$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft File: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft (raw, json) Hash identifier: 52bV97bc4e9YIT1aCaHblMrP12bi+kd9XEzk2kr8D4I= Subject key identifier: CA:E6:50:90:E5:0B:98:DD:FB:90:93:37:7B:7E:4A:98:D3:5C:79:4A Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Certificate serial: 0476 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft Manifest number: 045D Signing time: Sat 05 Apr 2025 00:16:34 +0000 Manifest this update: Sat 05 Apr 2025 00:16:33 +0000 Manifest next update: Sat 12 Apr 2025 00:16:33 +0000 Files and hashes: 1: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl (hash: oimpOV6SlFp/FgPUsUm2xNQJSGe8NJ9YhqklLEsZ+Vc=) 2: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (hash: 4by10ick3aOPoEwL9MxmYZych/O61DB95JCCfpjs2l0=) 3: 52B98FDA46AF11ECB113AA4BC4F9AE02.roa (hash: zdWwyK62ezTqtldMx3AFhd08v1ee56JEEEGh/b+1bK8=) 4: 35A2418C45AE11ECB857890EC4F9AE02.roa (hash: yt5ul2v37If2OMAgvwlcXNvNlpOeU9vk4N82gRjp7ro=) 5: 9896BA2EB6DE11EC8DB17172C4F9AE02.roa (hash: tkC8VFhPaMMB7xHukmlTC8vVY5Lai1noTB/JDIdLAEc=) 6: 351AC73E45AE11ECB857890EC4F9AE02.roa (hash: ofwlwfDv/f2slgSdPa6hT78BUtn3LBZ837QvOITSXas=) 7: 346A2B4045AE11ECB857890EC4F9AE02.roa (hash: y6Yo94bVO58GlNbuqBWAfuC5sCH6iiyxweKo6sloNrk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 00:16:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1142 (0x476) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4357 Validity Not Before: Apr 5 00:16:33 2025 GMT Not After : Apr 12 00:16:33 2025 GMT Subject: CN=67f07662-6d12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:24:78:2d:b6:39:27:b5:4a:e9:cb:c6:d4:ef: ae:27:4f:e6:4a:78:ea:52:ca:be:e8:83:21:de:4a: 6e:f8:3f:a3:8a:e9:3f:9f:a4:43:b6:26:e9:f9:85: 78:ff:6f:fb:0b:1f:85:1c:ba:8e:3d:5c:ce:6d:29: 3a:00:43:ec:96:0e:0f:ac:cb:1e:c8:05:2f:a0:84: 92:15:30:16:ef:ff:ae:d2:a6:f5:1a:19:c0:d3:c2: 61:12:a0:bd:6d:c4:34:34:0b:c2:33:29:79:a0:29: 2e:2e:ac:ee:29:fc:c7:84:56:04:7a:b8:7f:80:73: 3c:b4:21:fa:e7:7d:77:b6:52:94:dd:4a:2b:8e:d8: 73:51:f0:04:e9:2e:ee:7a:4b:e2:78:77:da:75:a3: 9f:c3:ca:94:6c:44:47:fb:c8:a8:c8:73:97:54:c4: 4a:2a:37:cb:1e:fd:c1:fc:16:a0:85:20:3e:ba:8e: e1:e8:9b:64:1f:05:1f:cd:e6:81:45:a8:e4:f3:79: 86:05:92:90:2c:dd:da:af:61:dd:b3:4c:85:99:9b: b7:a0:ef:b0:01:bf:f4:e1:33:6e:60:2f:78:3a:cb: 03:2f:ee:32:40:37:3b:05:7f:dc:dd:61:a6:4f:99: 63:f7:b6:91:1b:e1:2e:e9:86:ea:59:13:97:df:2b: 3b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:E6:50:90:E5:0B:98:DD:FB:90:93:37:7B:7E:4A:98:D3:5C:79:4A X509v3 Authority Key Identifier: keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:d6:9d:ae:29:f1:2b:48:a9:e2:61:c4:c4:fe:2a:e1:9f:f6: ce:de:52:02:44:3e:c0:81:d0:81:dd:d7:80:63:4e:c6:c5:e2: f6:9a:d4:38:ca:d4:ea:9b:6e:06:b6:2b:78:c0:42:5e:45:03: 3c:80:1f:ce:20:f3:60:5f:6b:d9:ed:20:05:3b:bb:8e:f4:7a: f2:3a:e3:f0:6f:97:92:08:0b:26:ac:a5:4a:db:3a:ff:a7:59: 7a:8b:fa:1c:51:f5:9a:56:d4:d9:0c:df:95:ad:3f:b0:3d:fb: da:62:6a:7a:65:51:33:d6:85:a8:2d:53:35:c1:7a:b5:85:cf: a0:25:1e:07:e2:38:28:2f:ac:e2:81:25:9d:24:da:6f:ea:ee: 76:bd:ee:7e:ea:53:0e:b3:aa:61:aa:de:36:06:79:e9:46:c0: a0:9d:99:31:f0:35:33:fb:4f:4c:d5:6f:4c:0e:05:83:ff:5f: 4f:a1:2d:14:29:f0:d0:cb:8e:15:92:9d:9a:17:c2:17:d3:b8: 52:f4:6e:29:33:b7:61:54:9c:40:c4:1d:0a:dc:2d:e0:f9:af: 79:e9:77:b3:f5:3d:a2:8b:a4:c3:ea:c3:0c:0f:69:64:7c:09: c5:07:74:0d:c4:18:2a:66:52:d0:44:00:f7:f6:74:07:4a:63: 11:ba:fa:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB RDYxNjk3MUEwHhcNMjUwNDA1MDAxNjMzWhcNMjUwNDEyMDAxNjMzWjAYMRYwFAYD VQQDEw02N2YwNzY2Mi02ZDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3yR4LbY5J7VK6cvG1O+uJ0/mSnjqUsq+6IMh3kpu+D+jiuk/n6RDtibp+YV4 /2/7Cx+FHLqOPVzObSk6AEPslg4PrMseyAUvoISSFTAW7/+u0qb1GhnA08JhEqC9 bcQ0NAvCMyl5oCkuLqzuKfzHhFYEerh/gHM8tCH65313tlKU3UorjthzUfAE6S7u ekvieHfadaOfw8qUbERH+8ioyHOXVMRKKjfLHv3B/BaghSA+uo7h6JtkHwUfzeaB Rajk83mGBZKQLN3ar2Hds0yFmZu3oO+wAb/04TNuYC94OssDL+4yQDc7BX/c3WGm T5lj97aRG+Eu6YbqWROX3ys7/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMrmUJDl C5jd+5CTN3t+SpjTXHlKMB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1 QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDM1Ny9CODRCMTBFQzQ1QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJY bVQ2TmdibjVlWTJ0WVdseG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBV1p2uKfErSKniYcTE/irhn/bO3lICRD7AgdCB3deAY07GxeL2mtQ4 ytTqm24Gtit4wEJeRQM8gB/OIPNgX2vZ7SAFO7uO9HryOuPwb5eSCAsmrKVK2zr/ p1l6i/ocUfWaVtTZDN+VrT+wPfvaYmp6ZVEz1oWoLVM1wXq1hc+gJR4H4jgoL6zi gSWdJNpv6u52ve5+6lMOs6phqt42BnnpRsCgnZkx8DUz+09M1W9MDgWD/19PoS0U KfDQy44Vkp2aF8IX07hS9G4pM7dhVJxAxB0K3C3g+a956Xez9T2ii6TD6sMMD2lk fAnFB3QNxBgqZlLQRAD39nQHSmMRuvql -----END CERTIFICATE-----Generated at Sun Apr 6 02:31:32 2025 by rpki-client