$ rpki-client -vvf rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft File: P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft (raw, json) Hash identifier: zX6JGbwei2mKAPUtMzeU+tqnoKugEAI+Jp39b83Ysl4= Subject key identifier: 89:13:DD:9C:43:75:7C:1C:C7:4F:50:9D:88:8A:7B:0F:05:92:B1:3A Authority key identifier: 3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 Certificate issuer: /CN=A914988F/serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Certificate serial: 07B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft Manifest number: 07AF Signing time: Mon 12 May 2025 21:00:48 +0000 Manifest this update: Mon 12 May 2025 21:00:47 +0000 Manifest next update: Mon 19 May 2025 21:00:47 +0000 Files and hashes: 1: P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl (hash: VPxONFygXKRixHd8xGZh0bpJm3T7pW1D7p/9jegl0QY=) 2: 4ED5A00CFE2611EAA4F3424DC4F9AE02.roa (hash: qdn4Rx6KYVWRsCXtm49GAL/TWxFXG2srvh1gEG2saCQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 21:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1974 (0x7b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914988F, serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Validity Not Before: May 12 21:00:47 2025 GMT Not After : May 19 21:00:47 2025 GMT Subject: CN=68226180-41d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:da:f3:5c:ca:bf:eb:73:61:fd:44:5e:c4:cd: 18:de:31:82:02:02:24:1c:e5:64:bb:84:a7:31:7e: bf:d4:74:79:03:8f:e0:8e:22:47:ad:14:ef:43:e9: 31:4f:ef:9a:2d:12:1c:a7:f5:8c:83:e5:af:78:d1: da:5d:dc:7c:5f:81:bd:f4:b4:51:82:bc:f4:53:6d: 09:b4:1c:7d:cd:b6:07:ec:af:c9:cf:08:61:15:c9: 9c:1d:d4:26:cd:97:b1:ab:03:a3:82:8e:ee:f1:52: 35:17:7a:43:1e:c1:f0:c7:48:16:ff:93:b6:c5:6b: 12:dc:41:6d:6d:42:60:80:ea:4a:e0:23:48:13:52: 76:ab:3c:b5:b3:d3:bc:60:8f:80:8a:e2:e8:5a:72: 4e:3f:24:b8:e7:02:0c:ee:7f:30:eb:45:a6:52:bf: 07:64:da:7f:11:ee:bc:45:db:57:5a:aa:06:3f:69: 6b:2d:30:24:d4:1c:c4:64:e5:eb:f5:30:f5:4e:2b: 3b:1b:96:90:f7:de:10:82:d8:44:7b:8e:f8:ae:50: d0:67:49:86:44:ef:79:07:b9:9d:11:14:44:5c:0f: e8:e8:18:e3:40:1b:c5:c0:eb:63:26:19:aa:6e:99: d6:4c:c3:de:a0:32:d3:10:c1:37:a3:53:ea:95:62: d0:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:13:DD:9C:43:75:7C:1C:C7:4F:50:9D:88:8A:7B:0F:05:92:B1:3A X509v3 Authority Key Identifier: keyid:3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:cd:45:f8:95:7e:a2:0d:95:cc:84:16:64:84:82:64:72:5c: af:2f:15:a1:3a:f3:d3:97:bd:dc:36:c8:d7:0f:a8:0f:68:69: dc:18:80:b8:9b:c2:86:0a:2a:12:5a:e9:60:59:fc:d7:0d:99: 6f:38:45:c6:4c:9f:4f:fb:4b:a6:59:e4:97:1a:ee:34:c4:c9: cd:ee:e3:f0:15:0e:2d:40:1e:a5:95:40:29:8e:89:58:58:9e: 1f:8b:e9:84:c3:9c:f8:eb:a8:79:06:70:01:97:5d:cd:ff:09: d1:cc:41:d0:1a:b9:d5:0f:bd:a4:36:82:1f:93:71:d0:88:85: 26:36:c7:68:57:ac:eb:14:e3:5f:c6:87:70:04:70:f8:5c:47: 54:ab:65:a0:a2:5f:0f:d1:17:27:f3:c6:de:00:cb:b2:a2:52: ae:a4:57:c0:78:12:18:f9:77:d3:d5:9f:e7:2e:a7:66:3f:2e: b7:60:26:d8:12:78:c1:63:65:f2:70:a1:3a:6d:95:14:83:1e: d0:3b:36:16:3a:89:79:39:ed:23:b1:fd:7b:82:52:b2:aa:2f: 05:97:d2:47:ee:50:6a:41:12:19:02:37:31:ed:68:43:cb:85: d0:7f:a7:c3:80:d6:b9:1d:d5:65:3e:e5:a8:fe:f6:7b:e9:05: c3:80:a6:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4OEYxMTAvBgNVBAUTKDNGRTYwMzFGMjU1NjdBNDU0N0NERTE3MzFBMkQ4MTRE Qjg2RTIwOTQwHhcNMjUwNTEyMjEwMDQ3WhcNMjUwNTE5MjEwMDQ3WjAYMRYwFAYD VQQDEw02ODIyNjE4MC00MWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr9rzXMq/63Nh/URexM0Y3jGCAgIkHOVku4SnMX6/1HR5A4/gjiJHrRTvQ+kx T++aLRIcp/WMg+WveNHaXdx8X4G99LRRgrz0U20JtBx9zbYH7K/JzwhhFcmcHdQm zZexqwOjgo7u8VI1F3pDHsHwx0gW/5O2xWsS3EFtbUJggOpK4CNIE1J2qzy1s9O8 YI+AiuLoWnJOPyS45wIM7n8w60WmUr8HZNp/Ee68RdtXWqoGP2lrLTAk1BzEZOXr 9TD1Tis7G5aQ994QgthEe474rlDQZ0mGRO95B7mdERREXA/o6BjjQBvFwOtjJhmq bpnWTMPeoDLTEME3o1PqlWLQYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIkT3ZxD dXwcx09QnYiKew8FkrE6MB8GA1UdIwQYMBaAFD/mAx8lVnpFR83hcxotgU24biCU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OTg4Ri8xOTI0N0ZCQUZF MjUxMUVBOUNDMTBDNENDNEY5QUUwMi9QLVlESHlWV2VrVkh6ZUZ6R2kyQlRiaHVJ SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtWURIeVZXZWtWSHplRnpHaTJCVGJodUlKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OTg4Ri8xOTI0N0ZCQUZFMjUxMUVBOUNDMTBDNENDNEY5QUUwMi9QLVlESHlWV2Vr Vkh6ZUZ6R2kyQlRiaHVJSlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWzUX4lX6iDZXMhBZkhIJkclyvLxWhOvPTl73cNsjXD6gPaGncGIC4 m8KGCioSWulgWfzXDZlvOEXGTJ9P+0umWeSXGu40xMnN7uPwFQ4tQB6llUApjolY WJ4fi+mEw5z466h5BnABl13N/wnRzEHQGrnVD72kNoIfk3HQiIUmNsdoV6zrFONf xodwBHD4XEdUq2Wgol8P0Rcn88beAMuyolKupFfAeBIY+XfT1Z/nLqdmPy63YCbY EnjBY2XycKE6bZUUgx7QOzYWOol5Oe0jsf17glKyqi8Fl9JH7lBqQRIZAjcx7WhD y4XQf6fDgNa5HdVlPuWo/vZ76QXDgKal -----END CERTIFICATE-----Generated at Wed May 14 17:28:54 2025 by rpki-client