$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft File: YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft (raw, json) Hash identifier: h1uOj27f1bprX89X50HOVHt1vjusJn+nXfQ3BVTo+sk= Subject key identifier: D1:84:42:84:3B:66:62:7D:63:11:08:21:B6:53:F9:33:FA:DE:C0:D1 Authority key identifier: 61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 Certificate issuer: /CN=A91A1CAA/serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Certificate serial: F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft Manifest number: F1 Signing time: Sat 31 May 2025 04:54:59 +0000 Manifest this update: Sat 31 May 2025 04:54:59 +0000 Manifest next update: Sat 07 Jun 2025 04:54:59 +0000 Files and hashes: 1: YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl (hash: ofQ3yWHO4C2z93vfYow4tIMZr3hyPnyh/mR0aCgaCiI=) 2: E75FB4F0CE4A11EE95C15E20C4F9AE02.roa (hash: utq11zi2cO+ldR8mXOv++lb25ZgD5tUSUW03iRiwBL0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:54:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 244 (0xf4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1CAA, serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Validity Not Before: May 31 04:54:59 2025 GMT Not After : Jun 7 04:54:59 2025 GMT Subject: CN=683a8ba3-6560 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3a:c7:36:b0:6f:63:d5:d1:62:3f:8d:98:64: ef:ec:2b:82:d2:d0:15:2b:5f:94:90:5d:bd:10:0a: b4:9f:14:c1:43:5b:38:18:86:d6:44:c8:dd:4c:9c: 13:24:a5:de:f7:6a:d2:1f:b6:fd:f3:9c:2c:15:66: c5:47:e0:88:f1:29:09:1d:41:9c:7a:86:4e:fd:95: a2:e1:c2:f5:6b:71:0c:66:d1:9e:f7:c6:44:5f:59: 27:de:76:58:ba:40:98:56:76:79:c7:cb:96:b9:8d: be:d3:77:3b:c9:bd:cf:c2:91:03:23:c7:9c:15:67: 36:32:96:2e:5c:f6:1e:16:1c:41:63:e7:46:fa:82: 11:e7:02:6c:59:bc:bb:d7:81:aa:7a:f4:37:e1:f0: 6d:46:fb:5e:a5:61:25:93:bc:02:2e:f6:a1:2b:c3: 0b:94:c2:8f:3f:0e:7c:28:0b:5b:5b:20:57:24:69: e3:a8:33:d1:16:c9:1f:ae:bd:d0:3f:54:8a:a4:9b: 40:80:78:ba:ee:6a:12:de:f6:83:49:c2:e7:05:e8: 60:cf:ac:f9:e4:f2:86:14:4e:49:cf:f4:76:34:46: 33:cb:fb:e8:10:f5:37:35:80:06:c1:89:db:c1:10: bd:7e:f3:13:0f:f1:5b:8a:f7:33:3b:82:e3:f8:cd: 48:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:84:42:84:3B:66:62:7D:63:11:08:21:B6:53:F9:33:FA:DE:C0:D1 X509v3 Authority Key Identifier: keyid:61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:e8:2e:49:29:4e:3f:0e:67:e5:c3:4c:56:ea:ee:1a:99:11: 4b:e8:66:b5:bf:64:27:73:17:4c:e0:81:66:f2:4f:22:d1:b5: dd:59:e3:90:b5:b6:e0:3c:73:e4:bc:a9:e8:77:b5:5b:57:29: 75:e5:42:3b:e7:f0:d5:f3:c5:dd:a4:b4:95:09:31:67:c2:83: 68:10:7d:6f:9c:8b:aa:bf:53:02:26:46:0d:d9:19:7b:cf:64: e4:b2:3c:e6:ec:35:0e:34:e6:d0:b0:be:01:4d:04:2c:1d:01: 70:0b:32:0d:a7:79:14:2c:9c:e5:73:e8:aa:df:5a:56:72:32: 8c:50:96:71:aa:82:4e:ef:bd:71:24:8b:8d:77:d9:49:61:bf: 39:a4:50:41:41:a3:7d:84:64:54:d1:71:5d:eb:ce:d7:3c:55: 4f:e8:5e:d6:90:93:f6:b5:ee:c4:2f:73:f0:37:f3:b6:d3:ec: 3b:88:d7:a4:9f:17:3d:24:a4:52:52:da:c0:8d:ac:3b:06:69: 26:a2:6b:a0:e2:c8:5b:0c:ad:e5:12:9d:ba:33:79:32:06:4b: b3:31:2d:57:92:5b:26:98:da:b0:3c:e9:12:22:bf:ef:ae:13: ea:7a:40:6e:0c:bc:a8:16:56:b8:44:e0:2c:a8:bd:72:9c:62: 33:1b:7d:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTFDQUExMTAvBgNVBAUTKDYxN0YwNTRFM0NFNDUxRTBDM0U3RjQ0NkREMDlGNzg2 NDY1MkI2NTYwHhcNMjUwNTMxMDQ1NDU5WhcNMjUwNjA3MDQ1NDU5WjAYMRYwFAYD VQQDEw02ODNhOGJhMy02NTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuTrHNrBvY9XRYj+NmGTv7CuC0tAVK1+UkF29EAq0nxTBQ1s4GIbWRMjdTJwT JKXe92rSH7b985wsFWbFR+CI8SkJHUGceoZO/ZWi4cL1a3EMZtGe98ZEX1kn3nZY ukCYVnZ5x8uWuY2+03c7yb3PwpEDI8ecFWc2MpYuXPYeFhxBY+dG+oIR5wJsWby7 14GqevQ34fBtRvtepWElk7wCLvahK8MLlMKPPw58KAtbWyBXJGnjqDPRFskfrr3Q P1SKpJtAgHi67moS3vaDScLnBehgz6z55PKGFE5Jz/R2NEYzy/voEPU3NYAGwYnb wRC9fvMTD/FbivczO4Lj+M1IDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNGEQoQ7 ZmJ9YxEIIbZT+TP63sDRMB8GA1UdIwQYMBaAFGF/BU485FHgw+f0Rt0J94ZGUrZW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUNBQS84RTI3NUExRUNF NEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1VlREQ1X1JHM1FuM2hrWlN0 bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lYOEZUanprVWVERDVfUkczUW4zaGtaU3RsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MUNBQS84RTI3NUExRUNFNEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1Vl REQ1X1JHM1FuM2hrWlN0bFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAf6C5JKU4/Dmflw0xW6u4amRFL6Ga1v2QncxdM4IFm8k8i0bXdWeOQ tbbgPHPkvKnod7VbVyl15UI75/DV88XdpLSVCTFnwoNoEH1vnIuqv1MCJkYN2Rl7 z2Tksjzm7DUONObQsL4BTQQsHQFwCzINp3kULJzlc+iq31pWcjKMUJZxqoJO771x JIuNd9lJYb85pFBBQaN9hGRU0XFd687XPFVP6F7WkJP2te7EL3PwN/O20+w7iNek nxc9JKRSUtrAjaw7Bmkmomug4shbDK3lEp26M3kyBkuzMS1XklsmmNqwPOkSIr/v rhPqekBuDLyoFla4ROAsqL1ynGIzG311 -----END CERTIFICATE-----Generated at Sat May 31 16:40:39 2025 by rpki-client