$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft File: yL8GWnSCLvjMYvSlTlnVhxILb0c.mft (raw, json) Hash identifier: 5J1G8FkaldPhBaYIUFauacKFO3Fc3EqZq3BIiLGdDso= Subject key identifier: 5B:8D:42:82:3A:A6:96:29:37:05:EE:54:97:52:54:99:B6:1B:5F:EE Authority key identifier: C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 Certificate issuer: /CN=A91E85F1/serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft Manifest number: 20 Signing time: Sat 31 May 2025 07:26:45 +0000 Manifest this update: Sat 31 May 2025 07:26:44 +0000 Manifest next update: Sat 07 Jun 2025 07:26:44 +0000 Files and hashes: 1: yL8GWnSCLvjMYvSlTlnVhxILb0c.crl (hash: XCwEDXKoYD+tkdI7iDhnQcwSRRzVYq1gR41EZjZs83k=) 2: 4D144B780DFE11F09C46E054C4F9AE02.roa (hash: rxfflXV8vQ/KWVF6kuCP1iokmRw18P+QAjN4iDWpgsI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:26:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47 Validity Not Before: May 31 07:26:44 2025 GMT Not After : Jun 7 07:26:44 2025 GMT Subject: CN=683aaf34-996d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:5d:2c:e6:76:f9:4c:58:58:f0:d2:64:c3:36: 61:58:d5:8b:be:11:f1:5f:90:27:5f:40:64:90:71: d1:c9:8c:c9:ce:42:0a:8d:84:f4:ff:3c:1c:53:3b: 4e:c6:50:ca:83:59:0a:b3:24:dc:fd:a8:2a:68:00: 3e:76:9b:44:b2:05:3b:8c:5a:6c:27:25:86:6f:58: c9:9e:ae:84:18:a8:98:88:4a:28:b8:2a:33:42:12: 31:af:77:57:45:f0:87:d6:43:06:0a:f8:8c:e8:3c: 42:64:c3:13:8b:76:f5:b8:3a:93:0d:82:6f:1a:a7: 7d:3e:d8:a2:f2:ca:a1:c5:f7:9e:e2:6e:90:98:d5: f5:82:e5:87:07:42:c4:49:56:01:63:4a:ab:98:57: 63:27:48:a5:d6:7e:a6:0e:7d:20:05:3a:44:bf:72: 19:c2:37:44:b1:bf:91:ce:64:75:16:ba:7e:ef:28: 70:95:6d:74:42:b5:1d:2e:c2:45:8b:a3:18:1f:9f: f3:39:26:86:34:43:63:ec:0b:d5:68:e9:ee:27:16: 4d:8d:95:7b:e6:8c:94:55:45:cd:db:85:50:52:e4: 6e:ae:fd:21:f6:76:bc:3b:07:30:a6:4d:de:4f:00: 33:b5:30:7b:b6:c1:d3:ea:2d:7a:67:ca:06:06:44: c4:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:8D:42:82:3A:A6:96:29:37:05:EE:54:97:52:54:99:B6:1B:5F:EE X509v3 Authority Key Identifier: keyid:C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:fc:30:2a:c6:fd:9f:49:e8:cc:bf:59:14:f3:0b:f7:b8:12: f3:5f:b6:d8:cf:c7:f2:d7:05:47:f9:73:01:19:a1:df:14:e5: 00:bf:df:bf:83:3b:a9:f3:5a:46:fd:81:a1:d2:ab:09:3c:99: 99:71:47:a0:7b:c9:1b:f3:39:9a:19:ce:23:db:ea:2b:df:c8: 76:db:7f:02:55:12:97:56:d2:53:4a:11:fc:c7:29:03:4c:87: d6:e1:cc:9c:6e:45:e6:17:2b:54:ea:fd:c7:3d:97:e6:e6:4a: 93:50:87:a9:06:2b:4d:04:87:0f:f3:6d:e8:49:50:81:c2:59: ee:19:ef:3b:a6:04:29:fe:6b:3a:5e:e9:96:b8:05:f1:26:d8: a6:3a:53:45:cf:61:aa:69:9f:26:22:35:0e:7a:f5:a4:85:c8: 3c:9a:27:ab:df:91:0c:9a:27:e4:ff:63:bd:c4:59:68:94:dc: 2f:3a:2c:05:92:59:54:25:f3:95:37:bf:a6:ae:4c:ba:12:c6: 6f:5b:d5:37:f2:78:ec:64:3a:99:d8:04:36:d1:a5:fd:83:fb: 02:9d:bf:bd:a3:50:e3:fc:de:2a:77:2b:0e:c9:1b:be:da:a2: ca:80:79:1b:32:3c:2f:4a:05:58:f3:9c:a4:a0:8f:cd:b6:25: fb:27:2b:3b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoQzhCRjA2NUE3NDgyMkVGOENDNjJGNEE1NEU1OUQ1ODcx MjBCNkY0NzAeFw0yNTA1MzEwNzI2NDRaFw0yNTA2MDcwNzI2NDRaMBgxFjAUBgNV BAMTDTY4M2FhZjM0LTk5NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyXSzmdvlMWFjw0mTDNmFY1Yu+EfFfkCdfQGSQcdHJjMnOQgqNhPT/PBxTO07G UMqDWQqzJNz9qCpoAD52m0SyBTuMWmwnJYZvWMmeroQYqJiISii4KjNCEjGvd1dF 8IfWQwYK+IzoPEJkwxOLdvW4OpMNgm8ap30+2KLyyqHF957ibpCY1fWC5YcHQsRJ VgFjSquYV2MnSKXWfqYOfSAFOkS/chnCN0Sxv5HOZHUWun7vKHCVbXRCtR0uwkWL oxgfn/M5JoY0Q2PsC9Vo6e4nFk2NlXvmjJRVRc3bhVBS5G6u/SH2drw7BzCmTd5P ADO1MHu2wdPqLXpnygYGRMQ3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUW41Cgjqm lik3Be5Ul1JUmbYbX+4wHwYDVR0jBBgwFoAUyL8GWnSCLvjMYvSlTlnVhxILb0cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzZBQTRENjBBMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZqTVl2U2xUbG5WaHhJTGIw Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUw4R1duU0NMdmpNWXZTbFRsblZoeElMYjBjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzZBQTRENjBBMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyL3lMOEdXblNDTHZq TVl2U2xUbG5WaHhJTGIwYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAD8MCrG/Z9J6My/WRTzC/e4EvNfttjPx/LXBUf5cwEZod8U5QC/37+D O6nzWkb9gaHSqwk8mZlxR6B7yRvzOZoZziPb6ivfyHbbfwJVEpdW0lNKEfzHKQNM h9bhzJxuReYXK1Tq/cc9l+bmSpNQh6kGK00Ehw/zbehJUIHCWe4Z7zumBCn+azpe 6Za4BfEm2KY6U0XPYappnyYiNQ569aSFyDyaJ6vfkQyaJ+T/Y73EWWiU3C86LAWS WVQl85U3v6auTLoSxm9b1TfyeOxkOpnYBDbRpf2D+wKdv72jUOP83ip3Kw7JG77a osqAeRsyPC9KBVjznKSgj822JfsnKzs= -----END CERTIFICATE-----Generated at Sat May 31 16:42:10 2025 by rpki-client