$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft File: 4Y0K0YMT4gIg3qG4cW37310JzPg.mft (raw, json) Hash identifier: yyi2KalnFZC2XCvkk9R9W1HTA9PmFJvDpIvC2fHIksQ= Subject key identifier: 86:70:7F:26:6C:E5:DA:FC:05:36:F3:F6:4A:44:33:3B:07:51:B0:FF Authority key identifier: E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 Certificate issuer: /CN=A91DBB66/serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Certificate serial: 0B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft Manifest number: 0A Signing time: Sat 31 May 2025 07:40:23 +0000 Manifest this update: Sat 31 May 2025 07:40:23 +0000 Manifest next update: Sat 07 Jun 2025 07:40:22 +0000 Files and hashes: 1: 4Y0K0YMT4gIg3qG4cW37310JzPg.crl (hash: /XDTz3WdY9r5kQ2MIHjgXhF567UJTIRNZZ3X/2Wznu8=) 2: 099A56FE2FB311F09E3A9373C4F9AE02.roa (hash: sYm1njcpqxRyWUyO/hT/cLuL7UzC32ND0ecCegqvrbA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:40:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBB66, serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Validity Not Before: May 31 07:40:23 2025 GMT Not After : Jun 7 07:40:22 2025 GMT Subject: CN=683ab267-08ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f2:36:c4:23:c7:c0:cc:13:ec:a9:cb:86:cc: e7:9b:31:d7:d2:94:c6:95:54:ad:77:f6:fe:46:15: 4e:90:cf:29:e9:6b:d1:72:b4:1e:0d:19:c4:6b:1c: 27:57:56:a2:cd:fb:bc:a7:6f:0d:83:fb:88:55:90: da:2b:78:01:65:32:7a:cc:3f:f3:f3:45:45:e4:a1: 9c:6e:48:27:7d:bf:78:bf:76:01:fd:16:16:00:b0: 54:33:b6:a2:b3:d9:fc:bf:27:db:ce:97:dc:fd:d6: 41:30:42:e5:64:e7:02:d3:af:94:17:c0:6b:84:be: 45:4e:9f:ff:64:d5:92:7a:d2:74:b0:f9:34:b6:be: 04:56:fc:4c:09:c4:c3:7b:9d:41:d2:9c:85:29:e8: a0:b4:58:8c:ca:34:03:b5:63:d4:a7:af:d6:12:fb: 74:54:53:af:ac:e7:60:07:e5:24:41:b7:95:15:fa: c0:ce:86:17:c4:49:89:88:e7:8c:43:4c:d8:5a:1b: 5d:bc:6e:24:c2:22:f2:42:2a:02:e6:d5:ed:9e:c0: 11:2d:36:68:c7:48:29:22:1f:d2:89:77:0d:bf:d2: 9d:df:b2:d7:0b:5b:48:7b:f5:93:25:b8:de:df:0d: 94:38:b9:24:6d:3f:ad:db:0b:65:d9:18:24:b2:d9: 47:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:70:7F:26:6C:E5:DA:FC:05:36:F3:F6:4A:44:33:3B:07:51:B0:FF X509v3 Authority Key Identifier: keyid:E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:d1:30:a5:75:18:6e:74:25:32:ce:b9:64:70:1b:ba:96:35: 68:f9:b6:52:b7:fb:85:dc:43:3a:8d:69:63:20:38:6f:ae:8e: c1:69:a2:c4:ac:b2:98:f5:a0:ca:cf:a5:17:e5:e9:fe:b9:1e: 4e:55:58:3a:99:2c:16:03:7a:25:bd:fa:c7:89:84:71:5d:ce: 41:e0:e3:eb:16:b3:0e:a7:01:3e:ad:a5:9d:e0:be:92:be:b0: b9:92:86:4a:b0:25:d7:b5:b9:17:e3:58:99:25:eb:6c:60:4d: 19:0c:6b:84:50:eb:5f:be:24:85:ae:3f:0c:95:d1:5c:40:85: bd:25:cc:94:dd:7e:19:fe:5f:d5:0c:d1:d6:f5:5a:2e:2e:34: 4b:fa:6a:ee:1c:91:70:9f:a0:2f:45:35:c4:0c:93:89:30:1b: e3:4b:fc:df:f0:d4:86:e3:0f:bd:a3:27:24:68:2d:ee:b4:3a: aa:fa:d9:29:a2:78:86:9e:2f:8b:e0:96:ea:7f:88:3b:d7:1a: e6:80:7c:c2:32:2c:db:ae:84:12:4d:5a:cf:4a:36:61:f5:07: 74:3a:0b:79:ae:d6:e1:f9:c0:11:5a:d8:eb:8a:98:a6:f0:ae: e9:2c:3e:0b:80:5d:c1:24:4b:e2:47:50:3f:b7:7c:a7:50:b8: e8:28:e7:07 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkI2NjExMC8GA1UEBRMoRTE4RDBBRDE4MzEzRTIwMjIwREVBMUI4NzE2REZCREY1 RDA5Q0NGODAeFw0yNTA1MzEwNzQwMjNaFw0yNTA2MDcwNzQwMjJaMBgxFjAUBgNV BAMTDTY4M2FiMjY3LTA4YWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDI8jbEI8fAzBPsqcuGzOebMdfSlMaVVK139v5GFU6Qzynpa9FytB4NGcRrHCdX VqLN+7ynbw2D+4hVkNoreAFlMnrMP/PzRUXkoZxuSCd9v3i/dgH9FhYAsFQztqKz 2fy/J9vOl9z91kEwQuVk5wLTr5QXwGuEvkVOn/9k1ZJ60nSw+TS2vgRW/EwJxMN7 nUHSnIUp6KC0WIzKNAO1Y9Snr9YS+3RUU6+s52AH5SRBt5UV+sDOhhfESYmI54xD TNhaG128biTCIvJCKgLm1e2ewBEtNmjHSCkiH9KJdw2/0p3fstcLW0h79ZMluN7f DZQ4uSRtP63bC2XZGCSy2UcRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhnB/Jmzl 2vwFNvP2SkQzOwdRsP8wHwYDVR0jBBgwFoAU4Y0K0YMT4gIg3qG4cW37310JzPgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQjY2LzBDMEQ4MERFMkZB QzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJZzNxRzRjVzM3MzEwSnpQ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFkwSzBZTVQ0Z0lnM3FHNGNXMzczMTBKelBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QjY2LzBDMEQ4MERFMkZBQzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJ ZzNxRzRjVzM3MzEwSnpQZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKPRMKV1GG50JTLOuWRwG7qWNWj5tlK3+4XcQzqNaWMgOG+ujsFposSs spj1oMrPpRfl6f65Hk5VWDqZLBYDeiW9+seJhHFdzkHg4+sWsw6nAT6tpZ3gvpK+ sLmShkqwJde1uRfjWJkl62xgTRkMa4RQ61++JIWuPwyV0VxAhb0lzJTdfhn+X9UM 0db1Wi4uNEv6au4ckXCfoC9FNcQMk4kwG+NL/N/w1IbjD72jJyRoLe60Oqr62Smi eIaeL4vglup/iDvXGuaAfMIyLNuuhBJNWs9KNmH1B3Q6C3mu1uH5wBFa2OuKmKbw ruksPguAXcEkS+JHUD+3fKdQuOgo5wc= -----END CERTIFICATE-----Generated at Sat May 31 17:01:21 2025 by rpki-client