$ rpki-client -vvf rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.mft File: YsQYLAA-_Po43a9O-QT7BP5bVko.mft (raw, json) Hash identifier: iPehds5h9IXuVnWJuZk8B7XVhYwnAhwJxJ41oJ11nU4= Subject key identifier: 3C:AB:53:31:73:AD:51:BA:E2:09:9C:8F:D2:DC:A4:AF:AF:89:0F:D0 Authority key identifier: 62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A Certificate issuer: /CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A Certificate serial: 07A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.mft Manifest number: 077E Signing time: Sat 10 May 2025 21:11:01 +0000 Manifest this update: Sat 10 May 2025 21:11:01 +0000 Manifest next update: Sat 17 May 2025 21:11:00 +0000 Files and hashes: 1: YsQYLAA-_Po43a9O-QT7BP5bVko.crl (hash: lTzNWnCN94xP7Vv+mUgcjjCexNE9LitmUfwQ5b56bis=) 2: CDA6F2D0111611EFAD808A81C4F9AE02.roa (hash: m3HRY//GpdVT+hpG8y49SxDvHAGnCrO93hZGlg6oP6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 21:11:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1958 (0x7a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CE22, serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A Validity Not Before: May 10 21:11:01 2025 GMT Not After : May 17 21:11:00 2025 GMT Subject: CN=681fc0e5-303e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b1:29:fd:58:1e:2f:02:7f:f1:a8:37:d4:5d: c9:70:72:c6:7d:ac:9e:f8:d0:f0:4b:c1:1b:0d:50: d2:21:5b:e1:74:3a:2d:fd:71:e8:0d:f8:d3:85:97: 94:3a:a6:38:ce:c6:81:1c:d2:86:28:1c:7b:e6:9b: ac:92:83:2b:1b:62:52:9a:40:b8:30:e3:61:6a:65: fc:70:3e:07:8b:8a:bf:72:aa:cf:d9:0d:88:16:fd: 09:2e:95:5e:c0:0a:3f:c6:9e:af:79:2d:93:56:71: 97:b3:c7:50:95:1d:ed:6f:46:3c:95:5e:73:b9:d0: 45:26:38:6a:3b:d4:d2:41:3c:ea:65:04:22:dc:8f: dc:46:63:31:19:15:83:11:a9:ac:29:4c:fd:f0:69: 16:99:0d:96:fa:3f:73:b1:c3:55:93:dd:f8:51:55: 9b:3c:f1:9a:b5:87:cf:2e:38:5e:48:79:09:c1:75: 90:95:20:9c:ac:61:47:f7:9d:76:25:f1:f9:73:82: 9c:7d:f4:2a:4d:af:85:ac:e2:96:fb:91:35:3e:73: 1c:bd:e1:af:46:4e:cb:47:72:22:81:12:ba:de:a4: 33:14:7f:69:19:e1:7e:6e:19:7e:bf:d2:ef:e3:bf: 0e:7b:36:a3:62:11:3b:c7:7b:50:3b:75:9b:aa:8f: ca:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:AB:53:31:73:AD:51:BA:E2:09:9C:8F:D2:DC:A4:AF:AF:89:0F:D0 X509v3 Authority Key Identifier: keyid:62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:1a:eb:55:34:83:a1:6a:6b:56:00:b5:a4:18:f1:84:5c:88: 33:10:e9:f8:fa:02:46:eb:88:92:d3:20:f8:d6:f4:24:3a:09: 69:96:11:17:19:bf:18:db:63:21:d9:87:07:e2:46:17:f6:df: 6f:91:2d:47:51:d5:b4:ad:79:26:1c:22:6f:13:4c:79:db:f1: 6b:68:8d:99:6d:09:0a:44:1d:c8:98:36:6b:d9:e7:52:76:30: 38:ab:20:f2:7b:0a:65:02:ed:94:bb:26:0f:38:b6:13:d9:52: fa:94:33:c3:52:77:9d:24:82:4d:19:72:02:e0:6b:0c:36:e2: 1c:16:f8:19:67:2e:9e:02:6b:20:79:b6:48:62:19:42:27:0d: af:94:f2:7c:c9:f2:7b:64:1e:b9:af:12:51:c7:8e:59:cf:5d: 87:09:40:be:0b:e5:e7:bb:14:05:1d:aa:e3:1d:93:ae:c0:10: 32:8b:ac:5c:a6:4f:6f:2c:5c:02:30:d8:9a:ef:df:82:b9:96: 23:33:41:95:7f:91:60:b0:a1:64:d2:a9:74:33:e5:e4:f6:b2: a0:70:28:5a:14:68:02:df:11:8f:c3:10:fa:39:d0:fa:69:5b: a8:c3:c9:42:d4:45:02:b4:f3:20:aa:41:23:26:4b:2e:67:5d: d6:93:5a:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NFMjIxMTAvBgNVBAUTKDYyQzQxODJDMDAzRUZDRkEzOEREQUY0RUY5MDRGQjA0 RkU1QjU2NEEwHhcNMjUwNTEwMjExMTAxWhcNMjUwNTE3MjExMTAwWjAYMRYwFAYD VQQDEw02ODFmYzBlNS0zMDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7Ep/VgeLwJ/8ag31F3JcHLGfaye+NDwS8EbDVDSIVvhdDot/XHoDfjThZeU OqY4zsaBHNKGKBx75puskoMrG2JSmkC4MONhamX8cD4Hi4q/cqrP2Q2IFv0JLpVe wAo/xp6veS2TVnGXs8dQlR3tb0Y8lV5zudBFJjhqO9TSQTzqZQQi3I/cRmMxGRWD EamsKUz98GkWmQ2W+j9zscNVk934UVWbPPGatYfPLjheSHkJwXWQlSCcrGFH9512 JfH5c4KcffQqTa+FrOKW+5E1PnMcveGvRk7LR3IigRK63qQzFH9pGeF+bhl+v9Lv 478OezajYhE7x3tQO3Wbqo/KZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDyrUzFz rVG64gmcj9LcpK+viQ/QMB8GA1UdIwQYMBaAFGLEGCwAPvz6ON2vTvkE+wT+W1ZK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0UyMi8xMkZBODExQTE3 N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9QbzQzYTlPLVFUN0JQNWJW a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lzUVlMQUEtX1BvNDNhOU8tUVQ3QlA1YlZrby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0UyMi8xMkZBODExQTE3N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9Q bzQzYTlPLVFUN0JQNWJWa28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDGutVNIOhamtWALWkGPGEXIgzEOn4+gJG64iS0yD41vQkOglplhEX Gb8Y22Mh2YcH4kYX9t9vkS1HUdW0rXkmHCJvE0x52/FraI2ZbQkKRB3ImDZr2edS djA4qyDyewplAu2UuyYPOLYT2VL6lDPDUnedJIJNGXIC4GsMNuIcFvgZZy6eAmsg ebZIYhlCJw2vlPJ8yfJ7ZB65rxJRx45Zz12HCUC+C+XnuxQFHarjHZOuwBAyi6xc pk9vLFwCMNia79+CuZYjM0GVf5FgsKFk0ql0M+Xk9rKgcChaFGgC3xGPwxD6OdD6 aVuow8lC1EUCtPMgqkEjJksuZ13Wk1oB -----END CERTIFICATE-----Generated at Mon May 12 19:36:30 2025 by rpki-client