$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft File: yL8GWnSCLvjMYvSlTlnVhxILb0c.mft (raw, json) Hash identifier: CfiZQAjVlP/9aXZ5WMIzEvgH1BXq6REt+cCCGWHF3jA= Subject key identifier: 3A:61:CC:38:C6:01:1C:8D:C5:A5:4F:4A:1F:74:64:A0:35:A7:65:B3 Authority key identifier: C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 Certificate issuer: /CN=A91E85F1/serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Certificate serial: 18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft Manifest number: 17 Signing time: Sun 11 May 2025 06:42:58 +0000 Manifest this update: Sun 11 May 2025 06:42:57 +0000 Manifest next update: Sun 18 May 2025 06:42:57 +0000 Files and hashes: 1: yL8GWnSCLvjMYvSlTlnVhxILb0c.crl (hash: ZjOuD0KV6kD880WFyYNdt6X/G3aAFoVMrLhRdg4pXxc=) 2: 4D144B780DFE11F09C46E054C4F9AE02.roa (hash: rxfflXV8vQ/KWVF6kuCP1iokmRw18P+QAjN4iDWpgsI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:42:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Validity Not Before: May 11 06:42:57 2025 GMT Not After : May 18 06:42:57 2025 GMT Subject: CN=682046f1-549b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:aa:e6:b6:bf:be:16:f8:eb:a0:e4:e6:b2:62: 3f:ba:87:bd:9c:91:f5:a2:26:b2:cb:b9:bc:c1:c7: e0:cc:12:28:8b:ff:19:16:d4:d3:df:90:ce:fb:4e: 34:36:58:d7:f4:68:67:bf:18:6b:21:93:c8:ed:b0: eb:df:08:32:0b:00:24:12:ce:17:db:50:34:27:2d: 57:3e:7b:1c:19:7c:25:48:09:c9:e0:90:b8:5d:2e: 9c:82:ee:53:09:bc:61:a8:b8:42:9c:96:ad:8a:ca: 47:a2:63:ea:9b:97:d4:bd:ae:ab:71:ea:43:24:48: 76:d4:78:e5:aa:3d:e9:4b:34:a7:7b:b9:0e:6f:4c: 3d:3b:da:bd:68:57:82:44:71:6b:41:55:a4:ad:1c: 29:70:2f:45:7b:cc:7d:22:ea:44:41:ee:30:bb:63: 66:8d:2a:53:54:ae:0a:17:d0:ac:cf:0c:0d:06:1b: 0e:ba:1c:ee:3d:73:f3:90:53:82:da:48:96:fb:e3: 53:18:59:d6:2f:1a:c2:9e:87:ad:ad:2c:d1:fe:44: 49:e2:d7:59:09:1f:7a:4d:86:1b:73:1e:3c:db:49: 13:32:92:2b:8b:ba:4c:84:77:35:61:39:65:ff:71: 9a:59:8f:b5:fd:1a:33:b5:5d:00:1b:1d:a7:19:63: fa:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:61:CC:38:C6:01:1C:8D:C5:A5:4F:4A:1F:74:64:A0:35:A7:65:B3 X509v3 Authority Key Identifier: keyid:C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:ef:8f:f1:b3:0f:77:36:5b:fe:c8:14:d0:f2:4d:96:65:a4: ce:90:5f:6a:ce:1a:a5:64:4d:68:0f:bc:7d:8f:c1:fd:31:43: c9:55:57:9e:29:f3:aa:3a:8f:8a:c5:aa:05:7c:e9:c9:2b:08: 8b:04:fa:ad:33:64:f5:61:d1:dd:8c:de:df:57:26:ee:54:7c: 91:68:68:62:0a:5f:5a:f6:dc:34:fd:29:1f:02:3d:15:eb:d7: 33:18:0b:17:62:e9:be:f1:a7:3f:96:15:0c:b1:80:95:13:7e: 7e:89:9a:1e:67:fd:e7:7e:f8:48:14:2d:e1:b3:da:b1:8b:45: 64:45:00:9e:65:a2:ef:35:4f:80:3e:f4:85:28:61:cb:a2:5b: f3:6c:00:a2:c1:16:1a:82:25:d0:f0:6b:ac:05:14:11:2c:39: 4f:8b:31:88:d4:56:b8:db:ed:70:83:16:bd:4e:36:a2:24:05: 23:db:6d:16:43:67:1f:2b:22:ae:fc:33:8b:45:21:d8:61:06: 73:1a:cf:bd:01:31:96:dd:a5:9f:a0:b7:46:98:e3:57:18:04: ae:ff:c0:1a:38:38:96:4a:c7:d0:ad:39:ec:24:7b:35:27:18: 56:6f:c2:d9:19:22:c4:b1:88:e2:2f:a8:69:0e:0b:5c:f3:c5: 92:f7:fd:4f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoQzhCRjA2NUE3NDgyMkVGOENDNjJGNEE1NEU1OUQ1ODcx MjBCNkY0NzAeFw0yNTA1MTEwNjQyNTdaFw0yNTA1MTgwNjQyNTdaMBgxFjAUBgNV BAMTDTY4MjA0NmYxLTU0OWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0qua2v74W+Oug5OayYj+6h72ckfWiJrLLubzBx+DMEiiL/xkW1NPfkM77TjQ2 WNf0aGe/GGshk8jtsOvfCDILACQSzhfbUDQnLVc+exwZfCVICcngkLhdLpyC7lMJ vGGouEKclq2KykeiY+qbl9S9rqtx6kMkSHbUeOWqPelLNKd7uQ5vTD072r1oV4JE cWtBVaStHClwL0V7zH0i6kRB7jC7Y2aNKlNUrgoX0KzPDA0GGw66HO49c/OQU4La SJb741MYWdYvGsKeh62tLNH+REni11kJH3pNhhtzHjzbSRMykiuLukyEdzVhOWX/ cZpZj7X9GjO1XQAbHacZY/p5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOmHMOMYB HI3FpU9KH3RkoDWnZbMwHwYDVR0jBBgwFoAUyL8GWnSCLvjMYvSlTlnVhxILb0cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzZBQTRENjBBMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZqTVl2U2xUbG5WaHhJTGIw Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUw4R1duU0NMdmpNWXZTbFRsblZoeElMYjBjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzZBQTRENjBBMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZq TVl2U2xUbG5WaHhJTGIwYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIHvj/GzD3c2W/7IFNDyTZZlpM6QX2rOGqVkTWgPvH2Pwf0xQ8lVV54p 86o6j4rFqgV86ckrCIsE+q0zZPVh0d2M3t9XJu5UfJFoaGIKX1r23DT9KR8CPRXr 1zMYCxdi6b7xpz+WFQyxgJUTfn6Jmh5n/ed++EgULeGz2rGLRWRFAJ5lou81T4A+ 9IUoYcuiW/NsAKLBFhqCJdDwa6wFFBEsOU+LMYjUVrjb7XCDFr1ONqIkBSPbbRZD Zx8rIq78M4tFIdhhBnMaz70BMZbdpZ+gt0aY41cYBK7/wBo4OJZKx9CtOewkezUn GFZvwtkZIsSxiOIvqGkOC1zzxZL3/U8= -----END CERTIFICATE-----Generated at Tue May 13 00:15:01 2025 by rpki-client