$ rpki-client -vvf rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.mft File: 2YcsGT4Y3BUf4--eKa_oMSGyTRA.mft (raw, json) Hash identifier: DKI8zweLQ4h8Ka2Kkl2Fh3B3agJRuGXG0usOPeHIyLM= Subject key identifier: AF:71:13:25:F2:7B:83:00:23:35:BC:80:C2:60:8D:EA:79:B3:31:F8 Authority key identifier: D9:87:2C:19:3E:18:DC:15:1F:E3:EF:9E:29:AF:E8:31:21:B2:4D:10 Certificate issuer: /CN=A91A822F/serialNumber=D9872C193E18DC151FE3EF9E29AFE83121B24D10 Certificate serial: DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YcsGT4Y3BUf4--eKa_oMSGyTRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.mft Manifest number: D7 Signing time: Sat 31 May 2025 05:13:24 +0000 Manifest this update: Sat 31 May 2025 05:13:24 +0000 Manifest next update: Sat 07 Jun 2025 05:13:24 +0000 Files and hashes: 1: 2YcsGT4Y3BUf4--eKa_oMSGyTRA.crl (hash: rFB1XasxzJuWAe3WLsn5viobQ2Jf+ufr0514k3Zwy0Y=) 2: F220949E1C3411EFAF8F6A5BC4F9AE02.roa (hash: JIXgdhiXTjZ6ev4WQoNqMVmd92t9GAOhewZo29LoRAM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.crl rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YcsGT4Y3BUf4--eKa_oMSGyTRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:13:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A822F, serialNumber=D9872C193E18DC151FE3EF9E29AFE83121B24D10 Validity Not Before: May 31 05:13:24 2025 GMT Not After : Jun 7 05:13:24 2025 GMT Subject: CN=683a8ff4-f437 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:3d:42:fa:e1:d4:a3:75:5d:06:d4:db:99:71: 48:cf:1a:cc:fd:57:32:2f:ff:63:ef:a9:3e:50:b2: de:b5:3a:c4:a7:d5:ad:4e:a4:31:ec:b3:3d:5d:63: b1:9b:22:c2:b6:73:8c:f6:37:b8:00:8e:d3:2d:19: 71:82:50:6c:ba:77:be:ee:d8:db:77:9b:a3:75:70: d9:f8:80:84:ec:d3:d9:86:57:2b:7d:72:04:04:72: e6:42:16:44:cc:c0:a7:46:3e:0b:72:28:d8:35:09: e2:ef:1d:5f:c8:27:5d:06:2f:c8:e3:e6:94:92:26: 70:45:b1:ce:a5:81:d0:e1:1a:33:b9:fc:69:87:48: a1:41:ff:ba:1f:e9:ec:f7:79:3d:82:6f:45:60:2c: fb:91:be:3a:33:ac:e6:8b:17:f2:a7:04:79:89:fa: f4:bc:35:aa:5e:2b:b8:f8:f8:9e:2e:bb:04:0e:44: f0:ba:93:28:87:b2:e6:71:d4:b8:ae:c8:ae:9d:ed: 63:52:c3:c0:71:90:31:45:c4:00:df:fc:a0:a0:a9: b6:5e:67:d4:30:a1:b6:e3:c4:49:55:65:9e:e2:84: c8:15:21:3b:3f:e1:a9:d9:ca:ac:b6:1a:9d:72:67: 3c:f6:50:7b:e8:1b:94:8e:b6:0e:5c:6f:4a:b9:3b: bc:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:71:13:25:F2:7B:83:00:23:35:BC:80:C2:60:8D:EA:79:B3:31:F8 X509v3 Authority Key Identifier: keyid:D9:87:2C:19:3E:18:DC:15:1F:E3:EF:9E:29:AF:E8:31:21:B2:4D:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YcsGT4Y3BUf4--eKa_oMSGyTRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:6d:d0:75:40:dd:44:a2:62:6a:10:06:e7:b8:be:0c:40:09: a2:93:3a:db:ac:ca:d0:c5:de:4d:69:c7:7b:ef:86:89:a2:0d: b6:3b:27:66:b4:73:5f:d6:03:30:76:65:b5:ea:b7:23:e0:20: e0:fb:a1:8c:19:54:1e:e9:f9:00:9f:81:65:95:9d:84:88:84: ac:4e:f7:0f:0a:fa:04:b0:58:70:57:4b:65:17:cf:1b:79:2b: fd:f4:05:fe:d6:2e:a6:f1:c2:6b:75:d0:b1:7e:be:e3:b5:58: 83:75:08:f0:cd:e2:c2:d6:f1:75:79:9b:56:7a:59:9e:df:fe: 5d:bc:a4:90:04:b4:76:d4:09:f5:48:03:05:f4:81:2a:78:80: b0:7b:44:63:b2:20:4d:a9:79:54:1e:0b:05:a0:68:21:fb:dc: 0f:e2:28:34:dd:7a:e0:91:c3:6f:72:2a:c7:18:55:7c:fb:9a: cf:c1:d0:6f:69:fe:ad:b2:9c:2d:e8:f2:b0:16:b6:6c:4a:a9: fc:99:3a:e0:38:bd:cc:89:c5:fd:f0:23:5f:3e:bf:fe:44:a0: 05:23:24:08:8c:e2:db:a5:27:ed:56:ea:3f:64:d3:66:8a:5d: 14:9f:09:76:53:f4:17:e6:55:95:e5:ad:eb:fb:28:25:5c:99: 5c:3f:c2:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTgyMkYxMTAvBgNVBAUTKEQ5ODcyQzE5M0UxOERDMTUxRkUzRUY5RTI5QUZFODMx MjFCMjREMTAwHhcNMjUwNTMxMDUxMzI0WhcNMjUwNjA3MDUxMzI0WjAYMRYwFAYD VQQDEw02ODNhOGZmNC1mNDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4D1C+uHUo3VdBtTbmXFIzxrM/VcyL/9j76k+ULLetTrEp9WtTqQx7LM9XWOx myLCtnOM9je4AI7TLRlxglBsune+7tjbd5ujdXDZ+ICE7NPZhlcrfXIEBHLmQhZE zMCnRj4LcijYNQni7x1fyCddBi/I4+aUkiZwRbHOpYHQ4Rozufxph0ihQf+6H+ns 93k9gm9FYCz7kb46M6zmixfypwR5ifr0vDWqXiu4+PieLrsEDkTwupMoh7LmcdS4 rsiune1jUsPAcZAxRcQA3/ygoKm2XmfUMKG248RJVWWe4oTIFSE7P+Gp2cqsthqd cmc89lB76BuUjrYOXG9KuTu8nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK9xEyXy e4MAIzW8gMJgjep5szH4MB8GA1UdIwQYMBaAFNmHLBk+GNwVH+Pvnimv6DEhsk0Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODIyRi81ODQyRDMwNEY3 RjAxMUVFOThDOEM5MkJDNEY5QUUwMi8yWWNzR1Q0WTNCVWY0LS1lS2Ffb01TR3lU UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJZY3NHVDRZM0JVZjQtLWVLYV9vTVNHeVRSQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB ODIyRi81ODQyRDMwNEY3RjAxMUVFOThDOEM5MkJDNEY5QUUwMi8yWWNzR1Q0WTNC VWY0LS1lS2Ffb01TR3lUUkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxbdB1QN1EomJqEAbnuL4MQAmikzrbrMrQxd5Nacd774aJog22Oydm tHNf1gMwdmW16rcj4CDg+6GMGVQe6fkAn4FllZ2EiISsTvcPCvoEsFhwV0tlF88b eSv99AX+1i6m8cJrddCxfr7jtViDdQjwzeLC1vF1eZtWelme3/5dvKSQBLR21An1 SAMF9IEqeICwe0RjsiBNqXlUHgsFoGgh+9wP4ig03XrgkcNvcirHGFV8+5rPwdBv af6tspwt6PKwFrZsSqn8mTrgOL3MicX98CNfPr/+RKAFIyQIjOLbpSftVuo/ZNNm il0Unwl2U/QX5lWV5a3r+yglXJlcP8Lb -----END CERTIFICATE-----Generated at Sat May 31 14:33:36 2025 by rpki-client