$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft File: cYQNfZjFz5vWvrRIatRnQGXxR0E.mft (raw, json) Hash identifier: TOAnGYYFpLjjwzqjQSD6hIRxX9ddV66PJyle2EwMpkA= Subject key identifier: 7A:F7:9A:7F:78:04:15:AC:3D:8B:AF:2A:02:A8:F6:A3:3C:18:BC:51 Authority key identifier: 71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 Certificate issuer: /CN=A91B7B61/serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Certificate serial: 05AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft Manifest number: 05A9 Signing time: Fri 30 May 2025 23:22:28 +0000 Manifest this update: Fri 30 May 2025 23:22:28 +0000 Manifest next update: Fri 06 Jun 2025 23:22:28 +0000 Files and hashes: 1: cYQNfZjFz5vWvrRIatRnQGXxR0E.crl (hash: QrQiFrrrsc+tEK4O59ADeg0G+2NiJxh9kdcNE+iUs5M=) 2: C2EFC706CAAE11EBA95C5E64C4F9AE02.roa (hash: CjCSmslBUSukL+VQeriKJzpmD5FpwHuT7xL5fJExCAg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:22:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1453 (0x5ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B61, serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Validity Not Before: May 30 23:22:28 2025 GMT Not After : Jun 6 23:22:28 2025 GMT Subject: CN=683a3db4-1c2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:5b:4b:61:dd:0d:78:b0:eb:27:d6:28:e6:ed: ac:ff:24:ed:f5:1b:0b:d3:af:6b:7a:69:d9:9a:a3: 31:a6:74:ab:98:48:7b:11:24:75:80:f3:c5:c7:91: 01:bc:63:c4:e6:7a:e7:9d:a3:ab:b6:f9:8c:5d:0d: c0:64:21:ef:03:57:61:61:6e:15:b4:94:2c:9e:c5: e8:af:cc:ea:60:36:a4:ba:87:e7:2f:e8:47:ac:71: 13:ca:f7:d8:a4:11:53:6b:ff:4e:50:26:49:c6:4e: 7c:91:67:40:6d:12:2e:b4:a8:02:49:67:9c:8f:97: d9:59:26:16:04:77:18:f8:cd:ef:d3:96:b5:5a:02: 9d:eb:ea:0e:e3:20:3a:85:2f:b4:81:05:42:6f:c8: b8:14:42:75:6a:78:c9:a5:02:82:67:5c:a5:f2:0d: 57:fc:0f:32:dc:22:c1:c9:3e:ec:9f:86:d7:ba:28: 21:a6:7e:8f:3c:50:8e:69:3c:b2:8e:cb:e0:64:55: 29:64:15:b4:2f:6e:c9:bd:73:b5:32:57:7c:25:26: 7e:d8:2e:2a:20:22:2a:11:d8:bc:da:7f:97:86:44: 70:b9:dc:fc:66:2c:5f:6e:4a:28:32:c7:68:15:d7: ad:3c:26:19:25:85:a7:ee:41:90:2a:69:7d:db:3d: 40:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:F7:9A:7F:78:04:15:AC:3D:8B:AF:2A:02:A8:F6:A3:3C:18:BC:51 X509v3 Authority Key Identifier: keyid:71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:18:f2:7b:b4:1d:63:ed:00:e1:11:27:57:8a:f6:b5:2b:e5: 5f:1d:35:46:af:f1:39:f7:94:a5:97:bf:a0:a0:e7:f8:9b:f2: b1:4c:fd:e4:63:92:a8:d5:20:77:5e:02:9f:34:86:1a:56:f7: 18:87:73:e1:9d:0d:7c:3e:bf:5f:86:56:e2:00:e5:62:71:f5: e4:89:5c:1f:01:ad:0f:f0:20:72:43:60:8c:f6:e4:60:6a:ee: 72:ce:9f:98:ad:6e:db:82:bc:2b:cb:2e:af:67:3f:eb:51:14: be:00:49:ac:6d:1b:60:91:06:60:82:7e:94:fb:b9:d2:bd:43: 94:70:1b:f6:69:f9:36:c9:bb:8d:a3:14:73:a5:c2:d3:29:32: 76:23:a7:27:c9:68:b3:52:46:f4:2d:d2:1d:49:c6:62:f5:ef: 55:54:ee:0b:e6:5c:6c:d7:f1:f4:69:39:8f:01:71:73:5f:3d: f6:4a:52:b2:1f:a1:67:6a:da:83:d1:bc:b8:ce:eb:4c:a9:91: 0b:e2:4e:2c:77:7a:c9:57:4d:04:ac:85:19:dd:82:2b:bf:0e: d2:44:2f:a9:d0:bb:dd:45:67:8c:87:13:27:48:fb:ba:9c:2b: ca:30:3b:1d:ed:fd:da:73:b4:88:a0:64:99:0d:4f:c3:ed:29: 0f:57:aa:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCNjExMTAvBgNVBAUTKDcxODQwRDdEOThDNUNGOUJENkJFQjQ0ODZBRDQ2NzQw NjVGMTQ3NDEwHhcNMjUwNTMwMjMyMjI4WhcNMjUwNjA2MjMyMjI4WjAYMRYwFAYD VQQDEw02ODNhM2RiNC0xYzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo1tLYd0NeLDrJ9Yo5u2s/yTt9RsL069remnZmqMxpnSrmEh7ESR1gPPFx5EB vGPE5nrnnaOrtvmMXQ3AZCHvA1dhYW4VtJQsnsXor8zqYDakuofnL+hHrHETyvfY pBFTa/9OUCZJxk58kWdAbRIutKgCSWecj5fZWSYWBHcY+M3v05a1WgKd6+oO4yA6 hS+0gQVCb8i4FEJ1anjJpQKCZ1yl8g1X/A8y3CLByT7sn4bXuighpn6PPFCOaTyy jsvgZFUpZBW0L27JvXO1Mld8JSZ+2C4qICIqEdi82n+XhkRwudz8ZixfbkooMsdo FdetPCYZJYWn7kGQKml92z1AvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHr3mn94 BBWsPYuvKgKo9qM8GLxRMB8GA1UdIwQYMBaAFHGEDX2Yxc+b1r60SGrUZ0Bl8UdB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0I2MS9CRTY4RDMwMkNB QUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1dld2clJJYXRSblFHWHhS MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NZUU5mWmpGejV2V3ZyUklhdFJuUUdYeFIwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0I2MS9CRTY4RDMwMkNBQUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1 dld2clJJYXRSblFHWHhSMEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdGPJ7tB1j7QDhESdXiva1K+VfHTVGr/E595Sll7+goOf4m/KxTP3k Y5Ko1SB3XgKfNIYaVvcYh3PhnQ18Pr9fhlbiAOVicfXkiVwfAa0P8CByQ2CM9uRg au5yzp+YrW7bgrwryy6vZz/rURS+AEmsbRtgkQZggn6U+7nSvUOUcBv2afk2ybuN oxRzpcLTKTJ2I6cnyWizUkb0LdIdScZi9e9VVO4L5lxs1/H0aTmPAXFzXz32SlKy H6FnatqD0by4zutMqZEL4k4sd3rJV00ErIUZ3YIrvw7SRC+p0LvdRWeMhxMnSPu6 nCvKMDsd7f3ac7SIoGSZDU/D7SkPV6pr -----END CERTIFICATE-----Generated at Sat May 31 16:59:23 2025 by rpki-client