$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft File: yq3LrMUbKkZS3XMHTygsM00BAnc.mft (raw, json) Hash identifier: eyjBdneyF5/MEnm92NpzZ1EbfAquwM8T0ontfm/Ihw8= Subject key identifier: E3:08:31:20:18:41:95:59:1C:3B:25:FF:6E:30:13:D7:F6:63:8E:EF Authority key identifier: CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77 Certificate issuer: /CN=A91DCCB3/serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277 Certificate serial: 0984 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft Manifest number: 097E Signing time: Sun 06 Apr 2025 19:52:31 +0000 Manifest this update: Sun 06 Apr 2025 19:52:30 +0000 Manifest next update: Sun 13 Apr 2025 19:52:30 +0000 Files and hashes: 1: yq3LrMUbKkZS3XMHTygsM00BAnc.crl (hash: HIfs689wcFjQ60HW/wCX+JVGtpobpMY4POUXdkFdZ3U=) 2: 57EE11D0895D11EA81B43245C4F9AE02.roa (hash: LX76oihYc6Vcq0IqMjxINDxugVvobb/j/buf30BAPmQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 19:52:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2436 (0x984) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCCB3 Validity Not Before: Apr 6 19:52:30 2025 GMT Not After : Apr 13 19:52:30 2025 GMT Subject: CN=67f2db7e-ff3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f4:06:99:0b:84:a4:70:fa:1a:cb:db:9f:3f: d3:9a:b0:07:b4:38:ff:04:8e:4e:f4:94:cc:d1:82: 6c:23:2f:e8:05:f0:e7:ec:f1:c9:3d:f7:2a:c0:89: f9:05:2c:3e:f9:0b:50:78:f1:2b:97:35:60:a3:f6: 79:02:71:f7:1a:14:9a:fa:4f:30:8b:db:ee:41:11: b8:ea:5c:62:7b:3d:51:19:62:6e:90:77:ca:bd:a4: 1a:08:e2:e4:c3:7f:fe:26:1f:9a:d7:f5:0e:bb:f9: a0:a0:0c:5e:a8:8a:83:30:4d:e4:f1:c1:a8:4e:20: 2c:e0:40:ec:91:87:bc:49:3c:bc:97:3d:73:82:94: cb:3f:c8:8e:30:d1:9d:8e:c9:70:08:ef:38:ff:29: f6:93:0b:92:8d:c3:ed:f2:1b:78:89:02:f3:3a:e9: 8b:22:4b:8b:c1:71:cd:1b:6f:25:bc:9f:ae:bf:e0: e4:01:da:f6:57:45:f7:b6:93:31:76:42:3a:c3:ce: 54:09:9d:f7:82:03:1e:8a:88:8c:77:98:60:fa:65: 2f:a9:e7:d5:90:ec:69:f1:7b:3a:41:cf:62:73:4f: b5:87:89:f5:59:9f:9b:b6:34:10:d6:90:1c:bf:bb: 87:b8:f1:03:7b:d0:bd:02:b4:c3:81:e4:27:ac:8d: 78:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:08:31:20:18:41:95:59:1C:3B:25:FF:6E:30:13:D7:F6:63:8E:EF X509v3 Authority Key Identifier: keyid:CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:ef:4a:10:3b:33:a2:cf:df:cc:82:2c:56:e5:4d:ab:43:12: 13:b9:d4:b4:ac:53:5f:a1:7f:a9:0a:f8:75:d0:54:f4:d7:5e: 92:a4:88:c2:43:77:b0:47:7d:71:d4:37:f2:1c:73:17:6d:ab: 50:60:43:71:35:9d:33:09:ef:93:d3:a6:8b:af:95:8c:6f:b5: d4:a3:28:b0:50:35:88:70:36:27:ef:bf:53:7c:a0:3e:84:f0: fa:f6:a5:52:e5:17:a0:61:e3:f8:71:91:60:56:10:20:71:ce: be:08:e4:a5:b8:e6:a4:79:d3:c0:1f:33:69:3e:de:a1:06:a7: f7:d5:86:d2:40:49:9b:6e:13:32:f5:38:a8:a3:b0:f9:5d:5f: 50:6e:69:2c:8f:78:f7:08:69:2f:d5:cf:72:7f:c3:88:fe:22: b2:f5:fc:8d:a6:d5:95:98:2b:97:cc:76:10:65:6f:c6:96:09: e5:0f:ab:4a:3c:94:f3:42:dd:3d:65:1b:30:76:94:18:3c:e5: 7f:43:a0:af:5e:f3:91:63:0e:94:5a:de:80:24:ba:74:44:0c: 4f:c1:74:26:5f:c4:54:84:87:92:a9:65:32:92:5d:67:99:26: 6f:74:d3:4e:d8:f5:bb:a9:2e:83:58:86:b3:d5:b7:52:e7:64: 63:cb:28:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENDQjMxMTAvBgNVBAUTKENBQURDQkFDQzUxQjJBNDY1MkRENzMwNzRGMjgyQzMz NEQwMTAyNzcwHhcNMjUwNDA2MTk1MjMwWhcNMjUwNDEzMTk1MjMwWjAYMRYwFAYD VQQDEw02N2YyZGI3ZS1mZjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs/QGmQuEpHD6Gsvbnz/TmrAHtDj/BI5O9JTM0YJsIy/oBfDn7PHJPfcqwIn5 BSw++QtQePErlzVgo/Z5AnH3GhSa+k8wi9vuQRG46lxiez1RGWJukHfKvaQaCOLk w3/+Jh+a1/UOu/mgoAxeqIqDME3k8cGoTiAs4EDskYe8STy8lz1zgpTLP8iOMNGd jslwCO84/yn2kwuSjcPt8ht4iQLzOumLIkuLwXHNG28lvJ+uv+DkAdr2V0X3tpMx dkI6w85UCZ33ggMeioiMd5hg+mUvqefVkOxp8Xs6Qc9ic0+1h4n1WZ+btjQQ1pAc v7uHuPEDe9C9ArTDgeQnrI148QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOMIMSAY QZVZHDsl/24wE9f2Y47vMB8GA1UdIwQYMBaAFMqty6zFGypGUt1zB08oLDNNAQJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0NCMy80MUZENjAxNjg5 NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktrWlMzWE1IVHlnc00wMEJB bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lxM0xyTVViS2taUzNYTUhUeWdzTTAwQkFuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Q0NCMy80MUZENjAxNjg5NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktr WlMzWE1IVHlnc00wMEJBbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDB70oQOzOiz9/MgixW5U2rQxITudS0rFNfoX+pCvh10FT0116SpIjC Q3ewR31x1DfyHHMXbatQYENxNZ0zCe+T06aLr5WMb7XUoyiwUDWIcDYn779TfKA+ hPD69qVS5RegYeP4cZFgVhAgcc6+COSluOakedPAHzNpPt6hBqf31YbSQEmbbhMy 9Tioo7D5XV9Qbmksj3j3CGkv1c9yf8OI/iKy9fyNptWVmCuXzHYQZW/GlgnlD6tK PJTzQt09ZRswdpQYPOV/Q6CvXvORYw6UWt6AJLp0RAxPwXQmX8RUhIeSqWUykl1n mSZvdNNO2PW7qS6DWIaz1bdS52RjyyiS -----END CERTIFICATE-----Generated at Mon Apr 7 13:31:32 2025 by rpki-client