$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE9CC/140E527C3A8911E59E802362C4F9AE02/YU2IxDGHVO4zwBKmTFQrOeoE1OE.mft File: YU2IxDGHVO4zwBKmTFQrOeoE1OE.mft (raw, json) Hash identifier: QGUnc24omVZlowRT/dp7yJm6TjR8Lk6772y5Jln88iY= Subject key identifier: 23:F7:33:91:B5:44:11:83:41:12:02:C2:90:65:5E:8B:12:05:7A:F2 Authority key identifier: 61:4D:88:C4:31:87:54:EE:33:C0:12:A6:4C:54:2B:39:EA:04:D4:E1 Certificate issuer: /CN=A91AE9CC/serialNumber=614D88C4318754EE33C012A64C542B39EA04D4E1 Certificate serial: 24AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YU2IxDGHVO4zwBKmTFQrOeoE1OE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE9CC/140E527C3A8911E59E802362C4F9AE02/YU2IxDGHVO4zwBKmTFQrOeoE1OE.mft Manifest number: 249C Signing time: Fri 04 Apr 2025 15:49:58 +0000 Manifest this update: Fri 04 Apr 2025 15:49:57 +0000 Manifest next update: Fri 11 Apr 2025 15:49:57 +0000 Files and hashes: 1: YU2IxDGHVO4zwBKmTFQrOeoE1OE.crl (hash: wZUgUx+yiNK7UOH/JdeOGjOreclntaRcFxLqwFr4Cfw=) 2: 3A73B3A254EB11E7A50F9822C4F9AE02.roa (hash: VpHAZdWeijuNJKWvKLj0k1xE9YF+5hfOXRYAI6729SM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE9CC/140E527C3A8911E59E802362C4F9AE02/YU2IxDGHVO4zwBKmTFQrOeoE1OE.crl rsync://rpki.apnic.net/member_repository/A91AE9CC/140E527C3A8911E59E802362C4F9AE02/YU2IxDGHVO4zwBKmTFQrOeoE1OE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YU2IxDGHVO4zwBKmTFQrOeoE1OE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 15:49:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9389 (0x24ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE9CC Validity Not Before: Apr 4 15:49:57 2025 GMT Not After : Apr 11 15:49:57 2025 GMT Subject: CN=67efffa5-6d39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1c:f7:16:22:3a:85:a8:d4:4c:76:67:df:78: e5:cc:a5:7c:e2:72:d3:f5:1f:f0:6a:95:0d:97:28: 26:03:ab:36:81:d9:36:38:ed:02:ea:a3:43:96:d1: 01:70:55:61:79:8a:72:c4:1b:c5:f8:8a:75:ed:59: bd:e4:05:4e:d7:c2:b5:40:30:35:2c:b1:a8:33:18: d4:0c:29:3e:24:25:d8:64:5b:89:4e:05:1e:c4:4b: 17:76:36:9c:cd:9b:43:43:be:5a:12:5c:25:b0:86: 9b:b3:72:48:7c:c9:65:6b:12:e8:89:00:f1:61:e8: e4:f6:3b:e9:9b:36:b0:93:1e:de:3c:5f:e3:3a:1e: 85:03:ad:76:08:6c:b6:7b:8d:d1:09:40:26:b6:6f: 15:5f:a7:b2:b4:2d:a5:42:c2:5e:7f:dd:5d:7d:d3: 43:59:f7:71:5b:85:c6:9f:f8:36:66:db:99:7a:a7: 4e:dd:f8:42:2b:ff:35:a8:9c:75:5c:c6:08:ad:2a: 97:c2:b3:82:a8:2f:ca:66:f0:6d:2d:80:53:a3:3d: a5:f2:a6:c2:4d:48:ed:05:41:af:fc:f2:c2:c2:a9: 78:ed:1e:ee:3a:1a:a7:e2:dc:d2:12:42:c2:90:9c: f3:01:cc:05:fa:3d:0b:75:72:a3:96:01:09:ff:96: ba:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:F7:33:91:B5:44:11:83:41:12:02:C2:90:65:5E:8B:12:05:7A:F2 X509v3 Authority Key Identifier: keyid:61:4D:88:C4:31:87:54:EE:33:C0:12:A6:4C:54:2B:39:EA:04:D4:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE9CC/140E527C3A8911E59E802362C4F9AE02/YU2IxDGHVO4zwBKmTFQrOeoE1OE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YU2IxDGHVO4zwBKmTFQrOeoE1OE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE9CC/140E527C3A8911E59E802362C4F9AE02/YU2IxDGHVO4zwBKmTFQrOeoE1OE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:f1:2d:b1:90:62:2a:d4:79:b8:13:4e:3f:ab:af:cc:43:e2: 5d:05:2b:90:76:d6:7d:76:7d:e0:b4:7c:7e:57:98:be:4d:0d: 07:7c:a4:55:1c:c2:b2:bc:e0:06:b3:51:4a:5e:ca:9e:85:6a: 48:ad:2f:1e:25:14:2c:ec:f4:70:ec:ba:27:e1:ea:62:26:95: c1:c4:87:ca:82:2b:75:ce:b9:85:02:3e:7d:47:00:fb:52:11: fb:04:f7:0c:66:10:91:8b:42:55:51:51:8d:65:c6:6b:ba:f5: 68:3f:42:23:52:17:e6:e1:8b:dc:43:b1:4b:aa:9c:4c:67:26: a4:30:ec:33:f2:b8:c6:ff:9f:6e:9f:92:f7:fc:8f:ea:09:68: b7:31:73:39:c8:dd:6c:88:34:ec:18:2d:f1:82:f3:4f:c8:a2: d7:d9:1c:64:a7:04:87:09:00:59:b5:59:94:1b:4b:55:59:d3: 49:6c:c4:b6:58:73:62:b3:a2:f6:e9:56:bf:c4:89:08:63:ee: 58:4d:4f:0d:90:6f:3b:32:53:cf:64:b1:99:17:cc:a3:d7:f6: 01:16:1d:e9:b3:81:31:91:04:17:bc:ef:4e:88:75:2c:f6:c8: bf:9f:f4:37:c8:27:f7:91:42:5c:2a:17:90:61:13:35:ed:4a: a7:53:da:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU5Q0MxMTAvBgNVBAUTKDYxNEQ4OEM0MzE4NzU0RUUzM0MwMTJBNjRDNTQyQjM5 RUEwNEQ0RTEwHhcNMjUwNDA0MTU0OTU3WhcNMjUwNDExMTU0OTU3WjAYMRYwFAYD VQQDEw02N2VmZmZhNS02ZDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApBz3FiI6hajUTHZn33jlzKV84nLT9R/wapUNlygmA6s2gdk2OO0C6qNDltEB cFVheYpyxBvF+Ip17Vm95AVO18K1QDA1LLGoMxjUDCk+JCXYZFuJTgUexEsXdjac zZtDQ75aElwlsIabs3JIfMllaxLoiQDxYejk9jvpmzawkx7ePF/jOh6FA612CGy2 e43RCUAmtm8VX6eytC2lQsJef91dfdNDWfdxW4XGn/g2ZtuZeqdO3fhCK/81qJx1 XMYIrSqXwrOCqC/KZvBtLYBToz2l8qbCTUjtBUGv/PLCwql47R7uOhqn4tzSEkLC kJzzAcwF+j0LdXKjlgEJ/5a6uQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCP3M5G1 RBGDQRICwpBlXosSBXryMB8GA1UdIwQYMBaAFGFNiMQxh1TuM8ASpkxUKznqBNTh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTlDQy8xNDBFNTI3QzNB ODkxMUU1OUU4MDIzNjJDNEY5QUUwMi9ZVTJJeERHSFZPNHp3QkttVEZRck9lb0Ux T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lVMkl4REdIVk80endCS21URlFyT2VvRTFPRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTlDQy8xNDBFNTI3QzNBODkxMUU1OUU4MDIzNjJDNEY5QUUwMi9ZVTJJeERHSFZP NHp3QkttVEZRck9lb0UxT0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBC8S2xkGIq1Hm4E04/q6/MQ+JdBSuQdtZ9dn3gtHx+V5i+TQ0HfKRV HMKyvOAGs1FKXsqehWpIrS8eJRQs7PRw7Lon4epiJpXBxIfKgit1zrmFAj59RwD7 UhH7BPcMZhCRi0JVUVGNZcZruvVoP0IjUhfm4YvcQ7FLqpxMZyakMOwz8rjG/59u n5L3/I/qCWi3MXM5yN1siDTsGC3xgvNPyKLX2RxkpwSHCQBZtVmUG0tVWdNJbMS2 WHNis6L26Va/xIkIY+5YTU8NkG87MlPPZLGZF8yj1/YBFh3ps4ExkQQXvO9OiHUs 9si/n/Q3yCf3kUJcKheQYRM17UqnU9pq -----END CERTIFICATE-----Generated at Fri Apr 4 22:19:53 2025 by rpki-client