$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.mft File: _RYHGGNz6B9E0TeyoOlpV-YquKE.mft (raw, json) Hash identifier: G5C6n+0RyV7covKp3o3Gs9Qx9zqH4bPl3PYZZ7e1aRY= Subject key identifier: 84:B6:1A:75:15:4D:70:0C:E7:5D:04:32:5A:8E:A9:78:5A:EA:37:6C Authority key identifier: FD:16:07:18:63:73:E8:1F:44:D1:37:B2:A0:E9:69:57:E6:2A:B8:A1 Certificate issuer: /CN=A91EA958/serialNumber=FD1607186373E81F44D137B2A0E96957E62AB8A1 Certificate serial: 34B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.mft Manifest number: 3494 Signing time: Sun 20 Apr 2025 15:01:38 +0000 Manifest this update: Sun 20 Apr 2025 15:01:37 +0000 Manifest next update: Sun 27 Apr 2025 15:01:37 +0000 Files and hashes: 1: _RYHGGNz6B9E0TeyoOlpV-YquKE.crl (hash: BzeoCDd/rrqnZh8JxjzLlvlhm9z/An1BVjFLVblCo4o=) 2: 5A7BB752BD2F11EBB84EE532C4F9AE02.roa (hash: BdwgkrEVvS7EaJMjyx021N1wHkcgwHBJVY8E6E534xQ=) 3: D347187A7E9511ECA9132A0BC4F9AE02.roa (hash: 4i/7LdEU/T1ZHgOr95PKDKNxvTm/ZtFlmP55xUeSbB0=) 4: 59F4A758BD2F11EBB84EE532C4F9AE02.roa (hash: c0Nj/EakD9jZWUmq6GYt4WJPzbB76p849p8VWNsKos4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.crl rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 15:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13489 (0x34b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA958, serialNumber=FD1607186373E81F44D137B2A0E96957E62AB8A1 Validity Not Before: Apr 20 15:01:37 2025 GMT Not After : Apr 27 15:01:37 2025 GMT Subject: CN=68050c52-aadd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:1b:45:4a:01:9c:ae:ea:d2:e3:f8:aa:a4:d6: 0f:a6:b8:35:f0:60:ac:fe:11:59:b1:c3:89:e0:57: 62:c0:bc:fb:b3:30:ac:27:d0:1c:f2:af:26:f4:a0: 27:ff:ea:37:7f:b0:04:aa:4e:ff:b1:29:6d:a7:17: 9f:f1:b1:f7:bc:38:32:a5:2c:4d:b3:c3:9b:48:8b: 91:e2:b0:66:b4:f6:94:68:bb:3e:36:96:0f:0b:00: 2e:73:a2:4c:41:f0:d6:03:f9:8b:eb:74:43:17:b5: 58:24:1b:89:f6:f8:fd:e3:3b:f2:6e:0c:a3:b0:b4: 24:0f:49:e5:02:5e:3d:2d:b0:51:30:c1:09:0b:50: a7:77:41:5b:68:b9:7c:6e:16:8d:8e:ae:4c:e5:44: 71:61:04:07:f4:9e:fb:c2:07:dc:66:37:27:aa:dc: af:95:db:02:55:1f:f8:ed:45:3e:af:ad:89:33:d1: bf:61:db:9e:9d:f8:95:ff:8e:b7:cb:c2:5b:1c:27: 45:98:5e:4e:b9:40:e4:e7:fe:37:48:fa:a6:89:ea: 66:be:d1:86:13:17:e3:88:d5:e1:fa:ca:7c:e4:3f: f7:04:d5:1a:b9:cc:69:a1:f9:95:d7:03:3f:c6:21: dd:62:fc:60:30:38:c8:48:ff:e7:16:b9:63:45:fd: 8e:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B6:1A:75:15:4D:70:0C:E7:5D:04:32:5A:8E:A9:78:5A:EA:37:6C X509v3 Authority Key Identifier: keyid:FD:16:07:18:63:73:E8:1F:44:D1:37:B2:A0:E9:69:57:E6:2A:B8:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:7e:d9:ea:e0:92:3b:b0:b8:55:d7:5d:fd:a4:4c:c1:97:4b: 09:08:5f:42:71:99:0e:c5:3e:17:88:ec:35:9f:6b:62:7d:66: 00:36:72:6d:88:47:b5:35:be:f9:c9:f0:3f:28:f8:9a:52:23: a1:1b:e6:8e:2e:bc:db:35:14:c9:a8:b3:b2:fb:48:1b:a8:58: 7a:f0:15:2c:54:1e:9e:20:55:c7:27:dd:1e:2f:44:c1:8c:f5: a0:fc:96:f1:70:50:01:9a:2f:77:5d:b6:56:15:b5:1b:74:58: 90:ce:e3:6d:9e:95:7f:e1:a7:0a:a8:ef:76:d7:48:c1:40:0e: 72:cb:24:75:e0:bb:99:58:67:1b:96:c2:c9:65:2b:20:b4:67: 97:ef:f3:b7:47:53:bf:7c:c3:01:7c:f9:67:c5:4e:18:1e:43: ea:91:8e:6d:ef:aa:1c:ff:99:6a:47:35:64:59:12:43:df:6c: 4b:e0:72:99:76:9e:7c:f4:e8:f4:46:91:e8:5e:38:2c:0c:cf: d7:6a:8c:2f:c1:4a:b3:fe:80:ad:a3:2e:3b:c0:27:9f:37:f0: 2f:97:1f:73:6e:f6:49:e8:fa:d3:36:95:13:25:43:ce:8e:1f: 5d:0b:9f:39:0b:f2:90:65:87:24:25:39:57:db:b3:4d:d6:3d: a6:a0:69:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE5NTgxMTAvBgNVBAUTKEZEMTYwNzE4NjM3M0U4MUY0NEQxMzdCMkEwRTk2OTU3 RTYyQUI4QTEwHhcNMjUwNDIwMTUwMTM3WhcNMjUwNDI3MTUwMTM3WjAYMRYwFAYD VQQDEw02ODA1MGM1Mi1hYWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArhtFSgGcrurS4/iqpNYPprg18GCs/hFZscOJ4FdiwLz7szCsJ9Ac8q8m9KAn /+o3f7AEqk7/sSltpxef8bH3vDgypSxNs8ObSIuR4rBmtPaUaLs+NpYPCwAuc6JM QfDWA/mL63RDF7VYJBuJ9vj94zvybgyjsLQkD0nlAl49LbBRMMEJC1Cnd0FbaLl8 bhaNjq5M5URxYQQH9J77wgfcZjcnqtyvldsCVR/47UU+r62JM9G/YduenfiV/463 y8JbHCdFmF5OuUDk5/43SPqmiepmvtGGExfjiNXh+sp85D/3BNUaucxpofmV1wM/ xiHdYvxgMDjISP/nFrljRf2OoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIS2GnUV TXAM510EMlqOqXha6jdsMB8GA1UdIwQYMBaAFP0WBxhjc+gfRNE3sqDpaVfmKrih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC81QUUxOTdGNDFE OUYxMUUyQkNCRkY3OEYwOEIwMkNEMi9fUllIR0dOejZCOUUwVGV5b09scFYtWXF1 S0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19SWUhHR056NkI5RTBUZXlvT2xwVi1ZcXVLRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTk1OC81QUUxOTdGNDFEOUYxMUUyQkNCRkY3OEYwOEIwMkNEMi9fUllIR0dOejZC OUUwVGV5b09scFYtWXF1S0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgftnq4JI7sLhV1139pEzBl0sJCF9CcZkOxT4XiOw1n2tifWYANnJt iEe1Nb75yfA/KPiaUiOhG+aOLrzbNRTJqLOy+0gbqFh68BUsVB6eIFXHJ90eL0TB jPWg/JbxcFABmi93XbZWFbUbdFiQzuNtnpV/4acKqO9210jBQA5yyyR14LuZWGcb lsLJZSsgtGeX7/O3R1O/fMMBfPlnxU4YHkPqkY5t76oc/5lqRzVkWRJD32xL4HKZ dp589Oj0RpHoXjgsDM/XaowvwUqz/oCtoy47wCefN/Avlx9zbvZJ6PrTNpUTJUPO jh9dC585C/KQZYckJTlX27NN1j2moGkQ -----END CERTIFICATE-----Generated at Mon Apr 21 21:11:50 2025 by rpki-client