$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft File: y_Kp2oisCPjVEG3svXLW-gnIGOk.mft (raw, json) Hash identifier: 9CBkzBKZgB6lOxPDY7+5jwDVhdzq4frMCJuxnNc1MMI= Subject key identifier: FE:CF:AA:D4:CB:F4:13:EC:FB:2B:33:7C:2F:66:97:61:12:35:A7:40 Authority key identifier: CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 Certificate issuer: /CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Certificate serial: 0F22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft Manifest number: 0F19 Signing time: Fri 30 May 2025 17:48:46 +0000 Manifest this update: Fri 30 May 2025 17:48:45 +0000 Manifest next update: Fri 06 Jun 2025 17:48:45 +0000 Files and hashes: 1: y_Kp2oisCPjVEG3svXLW-gnIGOk.crl (hash: kpTaxLEeyc52t9HvuER/vS561OpKNj3nfBhbvHkkst8=) 2: 4ECF0A4C765C11E9A01A6E34C4F9AE02.roa (hash: pLwEgd+VwWLgIg3V6a+yYMrZGmHsHcB345LFbQql9+8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:48:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3874 (0xf22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5C25, serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Validity Not Before: May 30 17:48:45 2025 GMT Not After : Jun 6 17:48:45 2025 GMT Subject: CN=6839ef7d-b74e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cd:c8:f3:c5:70:bc:c3:52:6d:60:97:b4:56: df:a6:d1:7f:fc:0a:14:64:7c:ec:c0:4e:c9:00:03: 64:aa:b6:23:6a:1a:57:9a:2e:0b:ae:81:0f:ea:23: 76:32:62:6f:d4:83:15:c9:12:4f:63:61:e8:1c:28: ea:b4:81:74:bc:01:4f:ff:fc:66:f9:d4:6c:63:ae: 3c:d9:af:ed:99:98:fe:01:c1:37:86:0b:ea:0e:99: 60:16:ab:4e:fd:4b:ea:34:8a:c6:6a:90:3b:ee:d3: 0c:53:55:90:c3:a4:4b:ad:72:0b:dd:0d:d2:b7:fd: 2d:a7:a4:2e:7c:ff:68:d8:97:7b:32:87:20:00:db: aa:bc:02:dd:7b:b3:33:12:bb:0a:28:8f:54:f3:e0: 57:5c:ae:66:fa:fc:7d:22:39:a2:bd:2f:d5:50:68: 1a:b9:3c:06:9a:21:6c:eb:01:ad:3a:e3:dd:5a:94: 5d:11:8f:fd:00:1f:b9:5b:98:0d:48:78:6f:0c:7b: 74:71:fb:7f:6b:0c:43:7d:82:6a:a7:cd:5e:f6:51: 83:e3:64:29:62:59:94:6a:39:a7:f6:14:82:02:e2: 3c:29:7e:f0:1d:29:25:0e:cd:14:84:2f:0f:56:83: 77:f5:2a:e5:e6:44:d4:fd:12:5a:0e:74:fb:9b:a8: ac:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:CF:AA:D4:CB:F4:13:EC:FB:2B:33:7C:2F:66:97:61:12:35:A7:40 X509v3 Authority Key Identifier: keyid:CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:06:6b:b7:b7:cd:15:3d:38:fb:2f:dc:d8:18:c4:ea:ec:8d: 42:80:c1:33:61:f8:2d:73:82:c7:5c:d1:36:88:1e:a2:e8:04: e3:ad:3b:cd:82:3a:13:66:71:5d:67:95:89:41:d9:c9:29:4b: 88:82:64:26:69:f3:38:70:a8:fd:0d:01:ef:b2:84:d7:a1:4c: e4:2e:5f:f0:8b:04:5c:3a:01:04:0d:62:09:23:bf:50:e4:0f: e6:e0:4b:d3:99:65:a1:77:64:a7:aa:86:87:9e:65:9c:e1:9d: c0:3c:c0:ad:26:b4:2b:31:64:be:9c:36:b9:e5:29:b0:02:f8: 3a:31:be:9d:86:86:ec:7a:2f:35:2f:0a:2d:f7:84:cf:20:51: d0:a4:72:16:00:24:1f:f5:4b:54:5a:98:00:93:e9:ed:38:3b: 4a:e9:7c:c5:96:84:1c:07:ce:c2:db:d3:db:11:f4:d6:69:3e: a2:e9:a8:83:72:da:89:d2:ac:79:cd:6b:40:0c:45:03:e0:e4: 7e:5c:ec:fc:66:d1:45:d2:a7:41:7e:5f:3a:ca:72:c9:8c:8a: fc:18:0b:61:0c:38:2a:bb:eb:db:4f:b8:4d:23:25:0e:91:1b: a1:93:b5:29:15:87:26:a8:03:c6:38:33:89:55:70:37:ea:70: 39:c0:21:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDyIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVDMjUxMTAvBgNVBAUTKENCRjJBOURBODhBQzA4RjhENTEwNkRFQ0JENzJENkZB MDlDODE4RTkwHhcNMjUwNTMwMTc0ODQ1WhcNMjUwNjA2MTc0ODQ1WjAYMRYwFAYD VQQDEw02ODM5ZWY3ZC1iNzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzM3I88VwvMNSbWCXtFbfptF//AoUZHzswE7JAANkqrYjahpXmi4LroEP6iN2 MmJv1IMVyRJPY2HoHCjqtIF0vAFP//xm+dRsY6482a/tmZj+AcE3hgvqDplgFqtO /UvqNIrGapA77tMMU1WQw6RLrXIL3Q3St/0tp6QufP9o2Jd7MocgANuqvALde7Mz ErsKKI9U8+BXXK5m+vx9IjmivS/VUGgauTwGmiFs6wGtOuPdWpRdEY/9AB+5W5gN SHhvDHt0cft/awxDfYJqp81e9lGD42QpYlmUajmn9hSCAuI8KX7wHSklDs0UhC8P VoN39Srl5kTU/RJaDnT7m6is6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7PqtTL 9BPs+yszfC9ml2ESNadAMB8GA1UdIwQYMBaAFMvyqdqIrAj41RBt7L1y1voJyBjp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUMyNS82ODdBMTBBNjc2 NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQalZFRzNzdlhMVy1nbklH T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lfS3Ayb2lzQ1BqVkVHM3N2WExXLWduSUdPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUMyNS82ODdBMTBBNjc2NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQ alZFRzNzdlhMVy1nbklHT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAABmu3t80VPTj7L9zYGMTq7I1CgMEzYfgtc4LHXNE2iB6i6ATjrTvN gjoTZnFdZ5WJQdnJKUuIgmQmafM4cKj9DQHvsoTXoUzkLl/wiwRcOgEEDWIJI79Q 5A/m4EvTmWWhd2SnqoaHnmWc4Z3APMCtJrQrMWS+nDa55SmwAvg6Mb6dhobsei81 Lwot94TPIFHQpHIWACQf9UtUWpgAk+ntODtK6XzFloQcB87C29PbEfTWaT6i6aiD ctqJ0qx5zWtADEUD4OR+XOz8ZtFF0qdBfl86ynLJjIr8GAthDDgqu+vbT7hNIyUO kRuhk7UpFYcmqAPGODOJVXA36nA5wCGM -----END CERTIFICATE-----Generated at Sat May 31 17:53:13 2025 by rpki-client