$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.mft File: 1Ycen8b73n3HG36JXIoEw9ACHYU.mft (raw, json) Hash identifier: QHb3J5naJUpIEujT0+F4n5lEPjmXYJi+ErTn/eTl53o= Subject key identifier: 18:FB:00:AD:EE:47:E5:1A:FA:9D:F4:4D:F9:BF:24:49:EF:29:27:47 Authority key identifier: D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85 Certificate issuer: /CN=A91F8A49/serialNumber=D5871E9FC6FBDE7DC71B7E895C8A04C3D0021D85 Certificate serial: 014F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.mft Manifest number: 014B Signing time: Sat 31 May 2025 03:54:43 +0000 Manifest this update: Sat 31 May 2025 03:54:43 +0000 Manifest next update: Sat 07 Jun 2025 03:54:43 +0000 Files and hashes: 1: 1Ycen8b73n3HG36JXIoEw9ACHYU.crl (hash: CSfMEOVW2yFtPzTCnPtquoj6y4xbjjtQzv3fN11S6hw=) 2: B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa (hash: yOezlN4+53IwwnSsCKNCBTmWXo8aQEvNaQEYhS9yato=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.crl rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:54:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 335 (0x14f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8A49, serialNumber=D5871E9FC6FBDE7DC71B7E895C8A04C3D0021D85 Validity Not Before: May 31 03:54:43 2025 GMT Not After : Jun 7 03:54:43 2025 GMT Subject: CN=683a7d83-e595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a1:fa:62:9c:2d:a1:06:98:bb:37:3b:1b:de: a5:44:be:5f:ce:ef:73:af:ac:a1:a6:fb:3e:6c:a2: c7:92:e4:ec:52:36:83:bc:cc:c0:cb:42:0a:d7:eb: 16:18:1d:c7:52:ae:e6:53:39:6f:1b:92:74:15:10: 71:b7:24:16:27:5c:69:c8:eb:05:94:37:de:be:66: d9:15:2a:9f:ec:4c:22:05:e0:d5:8e:49:3c:00:e5: f4:19:2c:31:78:cb:8b:43:18:42:61:db:ac:4c:d0: 83:e6:61:c0:1d:c0:a6:6c:67:22:ff:bc:16:2b:08: fd:6f:8a:b8:d1:f9:97:8f:1c:31:41:0c:42:9d:17: 75:eb:53:91:54:0e:8c:0c:f6:86:6a:f3:6f:61:21: 38:4a:0f:22:18:cc:61:2a:c1:d9:62:d7:d1:63:a9: c8:33:0b:f7:7d:69:41:f2:c6:e9:39:5f:3f:48:38: d3:e3:fd:fc:39:1e:9a:5a:7b:ae:be:c2:1e:bd:c3: 3b:17:0b:cf:16:09:2b:a3:ec:92:4d:88:1c:f3:c0: 1b:b1:8f:6a:59:de:41:be:67:96:33:37:52:a4:af: 89:55:65:e2:94:01:0b:f3:7e:30:23:c2:61:aa:ef: 83:7f:91:ce:e8:d5:e9:9b:e6:c4:cd:b2:7a:42:b5: b5:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:FB:00:AD:EE:47:E5:1A:FA:9D:F4:4D:F9:BF:24:49:EF:29:27:47 X509v3 Authority Key Identifier: keyid:D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:7e:13:90:73:db:2e:1b:a5:0f:f0:ad:2d:e7:72:99:53:3f: 93:18:75:b5:c5:b6:fa:34:53:3c:f5:51:43:5b:47:5d:3c:16: ce:66:87:7b:77:16:46:59:84:94:51:db:b0:34:a8:ef:d2:57: ba:b8:8f:99:74:50:42:06:29:77:6b:c9:d8:e3:bb:98:aa:99: a6:0e:da:a1:65:45:13:8a:c0:c3:bc:f8:b4:fd:ec:80:5a:08: c7:a0:0b:af:1d:4a:ed:fc:1f:a4:f1:53:ea:aa:b4:bd:07:a8: 60:26:4d:b0:45:33:9c:8c:f2:22:6b:c8:d0:13:e7:42:29:fa: 21:1d:75:01:b0:f4:72:f5:01:d1:85:c8:c4:a2:d7:fa:73:c0: 0a:f2:ac:ea:d7:17:44:b4:a9:72:20:ca:61:0c:2a:9a:3c:1e: 0e:20:b4:b2:42:40:69:96:ef:52:2d:38:ec:69:c0:4d:20:1b: cc:30:6b:5b:4d:fe:b5:54:1f:0f:4c:94:e1:c0:ca:14:f3:53: 31:f8:e8:8f:f3:b5:77:e0:18:77:bc:ec:e6:0b:3c:dc:73:f3: 05:46:6b:71:96:d5:37:98:d3:52:09:d1:fd:a0:b9:92:f7:6f: 54:a4:4f:0b:4d:d2:98:12:92:6d:de:d7:f1:c5:a1:d4:c4:28: e1:34:c8:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBNDkxMTAvBgNVBAUTKEQ1ODcxRTlGQzZGQkRFN0RDNzFCN0U4OTVDOEEwNEMz RDAwMjFEODUwHhcNMjUwNTMxMDM1NDQzWhcNMjUwNjA3MDM1NDQzWjAYMRYwFAYD VQQDEw02ODNhN2Q4My1lNTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzKH6YpwtoQaYuzc7G96lRL5fzu9zr6yhpvs+bKLHkuTsUjaDvMzAy0IK1+sW GB3HUq7mUzlvG5J0FRBxtyQWJ1xpyOsFlDfevmbZFSqf7EwiBeDVjkk8AOX0GSwx eMuLQxhCYdusTNCD5mHAHcCmbGci/7wWKwj9b4q40fmXjxwxQQxCnRd161ORVA6M DPaGavNvYSE4Sg8iGMxhKsHZYtfRY6nIMwv3fWlB8sbpOV8/SDjT4/38OR6aWnuu vsIevcM7FwvPFgkro+ySTYgc88AbsY9qWd5BvmeWMzdSpK+JVWXilAEL834wI8Jh qu+Df5HO6NXpm+bEzbJ6QrW12QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBj7AK3u R+Ua+p30Tfm/JEnvKSdHMB8GA1UdIwQYMBaAFNWHHp/G+959xxt+iVyKBMPQAh2F MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0OS80N0QwNDQ2NDQ3 QjcxMUVFOEEwQTlDNDNDNEY5QUUwMi8xWWNlbjhiNzNuM0hHMzZKWElvRXc5QUNI WVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFZY2VuOGI3M24zSEczNkpYSW9FdzlBQ0hZVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OEE0OS80N0QwNDQ2NDQ3QjcxMUVFOEEwQTlDNDNDNEY5QUUwMi8xWWNlbjhiNzNu M0hHMzZKWElvRXc5QUNIWVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZfhOQc9suG6UP8K0t53KZUz+TGHW1xbb6NFM89VFDW0ddPBbOZod7 dxZGWYSUUduwNKjv0le6uI+ZdFBCBil3a8nY47uYqpmmDtqhZUUTisDDvPi0/eyA WgjHoAuvHUrt/B+k8VPqqrS9B6hgJk2wRTOcjPIia8jQE+dCKfohHXUBsPRy9QHR hcjEotf6c8AK8qzq1xdEtKlyIMphDCqaPB4OILSyQkBplu9SLTjsacBNIBvMMGtb Tf61VB8PTJThwMoU81Mx+OiP87V34Bh3vOzmCzzcc/MFRmtxltU3mNNSCdH9oLmS 929UpE8LTdKYEpJt3tfxxaHUxCjhNMg+ -----END CERTIFICATE-----Generated at Sat May 31 17:42:42 2025 by rpki-client