$ rpki-client -vvf rpki.apnic.net/member_repository/A919DA63/01BF7BEEE1E311EAB497DD28C4F9AE02/yhlef9JZjYWjbJnsSBs1dMBuOxc.mft File: yhlef9JZjYWjbJnsSBs1dMBuOxc.mft (raw, json) Hash identifier: QYrv4oh+hOdPa+SPQvjDq/EqLXgOzxbybCzZMrZI8uY= Subject key identifier: C1:0C:2A:0C:2B:8C:B2:D5:7D:FD:5F:90:F8:CE:DA:EE:F4:04:73:2F Authority key identifier: CA:19:5E:7F:D2:59:8D:85:A3:6C:99:EC:48:1B:35:74:C0:6E:3B:17 Certificate issuer: /CN=A919DA63/serialNumber=CA195E7FD2598D85A36C99EC481B3574C06E3B17 Certificate serial: 07EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yhlef9JZjYWjbJnsSBs1dMBuOxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919DA63/01BF7BEEE1E311EAB497DD28C4F9AE02/yhlef9JZjYWjbJnsSBs1dMBuOxc.mft Manifest number: 07E5 Signing time: Sun 20 Apr 2025 20:40:14 +0000 Manifest this update: Sun 20 Apr 2025 20:40:14 +0000 Manifest next update: Sun 27 Apr 2025 20:40:14 +0000 Files and hashes: 1: yhlef9JZjYWjbJnsSBs1dMBuOxc.crl (hash: jgx2Et3xovAQjqhyoQ6OmYrxAcVW7cGDpIl6PUHkmkw=) 2: B65C355AE1E411EAAD5D8545C4F9AE02.roa (hash: UFJMOp2fvjsQLVH9S8VvXu+lCDjqJ5yXKWYrWh7iDH4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919DA63/01BF7BEEE1E311EAB497DD28C4F9AE02/yhlef9JZjYWjbJnsSBs1dMBuOxc.crl rsync://rpki.apnic.net/member_repository/A919DA63/01BF7BEEE1E311EAB497DD28C4F9AE02/yhlef9JZjYWjbJnsSBs1dMBuOxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yhlef9JZjYWjbJnsSBs1dMBuOxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:40:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2026 (0x7ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919DA63, serialNumber=CA195E7FD2598D85A36C99EC481B3574C06E3B17 Validity Not Before: Apr 20 20:40:14 2025 GMT Not After : Apr 27 20:40:14 2025 GMT Subject: CN=68055bae-9a5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:fe:95:85:23:c5:d2:e3:a0:ff:14:33:e2:28: 25:e3:da:68:bf:c2:54:d5:e4:6c:4f:cd:57:44:7e: 28:d7:3d:ff:09:97:dc:82:55:d5:dd:8e:99:f4:9a: 6a:26:d7:cb:eb:72:56:b5:d8:ac:ec:73:43:19:bd: 62:f2:70:10:bd:df:bb:75:fe:d2:f4:b4:ed:77:85: db:a9:16:0d:b3:aa:68:74:2f:ec:11:40:07:bc:0d: 0b:44:e2:e7:85:e1:33:40:17:19:8b:37:57:71:c0: 83:95:b6:d9:21:a9:37:a7:72:62:8e:24:f3:b7:1e: 6a:9b:ff:c0:b6:b8:5c:a9:4f:09:b1:1a:5f:17:ec: 32:95:24:1c:cc:c3:3a:ac:78:b4:9f:17:a1:4c:16: 8f:20:a8:2a:ba:cc:a9:15:7a:ab:be:a1:03:45:09: 12:60:6c:d2:71:92:60:e1:e2:09:37:eb:ae:4f:2c: 63:95:15:47:0b:9d:4b:67:96:62:26:a5:fe:99:32: ad:24:11:64:1a:f8:28:45:a8:2d:84:30:e3:e8:58: b9:8c:94:ec:e6:b0:06:ed:0a:8a:41:40:9d:e8:0e: ce:45:69:25:99:49:4a:da:94:b6:39:ce:3c:25:3c: 3a:79:ac:e9:78:5c:c3:b2:16:b8:2b:7d:ee:42:96: 19:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:0C:2A:0C:2B:8C:B2:D5:7D:FD:5F:90:F8:CE:DA:EE:F4:04:73:2F X509v3 Authority Key Identifier: keyid:CA:19:5E:7F:D2:59:8D:85:A3:6C:99:EC:48:1B:35:74:C0:6E:3B:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919DA63/01BF7BEEE1E311EAB497DD28C4F9AE02/yhlef9JZjYWjbJnsSBs1dMBuOxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yhlef9JZjYWjbJnsSBs1dMBuOxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DA63/01BF7BEEE1E311EAB497DD28C4F9AE02/yhlef9JZjYWjbJnsSBs1dMBuOxc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:a5:d7:8a:d6:b2:18:ea:7c:ab:29:86:86:be:e3:6c:41:39: 8b:e4:23:71:9b:7a:dc:4b:20:19:dc:21:67:59:8a:50:2e:03: bc:4c:ab:33:47:a8:eb:06:21:fe:d7:d4:c7:dc:28:87:35:0d: 7e:92:ec:a6:db:8d:9a:1e:52:ef:43:c5:51:cf:fc:9e:1c:a3: 3c:4a:fa:93:8c:ae:94:13:ea:f3:c0:2c:89:34:76:d1:b9:73: 25:0c:3b:1e:b5:83:f9:32:9f:1d:77:3f:e5:30:2c:fa:c3:8a: 60:17:1a:ce:17:24:c0:3f:2f:5a:ff:71:a1:ad:c3:b1:03:54: 6b:47:08:6c:a3:b1:83:20:fe:05:11:ef:b1:6f:69:e0:35:a8: e3:ee:1e:d9:85:ff:73:eb:bf:20:f5:93:2b:d6:8f:70:f3:75: 01:21:53:77:36:23:67:22:53:bc:ec:b4:ac:d1:49:92:3b:aa: 63:d2:b6:96:18:79:7d:d3:e0:22:74:fe:92:e6:15:1b:be:40: 0e:40:1a:f4:3b:a2:64:13:c9:27:13:41:9a:c6:13:e3:06:12: ea:96:cd:7c:bc:a2:61:45:2f:bd:73:2a:28:b7:c1:95:f6:e0: 53:f7:01:89:f6:4a:35:c5:7d:96:e9:64:2a:97:6d:ad:20:9e: 25:29:01:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OURBNjMxMTAvBgNVBAUTKENBMTk1RTdGRDI1OThEODVBMzZDOTlFQzQ4MUIzNTc0 QzA2RTNCMTcwHhcNMjUwNDIwMjA0MDE0WhcNMjUwNDI3MjA0MDE0WjAYMRYwFAYD VQQDEw02ODA1NWJhZS05YTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo/6VhSPF0uOg/xQz4igl49pov8JU1eRsT81XRH4o1z3/CZfcglXV3Y6Z9Jpq JtfL63JWtdis7HNDGb1i8nAQvd+7df7S9LTtd4XbqRYNs6podC/sEUAHvA0LROLn heEzQBcZizdXccCDlbbZIak3p3JijiTztx5qm//AtrhcqU8JsRpfF+wylSQczMM6 rHi0nxehTBaPIKgqusypFXqrvqEDRQkSYGzScZJg4eIJN+uuTyxjlRVHC51LZ5Zi JqX+mTKtJBFkGvgoRagthDDj6Fi5jJTs5rAG7QqKQUCd6A7ORWklmUlK2pS2Oc48 JTw6eazpeFzDsha4K33uQpYZ9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMEMKgwr jLLVff1fkPjO2u70BHMvMB8GA1UdIwQYMBaAFMoZXn/SWY2Fo2yZ7EgbNXTAbjsX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REE2My8wMUJGN0JFRUUx RTMxMUVBQjQ5N0REMjhDNEY5QUUwMi95aGxlZjlKWmpZV2piSm5zU0JzMWRNQnVP eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lobGVmOUpaallXamJKbnNTQnMxZE1CdU94Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 REE2My8wMUJGN0JFRUUxRTMxMUVBQjQ5N0REMjhDNEY5QUUwMi95aGxlZjlKWmpZ V2piSm5zU0JzMWRNQnVPeGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXpdeK1rIY6nyrKYaGvuNsQTmL5CNxm3rcSyAZ3CFnWYpQLgO8TKsz R6jrBiH+19TH3CiHNQ1+kuym242aHlLvQ8VRz/yeHKM8SvqTjK6UE+rzwCyJNHbR uXMlDDsetYP5Mp8ddz/lMCz6w4pgFxrOFyTAPy9a/3GhrcOxA1RrRwhso7GDIP4F Ee+xb2ngNajj7h7Zhf9z678g9ZMr1o9w83UBIVN3NiNnIlO87LSs0UmSO6pj0raW GHl90+AidP6S5hUbvkAOQBr0O6JkE8knE0GaxhPjBhLqls18vKJhRS+9cyoot8GV 9uBT9wGJ9ko1xX2W6WQql22tIJ4lKQG5 -----END CERTIFICATE-----Generated at Tue Apr 22 04:00:19 2025 by rpki-client