$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft File: YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft (raw, json) Hash identifier: U/Hjn3qitehwa88vP2XxAF76dYv3Rp8wIIf41SgkLiQ= Subject key identifier: D7:A9:9A:94:82:D7:2A:EE:92:4D:6A:A7:29:4C:A6:0D:A4:86:36:E7 Authority key identifier: 60:6E:E8:5D:C3:C4:67:FC:46:4A:89:4E:D4:7A:9F:1B:D3:21:B4:41 Certificate issuer: /CN=A91AF3C6/serialNumber=606EE85DC3C467FC464A894ED47A9F1BD321B441 Certificate serial: 07DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YG7oXcPEZ_xGSolO1HqfG9MhtEE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft Manifest number: 07D2 Signing time: Mon 12 May 2025 20:54:48 +0000 Manifest this update: Mon 12 May 2025 20:54:47 +0000 Manifest next update: Mon 19 May 2025 20:54:47 +0000 Files and hashes: 1: YG7oXcPEZ_xGSolO1HqfG9MhtEE.crl (hash: ejXxuLw5OoKtrVNlNpmq86HI7Lk9n2Ln1b24X4q8HXc=) 2: F7F2D20ABCE911EFB7786B63C4F9AE02.roa (hash: YDClsqxDW8aE74OivD5RPpVA+CxjmhxOOqfYIEgfLpM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.crl rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YG7oXcPEZ_xGSolO1HqfG9MhtEE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 20:54:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2012 (0x7dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF3C6, serialNumber=606EE85DC3C467FC464A894ED47A9F1BD321B441 Validity Not Before: May 12 20:54:47 2025 GMT Not After : May 19 20:54:47 2025 GMT Subject: CN=68226017-375b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:18:25:d1:f2:13:12:e8:1b:c6:da:5a:5f:7f: 26:cd:06:e6:0b:2f:b7:0b:06:66:f1:ff:58:54:c3: 20:17:e1:b4:8b:f9:f1:58:04:1d:4a:60:ed:3d:47: a2:74:27:54:9f:bc:6d:51:36:fb:cd:61:ea:04:81: e7:a1:86:be:06:69:60:10:c4:ac:52:5a:9e:8f:e7: 91:0a:5f:08:c4:e7:9e:bc:7d:8a:bf:79:9a:a0:4a: d6:e8:f9:e3:02:92:eb:b2:d1:64:82:ff:a7:cf:19: ae:82:2b:b8:9b:83:1e:eb:19:4a:7e:f1:b1:a5:58: 76:5f:4c:c2:ac:e9:db:81:22:1b:3a:0f:04:2d:3e: 12:3c:3c:67:3f:ee:2c:f7:ad:b4:f2:a8:84:0f:66: 41:25:0f:f2:4f:7c:62:a8:fb:68:3a:cd:f5:0c:01: 0c:a5:ef:92:77:4c:85:11:25:94:69:fc:ff:7f:ff: 85:97:9a:14:cf:79:0f:19:82:ee:01:36:78:3a:77: 1b:53:64:41:4f:8d:c6:79:db:4d:d6:d0:1e:cb:d4: d9:90:c7:67:79:b8:34:e8:bb:00:ac:d9:9f:f7:c5: b0:97:ec:99:cf:ac:3f:16:8d:9c:13:73:d7:86:7b: 78:fe:f5:25:18:72:7e:7c:a4:97:b8:d3:29:31:20: c7:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A9:9A:94:82:D7:2A:EE:92:4D:6A:A7:29:4C:A6:0D:A4:86:36:E7 X509v3 Authority Key Identifier: keyid:60:6E:E8:5D:C3:C4:67:FC:46:4A:89:4E:D4:7A:9F:1B:D3:21:B4:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YG7oXcPEZ_xGSolO1HqfG9MhtEE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:8c:27:7d:81:67:f1:78:7b:9e:d9:a5:81:52:fd:af:cb:76: 39:44:e1:cc:22:dc:0e:a1:c0:0a:0a:ae:9a:20:eb:3c:36:79: 34:16:dc:6b:48:2f:05:81:11:df:28:b4:63:75:7e:a3:6a:11: dc:43:6a:da:48:e6:63:06:6e:71:66:f3:32:02:7b:d9:e5:6b: d0:cc:ed:55:20:87:d9:3a:95:02:93:31:e7:00:54:1c:70:79: 98:10:39:48:10:2c:5b:28:59:47:4d:e6:ee:05:1f:7f:df:4b: 83:1b:61:16:ad:22:5e:ec:34:ef:54:8e:23:4d:8a:e4:dd:a6: bc:2d:5d:f9:4d:31:eb:08:47:fb:35:e2:df:95:a7:9b:68:08: 58:35:bc:e6:9f:41:05:2b:3d:d0:d6:0e:7f:ff:32:28:89:ee: 65:b0:64:cb:dc:3b:c0:52:1e:71:ea:01:32:14:ba:1d:3b:5a: e5:22:44:b3:f3:cc:9a:88:cc:93:9c:eb:2f:53:99:fb:4b:e6: a4:3f:f4:c2:5a:f0:f8:e6:b7:bf:9d:41:f7:c3:b1:d2:f4:17: d6:af:ec:cd:1c:04:91:2d:9d:cb:5a:09:ee:d3:71:78:f6:33: 86:4a:92:4e:57:06:4e:20:f4:cb:c4:60:17:62:9a:ce:a0:02: 73:1a:7f:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYzQzYxMTAvBgNVBAUTKDYwNkVFODVEQzNDNDY3RkM0NjRBODk0RUQ0N0E5RjFC RDMyMUI0NDEwHhcNMjUwNTEyMjA1NDQ3WhcNMjUwNTE5MjA1NDQ3WjAYMRYwFAYD VQQDEw02ODIyNjAxNy0zNzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Bgl0fITEugbxtpaX38mzQbmCy+3CwZm8f9YVMMgF+G0i/nxWAQdSmDtPUei dCdUn7xtUTb7zWHqBIHnoYa+BmlgEMSsUlqej+eRCl8IxOeevH2Kv3maoErW6Pnj ApLrstFkgv+nzxmugiu4m4Me6xlKfvGxpVh2X0zCrOnbgSIbOg8ELT4SPDxnP+4s 96208qiED2ZBJQ/yT3xiqPtoOs31DAEMpe+Sd0yFESWUafz/f/+Fl5oUz3kPGYLu ATZ4OncbU2RBT43GedtN1tAey9TZkMdnebg06LsArNmf98Wwl+yZz6w/Fo2cE3PX hnt4/vUlGHJ+fKSXuNMpMSDHiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNepmpSC 1yrukk1qpylMpg2khjbnMB8GA1UdIwQYMBaAFGBu6F3DxGf8RkqJTtR6nxvTIbRB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjNDNi82MzFDQzE2MEYz MzgxMUVBQTYzRDQxNTRDNEY5QUUwMi9ZRzdvWGNQRVpfeEdTb2xPMUhxZkc5TWh0 RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lHN29YY1BFWl94R1NvbE8xSHFmRzlNaHRFRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjNDNi82MzFDQzE2MEYzMzgxMUVBQTYzRDQxNTRDNEY5QUUwMi9ZRzdvWGNQRVpf eEdTb2xPMUhxZkc5TWh0RUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/jCd9gWfxeHue2aWBUv2vy3Y5ROHMItwOocAKCq6aIOs8Nnk0Ftxr SC8FgRHfKLRjdX6jahHcQ2raSOZjBm5xZvMyAnvZ5WvQzO1VIIfZOpUCkzHnAFQc cHmYEDlIECxbKFlHTebuBR9/30uDG2EWrSJe7DTvVI4jTYrk3aa8LV35TTHrCEf7 NeLflaebaAhYNbzmn0EFKz3Q1g5//zIoie5lsGTL3DvAUh5x6gEyFLodO1rlIkSz 88yaiMyTnOsvU5n7S+akP/TCWvD45re/nUH3w7HS9BfWr+zNHASRLZ3LWgnu03F4 9jOGSpJOVwZOIPTLxGAXYprOoAJzGn+p -----END CERTIFICATE-----Generated at Tue May 13 11:07:08 2025 by rpki-client