$ rpki-client -vvf rpki.apnic.net/member_repository/A91443DC/A065D1EA306211EF978B4764C4F9AE02/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.mft File: 0Y_8xQTTaT1_ijjYbcEuiM2WDlY.mft (raw, json) Hash identifier: fXK6kCAag4w6xRVuaC6HLAvLmSUW/EiqhSSqn36tEIU= Subject key identifier: 2A:79:10:E6:07:62:EC:44:07:A9:E4:46:6D:73:8F:06:3E:3B:96:60 Authority key identifier: D1:8F:FC:C5:04:D3:69:3D:7F:8A:38:D8:6D:C1:2E:88:CD:96:0E:56 Certificate issuer: /CN=A91443DC/serialNumber=D18FFCC504D3693D7F8A38D86DC12E88CD960E56 Certificate serial: AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91443DC/A065D1EA306211EF978B4764C4F9AE02/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.mft Manifest number: AF Signing time: Sat 31 May 2025 05:35:41 +0000 Manifest this update: Sat 31 May 2025 05:35:40 +0000 Manifest next update: Sat 07 Jun 2025 05:35:40 +0000 Files and hashes: 1: 0Y_8xQTTaT1_ijjYbcEuiM2WDlY.crl (hash: CY66fjeJ4yMzLXCPinJOokpqBNuVdRL6kJ/3XHJ2aF8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91443DC/A065D1EA306211EF978B4764C4F9AE02/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.crl rsync://rpki.apnic.net/member_repository/A91443DC/A065D1EA306211EF978B4764C4F9AE02/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:35:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 175 (0xaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91443DC, serialNumber=D18FFCC504D3693D7F8A38D86DC12E88CD960E56 Validity Not Before: May 31 05:35:40 2025 GMT Not After : Jun 7 05:35:40 2025 GMT Subject: CN=683a952d-850e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1e:6a:25:9d:b0:6e:99:01:0a:95:df:7d:43: 95:3f:45:e6:48:94:ab:0a:d4:1d:24:b8:46:53:ff: cc:3e:29:70:8e:bd:fe:87:39:79:57:dd:97:4e:de: ce:55:0f:5f:c7:dd:55:82:31:df:ed:b9:64:c2:4f: b5:23:b3:90:b0:6f:7e:e5:db:6a:7a:db:07:14:1a: 6c:5c:bb:c2:f0:b0:7d:d5:a4:e8:55:90:b7:15:32: 9a:ed:6c:51:ae:b1:2a:1a:3e:5f:7d:c7:32:34:b4: 21:d9:6d:be:52:e3:f7:d5:71:4d:7b:47:f0:01:05: fe:a6:2e:6d:bf:5b:25:ef:d1:5d:98:77:5a:ba:31: 7f:5d:f6:13:72:fa:44:60:3b:a0:d5:ce:6c:ab:ad: b6:16:fc:5f:21:f1:13:f4:48:d6:81:d3:a8:6d:a8: 8f:3f:ef:24:6f:0a:18:b4:e9:f7:6f:1f:ef:9d:67: b2:4a:41:0e:27:7d:3b:7b:19:b8:09:40:68:49:9c: ac:85:d4:2f:8e:fb:b0:26:55:95:e8:d5:03:61:73: 83:40:0a:02:20:71:12:dc:89:f2:b2:9f:34:21:61: c5:01:c2:25:f4:34:39:c0:da:9e:f0:a8:8a:14:f8: 96:3a:f0:3b:b8:37:90:81:bb:40:86:a7:96:6a:ab: 29:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:79:10:E6:07:62:EC:44:07:A9:E4:46:6D:73:8F:06:3E:3B:96:60 X509v3 Authority Key Identifier: keyid:D1:8F:FC:C5:04:D3:69:3D:7F:8A:38:D8:6D:C1:2E:88:CD:96:0E:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91443DC/A065D1EA306211EF978B4764C4F9AE02/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91443DC/A065D1EA306211EF978B4764C4F9AE02/0Y_8xQTTaT1_ijjYbcEuiM2WDlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:dc:c0:c3:e6:75:76:6b:fd:2d:24:09:03:bd:4c:f7:c3:a7: d4:9d:f8:ef:ba:da:ff:b6:26:09:fe:3c:36:f4:28:4d:f0:ce: 83:79:6a:50:2f:9d:3f:0c:98:70:1a:58:f0:71:44:f3:c1:34: c2:09:06:f3:39:ed:9d:1b:fe:b3:8a:c3:ad:6d:f2:2f:4f:5a: a6:01:12:40:71:96:92:89:67:89:41:0e:da:a9:aa:a4:dd:64: 78:17:d8:7e:dc:92:fa:85:c7:e1:ec:e4:12:87:52:ea:af:ab: e1:b7:2f:cd:3c:7f:7e:4f:84:a5:43:17:6e:e5:b5:50:fb:ec: a6:ee:72:41:3b:a0:62:b2:be:f4:eb:2e:0d:05:16:6f:27:11: 28:78:9b:ef:9b:df:00:85:e3:c5:42:99:7c:e4:ac:bc:5c:56: 14:78:21:c8:d2:17:9a:5d:2a:db:d5:2c:ea:76:25:b9:3d:95: 72:e5:fc:a7:5c:f5:e5:a4:a2:46:97:ab:9f:f8:d6:66:95:e0: c6:be:30:d9:7c:7f:ec:1d:67:15:7e:4f:1c:84:a5:f8:4a:5c: 8e:a9:96:93:e7:74:7b:b2:d1:2e:dc:ad:13:2d:11:aa:12:6d: 0b:96:46:50:9f:f7:f7:14:62:bc:9b:a8:2f:e2:e7:79:40:75: 23:38:8c:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDQzREMxMTAvBgNVBAUTKEQxOEZGQ0M1MDREMzY5M0Q3RjhBMzhEODZEQzEyRTg4 Q0Q5NjBFNTYwHhcNMjUwNTMxMDUzNTQwWhcNMjUwNjA3MDUzNTQwWjAYMRYwFAYD VQQDEw02ODNhOTUyZC04NTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuh5qJZ2wbpkBCpXffUOVP0XmSJSrCtQdJLhGU//MPilwjr3+hzl5V92XTt7O VQ9fx91VgjHf7blkwk+1I7OQsG9+5dtqetsHFBpsXLvC8LB91aToVZC3FTKa7WxR rrEqGj5ffccyNLQh2W2+UuP31XFNe0fwAQX+pi5tv1sl79FdmHdaujF/XfYTcvpE YDug1c5sq622FvxfIfET9EjWgdOobaiPP+8kbwoYtOn3bx/vnWeySkEOJ307exm4 CUBoSZyshdQvjvuwJlWV6NUDYXODQAoCIHES3Inysp80IWHFAcIl9DQ5wNqe8KiK FPiWOvA7uDeQgbtAhqeWaqsp3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCp5EOYH YuxEB6nkRm1zjwY+O5ZgMB8GA1UdIwQYMBaAFNGP/MUE02k9f4o42G3BLojNlg5W MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDNEQy9BMDY1RDFFQTMw NjIxMUVGOTc4QjQ3NjRDNEY5QUUwMi8wWV84eFFUVGFUMV9pampZYmNFdWlNMldE bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBZXzh4UVRUYVQxX2lqalliY0V1aU0yV0RsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NDNEQy9BMDY1RDFFQTMwNjIxMUVGOTc4QjQ3NjRDNEY5QUUwMi8wWV84eFFUVGFU MV9pampZYmNFdWlNMldEbFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBz3MDD5nV2a/0tJAkDvUz3w6fUnfjvutr/tiYJ/jw29ChN8M6DeWpQ L50/DJhwGljwcUTzwTTCCQbzOe2dG/6zisOtbfIvT1qmARJAcZaSiWeJQQ7aqaqk 3WR4F9h+3JL6hcfh7OQSh1Lqr6vhty/NPH9+T4SlQxdu5bVQ++ym7nJBO6Bisr70 6y4NBRZvJxEoeJvvm98AhePFQpl85Ky8XFYUeCHI0heaXSrb1SzqdiW5PZVy5fyn XPXlpKJGl6uf+NZmleDGvjDZfH/sHWcVfk8chKX4SlyOqZaT53R7stEu3K0TLRGq Em0LlkZQn/f3FGK8m6gv4ud5QHUjOIyS -----END CERTIFICATE-----Generated at Sat May 31 16:32:13 2025 by rpki-client