$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.mft File: ygziy6mc3g2QJ_zkhk8myRPUGeM.mft (raw, json) Hash identifier: WeYNXV9c1LIdO4sjLRAgaTkhk0Sd7WSQ5YsxCccI/cc= Subject key identifier: 30:9C:85:DC:20:0C:0C:C2:DA:35:24:C7:55:A2:4B:5E:CA:A6:48:C0 Authority key identifier: CA:0C:E2:CB:A9:9C:DE:0D:90:27:FC:E4:86:4F:26:C9:13:D4:19:E3 Certificate issuer: /CN=A91B2C43/serialNumber=CA0CE2CBA99CDE0D9027FCE4864F26C913D419E3 Certificate serial: 0B45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.mft Manifest number: 0B2E Signing time: Fri 04 Apr 2025 19:20:56 +0000 Manifest this update: Fri 04 Apr 2025 19:20:55 +0000 Manifest next update: Fri 11 Apr 2025 19:20:55 +0000 Files and hashes: 1: ygziy6mc3g2QJ_zkhk8myRPUGeM.crl (hash: JYZVVCqJcCJ7uIx+XILuaVnPfQKQ4wQbYjPV/4jZ7W8=) 2: AD989788E05511EEADC7D67EC4F9AE02.roa (hash: qdT15ZjLC1IrSR6bLqPoZgH+T/K5K2zwaD+DCLBWfqA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.crl rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:20:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2885 (0xb45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2C43 Validity Not Before: Apr 4 19:20:55 2025 GMT Not After : Apr 11 19:20:55 2025 GMT Subject: CN=67f03117-72f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:71:91:ff:e5:d3:c8:58:56:6c:11:1f:86:43: f9:58:90:1f:fe:fe:9b:ff:89:f1:df:b2:b5:b5:77: c1:9b:24:6f:85:6c:13:94:22:77:fe:8b:e9:8d:5b: a0:f5:5f:e5:23:8b:5c:8c:e9:8b:b8:47:93:68:21: f0:2f:33:b4:56:5d:5f:c7:0b:95:1d:9c:70:b2:22: a1:23:6a:26:f4:92:20:c0:8c:32:21:81:18:43:2c: 86:e0:c9:e9:da:20:db:5d:db:62:b8:03:ea:21:53: 3e:e6:dc:83:96:ed:db:41:c1:36:c5:df:95:e7:8a: 2b:d1:56:30:63:45:60:2f:d3:06:05:20:07:a3:cb: 95:7c:e9:85:be:6f:82:4f:29:24:f9:74:0a:b1:0e: 2e:a7:d3:52:50:3c:76:6c:cc:f3:e3:9c:02:7c:34: 41:21:68:82:bb:fc:cf:85:31:83:5c:f6:f8:5f:95: cc:ac:b8:d7:b2:be:1c:80:0a:b2:95:9f:f0:67:2d: 07:57:7d:aa:5f:c5:c2:03:d9:f3:53:ab:e0:c9:5d: 4a:fa:9e:4c:fe:f0:60:70:9a:81:5c:67:ea:57:bb: 5d:12:09:a0:75:4f:ce:bf:7d:48:12:d3:d2:26:25: 52:ac:8b:bb:b1:31:42:ae:e6:9e:38:62:77:05:82: 2e:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:9C:85:DC:20:0C:0C:C2:DA:35:24:C7:55:A2:4B:5E:CA:A6:48:C0 X509v3 Authority Key Identifier: keyid:CA:0C:E2:CB:A9:9C:DE:0D:90:27:FC:E4:86:4F:26:C9:13:D4:19:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:78:5b:14:1b:df:2d:a2:ea:8f:08:b6:1b:e8:3e:90:0c:ed: ec:9c:ad:d0:f6:35:97:28:b5:f8:10:3c:11:eb:b1:97:1a:14: 60:9e:d8:33:52:18:11:6e:e8:f2:e2:a3:a8:95:f2:71:5e:44: ef:fd:fe:94:36:8c:a9:1c:bb:a6:40:a0:61:4f:cf:a0:80:9d: 74:0a:77:64:02:2d:a7:79:a6:ce:f1:4b:fd:5e:8e:7d:49:bd: 1d:31:82:05:72:78:ad:04:5f:60:c7:32:99:01:37:47:20:21: 16:fc:24:89:92:29:15:fa:80:a6:02:51:87:b6:a1:a3:62:84: ee:72:f9:6c:b1:25:6a:fa:f7:cb:84:0d:94:3b:07:47:6a:dd: 32:e1:50:c6:ba:f3:c8:f0:fe:e3:72:90:2e:d0:3a:23:74:f9: 58:23:b7:82:66:50:ae:70:48:ae:d5:87:3e:28:7b:ed:57:35: 20:bf:d9:2b:65:f9:d5:f3:68:59:e5:75:8b:5a:85:bc:49:64: 23:cd:3b:66:ad:77:88:8a:6e:72:01:89:94:8b:0f:78:64:05: 5a:f0:e2:65:1c:6a:a7:63:4c:50:92:b5:83:c7:19:11:fd:f8: af:cc:ba:1a:a0:4b:81:88:ff:04:6b:41:e8:20:0f:6a:74:0d: ce:fd:da:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJDNDMxMTAvBgNVBAUTKENBMENFMkNCQTk5Q0RFMEQ5MDI3RkNFNDg2NEYyNkM5 MTNENDE5RTMwHhcNMjUwNDA0MTkyMDU1WhcNMjUwNDExMTkyMDU1WjAYMRYwFAYD VQQDEw02N2YwMzExNy03MmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsnGR/+XTyFhWbBEfhkP5WJAf/v6b/4nx37K1tXfBmyRvhWwTlCJ3/ovpjVug 9V/lI4tcjOmLuEeTaCHwLzO0Vl1fxwuVHZxwsiKhI2om9JIgwIwyIYEYQyyG4Mnp 2iDbXdtiuAPqIVM+5tyDlu3bQcE2xd+V54or0VYwY0VgL9MGBSAHo8uVfOmFvm+C Tykk+XQKsQ4up9NSUDx2bMzz45wCfDRBIWiCu/zPhTGDXPb4X5XMrLjXsr4cgAqy lZ/wZy0HV32qX8XCA9nzU6vgyV1K+p5M/vBgcJqBXGfqV7tdEgmgdU/Ov31IEtPS JiVSrIu7sTFCruaeOGJ3BYIu4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDCchdwg DAzC2jUkx1WiS17KpkjAMB8GA1UdIwQYMBaAFMoM4supnN4NkCf85IZPJskT1Bnj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkM0My9EQzJGNTQ2ODM5 RTQxMUVBOTYxNzMzNzRDNEY5QUUwMi95Z3ppeTZtYzNnMlFKX3praGs4bXlSUFVH ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lneml5Nm1jM2cyUUpfemtoazhteVJQVUdlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkM0My9EQzJGNTQ2ODM5RTQxMUVBOTYxNzMzNzRDNEY5QUUwMi95Z3ppeTZtYzNn MlFKX3praGs4bXlSUFVHZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWeFsUG98touqPCLYb6D6QDO3snK3Q9jWXKLX4EDwR67GXGhRgntgz UhgRbujy4qOolfJxXkTv/f6UNoypHLumQKBhT8+ggJ10CndkAi2neabO8Uv9Xo59 Sb0dMYIFcnitBF9gxzKZATdHICEW/CSJkikV+oCmAlGHtqGjYoTucvlssSVq+vfL hA2UOwdHat0y4VDGuvPI8P7jcpAu0DojdPlYI7eCZlCucEiu1Yc+KHvtVzUgv9kr ZfnV82hZ5XWLWoW8SWQjzTtmrXeIim5yAYmUiw94ZAVa8OJlHGqnY0xQkrWDxxkR /fivzLoaoEuBiP8Ea0HoIA9qdA3O/dpg -----END CERTIFICATE-----Generated at Fri Apr 4 22:40:14 2025 by rpki-client