$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft File: yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft (raw, json) Hash identifier: 3W8Oj1nP7YFaOnd+YWKfwmxaey5yhHYaDlzPOUMVBF4= Subject key identifier: 6F:C2:E0:42:8B:60:1C:66:19:77:C5:B7:10:C6:7C:7A:55:2D:9F:D9 Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Certificate serial: 059B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft Manifest number: 0584 Signing time: Fri 28 Mar 2025 23:36:44 +0000 Manifest this update: Fri 28 Mar 2025 23:36:44 +0000 Manifest next update: Fri 04 Apr 2025 23:36:44 +0000 Files and hashes: 1: yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl (hash: VuFjTemora7kPSpf8t778Psb9FQhpmaXQjXIm7U81Nw=) 2: 5FA1BF8802DD11EE86865A23C4F9AE02.roa (hash: 7u5yHhUW0tmFUgtQda0G1m191zC3pVBVWPeiM8HQpSA=) 3: 3003C4BA7C7711EEB9E0BE15C4F9AE02.roa (hash: Xz6Xru04ViNNh7Q7EJ1CGljDe/pHgy9BajE+WZV+a3c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 23:36:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1435 (0x59b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D Validity Not Before: Mar 28 23:36:44 2025 GMT Not After : Apr 4 23:36:44 2025 GMT Subject: CN=67e7328c-908f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2d:50:10:bc:1b:09:e0:b4:f8:c1:1f:9e:d4: ec:3e:d5:a6:aa:68:f8:70:64:94:df:35:9d:97:be: 7b:ff:f5:6c:23:e1:31:0c:b7:12:ac:af:7b:99:41: 43:29:87:70:14:df:82:64:2e:6d:df:69:9a:a4:05: 04:16:ab:6e:1c:f0:cf:4d:76:5d:b7:41:58:d1:28: fc:c3:3b:01:da:28:64:2e:eb:f8:fb:f3:d2:4d:84: 58:0d:dc:81:af:4c:23:49:0d:77:6f:fe:71:2b:f2: b2:16:a2:e4:bd:2d:38:a3:b9:47:28:c2:b5:64:26: 2d:24:02:02:dc:dc:77:02:81:22:42:4b:94:c9:e6: b9:ed:63:17:a2:72:5d:aa:18:a9:82:5f:c9:6e:4f: be:8a:3c:bc:66:e8:a5:66:36:5e:ce:f1:d5:27:fc: 66:60:dd:61:bf:58:9d:f9:84:41:37:9a:a6:3e:1a: e6:98:bc:1e:e2:1b:7a:d4:b3:41:4d:ed:6a:85:16: 53:14:44:dc:81:80:41:31:16:7e:06:66:c4:f4:1f: 94:d5:00:74:56:c7:18:d8:20:e3:bd:de:90:ad:28: d5:39:a2:72:9b:88:6f:0c:36:b9:a5:8d:b1:18:f8: b0:ab:15:04:3b:96:ef:ed:3e:e0:5e:ac:ba:2a:be: 25:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:C2:E0:42:8B:60:1C:66:19:77:C5:B7:10:C6:7C:7A:55:2D:9F:D9 X509v3 Authority Key Identifier: keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:18:7e:75:09:33:0b:c1:d5:f4:7a:2b:05:95:ca:3c:b8:93: 62:66:bf:72:a7:22:14:ee:99:51:3c:a0:fb:cc:a6:03:85:32: a7:59:66:fe:bf:b5:f1:12:28:0e:e2:65:66:a0:ac:09:76:f5: 72:14:7c:7d:f6:96:c5:c4:33:d7:2a:46:46:1a:45:c7:b1:5f: a2:b9:7a:c8:fd:8d:dc:fb:0a:a3:b2:26:4d:99:59:46:cd:2c: 9a:71:ba:da:74:7a:20:b1:fb:a1:39:c8:dd:a4:e5:ee:44:15: fc:6c:37:7f:58:a3:d7:92:48:9f:36:1c:26:3e:db:54:fa:c1: 61:94:86:ea:b4:28:70:5f:74:76:23:ad:04:dc:82:50:9c:85: 49:a0:38:27:01:c6:44:13:0a:ea:aa:78:41:29:f3:54:d6:81: ce:cc:da:7f:9e:61:4d:69:d3:bc:3f:d8:a1:eb:68:c8:b6:f7: c7:cb:fa:d2:53:4e:6a:98:ce:6e:81:07:02:68:01:a7:9a:60: a1:bf:06:99:f5:32:47:53:27:75:8c:5e:69:49:a5:07:4c:b4: 84:49:4e:17:64:5a:fc:18:43:00:83:ee:11:21:4d:ba:8d:ec: 7d:a9:55:c2:b0:df:3a:30:c5:76:1d:58:f7:75:79:9d:3c:77: 2c:b4:9c:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF Qjk4RkY3MDEwHhcNMjUwMzI4MjMzNjQ0WhcNMjUwNDA0MjMzNjQ0WjAYMRYwFAYD VQQDEw02N2U3MzI4Yy05MDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsi1QELwbCeC0+MEfntTsPtWmqmj4cGSU3zWdl757//VsI+ExDLcSrK97mUFD KYdwFN+CZC5t32mapAUEFqtuHPDPTXZdt0FY0Sj8wzsB2ihkLuv4+/PSTYRYDdyB r0wjSQ13b/5xK/KyFqLkvS04o7lHKMK1ZCYtJAIC3Nx3AoEiQkuUyea57WMXonJd qhipgl/Jbk++ijy8ZuilZjZezvHVJ/xmYN1hv1id+YRBN5qmPhrmmLwe4ht61LNB Te1qhRZTFETcgYBBMRZ+BmbE9B+U1QB0VscY2CDjvd6QrSjVOaJym4hvDDa5pY2x GPiwqxUEO5bv7T7gXqy6Kr4lCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG/C4EKL YBxmGXfFtxDGfHpVLZ/ZMB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5 d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1Vm LUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhGH51CTMLwdX0eisFlco8uJNiZr9ypyIU7plRPKD7zKYDhTKnWWb+ v7XxEigO4mVmoKwJdvVyFHx99pbFxDPXKkZGGkXHsV+iuXrI/Y3c+wqjsiZNmVlG zSyacbradHogsfuhOcjdpOXuRBX8bDd/WKPXkkifNhwmPttU+sFhlIbqtChwX3R2 I60E3IJQnIVJoDgnAcZEEwrqqnhBKfNU1oHOzNp/nmFNadO8P9ih62jItvfHy/rS U05qmM5ugQcCaAGnmmChvwaZ9TJHUyd1jF5pSaUHTLSESU4XZFr8GEMAg+4RIU26 jex9qVXCsN86MMV2HVj3dXmdPHcstJzA -----END CERTIFICATE-----Generated at Fri Apr 4 21:55:52 2025 by rpki-client