$ rpki-client -vvf rpki.apnic.net/member_repository/A9186193/1D51405E8FB311EAB7126C57C4F9AE02/YQPK5q-yXkC6nl2kxULP4JtndCo.mft File: YQPK5q-yXkC6nl2kxULP4JtndCo.mft (raw, json) Hash identifier: 7hR+Rm5rP9scYyWxL/v+x+Kc4784hj6M8QI2EowC9zg= Subject key identifier: 7D:C9:67:B8:23:5B:09:1B:E5:FF:CD:36:63:81:41:7F:E4:C5:11:0B Authority key identifier: 61:03:CA:E6:AF:B2:5E:40:BA:9E:5D:A4:C5:42:CF:E0:9B:67:74:2A Certificate issuer: /CN=A9186193/serialNumber=6103CAE6AFB25E40BA9E5DA4C542CFE09B67742A Certificate serial: 0964 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YQPK5q-yXkC6nl2kxULP4JtndCo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186193/1D51405E8FB311EAB7126C57C4F9AE02/YQPK5q-yXkC6nl2kxULP4JtndCo.mft Manifest number: 095C Signing time: Fri 28 Mar 2025 20:28:40 +0000 Manifest this update: Fri 28 Mar 2025 20:28:40 +0000 Manifest next update: Fri 04 Apr 2025 20:28:40 +0000 Files and hashes: 1: YQPK5q-yXkC6nl2kxULP4JtndCo.crl (hash: ROo+DL0LC+H7bjKdlvX7cCxumD9AnpeFSAiq5rOT3UQ=) 2: B781FD5C8FB411EAA396FB5CC4F9AE02.roa (hash: kppfjOmUGO+tWg93gbF2w14mllXA4v8g2v3smcz3zqY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186193/1D51405E8FB311EAB7126C57C4F9AE02/YQPK5q-yXkC6nl2kxULP4JtndCo.crl rsync://rpki.apnic.net/member_repository/A9186193/1D51405E8FB311EAB7126C57C4F9AE02/YQPK5q-yXkC6nl2kxULP4JtndCo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YQPK5q-yXkC6nl2kxULP4JtndCo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:28:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2404 (0x964) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186193 Validity Not Before: Mar 28 20:28:40 2025 GMT Not After : Apr 4 20:28:40 2025 GMT Subject: CN=67e70678-90b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:cd:dd:89:dc:69:45:28:76:3c:b8:2a:6e:2d: 71:1e:de:5a:96:09:cb:8b:b1:7d:8b:f3:3f:bb:74: 61:63:36:9c:78:a9:a0:51:3f:4a:15:af:89:05:dd: 58:0e:ef:5d:7f:5c:93:1b:be:4d:44:21:07:5a:89: d2:df:ae:64:5e:c4:3e:e6:5a:c4:d2:56:d7:a0:10: 2a:91:8f:36:d7:9c:35:d0:ff:75:ef:56:1e:ca:d6: be:db:c0:48:6f:f0:7b:88:ef:2a:22:69:2f:da:bc: 34:de:2f:71:72:d6:05:7b:4b:33:34:a0:5c:1c:81: ba:c8:1c:7e:19:01:26:10:e2:36:33:cc:d8:7c:5e: c7:31:8a:1a:de:69:16:14:12:d3:0c:6f:90:73:89: 0c:85:56:52:8b:bd:e8:e8:3b:b2:3d:e2:d8:42:bc: 78:88:63:0b:e7:50:64:58:21:9a:5f:a5:e4:5e:72: d2:55:91:9e:e5:d2:2a:1e:94:87:1b:c7:99:fe:2d: ba:9f:5c:94:71:c9:ea:ae:0f:2b:7a:c6:86:d5:1d: 2a:84:96:3c:dc:77:bb:0a:c5:46:93:4a:a0:dd:f9: d6:50:0c:bf:81:8f:7d:30:e7:dd:b8:c0:3d:4a:7d: 5b:cb:d0:b8:7d:a6:a8:5f:60:bc:ff:2c:1f:5b:a5: f7:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:C9:67:B8:23:5B:09:1B:E5:FF:CD:36:63:81:41:7F:E4:C5:11:0B X509v3 Authority Key Identifier: keyid:61:03:CA:E6:AF:B2:5E:40:BA:9E:5D:A4:C5:42:CF:E0:9B:67:74:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186193/1D51405E8FB311EAB7126C57C4F9AE02/YQPK5q-yXkC6nl2kxULP4JtndCo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YQPK5q-yXkC6nl2kxULP4JtndCo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186193/1D51405E8FB311EAB7126C57C4F9AE02/YQPK5q-yXkC6nl2kxULP4JtndCo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:f8:d7:3d:24:9d:2f:76:1d:0b:98:f3:a6:30:7a:41:b8:58: bc:dc:72:33:0d:e9:0d:2c:b8:b9:95:55:a6:4b:59:1e:11:b3: bd:3a:1a:11:c8:ab:0d:b7:ad:fe:fb:43:19:62:49:37:ca:ad: de:3d:6d:e7:82:69:2f:57:5f:bc:f4:e4:48:1a:92:70:6e:94: ad:ec:42:a9:4b:e0:2b:68:9e:c5:6a:f9:2b:a9:a8:8d:bf:0f: a6:b8:23:19:1b:6a:bc:a6:55:23:bb:db:11:95:db:b2:6a:d5: 24:9f:5c:a3:f8:61:a9:c5:51:3e:a4:36:0e:61:c1:9e:0b:86: cb:fa:06:28:0b:df:f1:a3:bd:b9:d9:75:c3:c8:8c:c7:2d:a4: f6:b1:93:3b:5c:fd:56:e6:e0:a4:14:d2:6f:67:a0:6a:39:b9: 79:61:b1:21:4e:26:06:18:51:5d:77:0e:87:80:de:6d:eb:f3: c3:0f:db:97:69:cd:90:02:ac:15:6f:5c:9a:0a:bf:91:05:9c: 98:46:d2:08:4f:9f:95:c0:bc:7a:2b:01:5c:ba:88:50:ee:bc: d9:0f:25:7e:2d:6e:8b:bf:b0:b9:64:73:d3:3d:91:1f:80:05: 02:c2:dc:d2:16:eb:79:55:61:d9:e7:b0:60:fa:bc:da:88:90: ee:7c:3f:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYxOTMxMTAvBgNVBAUTKDYxMDNDQUU2QUZCMjVFNDBCQTlFNURBNEM1NDJDRkUw OUI2Nzc0MkEwHhcNMjUwMzI4MjAyODQwWhcNMjUwNDA0MjAyODQwWjAYMRYwFAYD VQQDEw02N2U3MDY3OC05MGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0s3didxpRSh2PLgqbi1xHt5algnLi7F9i/M/u3RhYzaceKmgUT9KFa+JBd1Y Du9df1yTG75NRCEHWonS365kXsQ+5lrE0lbXoBAqkY8215w10P9171Yeyta+28BI b/B7iO8qImkv2rw03i9xctYFe0szNKBcHIG6yBx+GQEmEOI2M8zYfF7HMYoa3mkW FBLTDG+Qc4kMhVZSi73o6DuyPeLYQrx4iGML51BkWCGaX6XkXnLSVZGe5dIqHpSH G8eZ/i26n1yUccnqrg8resaG1R0qhJY83He7CsVGk0qg3fnWUAy/gY99MOfduMA9 Sn1by9C4faaoX2C8/ywfW6X3NQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH3JZ7gj Wwkb5f/NNmOBQX/kxRELMB8GA1UdIwQYMBaAFGEDyuavsl5Aup5dpMVCz+CbZ3Qq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjE5My8xRDUxNDA1RThG QjMxMUVBQjcxMjZDNTdDNEY5QUUwMi9ZUVBLNXEteVhrQzZubDJreFVMUDRKdG5k Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lRUEs1cS15WGtDNm5sMmt4VUxQNEp0bmRDby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NjE5My8xRDUxNDA1RThGQjMxMUVBQjcxMjZDNTdDNEY5QUUwMi9ZUVBLNXEteVhr QzZubDJreFVMUDRKdG5kQ28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7+Nc9JJ0vdh0LmPOmMHpBuFi83HIzDekNLLi5lVWmS1keEbO9OhoR yKsNt63++0MZYkk3yq3ePW3ngmkvV1+89ORIGpJwbpSt7EKpS+AraJ7FavkrqaiN vw+muCMZG2q8plUju9sRlduyatUkn1yj+GGpxVE+pDYOYcGeC4bL+gYoC9/xo725 2XXDyIzHLaT2sZM7XP1W5uCkFNJvZ6BqObl5YbEhTiYGGFFddw6HgN5t6/PDD9uX ac2QAqwVb1yaCr+RBZyYRtIIT5+VwLx6KwFcuohQ7rzZDyV+LW6Lv7C5ZHPTPZEf gAUCwtzSFut5VWHZ57Bg+rzaiJDufD8e -----END CERTIFICATE-----Generated at Fri Apr 4 18:35:59 2025 by rpki-client