NzYyQTg5MzA4MDk2NzczRDlFMUM5RDFBOTk5 ODAzNTY3MEQwHhcNMjUwNTEwMjI0NzQ1WhcNMjUwNTE3MjI0NzQ1WjAYMRYwFAYD VQQDEw02ODFmZDc5MS01NjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6VdC0e7TLOuasRadlXYL39p4KV6ivLcVZDq3Jsdoq26ZF9t5h/ac5YbyLGue +ELYlyeuiui4shWooMdphBL0/Kd81WSA578z9NE6LLEgnGYkElaAK4ABWza/Gpsd lJd87GzhpOw9TNtIiFsLsLov/dHWd/zjEHp+/Zs/i0oX2PKRQYKoaAWILYJw3E+c 28rVpmuj4TeCEmRLitfCUS7Ab/aPR2ZHyfUe/PJZvxHMCo3o1lflzopNbWJ8J0ze lf42aav1Uv7JFObP10JmYmPQNBavQoXT28cMohdtn4cD6eYwLgxhOsFioSCVzRxt HyBErpD4++PpMBWZ2mZCeZ/i3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFABIX0vA vVrf2Lsuq5pxfzfrjS8xMB8GA1UdIwQYMBaAFGPkh2KokwgJZ3PZ4cnRqZmANWcN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0I1OC9BQUMyMUM3RUNB QjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENBbG5jOW5oeWRHcG1ZQTFa dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ktU0hZcWlUQ0FsbmM5bmh5ZEdwbVlBMVp3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0I1OC9BQUMyMUM3RUNBQjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENB bG5jOW5oeWRHcG1ZQTFadzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsVV86pjlJrZ1ZmhO3w3MdxZflESiDzsepctx1J7e0mreWB4emyStt tHYPB5Drhjc0gG6WWXbwd06+g9mt881wsY5A6pIG6vf94Ne3HVLzbvvlqsLfDLkB L2bC0x2hlHCaGHQFgzrHNkR1jh3LTpdLz0yTWhqIjYeIDNqqnsgNprdvnoIpab/2 Omsb5DSQGWNB01+4+cB/7cgUIx26K4fYf2KZtfE9KTJqETP5D1Pkhv+HDtOxsL0/ FA/ycscf2gZkkuQfm0w/qAQ8efsb6bZENUMJtOee2K3LjqlPtRkXKqlWtCrUfHQU fRWLXRkD6S/U807t+qx9yy4v1Cre6sAV -----END CERTIFICATE-----Generated at Sun May 11 22:35:21 2025 by rpki-client