$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft File: yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft (raw, json) Hash identifier: b4LkspCkeR7jOfPL3iW/Iqm23IAm6Kk32ehzyHgBGL4= Subject key identifier: 35:ED:4E:72:25:A7:38:94:24:64:DC:84:0A:F2:55:C7:33:DA:81:5C Authority key identifier: C8:77:CD:F2:2D:25:B6:E3:3F:C5:E4:95:BE:55:E5:9D:0A:94:98:7E Certificate issuer: /CN=A9147B4B/serialNumber=C877CDF22D25B6E33FC5E495BE55E59D0A94987E Certificate serial: 4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft Manifest number: 49 Signing time: Sat 31 May 2025 06:55:21 +0000 Manifest this update: Sat 31 May 2025 06:55:21 +0000 Manifest next update: Sat 07 Jun 2025 06:55:21 +0000 Files and hashes: 1: yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl (hash: SMVOIkdb4yMyyHATUe6kQ9qqFcorHU8/pkNJc+8Kd18=) 2: C4B41888CF3911EFBA26F564C4F9AE02.roa (hash: PeoexpeZuhtxvOaSUXuGABP7Es0mdREYJbAZJzL28uQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:55:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74 (0x4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147B4B, serialNumber=C877CDF22D25B6E33FC5E495BE55E59D0A94987E Validity Not Before: May 31 06:55:21 2025 GMT Not After : Jun 7 06:55:21 2025 GMT Subject: CN=683aa7d9-cb3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:b9:c8:5e:1e:7a:10:95:02:64:16:f3:0d:a5: 1a:cd:ea:d7:38:d5:8e:b7:79:4a:09:b9:1c:a0:ce: b6:75:d9:16:81:f3:90:53:cc:ed:fe:69:c1:b3:07: f7:5b:7b:8a:62:34:a2:57:27:50:7f:6f:ca:e8:22: d4:b4:4b:ca:ee:1d:00:60:e0:b6:59:d1:bc:3a:b8: 03:7d:53:5e:bc:87:1b:6e:e3:70:d8:58:f4:a3:08: b1:27:0e:bf:36:7d:3f:97:aa:1d:23:82:fb:43:42: 91:f4:4d:a3:24:9c:0a:2d:2e:12:4e:eb:0d:9c:9f: 14:45:91:dd:4a:e7:ea:49:6b:50:af:d4:c9:1b:e0: 30:11:09:53:62:41:be:19:7e:95:77:1c:1a:52:e2: 20:f0:fc:e9:9a:45:cf:c8:b7:f5:f3:ce:0d:31:c0: 54:b9:24:62:f1:cb:40:51:19:c3:d3:47:fa:c3:b8: e5:34:3e:4d:ae:eb:1e:e6:5e:c8:fd:bb:72:d9:98: 66:a0:6e:3b:c3:7d:2a:df:8f:d3:75:d8:e1:e6:be: f2:5f:fe:64:d9:d7:b2:13:02:df:fa:97:da:d3:d0: ae:7c:46:c8:6d:0d:92:36:25:44:ce:a4:e5:0b:1d: 85:fb:9c:ed:b2:50:88:b8:05:05:8d:ee:4a:8f:14: 7f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:ED:4E:72:25:A7:38:94:24:64:DC:84:0A:F2:55:C7:33:DA:81:5C X509v3 Authority Key Identifier: keyid:C8:77:CD:F2:2D:25:B6:E3:3F:C5:E4:95:BE:55:E5:9D:0A:94:98:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:80:2f:d5:96:1c:ae:0b:53:f0:1a:d3:bb:a4:98:6d:36:6a: e4:f1:4d:b4:24:24:ca:4b:33:8f:c3:64:61:2e:71:35:c5:00: e9:1c:3c:4c:b9:16:8c:f1:5c:38:39:43:ab:2e:e7:90:cb:90: 2c:cf:ff:10:3c:19:58:fc:fa:d6:52:85:05:77:ec:c8:db:c6: ea:7f:5c:50:3b:85:77:22:15:b3:cb:2e:b6:ac:4d:72:2d:18: 20:65:79:be:af:f8:c5:37:80:20:17:10:3c:b4:ee:a7:1b:4d: 5d:d6:eb:f9:17:73:0e:17:a1:4d:9a:78:d5:a6:04:8b:04:84: c9:3c:ae:2f:ab:a4:3d:e5:13:bc:9f:b2:75:86:6e:82:eb:a2: 38:6e:67:47:39:69:0b:a6:b9:17:83:ae:59:80:b5:27:ff:67: ff:a8:7c:84:17:7e:4a:d0:8a:fb:3c:3b:af:ea:22:60:ed:db: e1:af:58:dc:b9:44:42:38:13:dd:e6:2b:8b:8b:00:20:2d:2d: 0a:a3:e5:7d:0d:46:65:2b:f2:62:70:0d:9f:2b:f0:78:dd:83: c5:97:be:86:11:6a:ce:81:df:38:75:d9:2a:9b:99:b1:89:ba: b3:4b:d0:73:96:8e:a9:ac:32:fa:8d:01:88:52:1b:b3:c5:d6: b4:14:79:84 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0I0QjExMC8GA1UEBRMoQzg3N0NERjIyRDI1QjZFMzNGQzVFNDk1QkU1NUU1OUQw QTk0OTg3RTAeFw0yNTA1MzEwNjU1MjFaFw0yNTA2MDcwNjU1MjFaMBgxFjAUBgNV BAMTDTY4M2FhN2Q5LWNiM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDducheHnoQlQJkFvMNpRrN6tc41Y63eUoJuRygzrZ12RaB85BTzO3+acGzB/db e4piNKJXJ1B/b8roItS0S8ruHQBg4LZZ0bw6uAN9U168hxtu43DYWPSjCLEnDr82 fT+Xqh0jgvtDQpH0TaMknAotLhJO6w2cnxRFkd1K5+pJa1Cv1Mkb4DARCVNiQb4Z fpV3HBpS4iDw/OmaRc/It/Xzzg0xwFS5JGLxy0BRGcPTR/rDuOU0Pk2u6x7mXsj9 u3LZmGagbjvDfSrfj9N12OHmvvJf/mTZ17ITAt/6l9rT0K58RshtDZI2JUTOpOUL HYX7nO2yUIi4BQWN7kqPFH/NAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUNe1OciWn OJQkZNyECvJVxzPagVwwHwYDVR0jBBgwFoAUyHfN8i0ltuM/xeSVvlXlnQqUmH4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3QjRCL0UxNTZBMDRDQ0Yz ODExRUY4NDg0RTkyRkM0RjlBRTAyL3lIZk44aTBsdHVNX3hlU1Z2bFhsblFxVW1I NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUhmTjhpMGx0dU1feGVTVnZsWGxuUXFVbUg0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 QjRCL0UxNTZBMDRDQ0YzODExRUY4NDg0RTkyRkM0RjlBRTAyL3lIZk44aTBsdHVN X3hlU1Z2bFhsblFxVW1INC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHOAL9WWHK4LU/Aa07ukmG02auTxTbQkJMpLM4/DZGEucTXFAOkcPEy5 FozxXDg5Q6su55DLkCzP/xA8GVj8+tZShQV37Mjbxup/XFA7hXciFbPLLrasTXIt GCBleb6v+MU3gCAXEDy07qcbTV3W6/kXcw4XoU2aeNWmBIsEhMk8ri+rpD3lE7yf snWGboLrojhuZ0c5aQumuReDrlmAtSf/Z/+ofIQXfkrQivs8O6/qImDt2+GvWNy5 REI4E93mK4uLACAtLQqj5X0NRmUr8mJwDZ8r8Hjdg8WXvoYRas6B3zh12SqbmbGJ urNL0HOWjqmsMvqNAYhSG7PF1rQUeYQ= -----END CERTIFICATE-----Generated at Sat May 31 17:36:00 2025 by rpki-client