$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft File: YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft (raw, json) Hash identifier: DjpwaGWXQN5kfu2+EtKYuUNxCrwH+uXRCO4uCw8X5o8= Subject key identifier: E2:AD:D8:88:64:74:05:DF:6A:BF:8C:97:16:3D:64:5A:E4:83:D0:5C Authority key identifier: 61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 Certificate issuer: /CN=A91A1CAA/serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Certificate serial: EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft Manifest number: E8 Signing time: Sun 11 May 2025 04:14:14 +0000 Manifest this update: Sun 11 May 2025 04:14:14 +0000 Manifest next update: Sun 18 May 2025 04:14:14 +0000 Files and hashes: 1: YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl (hash: uJT93isDt8FMvodR2OpP7myf1qKehhjbb2sy0Dkrzc0=) 2: E75FB4F0CE4A11EE95C15E20C4F9AE02.roa (hash: utq11zi2cO+ldR8mXOv++lb25ZgD5tUSUW03iRiwBL0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 04:14:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 235 (0xeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1CAA, serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Validity Not Before: May 11 04:14:14 2025 GMT Not After : May 18 04:14:14 2025 GMT Subject: CN=68202416-85c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:5a:80:ee:ad:c2:cd:4a:9d:65:9f:c4:1f:3a: ba:ed:de:0d:a2:97:5f:e4:56:9e:ef:d3:7d:b8:2e: db:5a:17:f2:52:07:44:04:77:1f:3b:8b:91:d4:c8: b6:4a:4a:6f:54:45:9b:cf:d9:c7:00:48:73:58:bd: b5:47:d8:a7:d8:fd:9b:2b:86:65:c3:36:69:be:ee: e3:a9:dd:df:5e:82:59:e0:21:25:d9:01:dc:8c:dd: 30:dd:b7:02:4f:5c:16:b4:d3:b7:ee:8f:d9:87:42: 10:f9:b1:7a:65:44:ac:d3:74:2d:46:07:91:50:a9: fb:58:20:28:72:ca:41:30:68:5b:c9:8a:a0:0c:fb: 6b:5f:88:81:24:20:a2:54:20:f8:df:f1:af:b5:d8: 63:be:57:52:e4:69:a7:71:28:66:5d:d5:ae:34:ae: fa:f1:b2:e5:60:b2:66:ed:d7:26:d7:4a:78:64:1f: 74:55:62:fb:be:6a:8e:e5:ca:95:3a:d4:96:1e:6c: 75:11:20:d6:80:0d:a5:14:bf:4c:ab:8d:62:7e:0f: a8:b4:86:17:49:a1:b1:14:41:97:cc:44:a8:7d:2a: 28:4e:9c:0a:ab:ac:ff:16:d3:89:1d:f5:2e:81:70: 0e:81:6e:19:7c:e3:14:aa:d3:68:06:74:30:04:c8: a4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:AD:D8:88:64:74:05:DF:6A:BF:8C:97:16:3D:64:5A:E4:83:D0:5C X509v3 Authority Key Identifier: keyid:61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:73:2a:74:56:20:15:ca:f7:9b:49:c9:65:6c:65:48:5a:e0: de:72:9f:9f:52:3d:f3:91:43:24:8a:f6:75:88:c2:d6:8d:94: b1:66:61:09:43:82:48:f5:ed:67:14:16:57:92:43:07:f4:42: 4d:64:1c:7c:22:23:d5:8f:da:e4:7f:55:51:f0:67:27:9b:50: 16:2d:a2:50:19:e0:1a:3a:29:04:4b:1f:64:76:ce:59:26:ec: 9f:62:59:8d:31:81:9e:ca:f7:4c:72:b3:94:77:ad:a4:f2:f4: 83:df:6b:c6:db:15:18:01:20:e7:aa:e2:44:82:45:ff:e3:b7: a8:23:ef:b5:cf:15:f7:9c:a0:63:7b:1d:18:22:3a:9a:7b:ee: 95:b0:2c:3b:05:24:2e:09:2c:0b:00:ce:b9:0f:eb:10:38:b2: 5a:38:39:82:77:1c:2c:f8:ec:d4:bd:94:12:66:03:70:05:d5: 82:3c:eb:1d:17:76:37:4d:67:c4:ac:00:03:fd:ce:16:9d:94: bc:3b:95:f8:b5:0a:b6:32:ce:ab:a6:66:f0:1c:66:87:eb:b9: 9a:63:e6:69:d1:c1:82:81:2d:68:c8:52:68:a8:a5:ce:0e:10: 41:f7:26:72:b5:f7:12:a5:c4:e8:0f:61:ba:61:00:79:24:25: f5:e9:c3:c5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTFDQUExMTAvBgNVBAUTKDYxN0YwNTRFM0NFNDUxRTBDM0U3RjQ0NkREMDlGNzg2 NDY1MkI2NTYwHhcNMjUwNTExMDQxNDE0WhcNMjUwNTE4MDQxNDE0WjAYMRYwFAYD VQQDEw02ODIwMjQxNi04NWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA11qA7q3CzUqdZZ/EHzq67d4Nopdf5Fae79N9uC7bWhfyUgdEBHcfO4uR1Mi2 SkpvVEWbz9nHAEhzWL21R9in2P2bK4ZlwzZpvu7jqd3fXoJZ4CEl2QHcjN0w3bcC T1wWtNO37o/Zh0IQ+bF6ZUSs03QtRgeRUKn7WCAocspBMGhbyYqgDPtrX4iBJCCi VCD43/GvtdhjvldS5GmncShmXdWuNK768bLlYLJm7dcm10p4ZB90VWL7vmqO5cqV OtSWHmx1ESDWgA2lFL9Mq41ifg+otIYXSaGxFEGXzESofSooTpwKq6z/FtOJHfUu gXAOgW4ZfOMUqtNoBnQwBMiklQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOKt2Ihk dAXfar+MlxY9ZFrkg9BcMB8GA1UdIwQYMBaAFGF/BU485FHgw+f0Rt0J94ZGUrZW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUNBQS84RTI3NUExRUNF NEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1VlREQ1X1JHM1FuM2hrWlN0 bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lYOEZUanprVWVERDVfUkczUW4zaGtaU3RsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MUNBQS84RTI3NUExRUNFNEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1Vl REQ1X1JHM1FuM2hrWlN0bFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHcyp0ViAVyvebScllbGVIWuDecp+fUj3zkUMkivZ1iMLWjZSxZmEJ Q4JI9e1nFBZXkkMH9EJNZBx8IiPVj9rkf1VR8Gcnm1AWLaJQGeAaOikESx9kds5Z JuyfYlmNMYGeyvdMcrOUd62k8vSD32vG2xUYASDnquJEgkX/47eoI++1zxX3nKBj ex0YIjqae+6VsCw7BSQuCSwLAM65D+sQOLJaODmCdxws+OzUvZQSZgNwBdWCPOsd F3Y3TWfErAAD/c4WnZS8O5X4tQq2Ms6rpmbwHGaH67maY+Zp0cGCgS1oyFJoqKXO DhBB9yZytfcSpcToD2G6YQB5JCX16cPF -----END CERTIFICATE-----Generated at Sun May 11 16:57:53 2025 by rpki-client