$ rpki-client -vvf rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.mft File: yZNZQ2ka0elTZudBwTkwH7f35ts.mft (raw, json) Hash identifier: wzQQ+Vcbo/ezbwIJ9t4NkClVyXzzSoomiv5jTIPqWeg= Subject key identifier: 17:3F:F8:84:25:84:DD:70:7F:55:40:FF:78:B7:2C:D1:F7:69:AC:15 Authority key identifier: C9:93:59:43:69:1A:D1:E9:53:66:E7:41:C1:39:30:1F:B7:F7:E6:DB Certificate issuer: /CN=A91A531A/serialNumber=C9935943691AD1E95366E741C139301FB7F7E6DB Certificate serial: 0749 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZNZQ2ka0elTZudBwTkwH7f35ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.mft Manifest number: 0743 Signing time: Wed 16 Apr 2025 21:23:25 +0000 Manifest this update: Wed 16 Apr 2025 21:23:24 +0000 Manifest next update: Wed 23 Apr 2025 21:23:24 +0000 Files and hashes: 1: yZNZQ2ka0elTZudBwTkwH7f35ts.crl (hash: 6vf2UVDL9EL3Pg9vvB/CenzGbc94iFfT1nkTem42UlM=) 2: 43C467CA219911EB8F75645EC4F9AE02.roa (hash: 6tZzkzjjo4oBxSeK/R1NOhuzbe0x0nCnZv7oHnkeXMw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.crl rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZNZQ2ka0elTZudBwTkwH7f35ts.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 21:23:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1865 (0x749) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A531A, serialNumber=C9935943691AD1E95366E741C139301FB7F7E6DB Validity Not Before: Apr 16 21:23:24 2025 GMT Not After : Apr 23 21:23:24 2025 GMT Subject: CN=68001fcc-4201 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:db:4d:a2:6f:69:4a:a6:4b:e3:95:ad:f7:f9: c3:ff:bf:51:25:90:94:ad:d5:1c:30:e5:8a:c8:31: f1:38:8e:7f:c2:2a:bc:13:9e:c2:dd:41:27:f3:87: 64:f2:60:77:98:10:10:94:8e:e1:05:22:ca:28:67: 8f:eb:58:ee:93:f1:13:58:f7:69:2b:eb:1d:51:be: c3:3f:09:81:d7:0b:bf:fc:24:86:90:04:c5:97:f8: b0:32:ce:16:5d:3d:a2:b2:c8:dd:3f:e7:85:d4:7a: 0e:b1:73:f0:69:49:5b:42:62:65:a4:99:c9:01:70: 01:d0:59:ec:3a:a8:ba:70:4e:a7:a8:a3:de:28:2f: 0b:6c:d1:6a:92:86:f3:e4:f3:51:14:b9:f8:63:68: 5b:86:f4:d0:53:a5:49:5e:87:83:86:1e:b0:d1:1c: 49:c7:e4:b0:9d:ba:dd:64:5b:1a:59:4f:56:56:e5: 31:f4:2c:d4:d9:61:ef:0a:98:79:0e:39:83:11:4c: ec:a0:af:a0:7b:95:d1:a0:e6:81:00:7a:b0:36:54: f0:ba:54:b7:a1:23:de:16:2b:af:c8:17:fc:c3:0a: 0a:b0:a7:f1:95:d8:f0:e5:60:c4:d8:29:59:51:6c: b8:96:fa:89:9f:55:11:91:a0:a3:17:7b:16:8d:a3: 51:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:3F:F8:84:25:84:DD:70:7F:55:40:FF:78:B7:2C:D1:F7:69:AC:15 X509v3 Authority Key Identifier: keyid:C9:93:59:43:69:1A:D1:E9:53:66:E7:41:C1:39:30:1F:B7:F7:E6:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZNZQ2ka0elTZudBwTkwH7f35ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:96:40:6b:18:05:7b:c0:cf:1d:ae:f3:05:37:32:d6:69:9a: 27:01:3f:6d:c7:92:7c:dc:64:1b:f3:10:bc:53:c3:de:10:85: 88:84:52:9d:3e:31:8b:fc:ca:08:14:15:09:2c:bc:85:07:ba: 0d:4c:2d:a5:e7:68:c0:0f:4b:3e:19:b3:6f:8f:4e:18:cb:63: 8d:fa:75:0d:6f:e0:2a:cc:ca:aa:d5:67:0c:be:6b:ef:93:49: b9:24:dd:41:2b:bd:38:52:99:56:ff:1f:b1:8c:82:9e:b7:60: f6:64:58:78:2f:57:57:7a:99:d7:db:e6:bf:ae:fa:b8:b6:51: 94:1c:70:ce:1e:c4:f7:0c:85:8d:86:52:52:91:19:5d:76:39: 12:83:8f:c6:10:5c:a1:7d:88:05:01:7a:de:83:9e:49:2e:d3: 2f:6d:a9:9a:6b:33:8c:65:1a:07:64:5f:71:0d:b1:80:b1:db: 7c:15:9f:10:83:47:21:06:7e:ab:cc:65:d0:7d:7c:07:cf:b1: a9:be:18:c4:81:69:da:25:86:24:e7:ed:ae:8e:76:2f:23:45: 7f:fa:a0:5b:4c:c8:7e:ff:da:f6:8c:d9:7e:b3:b5:43:f7:8b: 25:cd:bc:6b:f7:05:ee:8c:8b:c9:3d:fd:a7:24:bc:f7:84:88: 46:34:ec:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTUzMUExMTAvBgNVBAUTKEM5OTM1OTQzNjkxQUQxRTk1MzY2RTc0MUMxMzkzMDFG QjdGN0U2REIwHhcNMjUwNDE2MjEyMzI0WhcNMjUwNDIzMjEyMzI0WjAYMRYwFAYD VQQDEw02ODAwMWZjYy00MjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6ttNom9pSqZL45Wt9/nD/79RJZCUrdUcMOWKyDHxOI5/wiq8E57C3UEn84dk 8mB3mBAQlI7hBSLKKGeP61juk/ETWPdpK+sdUb7DPwmB1wu//CSGkATFl/iwMs4W XT2issjdP+eF1HoOsXPwaUlbQmJlpJnJAXAB0FnsOqi6cE6nqKPeKC8LbNFqkobz 5PNRFLn4Y2hbhvTQU6VJXoeDhh6w0RxJx+SwnbrdZFsaWU9WVuUx9CzU2WHvCph5 DjmDEUzsoK+ge5XRoOaBAHqwNlTwulS3oSPeFiuvyBf8wwoKsKfxldjw5WDE2ClZ UWy4lvqJn1URkaCjF3sWjaNRkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBc/+IQl hN1wf1VA/3i3LNH3aawVMB8GA1UdIwQYMBaAFMmTWUNpGtHpU2bnQcE5MB+39+bb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTMxQS8yQkRERkFDRTIx OTcxMUVCQjQ1QjAzNTlDNEY5QUUwMi95Wk5aUTJrYTBlbFRadWRCd1Rrd0g3ZjM1 dHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3laTlpRMmthMGVsVFp1ZEJ3VGt3SDdmMzV0cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTMxQS8yQkRERkFDRTIxOTcxMUVCQjQ1QjAzNTlDNEY5QUUwMi95Wk5aUTJrYTBl bFRadWRCd1Rrd0g3ZjM1dHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASlkBrGAV7wM8drvMFNzLWaZonAT9tx5J83GQb8xC8U8PeEIWIhFKd PjGL/MoIFBUJLLyFB7oNTC2l52jAD0s+GbNvj04Yy2ON+nUNb+AqzMqq1WcMvmvv k0m5JN1BK704UplW/x+xjIKet2D2ZFh4L1dXepnX2+a/rvq4tlGUHHDOHsT3DIWN hlJSkRlddjkSg4/GEFyhfYgFAXreg55JLtMvbamaazOMZRoHZF9xDbGAsdt8FZ8Q g0chBn6rzGXQfXwHz7GpvhjEgWnaJYYk5+2ujnYvI0V/+qBbTMh+/9r2jNl+s7VD 94slzbxr9wXujIvJPf2nJLz3hIhGNOxg -----END CERTIFICATE-----Generated at Fri Apr 18 20:31:30 2025 by rpki-client