$ rpki-client -vvf rpki.apnic.net/member_repository/A919FA55/0F9E616E40FC11EEB8206744C4F9AE02/YCdrQR9t9pTdNkxP04LyXJ5qYGI.mft File: YCdrQR9t9pTdNkxP04LyXJ5qYGI.mft (raw, json) Hash identifier: 9YdI3UUJZJR6FkBisDt0b9QQX436B5e1MFl1rXQzHxc= Subject key identifier: 57:8C:C7:83:D5:B9:3A:64:3E:A6:D8:34:11:15:85:3D:77:E3:4D:F8 Authority key identifier: 60:27:6B:41:1F:6D:F6:94:DD:36:4C:4F:D3:82:F2:5C:9E:6A:60:62 Certificate issuer: /CN=A919FA55/serialNumber=60276B411F6DF694DD364C4FD382F25C9E6A6062 Certificate serial: 0125 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YCdrQR9t9pTdNkxP04LyXJ5qYGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919FA55/0F9E616E40FC11EEB8206744C4F9AE02/YCdrQR9t9pTdNkxP04LyXJ5qYGI.mft Manifest number: 011F Signing time: Sat 15 Feb 2025 05:49:00 +0000 Manifest this update: Sat 15 Feb 2025 05:48:59 +0000 Manifest next update: Sat 22 Feb 2025 05:48:59 +0000 Files and hashes: 1: YCdrQR9t9pTdNkxP04LyXJ5qYGI.crl (hash: OfyIEGkdLJp8vwqPyqhacaOj8zeTSJCe5EKVWI/eoLw=) 2: 730BFF8C428B11EEB9A5EA63C4F9AE02.roa (hash: kkjE94BBiiWiAJ9He43Jc/0GO/LlMOG+ydM9xjAZ/oQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919FA55/0F9E616E40FC11EEB8206744C4F9AE02/YCdrQR9t9pTdNkxP04LyXJ5qYGI.crl rsync://rpki.apnic.net/member_repository/A919FA55/0F9E616E40FC11EEB8206744C4F9AE02/YCdrQR9t9pTdNkxP04LyXJ5qYGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YCdrQR9t9pTdNkxP04LyXJ5qYGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 293 (0x125) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919FA55 Validity Not Before: Feb 15 05:48:59 2025 GMT Not After : Feb 22 05:48:59 2025 GMT Subject: CN=67b02acb-86e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2a:83:72:de:41:0b:2f:70:ec:25:c0:ad:e6: 13:1d:c5:c1:85:11:0e:35:78:8d:07:7c:0c:d4:de: 0d:95:72:d2:bc:22:7a:54:17:cf:e7:35:3a:6b:4f: aa:4e:03:8a:4f:a3:80:eb:66:fd:0a:f9:49:f8:f4: 98:a9:76:7c:6d:0e:2e:27:c2:96:91:32:1e:e7:27: 7f:36:50:70:f6:3b:06:80:cb:c5:86:84:18:28:51: cd:0c:d6:97:5e:b6:4f:0e:4f:1a:ec:15:25:3e:b8: 34:6c:22:7c:97:e3:5c:12:3e:0e:29:f7:e1:93:02: 62:60:24:ef:46:34:19:e0:e7:e5:62:03:41:39:29: 80:2d:42:66:06:f9:57:9a:c4:d8:28:c8:43:d6:b9: 70:64:da:ff:96:07:df:6c:b4:11:77:ed:9f:0b:a9: 11:34:bc:5a:b2:ec:8e:cb:aa:7a:92:97:ad:03:33: 78:30:45:81:a8:93:6f:8f:1d:89:d8:c5:67:02:18: bb:f4:e7:17:cf:97:e4:a1:27:43:f9:ed:c1:f8:fe: 60:3b:c7:c3:de:a1:81:30:1c:da:c8:53:83:0e:dd: 1e:29:44:8b:d0:a7:43:14:91:e0:e0:41:02:f4:4b: f0:14:81:a1:cd:0d:79:e9:3e:f1:49:f8:98:69:b5: e7:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:8C:C7:83:D5:B9:3A:64:3E:A6:D8:34:11:15:85:3D:77:E3:4D:F8 X509v3 Authority Key Identifier: keyid:60:27:6B:41:1F:6D:F6:94:DD:36:4C:4F:D3:82:F2:5C:9E:6A:60:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919FA55/0F9E616E40FC11EEB8206744C4F9AE02/YCdrQR9t9pTdNkxP04LyXJ5qYGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YCdrQR9t9pTdNkxP04LyXJ5qYGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919FA55/0F9E616E40FC11EEB8206744C4F9AE02/YCdrQR9t9pTdNkxP04LyXJ5qYGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:14:fa:ba:2d:7d:96:83:9f:1e:f9:82:06:f8:df:24:ad:00: 01:cf:8b:da:c3:9d:18:b2:09:5a:49:37:66:0f:81:33:3f:da: 0e:09:5d:d9:70:90:1b:d1:0d:cf:6d:0c:a3:60:6c:88:49:8f: 2f:4b:8e:d5:42:be:7e:54:f5:1f:ae:6e:ae:e0:26:42:af:d5: b4:78:7d:c2:0c:fa:85:5a:bc:b8:61:49:20:fd:6b:37:43:3f: 45:73:9f:8e:4e:23:c6:26:d2:19:bd:61:13:2b:a2:ab:6c:00: 1a:b0:45:98:d0:e1:f3:57:b2:89:0b:b7:31:2d:86:97:3b:2e: 08:1c:b0:e0:3b:a6:fc:ab:ad:5f:f2:70:f6:3e:8a:29:19:10: 49:e6:6b:c5:b7:eb:09:58:af:b6:92:09:65:03:1b:99:70:1a: f5:dc:eb:12:05:b8:42:d0:44:c6:66:79:a0:b7:d4:51:d9:1d: e0:04:41:9d:0b:34:dc:0f:eb:51:fd:62:f3:3a:77:14:9d:2c: b2:fb:73:85:43:98:3b:9c:80:2f:59:93:ba:50:f2:52:f2:29: d7:ab:c4:f2:96:d6:17:5e:2e:d4:a2:10:4d:03:02:2c:5b:b0: b8:36:1f:90:0a:ed:fd:34:55:c3:32:95:6c:5e:ac:f0:8d:54: 08:ce:9b:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUZBNTUxMTAvBgNVBAUTKDYwMjc2QjQxMUY2REY2OTRERDM2NEM0RkQzODJGMjVD OUU2QTYwNjIwHhcNMjUwMjE1MDU0ODU5WhcNMjUwMjIyMDU0ODU5WjAYMRYwFAYD VQQDEw02N2IwMmFjYi04NmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsCqDct5BCy9w7CXAreYTHcXBhREONXiNB3wM1N4NlXLSvCJ6VBfP5zU6a0+q TgOKT6OA62b9CvlJ+PSYqXZ8bQ4uJ8KWkTIe5yd/NlBw9jsGgMvFhoQYKFHNDNaX XrZPDk8a7BUlPrg0bCJ8l+NcEj4OKffhkwJiYCTvRjQZ4OflYgNBOSmALUJmBvlX msTYKMhD1rlwZNr/lgffbLQRd+2fC6kRNLxasuyOy6p6kpetAzN4MEWBqJNvjx2J 2MVnAhi79OcXz5fkoSdD+e3B+P5gO8fD3qGBMBzayFODDt0eKUSL0KdDFJHg4EEC 9EvwFIGhzQ156T7xSfiYabXnWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFeMx4PV uTpkPqbYNBEVhT134034MB8GA1UdIwQYMBaAFGAna0EfbfaU3TZMT9OC8lyeamBi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RkE1NS8wRjlFNjE2RTQw RkMxMUVFQjgyMDY3NDRDNEY5QUUwMi9ZQ2RyUVI5dDlwVGROa3hQMDRMeVhKNXFZ R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lDZHJRUjl0OXBUZE5reFAwNEx5WEo1cVlHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RkE1NS8wRjlFNjE2RTQwRkMxMUVFQjgyMDY3NDRDNEY5QUUwMi9ZQ2RyUVI5dDlw VGROa3hQMDRMeVhKNXFZR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUFPq6LX2Wg58e+YIG+N8krQABz4vaw50YsglaSTdmD4EzP9oOCV3Z cJAb0Q3PbQyjYGyISY8vS47VQr5+VPUfrm6u4CZCr9W0eH3CDPqFWry4YUkg/Ws3 Qz9Fc5+OTiPGJtIZvWETK6KrbAAasEWY0OHzV7KJC7cxLYaXOy4IHLDgO6b8q61f 8nD2PoopGRBJ5mvFt+sJWK+2kgllAxuZcBr13OsSBbhC0ETGZnmgt9RR2R3gBEGd CzTcD+tR/WLzOncUnSyy+3OFQ5g7nIAvWZO6UPJS8inXq8TyltYXXi7UohBNAwIs W7C4Nh+QCu39NFXDMpVsXqzwjVQIzpsa -----END CERTIFICATE-----Generated at Sun Feb 16 22:17:46 2025 by rpki-client