$ rpki-client -vvf rpki.apnic.net/member_repository/A91B49F2/82E4C2A0A6EE11E985F3B011C4F9AE02/yHO7YQuRPD7NxwiiZadLEUGnb1Q.mft File: yHO7YQuRPD7NxwiiZadLEUGnb1Q.mft (raw, json) Hash identifier: iAdYC4eI6p3J05GIbXNBiNqWgbX/3eTLSa0i2PFDe+w= Subject key identifier: 5A:74:FD:FB:81:35:FC:60:4B:5D:C9:18:C4:B0:60:4E:A8:06:B9:F1 Authority key identifier: C8:73:BB:61:0B:91:3C:3E:CD:C7:08:A2:65:A7:4B:11:41:A7:6F:54 Certificate issuer: /CN=A91B49F2/serialNumber=C873BB610B913C3ECDC708A265A74B1141A76F54 Certificate serial: 0E18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHO7YQuRPD7NxwiiZadLEUGnb1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B49F2/82E4C2A0A6EE11E985F3B011C4F9AE02/yHO7YQuRPD7NxwiiZadLEUGnb1Q.mft Manifest number: 0E04 Signing time: Sun 16 Feb 2025 18:14:23 +0000 Manifest this update: Sun 16 Feb 2025 18:14:22 +0000 Manifest next update: Sun 23 Feb 2025 18:14:22 +0000 Files and hashes: 1: yHO7YQuRPD7NxwiiZadLEUGnb1Q.crl (hash: +uLEM55HiaHW8kFrCdrZX4HWNKJVlbv1H5m8jOg6zCE=) 2: BB0AA59C0A3D11EB82ECEA4BC4F9AE02.roa (hash: ko6JuSH5KdHDRvbFAlQ/kuUaDfW5QK4Fi6pI4fCmc9Y=) 3: 79395BE68EB311EF9A8DFC3CC4F9AE02.roa (hash: IVs/EZ3aUjzucqrKlhAwA1VLfGJK+bUizU/goA1sqEo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B49F2/82E4C2A0A6EE11E985F3B011C4F9AE02/yHO7YQuRPD7NxwiiZadLEUGnb1Q.crl rsync://rpki.apnic.net/member_repository/A91B49F2/82E4C2A0A6EE11E985F3B011C4F9AE02/yHO7YQuRPD7NxwiiZadLEUGnb1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHO7YQuRPD7NxwiiZadLEUGnb1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3608 (0xe18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B49F2 Validity Not Before: Feb 16 18:14:22 2025 GMT Not After : Feb 23 18:14:22 2025 GMT Subject: CN=67b22afe-02b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:2e:31:c5:66:84:1f:dd:80:d3:74:86:ca:3f: 79:1b:42:7b:4d:57:32:d7:54:6c:22:8a:97:0f:af: cc:75:45:28:d6:8a:fc:30:bb:8c:f7:0b:cd:66:d4: 2f:dc:12:d8:ab:98:b6:6a:94:a7:5e:6d:15:c6:0a: 85:d3:c7:d8:52:9b:cc:f2:18:d7:31:f4:1c:f9:16: fe:0f:1e:b1:58:80:dd:68:df:47:1e:df:29:06:c0: 70:3b:cb:da:1e:ef:12:9c:27:b3:47:29:45:b4:a3: 60:9b:cc:e4:e0:b8:71:7c:34:9a:1e:bd:00:14:05: 88:51:8b:db:a4:9d:1d:5c:f4:53:2c:75:f5:ac:d1: b5:30:76:d4:c9:b4:73:26:5b:92:74:4d:1f:da:53: 96:66:65:cc:50:78:23:8f:2a:e3:a7:52:4a:c4:5f: 67:10:f8:71:ed:7c:e1:bf:5b:d5:89:44:1d:64:dc: 22:13:bb:4f:b4:71:a3:46:00:de:b6:3d:43:0d:00: e4:bd:10:74:7b:0c:38:cd:90:aa:ba:dc:db:20:ee: b4:ed:19:1e:9b:a7:3f:1f:54:07:db:9a:94:e3:90: dd:05:81:61:3d:5b:a2:f6:c4:d1:89:a9:d3:a1:d9: 36:55:e3:bc:4a:3a:06:75:4b:49:21:b6:bb:2b:cf: 49:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:74:FD:FB:81:35:FC:60:4B:5D:C9:18:C4:B0:60:4E:A8:06:B9:F1 X509v3 Authority Key Identifier: keyid:C8:73:BB:61:0B:91:3C:3E:CD:C7:08:A2:65:A7:4B:11:41:A7:6F:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B49F2/82E4C2A0A6EE11E985F3B011C4F9AE02/yHO7YQuRPD7NxwiiZadLEUGnb1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHO7YQuRPD7NxwiiZadLEUGnb1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B49F2/82E4C2A0A6EE11E985F3B011C4F9AE02/yHO7YQuRPD7NxwiiZadLEUGnb1Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:80:8e:66:2e:24:3b:8b:60:7c:f6:4d:70:ab:fe:74:55:dd: 4f:2a:8e:2e:1f:ee:f9:76:9e:32:af:16:7a:39:dd:98:7f:9a: a3:ef:cd:f2:bf:b9:23:fa:4d:4a:6d:a5:0c:62:c1:df:00:10: 2f:3a:10:e4:25:ae:1e:86:e4:e1:e0:2f:09:46:bf:ae:2c:d4: 9d:87:bd:6e:0e:5c:d9:32:bf:08:2d:bc:e4:17:d4:99:9d:3f: b1:58:0b:2c:04:7e:06:f9:bf:5a:18:93:74:51:12:64:41:9a: 09:ea:a5:d2:3a:f1:7e:60:ba:df:47:66:a3:5b:3b:49:f4:95: f5:02:d8:33:50:4d:2f:7d:00:05:ac:ff:13:ba:f9:07:41:06: 5f:75:5b:c3:73:bc:a5:f3:07:0e:88:9f:1e:eb:58:7b:e6:9d: 8f:4e:e9:75:77:aa:20:2e:4a:c9:08:92:9c:48:f8:71:e1:a0: 4f:bd:ef:4a:a1:65:ff:18:26:a8:5f:4f:ee:fb:80:f7:08:89: 5b:ff:58:6a:3f:95:89:39:ed:fd:75:54:e0:d9:c3:91:b4:8b: f0:ce:86:cb:72:56:e3:a7:e2:6c:7f:c2:91:e2:26:85:00:a1: 3f:60:ea:14:50:eb:aa:ae:a2:fb:b0:b9:14:ac:7e:05:d8:ee: dd:9f:77:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDhgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ5RjIxMTAvBgNVBAUTKEM4NzNCQjYxMEI5MTNDM0VDREM3MDhBMjY1QTc0QjEx NDFBNzZGNTQwHhcNMjUwMjE2MTgxNDIyWhcNMjUwMjIzMTgxNDIyWjAYMRYwFAYD VQQDEw02N2IyMmFmZS0wMmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqC4xxWaEH92A03SGyj95G0J7TVcy11RsIoqXD6/MdUUo1or8MLuM9wvNZtQv 3BLYq5i2apSnXm0VxgqF08fYUpvM8hjXMfQc+Rb+Dx6xWIDdaN9HHt8pBsBwO8va Hu8SnCezRylFtKNgm8zk4LhxfDSaHr0AFAWIUYvbpJ0dXPRTLHX1rNG1MHbUybRz JluSdE0f2lOWZmXMUHgjjyrjp1JKxF9nEPhx7Xzhv1vViUQdZNwiE7tPtHGjRgDe tj1DDQDkvRB0eww4zZCqutzbIO607Rkem6c/H1QH25qU45DdBYFhPVui9sTRianT odk2VeO8SjoGdUtJIba7K89JvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFp0/fuB NfxgS13JGMSwYE6oBrnxMB8GA1UdIwQYMBaAFMhzu2ELkTw+zccIomWnSxFBp29U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDlGMi84MkU0QzJBMEE2 RUUxMUU5ODVGM0IwMTFDNEY5QUUwMi95SE83WVF1UlBEN054d2lpWmFkTEVVR25i MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lITzdZUXVSUEQ3Tnh3aWlaYWRMRVVHbmIxUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDlGMi84MkU0QzJBMEE2RUUxMUU5ODVGM0IwMTFDNEY5QUUwMi95SE83WVF1UlBE N054d2lpWmFkTEVVR25iMVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5gI5mLiQ7i2B89k1wq/50Vd1PKo4uH+75dp4yrxZ6Od2Yf5qj783y v7kj+k1KbaUMYsHfABAvOhDkJa4ehuTh4C8JRr+uLNSdh71uDlzZMr8ILbzkF9SZ nT+xWAssBH4G+b9aGJN0URJkQZoJ6qXSOvF+YLrfR2ajWztJ9JX1AtgzUE0vfQAF rP8TuvkHQQZfdVvDc7yl8wcOiJ8e61h75p2PTul1d6ogLkrJCJKcSPhx4aBPve9K oWX/GCaoX0/u+4D3CIlb/1hqP5WJOe39dVTg2cORtIvwzobLclbjp+Jsf8KR4iaF AKE/YOoUUOuqrqL7sLkUrH4F2O7dn3fX -----END CERTIFICATE-----Generated at Wed Feb 19 22:19:31 2025 by rpki-client