$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft File: y8ZgM3D76EzM4GToT08m7b7CZ7E.mft (raw, json) Hash identifier: coSYelXcyBg7OFje8v2hTRj/aO1e8MpbG2hPJw5L4Zw= Subject key identifier: F7:65:C6:76:5E:88:90:70:73:C0:A6:E5:DE:4D:F6:40:0F:57:B6:6B Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 Certificate issuer: /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft Manifest number: 20 Signing time: Sat 05 Apr 2025 07:07:56 +0000 Manifest this update: Sat 05 Apr 2025 07:07:55 +0000 Manifest next update: Sat 12 Apr 2025 07:07:55 +0000 Files and hashes: 1: y8ZgM3D76EzM4GToT08m7b7CZ7E.crl (hash: xOO1Q+DqK0GrvOVwGqm4iOguvr5HwRnMlmoqIEE9iu0=) 2: B97BD74AE4FF11EFB75F5836C4F9AE02.roa (hash: KR4Tx3kFeLSQKCW18mb5WqFjOSaFssRkJQn1FwH+pqg=) 3: EF512526E6D711EF8D300475C4F9AE02.roa (hash: G+h7ToXq8XsAorxWYN7LBRMYmAjacElCFrNbKrsrwaE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9CA8 Validity Not Before: Apr 5 07:07:55 2025 GMT Not After : Apr 12 07:07:55 2025 GMT Subject: CN=67f0d6cc-32b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:fc:97:41:36:40:a7:03:2c:29:a4:29:5b:c2: b8:e2:a4:78:4f:29:d7:4a:d9:18:8f:05:0d:1a:c6: c8:99:65:fd:1b:56:30:ba:36:e1:42:37:e5:80:7e: be:06:d2:c2:35:0a:20:3d:63:f1:38:e4:df:af:0e: 7b:d4:e9:7d:54:5d:51:86:d1:de:4f:b4:f2:15:6d: 13:d1:81:09:a9:2c:26:fb:17:a5:41:4f:da:7b:dc: 0b:f9:ca:e8:f4:20:34:50:49:b5:ba:dc:a1:25:23: a7:24:83:b6:30:f4:1c:24:23:92:ae:70:b0:f7:42: b3:8a:9a:78:68:cc:fc:4e:fc:38:af:bf:2d:79:ba: d5:22:c3:d0:14:ce:69:a8:ef:35:ab:8c:eb:37:0f: fa:18:1c:04:7b:ad:4b:de:37:e6:bb:25:7c:91:86: ba:4e:a7:c6:42:56:fe:d3:70:33:c3:59:8b:db:23: 87:ae:97:e8:eb:66:e3:87:13:76:78:ac:26:56:d5: 20:0a:f0:01:65:b4:ad:56:f3:97:39:dd:f4:10:17: 12:cb:13:7b:40:a0:63:47:b9:39:4a:a0:5b:6b:69: 85:3d:17:a5:76:24:98:31:07:7e:13:b7:4f:03:9e: bc:0c:bd:d6:6b:0b:f2:f5:95:a0:1e:80:75:f4:84: 04:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:65:C6:76:5E:88:90:70:73:C0:A6:E5:DE:4D:F6:40:0F:57:B6:6B X509v3 Authority Key Identifier: keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:60:36:55:96:11:36:53:62:93:db:a7:29:23:9a:95:99:1b: 61:51:58:a3:61:fe:52:6b:7a:e0:6b:ab:1b:99:41:d8:06:cc: 67:d3:06:b4:3b:47:7d:84:4a:85:a8:6d:51:89:e0:c7:99:93: db:ac:f3:f1:f0:af:5f:a5:b1:4e:fb:61:02:18:34:34:33:be: c8:b2:dd:57:ea:f2:09:96:15:05:2a:0a:72:83:4b:c4:11:78: 24:40:c0:27:71:a9:ea:ce:ac:06:cb:aa:8d:7c:70:e2:d2:50: 92:9a:84:d5:51:de:cb:6e:54:81:d1:59:4d:e2:ce:3e:56:d0: b9:92:94:f7:1b:91:69:16:01:5b:58:c4:4a:ab:1e:46:ec:42: 90:07:02:e8:12:58:c6:2c:ac:d0:3b:13:4b:be:0f:c9:c1:76: 98:bc:0d:60:67:6a:dc:10:37:98:e0:8d:ac:8b:6c:21:f2:b9: 9c:b8:cf:3d:8c:e5:6e:e1:11:98:6e:24:6c:9a:1e:02:bb:dd: 65:0a:bc:20:be:0f:7c:15:55:8d:e9:1e:ce:1a:79:f5:88:e0: fe:58:09:98:dc:2a:e3:7b:8a:a1:10:03:2c:5d:fb:ad:ce:12: 20:9f:6c:4a:2a:24:28:1d:81:64:1a:0b:a5:89:63:0e:07:15: cd:03:3f:c7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC RUMyNjdCMTAeFw0yNTA0MDUwNzA3NTVaFw0yNTA0MTIwNzA3NTVaMBgxFjAUBgNV BAMTDTY3ZjBkNmNjLTMyYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDH/JdBNkCnAywppClbwrjipHhPKddK2RiPBQ0axsiZZf0bVjC6NuFCN+WAfr4G 0sI1CiA9Y/E45N+vDnvU6X1UXVGG0d5PtPIVbRPRgQmpLCb7F6VBT9p73Av5yuj0 IDRQSbW63KElI6ckg7Yw9BwkI5KucLD3QrOKmnhozPxO/Divvy15utUiw9AUzmmo 7zWrjOs3D/oYHAR7rUveN+a7JXyRhrpOp8ZCVv7TcDPDWYvbI4eul+jrZuOHE3Z4 rCZW1SAK8AFltK1W85c53fQQFxLLE3tAoGNHuTlKoFtraYU9F6V2JJgxB34Tt08D nrwMvdZrC/L1laAegHX0hAR9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU92XGdl6I kHBzwKbl3k32QA9XtmswHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5 Q0E4LzIwREEyNzQ2RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6 TTRHVG9UMDhtN2I3Q1o3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH5gNlWWETZTYpPbpykjmpWZG2FRWKNh/lJreuBrqxuZQdgGzGfTBrQ7 R32ESoWobVGJ4MeZk9us8/Hwr1+lsU77YQIYNDQzvsiy3Vfq8gmWFQUqCnKDS8QR eCRAwCdxqerOrAbLqo18cOLSUJKahNVR3stuVIHRWU3izj5W0LmSlPcbkWkWAVtY xEqrHkbsQpAHAugSWMYsrNA7E0u+D8nBdpi8DWBnatwQN5jgjayLbCHyuZy4zz2M 5W7hEZhuJGyaHgK73WUKvCC+D3wVVY3pHs4aefWI4P5YCZjcKuN7iqEQAyxd+63O EiCfbEoqJCgdgWQaC6WJYw4HFc0DP8c= -----END CERTIFICATE-----Generated at Sat Apr 5 13:25:11 2025 by rpki-client