$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5CE4/3EFF1A9A863611EAAE6B1142C4F9AE02/myAvlYUe_EtkzjtAnGxgSzW0mNg.mft File: myAvlYUe_EtkzjtAnGxgSzW0mNg.mft (raw, json) Hash identifier: GTjAwFI0+tP1na9Lel+L+sqAKvV1Mz3u89C6QpQFfVY= Subject key identifier: C0:72:87:6B:69:CC:A0:C7:C3:EC:67:8E:2C:19:BF:0C:46:EE:A6:0F Authority key identifier: 9B:20:2F:95:85:1E:FC:4B:64:CE:3B:40:9C:6C:60:4B:35:B4:98:D8 Certificate issuer: /CN=A91F5CE4/serialNumber=9B202F95851EFC4B64CE3B409C6C604B35B498D8 Certificate serial: 099F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/myAvlYUe_EtkzjtAnGxgSzW0mNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5CE4/3EFF1A9A863611EAAE6B1142C4F9AE02/myAvlYUe_EtkzjtAnGxgSzW0mNg.mft Manifest number: 0993 Signing time: Fri 04 Apr 2025 20:16:25 +0000 Manifest this update: Fri 04 Apr 2025 20:16:24 +0000 Manifest next update: Fri 11 Apr 2025 20:16:24 +0000 Files and hashes: 1: myAvlYUe_EtkzjtAnGxgSzW0mNg.crl (hash: S+T9uBqWLNiixm24z+1oTuGdMIG+lhAAgw1t+I0EaTE=) 2: 1EEB10267CFB11EBA8C7B009C4F9AE02.roa (hash: O77zp6ks0TqxaDAkJp4Lm1+BoJkZNosQNYkw2uGOZ3I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5CE4/3EFF1A9A863611EAAE6B1142C4F9AE02/myAvlYUe_EtkzjtAnGxgSzW0mNg.crl rsync://rpki.apnic.net/member_repository/A91F5CE4/3EFF1A9A863611EAAE6B1142C4F9AE02/myAvlYUe_EtkzjtAnGxgSzW0mNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/myAvlYUe_EtkzjtAnGxgSzW0mNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:54:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2463 (0x99f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5CE4 Validity Not Before: Apr 4 20:16:24 2025 GMT Not After : Apr 11 20:16:24 2025 GMT Subject: CN=67f03e18-a28a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2d:b6:a8:7b:12:d0:83:d4:d2:e5:9e:e2:b3: cf:96:fd:aa:23:e3:d9:d6:14:c9:1f:76:1b:fd:8c: 98:a1:87:c0:3f:65:52:13:60:51:44:c6:27:21:73: a3:73:c3:49:b0:e2:3a:88:e9:e2:66:8a:d6:91:3d: 7c:d2:7a:ab:72:a3:f4:2c:34:71:7a:9d:68:41:aa: c4:34:7a:af:a9:cc:69:70:f5:2b:63:fd:32:25:6c: 8d:57:fd:ee:66:50:d4:16:59:84:20:e2:4b:7e:11: 22:6a:47:98:2f:14:49:14:2d:f0:59:fb:52:dc:c5: de:21:3b:05:4c:e6:5c:48:04:31:52:0f:fa:f1:53: 36:25:00:ab:cd:b6:3a:04:ed:7c:04:26:3c:e3:f8: 6c:49:52:98:1f:d4:d6:d7:1f:3e:ff:30:52:18:10: d1:75:7d:51:e5:42:44:e3:d4:a5:d6:1b:10:ad:fd: b5:1e:0e:33:13:7c:e3:15:e8:06:9b:27:78:01:ba: 46:87:a3:3d:5f:b3:a6:d6:b6:07:9d:f4:e4:89:23: d9:7f:7d:91:a0:bb:da:7a:b6:50:0e:66:29:9c:f4: 76:fc:df:01:59:d7:6c:aa:b7:db:36:d9:97:91:de: ab:3d:12:5a:9c:64:1b:94:fd:ad:51:9c:e9:dd:7a: cf:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:72:87:6B:69:CC:A0:C7:C3:EC:67:8E:2C:19:BF:0C:46:EE:A6:0F X509v3 Authority Key Identifier: keyid:9B:20:2F:95:85:1E:FC:4B:64:CE:3B:40:9C:6C:60:4B:35:B4:98:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5CE4/3EFF1A9A863611EAAE6B1142C4F9AE02/myAvlYUe_EtkzjtAnGxgSzW0mNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/myAvlYUe_EtkzjtAnGxgSzW0mNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5CE4/3EFF1A9A863611EAAE6B1142C4F9AE02/myAvlYUe_EtkzjtAnGxgSzW0mNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:f6:28:36:aa:1f:11:3d:37:4b:0e:bf:a0:cc:42:9a:9a:76: 3c:c6:78:e2:4b:db:1c:b5:fc:34:ec:ba:29:24:6f:32:f3:c2: 67:35:32:4f:3d:97:bf:a8:6d:9d:0e:60:09:3e:9f:0b:a6:7e: c6:e2:06:d2:cd:11:2e:0e:73:61:f1:e0:29:f3:7c:8d:c9:7e: 77:4a:25:f8:f6:66:e5:d7:b1:50:0b:da:69:ed:51:f5:ab:fc: 97:0c:d4:38:a4:b9:fe:b1:14:16:2b:29:66:eb:11:1c:0a:a5: 94:24:33:d4:1d:11:81:cd:5d:4d:4f:38:32:6f:74:a9:93:ea: 72:01:38:7d:35:2b:bc:44:cd:52:0f:eb:09:2c:24:fd:27:c5: ba:82:f7:ef:01:a4:d0:56:aa:8f:7d:a3:7c:8d:d0:82:8f:5c: 41:15:90:7f:61:f7:a6:c8:e7:e0:ef:65:eb:90:4c:bc:23:3c: f9:b1:e1:c4:1d:2d:8b:fe:0b:10:f0:61:37:cc:f1:d2:e6:a0: 65:27:a1:29:ef:5a:dc:93:91:7a:7d:76:88:75:57:c0:fe:af: 6e:95:8c:c6:a7:ad:e3:1e:ef:6e:c9:ad:71:1b:e4:ed:ab:c0: ed:51:f9:77:0a:5c:6a:4c:16:3e:dd:d4:c9:22:8d:91:e6:60: 4f:7e:d9:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjVDRTQxMTAvBgNVBAUTKDlCMjAyRjk1ODUxRUZDNEI2NENFM0I0MDlDNkM2MDRC MzVCNDk4RDgwHhcNMjUwNDA0MjAxNjI0WhcNMjUwNDExMjAxNjI0WjAYMRYwFAYD VQQDEw02N2YwM2UxOC1hMjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqi22qHsS0IPU0uWe4rPPlv2qI+PZ1hTJH3Yb/YyYoYfAP2VSE2BRRMYnIXOj c8NJsOI6iOniZorWkT180nqrcqP0LDRxep1oQarENHqvqcxpcPUrY/0yJWyNV/3u ZlDUFlmEIOJLfhEiakeYLxRJFC3wWftS3MXeITsFTOZcSAQxUg/68VM2JQCrzbY6 BO18BCY84/hsSVKYH9TW1x8+/zBSGBDRdX1R5UJE49Sl1hsQrf21Hg4zE3zjFegG myd4AbpGh6M9X7Om1rYHnfTkiSPZf32RoLvaerZQDmYpnPR2/N8BWddsqrfbNtmX kd6rPRJanGQblP2tUZzp3XrPzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMByh2tp zKDHw+xnjiwZvwxG7qYPMB8GA1UdIwQYMBaAFJsgL5WFHvxLZM47QJxsYEs1tJjY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNUNFNC8zRUZGMUE5QTg2 MzYxMUVBQUU2QjExNDJDNEY5QUUwMi9teUF2bFlVZV9FdGt6anRBbkd4Z1N6VzBt TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL215QXZsWVVlX0V0a3pqdEFuR3hnU3pXMG1OZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NUNFNC8zRUZGMUE5QTg2MzYxMUVBQUU2QjExNDJDNEY5QUUwMi9teUF2bFlVZV9F dGt6anRBbkd4Z1N6VzBtTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBB9ig2qh8RPTdLDr+gzEKamnY8xnjiS9sctfw07LopJG8y88JnNTJP PZe/qG2dDmAJPp8Lpn7G4gbSzREuDnNh8eAp83yNyX53SiX49mbl17FQC9pp7VH1 q/yXDNQ4pLn+sRQWKylm6xEcCqWUJDPUHRGBzV1NTzgyb3Spk+pyATh9NSu8RM1S D+sJLCT9J8W6gvfvAaTQVqqPfaN8jdCCj1xBFZB/YfemyOfg72XrkEy8Izz5seHE HS2L/gsQ8GE3zPHS5qBlJ6Ep71rck5F6fXaIdVfA/q9ulYzGp63jHu9uya1xG+Tt q8DtUfl3ClxqTBY+3dTJIo2R5mBPftmd -----END CERTIFICATE-----Generated at Fri Apr 4 22:15:09 2025 by rpki-client