$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft File: yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft (raw, json) Hash identifier: 4wtcoNvoUPChysxR15wUH5iKjvs6+j+hcskY4rSMQMA= Subject key identifier: 79:A1:AB:8A:46:52:A2:5F:74:24:4F:7C:2E:11:96:A7:6B:4C:00:3F Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Certificate serial: 05B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft Manifest number: 05A0 Signing time: Sat 10 May 2025 22:52:21 +0000 Manifest this update: Sat 10 May 2025 22:52:20 +0000 Manifest next update: Sat 17 May 2025 22:52:20 +0000 Files and hashes: 1: yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl (hash: gbZLUtZIOJarsSlFc08VvtB9Xk4ugVWKMpawdCIw8BE=) 2: 5FA1BF8802DD11EE86865A23C4F9AE02.roa (hash: ui8GmB9i/5pnYfd6MeCxTJj3Yjz4hQKs4XNWYMcqflM=) 3: 3003C4BA7C7711EEB9E0BE15C4F9AE02.roa (hash: v6P92PiB+jeVRQvFzDPkmeCK4o2bOi69O9K8uU73bTE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:52:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1465 (0x5b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Validity Not Before: May 10 22:52:20 2025 GMT Not After : May 17 22:52:20 2025 GMT Subject: CN=681fd8a4-5f57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2c:28:77:96:7f:7e:94:7c:da:8d:9f:e8:30: 9f:be:95:8e:f6:06:7e:a6:17:df:24:e6:54:1f:cc: 24:b9:82:eb:0c:e7:2a:de:fe:70:6d:95:c3:43:11: 71:f1:df:21:a6:d9:31:99:0b:67:ce:08:c0:5d:74: 7a:d2:62:5a:7d:ae:c9:29:78:fc:8a:fc:94:80:2e: b3:30:e8:78:f7:1f:c7:f1:25:10:5c:8d:b9:1f:0c: e4:c6:eb:c4:ec:29:4d:4d:26:71:9c:75:02:0e:36: 4f:10:d9:6e:68:28:5c:64:f4:58:d8:dc:73:91:dd: b5:aa:95:17:0e:e1:aa:88:e3:2f:78:f5:65:ad:31: 84:d1:17:a4:eb:17:d2:ac:42:f3:8e:6a:60:2e:01: 3e:b9:50:36:2a:56:8a:af:cf:d4:4f:6d:5f:02:88: a5:33:04:21:6f:29:23:8c:66:a9:d9:74:ee:db:80: b4:bc:2b:e2:96:64:4f:22:6f:23:94:cc:8d:31:35: c4:5b:01:d8:eb:f2:73:3e:d7:86:4a:c5:04:91:33: 28:f9:a3:77:99:32:83:d3:9b:4c:fe:37:3e:e5:32: 3a:07:2a:8a:14:03:4e:bf:73:8d:f9:e2:bb:e4:6b: 28:6d:65:4c:da:e5:15:99:fc:13:db:5f:e8:55:ce: be:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:A1:AB:8A:46:52:A2:5F:74:24:4F:7C:2E:11:96:A7:6B:4C:00:3F X509v3 Authority Key Identifier: keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:bd:e3:1e:d6:01:1e:d2:df:a7:15:5f:6a:9b:d2:cc:da:42: f9:ac:5b:f0:ea:63:8c:2a:2e:27:f1:74:ab:f6:d7:87:6a:f7: 77:62:29:37:b3:00:72:04:ed:55:e6:1d:20:f8:96:f2:4c:e1: d2:2a:34:38:cf:4c:97:00:69:0b:ce:38:af:73:fd:e2:b8:69: fb:80:ea:e2:20:af:69:65:61:9a:a2:ed:29:27:b9:5e:f4:cf: bc:b2:d0:d7:6f:61:23:4a:81:aa:1a:6d:fc:f8:61:d9:8e:4b: 42:7a:c2:d5:03:c5:8b:e4:02:12:bd:ba:c2:fb:eb:a5:7e:99: 06:e6:aa:2b:00:23:af:2f:07:ee:da:22:53:be:a2:cf:60:f2: e2:38:63:3d:77:8b:f8:b9:d4:7a:d6:43:9d:33:62:ba:67:fe: d6:a7:32:b2:67:4a:b1:fb:42:49:aa:da:bd:56:d7:56:7c:4e: 56:8e:2c:bd:f3:cc:10:8a:3b:31:5c:67:9d:b4:18:5b:0e:49: c3:ac:d2:9f:e4:76:d0:a1:54:b5:f4:51:b1:37:3c:b4:e6:77: 94:9e:09:41:3a:c9:79:4a:a4:2d:90:00:e2:f7:82:2f:4a:23: 8b:9f:6e:67:bc:e4:24:35:e0:4a:4e:64:ad:1e:9d:cb:af:e5: da:14:91:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF Qjk4RkY3MDEwHhcNMjUwNTEwMjI1MjIwWhcNMjUwNTE3MjI1MjIwWjAYMRYwFAYD VQQDEw02ODFmZDhhNC01ZjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvywod5Z/fpR82o2f6DCfvpWO9gZ+phffJOZUH8wkuYLrDOcq3v5wbZXDQxFx 8d8hptkxmQtnzgjAXXR60mJafa7JKXj8ivyUgC6zMOh49x/H8SUQXI25HwzkxuvE 7ClNTSZxnHUCDjZPENluaChcZPRY2Nxzkd21qpUXDuGqiOMvePVlrTGE0Rek6xfS rELzjmpgLgE+uVA2KlaKr8/UT21fAoilMwQhbykjjGap2XTu24C0vCvilmRPIm8j lMyNMTXEWwHY6/JzPteGSsUEkTMo+aN3mTKD05tM/jc+5TI6ByqKFANOv3ON+eK7 5GsobWVM2uUVmfwT21/oVc6+swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHmhq4pG UqJfdCRPfC4RlqdrTAA/MB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5 d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1Vm LUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9veMe1gEe0t+nFV9qm9LM2kL5rFvw6mOMKi4n8XSr9teHavd3Yik3 swByBO1V5h0g+JbyTOHSKjQ4z0yXAGkLzjivc/3iuGn7gOriIK9pZWGaou0pJ7le 9M+8stDXb2EjSoGqGm38+GHZjktCesLVA8WL5AISvbrC++ulfpkG5qorACOvLwfu 2iJTvqLPYPLiOGM9d4v4udR61kOdM2K6Z/7WpzKyZ0qx+0JJqtq9VtdWfE5Wjiy9 88wQijsxXGedtBhbDknDrNKf5HbQoVS19FGxNzy05neUnglBOsl5SqQtkADi94Iv SiOLn25nvOQkNeBKTmStHp3Lr+XaFJG8 -----END CERTIFICATE-----Generated at Mon May 12 07:12:55 2025 by rpki-client