$ rpki-client -vvf rpki.apnic.net/member_repository/A9112B24/8A16FF725BA011EF9F2F2361C4F9AE02/ymSxcxGVIJPNTWDarxe2rKD3pRY.mft File: ymSxcxGVIJPNTWDarxe2rKD3pRY.mft (raw, json) Hash identifier: DHeyc7tgxh8DUK0gwOxSKRn9HCgnF+S6hUcVhL+ZC3Y= Subject key identifier: 80:14:A5:95:33:55:B7:4A:8E:68:4F:BC:69:3B:F5:48:58:FD:BD:F1 Authority key identifier: CA:64:B1:73:11:95:20:93:CD:4D:60:DA:AF:17:B6:AC:A0:F7:A5:16 Certificate issuer: /CN=A9112B24/serialNumber=CA64B17311952093CD4D60DAAF17B6ACA0F7A516 Certificate serial: 95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymSxcxGVIJPNTWDarxe2rKD3pRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9112B24/8A16FF725BA011EF9F2F2361C4F9AE02/ymSxcxGVIJPNTWDarxe2rKD3pRY.mft Manifest number: 94 Signing time: Sat 31 May 2025 05:57:43 +0000 Manifest this update: Sat 31 May 2025 05:57:43 +0000 Manifest next update: Sat 07 Jun 2025 05:57:43 +0000 Files and hashes: 1: ymSxcxGVIJPNTWDarxe2rKD3pRY.crl (hash: FS/d8MR4CgkZyS0RVGl30eHecsRJ8Grrc/L9k1WwVnM=) 2: C384F0025BA011EFB7E79861C4F9AE02.roa (hash: HB8QMXYnImTcdy2zBeTOvUb91weeMYAQqjoTwrsvfrA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9112B24/8A16FF725BA011EF9F2F2361C4F9AE02/ymSxcxGVIJPNTWDarxe2rKD3pRY.crl rsync://rpki.apnic.net/member_repository/A9112B24/8A16FF725BA011EF9F2F2361C4F9AE02/ymSxcxGVIJPNTWDarxe2rKD3pRY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymSxcxGVIJPNTWDarxe2rKD3pRY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:57:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 149 (0x95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9112B24, serialNumber=CA64B17311952093CD4D60DAAF17B6ACA0F7A516 Validity Not Before: May 31 05:57:43 2025 GMT Not After : Jun 7 05:57:43 2025 GMT Subject: CN=683a9a57-2fc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:cc:78:fa:0e:02:44:20:80:17:c3:49:7e:d0: 28:57:83:04:db:3b:21:01:1a:b7:7c:e1:7a:6d:1c: d6:3c:e7:21:04:1a:b6:53:e1:0d:13:ce:8b:b1:7e: b7:91:78:b4:2c:da:16:a6:72:34:31:aa:8f:51:77: 88:ab:1f:87:a2:03:d7:fe:4a:b9:ee:18:17:36:56: 1f:c0:89:7d:5c:d5:0d:e3:08:f6:d8:fc:5d:e6:70: 00:66:9a:c4:3d:3b:62:2e:76:bc:69:6e:47:19:4f: e1:33:43:16:1d:31:23:a1:3d:38:90:a9:a6:d1:e1: 1b:16:d1:e3:3e:44:e8:b0:e4:93:82:e7:22:b0:62: 9c:4a:82:e9:12:72:ad:85:59:30:14:8c:aa:2a:9a: 27:42:9c:1f:15:52:62:08:1a:16:b6:28:da:54:1f: c3:99:2c:fc:0b:63:cf:17:03:58:3a:6f:ed:fd:2d: cc:61:fe:ca:c5:5f:c8:2a:86:07:92:f0:04:1d:97: da:0f:9e:d7:c3:c7:00:03:1a:b6:5b:25:9d:ef:ca: e5:b3:97:0c:b9:ef:02:04:41:fb:5c:da:c4:14:ab: db:30:87:70:c4:67:e3:c2:64:c6:2d:16:ae:e1:59: e0:9a:87:a6:ec:73:c3:b8:70:9c:b4:13:f6:66:69: 6d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:14:A5:95:33:55:B7:4A:8E:68:4F:BC:69:3B:F5:48:58:FD:BD:F1 X509v3 Authority Key Identifier: keyid:CA:64:B1:73:11:95:20:93:CD:4D:60:DA:AF:17:B6:AC:A0:F7:A5:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9112B24/8A16FF725BA011EF9F2F2361C4F9AE02/ymSxcxGVIJPNTWDarxe2rKD3pRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymSxcxGVIJPNTWDarxe2rKD3pRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112B24/8A16FF725BA011EF9F2F2361C4F9AE02/ymSxcxGVIJPNTWDarxe2rKD3pRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:3d:28:a2:bf:cb:51:a0:15:f6:e4:57:5d:c7:06:38:01:44: ca:a2:76:a3:3e:22:38:bb:5a:fc:58:e2:17:75:87:b4:b7:f9: d3:fb:10:19:93:92:a2:53:b4:d3:cd:0f:e1:30:87:b9:15:57: 8b:26:3e:c9:8c:e4:59:28:e5:8c:26:35:e6:80:37:78:db:8b: 68:18:9b:70:6e:44:fd:9b:c5:a5:f0:70:16:35:8e:0a:e8:15: 8b:2e:c5:71:90:9f:4f:7c:d7:5b:d5:0b:67:48:97:a9:00:bd: 3f:8b:86:c0:82:75:4a:a9:a1:f2:c6:b6:37:af:0a:74:a8:e0: 4d:33:f0:6e:3a:5b:16:37:08:4c:ce:45:57:e6:59:02:7b:78: fd:ff:d7:17:bc:5d:f1:be:4d:77:1c:f4:0f:cb:1f:0f:fb:ee: 96:06:c3:2b:2d:64:2e:3f:80:a9:e3:2e:7b:c6:9a:2e:74:87: ff:fd:68:f8:f4:96:e7:b6:0b:8e:f4:51:b6:9d:44:81:d5:a0: 94:8f:9f:3b:b0:4b:77:50:b8:28:fc:33:28:5c:01:55:6a:9d: d7:42:9b:b7:e0:e9:44:73:e3:95:ee:61:6d:98:67:de:8e:f8: 64:b6:64:ec:37:7b:c9:d6:33:62:2a:d4:41:bd:91:e7:e5:1d: 32:c9:00:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTJCMjQxMTAvBgNVBAUTKENBNjRCMTczMTE5NTIwOTNDRDRENjBEQUFGMTdCNkFD QTBGN0E1MTYwHhcNMjUwNTMxMDU1NzQzWhcNMjUwNjA3MDU1NzQzWjAYMRYwFAYD VQQDEw02ODNhOWE1Ny0yZmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzsx4+g4CRCCAF8NJftAoV4ME2zshARq3fOF6bRzWPOchBBq2U+ENE86LsX63 kXi0LNoWpnI0MaqPUXeIqx+HogPX/kq57hgXNlYfwIl9XNUN4wj22Pxd5nAAZprE PTtiLna8aW5HGU/hM0MWHTEjoT04kKmm0eEbFtHjPkTosOSTgucisGKcSoLpEnKt hVkwFIyqKponQpwfFVJiCBoWtijaVB/DmSz8C2PPFwNYOm/t/S3MYf7KxV/IKoYH kvAEHZfaD57Xw8cAAxq2WyWd78rls5cMue8CBEH7XNrEFKvbMIdwxGfjwmTGLRau 4Vngmoem7HPDuHCctBP2ZmltQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIAUpZUz VbdKjmhPvGk79UhY/b3xMB8GA1UdIwQYMBaAFMpksXMRlSCTzU1g2q8Xtqyg96UW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkIyNC84QTE2RkY3MjVC QTAxMUVGOUYyRjIzNjFDNEY5QUUwMi95bVN4Y3hHVklKUE5UV0RhcnhlMnJLRDNw UlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ltU3hjeEdWSUpQTlRXRGFyeGUycktEM3BSWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MkIyNC84QTE2RkY3MjVCQTAxMUVGOUYyRjIzNjFDNEY5QUUwMi95bVN4Y3hHVklK UE5UV0RhcnhlMnJLRDNwUlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlPSiiv8tRoBX25FddxwY4AUTKonajPiI4u1r8WOIXdYe0t/nT+xAZ k5KiU7TTzQ/hMIe5FVeLJj7JjORZKOWMJjXmgDd424toGJtwbkT9m8Wl8HAWNY4K 6BWLLsVxkJ9PfNdb1QtnSJepAL0/i4bAgnVKqaHyxrY3rwp0qOBNM/BuOlsWNwhM zkVX5lkCe3j9/9cXvF3xvk13HPQPyx8P++6WBsMrLWQuP4Cp4y57xpoudIf//Wj4 9JbntguO9FG2nUSB1aCUj587sEt3ULgo/DMoXAFVap3XQpu34OlEc+OV7mFtmGfe jvhktmTsN3vJ1jNiKtRBvZHn5R0yyQCb -----END CERTIFICATE-----Generated at Sat May 31 16:52:19 2025 by rpki-client