$ rpki-client -vvf rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft File: 3xhzEfoJx3m4sV2UekbU9O3MUFM.mft (raw, json) Hash identifier: cj4gvazAnwy+psd17fNA0v0VNFC4g2/Mxx4HxPrGLS0= Subject key identifier: BD:29:38:A2:95:69:6D:D6:D6:A7:20:77:78:17:EF:11:D4:49:7D:20 Authority key identifier: DF:18:73:11:FA:09:C7:79:B8:B1:5D:94:7A:46:D4:F4:ED:CC:50:53 Certificate issuer: /CN=A911AA05/serialNumber=DF187311FA09C779B8B15D947A46D4F4EDCC5053 Certificate serial: 03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xhzEfoJx3m4sV2UekbU9O3MUFM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft Manifest number: 02 Signing time: Thu 24 Apr 2025 16:34:12 +0000 Manifest this update: Thu 24 Apr 2025 16:34:11 +0000 Manifest next update: Thu 01 May 2025 16:34:11 +0000 Files and hashes: 1: 3xhzEfoJx3m4sV2UekbU9O3MUFM.crl (hash: YKiaeFcaUmrnhIctIPSxz9h9m06Zx5mlp0ykvMCRzmY=) 2: F1940290212911F087425013C4F9AE02.roa (hash: MnHNxat0n45sPIepd+2k7Aeq3t/02+1KvIJP8MEpuv8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.crl rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xhzEfoJx3m4sV2UekbU9O3MUFM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:34:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AA05, serialNumber=DF187311FA09C779B8B15D947A46D4F4EDCC5053 Validity Not Before: Apr 24 16:34:11 2025 GMT Not After : May 1 16:34:11 2025 GMT Subject: CN=680a6803-1b8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:67:ac:8b:b0:f9:28:2f:cc:04:04:95:04:05: e3:94:89:31:e3:18:de:cd:fd:e4:67:0b:40:81:40: de:e6:b5:1f:0f:5e:25:ec:45:81:1c:3a:3f:e3:d9: cb:14:ff:a9:7c:53:be:59:9b:5f:81:81:0b:37:fd: 89:e6:c6:b8:d1:67:8c:c1:9a:d8:d5:2f:46:44:0e: 96:34:61:98:c7:c2:6b:6a:33:14:64:1e:67:d4:be: 98:f6:74:d6:a1:d0:79:4a:52:7a:58:a0:f9:4a:89: 1e:f3:e2:a2:bc:fd:8e:c4:c9:de:7a:b5:58:3e:2a: 3b:9f:8a:ac:70:0a:20:05:ef:21:e2:e9:b1:85:be: ba:30:26:28:99:bb:ce:7d:4c:fb:5a:c3:40:67:87: 52:ed:c6:7f:8a:31:c2:8e:65:12:a2:22:9a:0b:51: 57:68:02:d2:83:d7:98:20:a4:b8:47:f7:05:15:bc: f8:2a:33:2b:3b:ec:c1:eb:9c:4e:8a:25:8f:1a:7a: f3:ba:0e:c8:f0:a8:e1:de:d6:50:cc:73:2a:40:5f: 7a:de:2f:ae:c5:aa:01:f6:08:d9:fb:0c:ae:1e:0b: 41:39:db:bf:2e:23:b5:ba:e5:63:9b:b7:d9:b5:a8: 50:00:0e:87:ad:ce:5b:a2:88:72:c7:dd:20:79:4d: ac:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:29:38:A2:95:69:6D:D6:D6:A7:20:77:78:17:EF:11:D4:49:7D:20 X509v3 Authority Key Identifier: keyid:DF:18:73:11:FA:09:C7:79:B8:B1:5D:94:7A:46:D4:F4:ED:CC:50:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xhzEfoJx3m4sV2UekbU9O3MUFM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:99:23:75:c5:29:10:e9:ed:07:cd:87:20:b7:2d:73:fe:e2: f4:4f:08:9d:88:7c:09:22:f1:58:5b:da:bc:23:44:25:6b:da: 62:ea:61:25:99:b5:b7:a8:5c:57:fd:e3:83:93:2f:bf:f3:71: 4e:6f:4b:94:34:98:4e:bb:0c:8c:96:fe:be:35:00:ab:67:64: b4:16:e2:17:55:29:c9:00:11:36:e1:e7:1a:5c:af:3e:46:d0: 81:61:d8:06:23:b1:04:7e:64:c9:76:bb:a6:21:4b:2d:c6:d0: ce:ac:1d:34:3e:4a:71:17:88:3f:8c:ca:75:e6:a5:a6:72:a9: 34:3c:3a:c3:03:3e:06:2b:7f:94:c9:cf:1f:fc:1e:50:4c:45: d0:dd:a9:e7:a5:9f:78:29:1b:a0:35:70:7b:29:75:c3:31:d8: b3:a1:f7:f9:3e:2f:f3:a4:9f:d3:2e:e4:7c:8f:39:93:5e:88: 07:a4:ed:1e:24:49:5c:6b:75:ee:4d:3d:46:c4:bf:6e:66:23: 52:11:1c:99:fe:de:ba:9b:a4:fa:c4:67:04:10:ca:a2:4e:d0: 73:f3:50:d0:ed:27:59:46:98:7f:9c:90:48:a4:f2:36:b4:3d: 0b:34:55:dd:75:8b:71:11:6c:39:0d:3b:ae:89:93:09:e6:e6: 3a:6e:7a:d5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx QUEwNTExMC8GA1UEBRMoREYxODczMTFGQTA5Qzc3OUI4QjE1RDk0N0E0NkQ0RjRF RENDNTA1MzAeFw0yNTA0MjQxNjM0MTFaFw0yNTA1MDExNjM0MTFaMBgxFjAUBgNV BAMTDTY4MGE2ODAzLTFiOGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9Z6yLsPkoL8wEBJUEBeOUiTHjGN7N/eRnC0CBQN7mtR8PXiXsRYEcOj/j2csU /6l8U75Zm1+BgQs3/YnmxrjRZ4zBmtjVL0ZEDpY0YZjHwmtqMxRkHmfUvpj2dNah 0HlKUnpYoPlKiR7z4qK8/Y7Eyd56tVg+KjufiqxwCiAF7yHi6bGFvrowJiiZu859 TPtaw0Bnh1Ltxn+KMcKOZRKiIpoLUVdoAtKD15ggpLhH9wUVvPgqMys77MHrnE6K JY8aevO6DsjwqOHe1lDMcypAX3reL67FqgH2CNn7DK4eC0E5278uI7W65WObt9m1 qFAADoetzluiiHLH3SB5TaxRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvSk4opVp bdbWpyB3eBfvEdRJfSAwHwYDVR0jBBgwFoAU3xhzEfoJx3m4sV2UekbU9O3MUFMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBQTA1LzREQzFEOTI2MjEy OTExRjBBNjZBNDk3MkM0RjlBRTAyLzN4aHpFZm9KeDNtNHNWMlVla2JVOU8zTVVG TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM3hoekVmb0p4M200c1YyVWVrYlU5TzNNVUZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFB QTA1LzREQzFEOTI2MjEyOTExRjBBNjZBNDk3MkM0RjlBRTAyLzN4aHpFZm9KeDNt NHNWMlVla2JVOU8zTVVGTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACqZI3XFKRDp7QfNhyC3LXP+4vRPCJ2IfAki8Vhb2rwjRCVr2mLqYSWZ tbeoXFf944OTL7/zcU5vS5Q0mE67DIyW/r41AKtnZLQW4hdVKckAETbh5xpcrz5G 0IFh2AYjsQR+ZMl2u6YhSy3G0M6sHTQ+SnEXiD+MynXmpaZyqTQ8OsMDPgYrf5TJ zx/8HlBMRdDdqeeln3gpG6A1cHspdcMx2LOh9/k+L/Okn9Mu5HyPOZNeiAek7R4k SVxrde5NPUbEv25mI1IRHJn+3rqbpPrEZwQQyqJO0HPzUNDtJ1lGmH+ckEik8ja0 PQs0Vd11i3ERbDkNO66Jkwnm5jpuetU= -----END CERTIFICATE-----Generated at Sat Apr 26 04:34:53 2025 by rpki-client