$ rpki-client -vvf rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.mft File: Y4g-TKLI593aw5h-SE_R1nLZOUk.mft (raw, json) Hash identifier: o9O+fczP8D6OARTU5BTOQLoc0vOvteovPfG63YfaKVo= Subject key identifier: CB:B8:6F:48:48:08:55:C6:22:32:68:84:49:89:83:44:D8:B2:EE:C8 Authority key identifier: 63:88:3E:4C:A2:C8:E7:DD:DA:C3:98:7E:48:4F:D1:D6:72:D9:39:49 Certificate issuer: /CN=A913E4AA/serialNumber=63883E4CA2C8E7DDDAC3987E484FD1D672D93949 Certificate serial: 0BF9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y4g-TKLI593aw5h-SE_R1nLZOUk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.mft Manifest number: 0BF2 Signing time: Mon 28 Apr 2025 19:07:08 +0000 Manifest this update: Mon 28 Apr 2025 19:07:07 +0000 Manifest next update: Mon 05 May 2025 19:07:07 +0000 Files and hashes: 1: Y4g-TKLI593aw5h-SE_R1nLZOUk.crl (hash: eLTnRrLtI5TcBGLl8OriXEf6R8mEhZ0UrDC1yvTlQzg=) 2: 9D9E8D0C11DC11EABC4FB55AC4F9AE02.roa (hash: E2q/ZEHSPXl1Ew87PC9tVYqM/dotHBquWrnE6mAYEbI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.crl rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y4g-TKLI593aw5h-SE_R1nLZOUk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 19:07:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3065 (0xbf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E4AA, serialNumber=63883E4CA2C8E7DDDAC3987E484FD1D672D93949 Validity Not Before: Apr 28 19:07:07 2025 GMT Not After : May 5 19:07:07 2025 GMT Subject: CN=680fd1dc-552b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:41:2f:77:83:09:f1:b1:1b:ca:d4:0f:ee:05: 97:53:47:d2:b6:f0:2f:d4:73:21:20:b0:f6:99:3d: 48:8d:c3:3d:05:7a:42:27:05:42:bb:90:70:c2:0e: 34:3d:22:13:6f:72:3e:b5:40:9f:9f:e0:c9:52:e7: a9:0c:60:7e:25:7d:14:b8:5a:9d:72:05:59:32:25: 85:cb:11:96:24:90:bd:89:94:b2:b4:9c:6d:ea:86: 90:84:1e:7b:87:76:ef:7c:80:bc:10:97:43:1a:09: c9:c5:98:f9:81:d0:5f:bf:14:5e:db:41:da:0f:f3: 2c:56:ee:c1:3e:cf:34:21:d8:ca:e9:85:b8:3b:82: b5:39:1a:68:44:6f:74:b5:05:50:9f:1c:16:75:cc: f9:f5:09:a4:b9:ff:84:c1:2d:e9:02:da:cf:3d:5f: f1:e2:c7:e7:1f:95:03:4f:06:43:8f:e7:b5:b4:30: 01:22:aa:5e:0d:e8:48:99:c3:a2:e9:64:cf:b5:16: 94:8c:bf:b3:50:f3:93:80:59:fb:a3:b9:ec:de:a1: d8:cf:da:84:c6:91:d5:cb:97:0a:9e:75:d5:a4:b7: 69:23:85:d3:1d:0b:8e:4f:81:9a:e1:06:12:c9:0f: 46:b0:5c:34:96:44:fc:d6:b8:eb:96:b8:99:12:02: 1d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:B8:6F:48:48:08:55:C6:22:32:68:84:49:89:83:44:D8:B2:EE:C8 X509v3 Authority Key Identifier: keyid:63:88:3E:4C:A2:C8:E7:DD:DA:C3:98:7E:48:4F:D1:D6:72:D9:39:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y4g-TKLI593aw5h-SE_R1nLZOUk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:84:c3:5e:1f:92:ea:93:04:6e:ac:e0:54:fd:4b:c9:91:db: 1d:f4:76:f7:f7:4d:cc:69:96:b7:0b:a0:f5:4a:5a:8f:3a:89: 46:af:de:7b:0d:d0:8d:6a:6b:b9:e9:b1:93:6a:5f:fa:3e:a8: a9:bc:21:f1:7c:d4:ab:32:4b:33:82:3c:dc:a0:ce:db:7a:3d: 4e:4e:00:1f:8c:58:7b:80:5b:73:59:48:1c:ef:ba:ba:9f:9d: a8:22:5d:98:59:7f:15:cc:1c:0e:c9:64:df:44:3c:06:ab:bf: 41:dd:eb:53:21:7d:a0:b6:c4:5e:0b:b3:6d:1b:50:46:5f:a6: 21:c1:62:b3:b2:5f:38:dc:13:88:b3:57:d2:fc:19:5d:93:4b: 73:56:aa:91:30:7b:f3:d7:e6:95:fd:75:39:1b:ad:1d:8c:81: 6d:b7:e5:b6:34:c1:7f:9e:81:fe:4b:6e:6e:af:fc:80:24:91: 52:42:60:58:d5:4a:68:17:2e:4a:8b:cb:67:28:be:03:89:b5: 6b:a4:e1:36:23:dc:44:a9:09:35:1c:e7:86:5c:bd:7d:4d:a2: d2:9d:5d:b0:48:64:d5:fa:bb:1f:5f:90:51:ef:50:dc:04:e5: 93:92:b1:cb:87:aa:9f:94:64:6c:b3:49:d4:38:ab:27:58:24: 78:59:15:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U0QUExMTAvBgNVBAUTKDYzODgzRTRDQTJDOEU3REREQUMzOTg3RTQ4NEZEMUQ2 NzJEOTM5NDkwHhcNMjUwNDI4MTkwNzA3WhcNMjUwNTA1MTkwNzA3WjAYMRYwFAYD VQQDEw02ODBmZDFkYy01NTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtUEvd4MJ8bEbytQP7gWXU0fStvAv1HMhILD2mT1IjcM9BXpCJwVCu5Bwwg40 PSITb3I+tUCfn+DJUuepDGB+JX0UuFqdcgVZMiWFyxGWJJC9iZSytJxt6oaQhB57 h3bvfIC8EJdDGgnJxZj5gdBfvxRe20HaD/MsVu7BPs80IdjK6YW4O4K1ORpoRG90 tQVQnxwWdcz59Qmkuf+EwS3pAtrPPV/x4sfnH5UDTwZDj+e1tDABIqpeDehImcOi 6WTPtRaUjL+zUPOTgFn7o7ns3qHYz9qExpHVy5cKnnXVpLdpI4XTHQuOT4Ga4QYS yQ9GsFw0lkT81rjrlriZEgId9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMu4b0hI CFXGIjJohEmJg0TYsu7IMB8GA1UdIwQYMBaAFGOIPkyiyOfd2sOYfkhP0dZy2TlJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTRBQS82NzRDQTI5RTEx REIxMUVBQkY0NURBNTVDNEY5QUUwMi9ZNGctVEtMSTU5M2F3NWgtU0VfUjFuTFpP VWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1k0Zy1US0xJNTkzYXc1aC1TRV9SMW5MWk9Vay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTRBQS82NzRDQTI5RTExREIxMUVBQkY0NURBNTVDNEY5QUUwMi9ZNGctVEtMSTU5 M2F3NWgtU0VfUjFuTFpPVWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGhMNeH5LqkwRurOBU/UvJkdsd9Hb3903MaZa3C6D1SlqPOolGr957 DdCNamu56bGTal/6PqipvCHxfNSrMkszgjzcoM7bej1OTgAfjFh7gFtzWUgc77q6 n52oIl2YWX8VzBwOyWTfRDwGq79B3etTIX2gtsReC7NtG1BGX6YhwWKzsl843BOI s1fS/Bldk0tzVqqRMHvz1+aV/XU5G60djIFtt+W2NMF/noH+S25ur/yAJJFSQmBY 1UpoFy5Ki8tnKL4DibVrpOE2I9xEqQk1HOeGXL19TaLSnV2wSGTV+rsfX5BR71Dc BOWTkrHLh6qflGRss0nUOKsnWCR4WRWO -----END CERTIFICATE-----Generated at Mon Apr 28 23:05:04 2025 by rpki-client on console.sobornost.net