$ rpki-client -vvf rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft File: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft (raw, json) Hash identifier: DJaqelutXgBklJ4p2pVqJlaFP6nBXRO1zOnxL8/jRP8= Subject key identifier: F6:2E:36:28:73:E7:FA:3D:52:E2:EC:69:F1:E8:7A:0D:A6:3D:EB:A2 Authority key identifier: CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 Certificate issuer: /CN=A919B5BB/serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Certificate serial: 20C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft Manifest number: 20BD Signing time: Thu 08 May 2025 16:00:54 +0000 Manifest this update: Thu 08 May 2025 16:00:54 +0000 Manifest next update: Thu 15 May 2025 16:00:54 +0000 Files and hashes: 1: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl (hash: ZkyTQ4sOsZDd89R9jckcpqx+0qH4Js7zs0E6zD8mc3E=) 2: C49E2E22FF0111E591C15659C4F9AE02.roa (hash: 8rysbZt21FvuQ0omuoFXFp8YfdP5EnJpmuu61zguRxM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 16:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8392 (0x20c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B5BB, serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Validity Not Before: May 8 16:00:54 2025 GMT Not After : May 15 16:00:54 2025 GMT Subject: CN=681cd536-53f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9b:e5:b7:3e:1e:75:d9:90:8a:41:34:f5:ac: 51:92:0f:41:72:9b:0d:e6:cd:38:41:c1:81:67:bd: 1a:f8:59:5e:5e:15:15:15:31:14:29:72:58:a7:8e: 1d:3e:81:5e:92:24:8f:7f:51:0f:ab:a9:ce:1e:b9: c8:c9:53:9f:d5:dd:a5:56:ec:37:2d:f0:46:78:75: fc:78:cb:a7:f5:47:d5:56:e4:5b:dd:44:22:ca:5a: d0:25:d4:4b:d4:35:43:f8:f9:de:54:47:48:97:90: 02:dd:cb:53:2b:b5:3b:b6:1b:6d:66:d3:12:f7:fd: c5:1e:1e:41:68:52:2d:c6:e7:c7:47:d2:79:09:24: 5c:64:d1:59:41:79:bb:12:20:67:46:6c:12:81:58: 9d:cd:2c:6c:1f:6f:51:97:08:fe:8c:61:e0:34:b1: 00:28:45:44:d6:12:b8:0a:b1:fc:d2:81:37:b2:77: b4:9f:75:e6:9a:ea:54:c0:ce:90:96:2f:24:5b:97: b9:7e:c8:c4:9e:cc:0c:a0:85:36:2d:4b:b8:b5:8e: 2b:c6:a2:18:69:7d:d6:5a:30:c1:64:c9:08:ce:37: b0:6e:a3:88:16:97:7c:d4:aa:49:e2:12:85:30:f6: a2:4c:0b:4e:91:7b:23:6b:ca:7c:8c:3c:43:de:54: 4e:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:2E:36:28:73:E7:FA:3D:52:E2:EC:69:F1:E8:7A:0D:A6:3D:EB:A2 X509v3 Authority Key Identifier: keyid:CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:90:9e:b2:6a:08:a5:ae:a9:52:c8:75:59:f0:4b:98:2e:7a: 41:b7:70:19:9e:40:b3:bc:f1:b8:6d:fb:2b:74:07:ea:f8:f4: 1d:22:d8:78:88:a7:09:31:5f:1f:ef:05:ba:44:c4:37:94:53: 17:12:e4:18:a3:7b:7d:fd:0e:fa:05:19:c5:2f:9a:7d:4a:2f: 37:62:ff:a4:64:f0:50:24:fb:d5:da:36:37:36:47:45:b6:7b: 7a:2b:44:8f:58:eb:c1:ad:16:c2:57:51:48:d0:da:9f:0f:2e: fa:8d:2b:91:69:9e:7d:27:fd:cf:b7:d9:88:a2:aa:db:a8:7c: 40:77:c5:bd:fa:35:ba:a9:29:32:19:af:4c:93:f6:f9:cb:12: d2:9c:2a:6f:84:92:c7:45:df:ac:e3:39:0e:c1:58:a7:2d:89: a0:99:9c:a6:94:ab:e8:27:e9:6c:4f:41:95:f1:02:ff:38:b9: 9f:cf:32:0f:7e:f7:b5:c3:88:4b:ef:5e:ed:92:b8:f6:c2:69: f8:d0:44:df:1a:24:6d:e2:e8:25:06:82:07:53:8c:99:02:4b: b1:1f:03:db:06:85:a4:7d:d7:6c:aa:0a:fa:f4:ce:16:12:fc: 54:90:36:c0:5c:de:0d:36:5a:fc:78:59:97:db:57:33:ba:60: 2b:86:e1:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUI1QkIxMTAvBgNVBAUTKENBQzQ0NzhGMEZERDlBRTQxRTI0RTlGQzY3Rjg1MUZG NDNDMzMzMDkwHhcNMjUwNTA4MTYwMDU0WhcNMjUwNTE1MTYwMDU0WjAYMRYwFAYD VQQDEw02ODFjZDUzNi01M2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs5vltz4eddmQikE09axRkg9BcpsN5s04QcGBZ70a+FleXhUVFTEUKXJYp44d PoFekiSPf1EPq6nOHrnIyVOf1d2lVuw3LfBGeHX8eMun9UfVVuRb3UQiylrQJdRL 1DVD+PneVEdIl5AC3ctTK7U7thttZtMS9/3FHh5BaFItxufHR9J5CSRcZNFZQXm7 EiBnRmwSgVidzSxsH29Rlwj+jGHgNLEAKEVE1hK4CrH80oE3sne0n3XmmupUwM6Q li8kW5e5fsjEnswMoIU2LUu4tY4rxqIYaX3WWjDBZMkIzjewbqOIFpd81KpJ4hKF MPaiTAtOkXsja8p8jDxD3lROxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPYuNihz 5/o9UuLsafHoeg2mPeuiMB8GA1UdIwQYMBaAFMrER48P3ZrkHiTp/Gf4Uf9DwzMJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjVCQi80NEJCQzE0Q0ZG MDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11UWVKT244Wl9oUl8wUERN d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzUkhqd19kbXVRZUpPbjhaX2hSXzBQRE13ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QjVCQi80NEJCQzE0Q0ZGMDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11 UWVKT244Wl9oUl8wUERNd2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9kJ6yagilrqlSyHVZ8EuYLnpBt3AZnkCzvPG4bfsrdAfq+PQdIth4 iKcJMV8f7wW6RMQ3lFMXEuQYo3t9/Q76BRnFL5p9Si83Yv+kZPBQJPvV2jY3NkdF tnt6K0SPWOvBrRbCV1FI0NqfDy76jSuRaZ59J/3Pt9mIoqrbqHxAd8W9+jW6qSky Ga9Mk/b5yxLSnCpvhJLHRd+s4zkOwVinLYmgmZymlKvoJ+lsT0GV8QL/OLmfzzIP fve1w4hL717tkrj2wmn40ETfGiRt4uglBoIHU4yZAkuxHwPbBoWkfddsqgr69M4W EvxUkDbAXN4NNlr8eFmX21czumArhuEH -----END CERTIFICATE-----Generated at Sat May 10 14:34:51 2025 by rpki-client