$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft File: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft (raw, json) Hash identifier: wXscm7bMgwOj/Ry/AgQg7oAuZ2SH97MntDzZQrQDm90= Subject key identifier: DC:6C:A7:9E:1A:3F:97:D8:09:CF:82:72:99:49:70:ED:B4:86:14:DB Authority key identifier: 63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D Certificate issuer: /CN=A9147B58/serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Certificate serial: 05B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft Manifest number: 05AC Signing time: Fri 30 May 2025 23:22:35 +0000 Manifest this update: Fri 30 May 2025 23:22:35 +0000 Manifest next update: Fri 06 Jun 2025 23:22:35 +0000 Files and hashes: 1: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl (hash: KJLwUYkIzXnYLf0lYM8r2V5csR7rntGmbx1Xqg+bs1Y=) 2: 657BCA62CABC11EB8D6D063BC4F9AE02.roa (hash: tl2kppVQ05tVhEGA0iZghAdvk5il8hkt04HkORheCWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:22:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1458 (0x5b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147B58, serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Validity Not Before: May 30 23:22:35 2025 GMT Not After : Jun 6 23:22:35 2025 GMT Subject: CN=683a3dbb-cba6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:67:48:ce:cd:2e:0d:fa:94:45:0a:82:5b:ab: 22:c8:a9:a2:67:cb:a6:eb:26:72:2b:0b:97:75:b6: b7:a9:d5:95:c7:19:5f:a5:ee:87:64:1f:39:23:48: 0a:2f:9e:48:e7:a2:3b:e6:c4:6b:93:04:69:d0:2a: f9:2f:fa:cf:61:a1:6f:95:e8:59:62:29:64:e2:5c: 0c:bf:c7:46:3b:37:95:2b:7f:b6:51:85:77:57:98: 97:9b:dc:84:30:c4:e5:ff:2a:38:ea:0d:8f:04:b7: 7b:fb:82:1e:45:30:d7:46:9b:e2:31:cf:48:1c:ea: 41:b0:2d:c5:02:f9:2b:ea:da:63:92:af:1a:66:56: aa:26:8e:cd:2b:18:d9:9d:b5:72:df:f1:b8:13:aa: 26:86:ad:b6:45:bf:d7:86:5d:15:06:b1:3f:b7:cf: ed:d1:6d:7e:aa:05:b7:6c:e6:a5:2c:e7:80:f0:36: d8:11:75:a3:41:c4:26:89:93:79:ef:40:e2:f5:b5: 47:4e:ce:42:2e:90:f6:3f:6b:e4:3e:1d:ec:c2:5d: 65:2f:89:67:f6:ba:a9:bb:45:af:55:8c:7e:5c:7c: c9:85:7b:fa:13:1b:a3:89:53:5c:d9:93:64:c9:36: e6:2a:47:fe:b7:26:05:46:7f:0f:4d:24:48:db:ee: cd:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:6C:A7:9E:1A:3F:97:D8:09:CF:82:72:99:49:70:ED:B4:86:14:DB X509v3 Authority Key Identifier: keyid:63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:8a:47:5e:df:38:01:50:23:09:a8:83:05:1e:3f:ec:da:a2: d0:fb:fe:51:ed:42:90:99:16:9f:38:92:35:a7:11:83:c0:52: 47:90:99:a8:38:b0:48:c0:e9:99:2f:89:ab:d8:e5:bf:f8:75: 62:95:76:dc:d7:43:b0:8a:49:4f:44:9b:e7:d7:d8:81:43:cb: 74:7a:1c:ed:b0:81:d8:aa:fc:e8:fb:64:4d:d5:7e:d1:09:e9: 4f:15:1b:7c:9a:0c:e2:b1:ec:60:e4:7b:de:be:3e:2f:ef:e1: 69:d7:01:3f:be:1d:34:d5:29:99:61:17:56:d6:d0:ab:8b:ab: ad:6d:be:51:1d:08:61:74:e5:b4:a0:f1:3e:e0:7e:30:54:4c: 9a:80:95:87:53:d2:77:c5:f7:48:38:8a:5b:5e:56:2a:9c:d3: 2f:7e:da:c6:00:74:7a:fd:f5:86:85:49:6d:8d:fc:0b:5d:e6: 71:1e:17:d0:62:4d:c9:d5:68:8b:c5:b0:1c:cf:f0:8b:55:f7: 37:38:7b:d3:d5:d5:3e:bc:9a:6e:25:48:46:00:09:36:12:88: ea:40:ec:13:5d:da:c3:01:06:40:44:68:51:18:46:a2:68:52: fc:00:1e:e6:32:6c:2d:c9:4f:ad:01:82:02:a3:c2:9d:6b:76: 7a:3d:ae:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdCNTgxMTAvBgNVBAUTKDYzRTQ4NzYyQTg5MzA4MDk2NzczRDlFMUM5RDFBOTk5 ODAzNTY3MEQwHhcNMjUwNTMwMjMyMjM1WhcNMjUwNjA2MjMyMjM1WjAYMRYwFAYD VQQDEw02ODNhM2RiYi1jYmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvWdIzs0uDfqURQqCW6siyKmiZ8um6yZyKwuXdba3qdWVxxlfpe6HZB85I0gK L55I56I75sRrkwRp0Cr5L/rPYaFvlehZYilk4lwMv8dGOzeVK3+2UYV3V5iXm9yE MMTl/yo46g2PBLd7+4IeRTDXRpviMc9IHOpBsC3FAvkr6tpjkq8aZlaqJo7NKxjZ nbVy3/G4E6omhq22Rb/Xhl0VBrE/t8/t0W1+qgW3bOalLOeA8DbYEXWjQcQmiZN5 70Di9bVHTs5CLpD2P2vkPh3swl1lL4ln9rqpu0WvVYx+XHzJhXv6ExujiVNc2ZNk yTbmKkf+tyYFRn8PTSRI2+7N2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNxsp54a P5fYCc+CcplJcO20hhTbMB8GA1UdIwQYMBaAFGPkh2KokwgJZ3PZ4cnRqZmANWcN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0I1OC9BQUMyMUM3RUNB QjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENBbG5jOW5oeWRHcG1ZQTFa dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ktU0hZcWlUQ0FsbmM5bmh5ZEdwbVlBMVp3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0I1OC9BQUMyMUM3RUNBQjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENB bG5jOW5oeWRHcG1ZQTFadzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQikde3zgBUCMJqIMFHj/s2qLQ+/5R7UKQmRafOJI1pxGDwFJHkJmo OLBIwOmZL4mr2OW/+HVilXbc10OwiklPRJvn19iBQ8t0ehztsIHYqvzo+2RN1X7R CelPFRt8mgzisexg5Hvevj4v7+Fp1wE/vh001SmZYRdW1tCri6utbb5RHQhhdOW0 oPE+4H4wVEyagJWHU9J3xfdIOIpbXlYqnNMvftrGAHR6/fWGhUltjfwLXeZxHhfQ Yk3J1WiLxbAcz/CLVfc3OHvT1dU+vJpuJUhGAAk2EojqQOwTXdrDAQZARGhRGEai aFL8AB7mMmwtyU+tAYICo8Kda3Z6Pa4l -----END CERTIFICATE-----Generated at Sat May 31 16:46:49 2025 by rpki-client