$ rpki-client -vvf rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft File: Ys-2EOllD-PIACvGF7cFck0qAt0.mft (raw, json) Hash identifier: H+enHZrmsffcX/mNt7ILsIGAkyJIILd319yfexE5Cg8= Subject key identifier: C2:74:2C:08:BD:3C:1F:97:AF:19:A1:2B:EB:F3:50:8E:57:48:30:53 Authority key identifier: 62:CF:B6:10:E9:65:0F:E3:C8:00:2B:C6:17:B7:05:72:4D:2A:02:DD Certificate issuer: /CN=A917B1B1/serialNumber=62CFB610E9650FE3C8002BC617B705724D2A02DD Certificate serial: 1809 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft Manifest number: 17FC Signing time: Fri 04 Apr 2025 16:37:21 +0000 Manifest this update: Fri 04 Apr 2025 16:37:20 +0000 Manifest next update: Fri 11 Apr 2025 16:37:20 +0000 Files and hashes: 1: Ys-2EOllD-PIACvGF7cFck0qAt0.crl (hash: TLA+gjnOho91GtjiwwJYJyKDaBSmLaHW7L7xS9lfu4A=) 2: C1C12662CFC811EB9A5C5879C4F9AE02.roa (hash: YxR/IEAXYjhKk4qyNbFNVRXx2+Bty0U++VTURHi/7GY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.crl rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:37:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6153 (0x1809) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B1B1 Validity Not Before: Apr 4 16:37:20 2025 GMT Not After : Apr 11 16:37:20 2025 GMT Subject: CN=67f00ac0-7204 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:17:2c:be:61:b5:6d:75:cd:ec:bb:ed:ec:a6: 10:50:b9:0e:d9:0c:7c:e3:d8:b3:57:71:bc:d9:77: 23:56:ba:b6:2b:f3:96:3f:ea:a2:4e:ce:a5:76:d5: ac:f0:89:6b:d9:3f:5e:2f:41:c1:bd:34:13:e9:89: 1e:cb:b4:7c:b3:db:78:c9:3d:45:f1:b5:38:46:1f: 8c:fa:32:7d:93:e9:a3:50:c8:7c:ca:3c:07:28:93: c4:9d:79:39:5c:d4:63:ae:fa:7f:b9:10:1d:2f:b1: a9:df:2a:80:f1:dc:da:50:b3:55:1e:1f:b2:e4:50: b8:88:d7:25:48:0b:37:a8:ff:bc:3a:54:c0:93:ed: 64:ff:46:02:eb:63:db:c5:df:3d:0a:2d:9e:8c:70: e8:39:d5:b4:c9:75:20:36:bb:7e:f8:cf:00:41:bf: 91:ec:7c:45:d0:01:22:e5:e2:12:52:9a:79:44:67: 56:92:fb:86:57:9a:2e:c5:37:8c:56:69:44:5d:fd: f4:38:c6:fa:dd:9a:c7:ee:ef:9e:bf:15:0f:59:53: db:7b:68:03:28:69:dc:1c:c4:91:8d:08:f8:47:73: e1:90:73:78:05:d8:45:1c:05:46:45:81:fc:35:8b: da:40:43:71:3d:ed:76:4a:4e:66:45:e2:65:bb:e5: 26:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:74:2C:08:BD:3C:1F:97:AF:19:A1:2B:EB:F3:50:8E:57:48:30:53 X509v3 Authority Key Identifier: keyid:62:CF:B6:10:E9:65:0F:E3:C8:00:2B:C6:17:B7:05:72:4D:2A:02:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:bb:e7:60:31:3d:82:ed:a9:5a:4e:f3:79:c9:d3:5a:e1:90: 55:bf:3f:df:2f:c0:5d:87:67:90:38:30:a2:72:af:d4:f6:bc: 66:69:94:df:03:9d:55:b8:56:2c:ba:85:68:7c:34:eb:ce:8c: c8:bc:bd:a6:30:55:3e:ef:85:2a:07:95:65:1c:a6:21:84:f1: 9c:87:c0:67:59:90:53:9d:b2:b5:bb:58:8c:df:4c:66:05:09: 0f:91:46:02:bb:a2:9a:94:d9:fd:b3:1e:06:2c:72:8e:92:bb: 60:43:96:d1:a1:7c:c1:41:e4:61:16:01:b3:b2:4a:40:3d:dd: f3:42:bc:e9:e5:24:58:cc:f3:8c:c9:7a:55:43:d0:70:b7:83: f2:3b:86:7a:59:68:b2:f1:9a:bf:9a:57:13:49:2d:ad:bd:25: f3:53:e8:ae:a9:ad:ad:8a:3b:72:96:ce:ea:80:bd:65:00:d5: e4:33:b2:46:1b:f0:19:8d:3c:8d:72:08:b7:78:29:55:0d:8b: 30:ec:45:66:6d:fe:dd:41:87:a9:c9:c8:ff:b6:4f:67:a8:33: f9:d6:ad:53:e6:8e:73:bb:37:8e:39:ae:23:96:1f:3b:3e:f6: e4:d9:28:dd:c7:76:86:5a:95:b3:a4:98:b7:40:23:3c:fb:8f: ce:8d:8e:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0IxQjExMTAvBgNVBAUTKDYyQ0ZCNjEwRTk2NTBGRTNDODAwMkJDNjE3QjcwNTcy NEQyQTAyREQwHhcNMjUwNDA0MTYzNzIwWhcNMjUwNDExMTYzNzIwWjAYMRYwFAYD VQQDEw02N2YwMGFjMC03MjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArRcsvmG1bXXN7Lvt7KYQULkO2Qx849izV3G82XcjVrq2K/OWP+qiTs6ldtWs 8Ilr2T9eL0HBvTQT6Ykey7R8s9t4yT1F8bU4Rh+M+jJ9k+mjUMh8yjwHKJPEnXk5 XNRjrvp/uRAdL7Gp3yqA8dzaULNVHh+y5FC4iNclSAs3qP+8OlTAk+1k/0YC62Pb xd89Ci2ejHDoOdW0yXUgNrt++M8AQb+R7HxF0AEi5eISUpp5RGdWkvuGV5ouxTeM VmlEXf30OMb63ZrH7u+evxUPWVPbe2gDKGncHMSRjQj4R3PhkHN4BdhFHAVGRYH8 NYvaQENxPe12Sk5mReJlu+UmMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMJ0LAi9 PB+XrxmhK+vzUI5XSDBTMB8GA1UdIwQYMBaAFGLPthDpZQ/jyAArxhe3BXJNKgLd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjFCMS9BMEYwQURGMEIy NTIxMUU3OEI1MEZGNjBDNEY5QUUwMi9Zcy0yRU9sbEQtUElBQ3ZHRjdjRmNrMHFB dDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lzLTJFT2xsRC1QSUFDdkdGN2NGY2swcUF0MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjFCMS9BMEYwQURGMEIyNTIxMUU3OEI1MEZGNjBDNEY5QUUwMi9Zcy0yRU9sbEQt UElBQ3ZHRjdjRmNrMHFBdDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUu+dgMT2C7alaTvN5ydNa4ZBVvz/fL8Bdh2eQODCicq/U9rxmaZTf A51VuFYsuoVofDTrzozIvL2mMFU+74UqB5VlHKYhhPGch8BnWZBTnbK1u1iM30xm BQkPkUYCu6KalNn9sx4GLHKOkrtgQ5bRoXzBQeRhFgGzskpAPd3zQrzp5SRYzPOM yXpVQ9Bwt4PyO4Z6WWiy8Zq/mlcTSS2tvSXzU+iuqa2tijtyls7qgL1lANXkM7JG G/AZjTyNcgi3eClVDYsw7EVmbf7dQYepycj/tk9nqDP51q1T5o5zuzeOOa4jlh87 Pvbk2Sjdx3aGWpWzpJi3QCM8+4/OjY5Y -----END CERTIFICATE-----Generated at Sat Apr 5 21:55:35 2025 by rpki-client