$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft File: yCFQSaXsETZftnQLghcGdiaArRc.mft (raw, json) Hash identifier: MjVLglzzGzgk9gP9xXBBmrg+B0v9lQzUIVOx+3a/Hog= Subject key identifier: 08:FA:1A:60:15:0D:8C:57:7F:BC:DE:2E:C4:D8:5C:C5:EC:38:4E:D5 Authority key identifier: C8:21:50:49:A5:EC:11:36:5F:B6:74:0B:82:17:06:76:26:80:AD:17 Certificate issuer: /CN=A91DC459/serialNumber=C8215049A5EC11365FB6740B821706762680AD17 Certificate serial: CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft Manifest number: CD Signing time: Tue 13 May 2025 04:54:43 +0000 Manifest this update: Tue 13 May 2025 04:54:43 +0000 Manifest next update: Tue 20 May 2025 04:54:43 +0000 Files and hashes: 1: yCFQSaXsETZftnQLghcGdiaArRc.crl (hash: qRDFWlNGMFtlegutgQX70FI5+E/XGWC7+Bzwk7GYUko=) 2: 264C45FAFA3F11EE8A884F09C4F9AE02.roa (hash: 5Qk7wqUj4bSez6DKvrGbvLq6LTkbYNIBEPZBlcBLEEY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.crl rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:54:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC459, serialNumber=C8215049A5EC11365FB6740B821706762680AD17 Validity Not Before: May 13 04:54:43 2025 GMT Not After : May 20 04:54:43 2025 GMT Subject: CN=6822d093-f64e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6a:37:56:6e:72:a3:4d:0e:81:2d:bb:2f:39: 1a:7f:c6:ca:2a:37:7d:44:02:25:e9:0f:dc:38:22: 5a:9e:e7:75:6c:2e:0a:15:a9:6d:bd:3a:ae:72:47: ff:b9:02:8b:b1:32:53:10:0c:6e:0c:7a:86:2f:b5: dc:fb:38:b3:7a:08:d3:d8:eb:64:6f:a7:54:23:76: 16:e5:3a:2a:7d:85:b5:eb:54:be:d4:52:7d:3f:69: 1e:a2:ee:a8:8d:9a:f1:83:a2:24:b4:f1:6a:92:fa: 6f:94:71:e0:af:22:2d:b3:03:5c:2e:c0:93:ca:f1: d1:f3:59:fa:08:e1:43:c6:3a:cb:48:10:1c:ae:ca: ce:80:54:bd:fe:f7:5b:ec:5b:5b:e2:e5:08:03:5b: 1e:b2:4a:83:7d:be:f1:b5:a7:f0:ae:a4:ef:53:34: 88:cf:6d:87:35:ed:ec:4f:0f:fc:01:80:0a:56:7d: 22:a8:f9:ed:0c:27:5c:41:f2:58:b7:09:e2:39:be: b7:a5:1c:c6:9b:ba:bb:f2:0d:2d:7e:21:84:ce:eb: a6:0e:68:a8:5b:14:17:b4:e6:5b:ef:b6:02:e1:ff: 89:92:00:28:89:95:a0:fc:f9:87:1b:b2:59:eb:62: 95:32:5e:ae:26:d0:80:e6:76:90:2a:90:3a:8f:86: 08:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:FA:1A:60:15:0D:8C:57:7F:BC:DE:2E:C4:D8:5C:C5:EC:38:4E:D5 X509v3 Authority Key Identifier: keyid:C8:21:50:49:A5:EC:11:36:5F:B6:74:0B:82:17:06:76:26:80:AD:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:b9:3b:02:f3:6e:5e:f6:3a:19:c8:3b:a3:e2:49:3d:ad:67: dd:55:a5:2a:a7:54:54:49:f7:56:af:a1:40:00:26:85:83:e8: 78:07:96:45:01:de:34:10:1b:75:29:1f:64:04:54:1b:34:aa: 2a:70:dd:86:5c:3f:61:63:bc:bb:d7:ac:ba:c9:90:b8:6a:b0: d8:ea:4f:f3:a4:39:9d:ea:73:85:53:1d:ed:34:59:bd:59:1a: f2:6f:06:0b:a6:49:fb:ce:0c:cc:ec:c7:35:46:e5:36:0a:aa: dc:b2:e7:03:39:c2:91:c7:02:9b:6e:d8:ad:66:91:f3:d5:41: 92:37:00:85:5a:ce:95:a5:de:58:14:52:13:e9:62:bc:c1:00: ea:c3:8e:65:6e:ba:ec:a6:c3:82:c0:d4:51:6f:8b:4e:8e:eb: ce:77:49:c1:f3:1f:1c:0f:44:ff:44:92:86:a2:89:38:ef:02: dd:50:ad:98:a1:f4:9e:ae:62:1e:ff:83:c2:8a:b5:e4:69:8d: 29:42:7d:24:a4:2c:94:fd:00:b8:63:fa:03:f5:38:01:3d:0b: f5:8a:72:57:6c:b2:69:10:bb:a5:42:e4:68:93:c6:b2:9b:e1: 3e:53:61:1b:e6:86:80:62:e7:81:f1:dd:ad:28:d3:44:55:18: 0a:ba:1f:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0NTkxMTAvBgNVBAUTKEM4MjE1MDQ5QTVFQzExMzY1RkI2NzQwQjgyMTcwNjc2 MjY4MEFEMTcwHhcNMjUwNTEzMDQ1NDQzWhcNMjUwNTIwMDQ1NDQzWjAYMRYwFAYD VQQDEw02ODIyZDA5My1mNjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzmo3Vm5yo00OgS27Lzkaf8bKKjd9RAIl6Q/cOCJanud1bC4KFaltvTquckf/ uQKLsTJTEAxuDHqGL7Xc+zizegjT2Otkb6dUI3YW5ToqfYW161S+1FJ9P2keou6o jZrxg6IktPFqkvpvlHHgryItswNcLsCTyvHR81n6COFDxjrLSBAcrsrOgFS9/vdb 7Ftb4uUIA1seskqDfb7xtafwrqTvUzSIz22HNe3sTw/8AYAKVn0iqPntDCdcQfJY twniOb63pRzGm7q78g0tfiGEzuumDmioWxQXtOZb77YC4f+JkgAoiZWg/PmHG7JZ 62KVMl6uJtCA5naQKpA6j4YIzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAj6GmAV DYxXf7zeLsTYXMXsOE7VMB8GA1UdIwQYMBaAFMghUEml7BE2X7Z0C4IXBnYmgK0X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQ1OS9BOTM1MDdCQ0Y2 RDUxMUVFQjg3ODNDMUVDNEY5QUUwMi95Q0ZRU2FYc0VUWmZ0blFMZ2hjR2RpYUFy UmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lDRlFTYVhzRVRaZnRuUUxnaGNHZGlhQXJSYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzQ1OS9BOTM1MDdCQ0Y2RDUxMUVFQjg3ODNDMUVDNEY5QUUwMi95Q0ZRU2FYc0VU WmZ0blFMZ2hjR2RpYUFyUmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIuTsC825e9joZyDuj4kk9rWfdVaUqp1RUSfdWr6FAACaFg+h4B5ZF Ad40EBt1KR9kBFQbNKoqcN2GXD9hY7y716y6yZC4arDY6k/zpDmd6nOFUx3tNFm9 WRrybwYLpkn7zgzM7Mc1RuU2CqrcsucDOcKRxwKbbtitZpHz1UGSNwCFWs6Vpd5Y FFIT6WK8wQDqw45lbrrspsOCwNRRb4tOjuvOd0nB8x8cD0T/RJKGook47wLdUK2Y ofSermIe/4PCirXkaY0pQn0kpCyU/QC4Y/oD9TgBPQv1inJXbLJpELulQuRok8ay m+E+U2Eb5oaAYueB8d2tKNNEVRgKuh8h -----END CERTIFICATE-----Generated at Tue May 13 07:46:36 2025 by rpki-client