$ rpki-client -vvf rpki.apnic.net/member_repository/A911C8B7/669B4552175911EA8B4A804FC4F9AE02/3AMsXdBC7T6N4qcQ-yaBipVzQmY.mft File: 3AMsXdBC7T6N4qcQ-yaBipVzQmY.mft (raw, json) Hash identifier: wp7eI8ks5rL/HzEBeN+MseyyBEK1O4PUZ98QwvJTR+Q= Subject key identifier: 44:75:4A:A4:6A:2E:42:63:C5:2E:18:52:16:17:42:DF:97:A1:79:1F Authority key identifier: DC:03:2C:5D:D0:42:ED:3E:8D:E2:A7:10:FB:26:81:8A:95:73:42:66 Certificate issuer: /CN=A911C8B7/serialNumber=DC032C5DD042ED3E8DE2A710FB26818A95734266 Certificate serial: 0BE5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3AMsXdBC7T6N4qcQ-yaBipVzQmY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C8B7/669B4552175911EA8B4A804FC4F9AE02/3AMsXdBC7T6N4qcQ-yaBipVzQmY.mft Manifest number: 0BD9 Signing time: Thu 24 Apr 2025 18:44:08 +0000 Manifest this update: Thu 24 Apr 2025 18:44:07 +0000 Manifest next update: Thu 01 May 2025 18:44:07 +0000 Files and hashes: 1: 3AMsXdBC7T6N4qcQ-yaBipVzQmY.crl (hash: WbP241UYvtSXwLoy4gCcOhF4WlbycnTz5GmQnSJpPO8=) 2: F66D3E4C175911EA9D8EF44FC4F9AE02.roa (hash: QTmQ+b0TWigH3ktAvPS5L4JGC6TmpCstJJc/am/VnB0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C8B7/669B4552175911EA8B4A804FC4F9AE02/3AMsXdBC7T6N4qcQ-yaBipVzQmY.crl rsync://rpki.apnic.net/member_repository/A911C8B7/669B4552175911EA8B4A804FC4F9AE02/3AMsXdBC7T6N4qcQ-yaBipVzQmY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3AMsXdBC7T6N4qcQ-yaBipVzQmY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:44:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3045 (0xbe5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C8B7, serialNumber=DC032C5DD042ED3E8DE2A710FB26818A95734266 Validity Not Before: Apr 24 18:44:07 2025 GMT Not After : May 1 18:44:07 2025 GMT Subject: CN=680a8677-f59e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:78:8c:2d:53:ad:bd:35:ab:64:c8:0c:99:48: f1:70:f3:ff:68:29:9c:9a:26:05:1c:2a:26:00:13: 48:18:56:1b:4a:ad:9c:fd:7b:6b:8e:7d:9e:f0:22: 07:35:c0:9b:88:a5:c0:39:2b:b2:bb:76:53:31:9d: 14:94:98:e1:83:81:3f:a2:b4:b9:18:93:4a:64:01: 13:6b:4e:8f:33:2a:a4:35:85:97:ee:f2:03:89:21: 0c:f9:8d:88:24:63:c0:87:83:d5:35:20:b1:8a:7f: 71:79:8a:ea:c9:e2:80:c8:dc:78:ea:c3:5e:70:a6: 64:86:fc:a0:b7:1a:df:88:cc:7e:a0:03:31:35:64: 0b:31:73:06:b6:13:7c:f6:2a:d6:b8:eb:12:f8:a0: 07:78:f8:19:b6:7f:60:41:23:79:4e:24:88:39:1f: af:83:58:5d:ca:21:de:90:0a:1d:55:6e:97:af:fb: 20:11:34:d1:11:9a:03:f3:dd:36:5a:49:b8:0a:27: 14:0c:4d:4c:76:46:0d:fa:68:46:1c:dc:35:ba:f0: b7:b4:54:c6:5e:ec:0f:bb:e6:ad:97:29:f7:b1:79: 03:5e:7d:91:0e:6b:4f:9f:d9:1b:f5:fd:4c:9c:2d: 9a:a5:e9:f5:8a:07:0d:38:f3:91:b1:75:94:fd:ad: 48:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:75:4A:A4:6A:2E:42:63:C5:2E:18:52:16:17:42:DF:97:A1:79:1F X509v3 Authority Key Identifier: keyid:DC:03:2C:5D:D0:42:ED:3E:8D:E2:A7:10:FB:26:81:8A:95:73:42:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C8B7/669B4552175911EA8B4A804FC4F9AE02/3AMsXdBC7T6N4qcQ-yaBipVzQmY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3AMsXdBC7T6N4qcQ-yaBipVzQmY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C8B7/669B4552175911EA8B4A804FC4F9AE02/3AMsXdBC7T6N4qcQ-yaBipVzQmY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:2b:e7:03:30:44:87:3c:1e:7d:d0:5f:54:eb:bb:8a:5a:b0: ac:2f:44:c3:42:50:94:ba:49:05:38:e3:82:3e:57:41:bd:97: e9:d4:b6:57:9a:b5:cd:cd:ac:ab:f5:e5:29:61:aa:f7:8e:42: 29:93:d2:aa:96:cf:09:36:c2:e1:7c:33:5a:db:22:8a:eb:9a: a6:0c:e0:12:67:0f:a2:4c:6f:98:7a:b5:93:df:07:a3:3d:96: e2:cf:92:fc:a2:f9:d4:a1:31:02:cb:ff:07:12:56:04:0d:0c: 30:b9:9b:cd:51:df:4b:be:74:74:d9:ed:6c:aa:6b:5c:8b:95: 39:7f:8b:82:0c:fc:05:02:0a:46:96:42:03:47:11:4e:0d:92: 23:af:bc:0f:c6:b7:da:03:e2:90:9b:6a:9f:59:8e:3a:96:be: 65:dd:18:0e:0d:10:1e:b5:79:47:c4:a1:45:ed:28:db:e7:1a: 12:86:aa:5e:12:58:89:01:f1:20:f1:4d:d7:dc:56:08:1e:30: 28:b4:e6:a4:4b:29:69:2d:65:19:7d:15:0f:4c:7a:ef:5b:e2: 65:47:71:50:0b:e9:6e:57:ed:66:a6:09:2c:e6:99:68:df:83: 65:19:f1:04:e6:91:c8:3d:de:9e:4b:85:86:82:51:f4:92:36: 73:98:67:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM4QjcxMTAvBgNVBAUTKERDMDMyQzVERDA0MkVEM0U4REUyQTcxMEZCMjY4MThB OTU3MzQyNjYwHhcNMjUwNDI0MTg0NDA3WhcNMjUwNTAxMTg0NDA3WjAYMRYwFAYD VQQDEw02ODBhODY3Ny1mNTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXiMLVOtvTWrZMgMmUjxcPP/aCmcmiYFHComABNIGFYbSq2c/Xtrjn2e8CIH NcCbiKXAOSuyu3ZTMZ0UlJjhg4E/orS5GJNKZAETa06PMyqkNYWX7vIDiSEM+Y2I JGPAh4PVNSCxin9xeYrqyeKAyNx46sNecKZkhvygtxrfiMx+oAMxNWQLMXMGthN8 9irWuOsS+KAHePgZtn9gQSN5TiSIOR+vg1hdyiHekAodVW6Xr/sgETTREZoD8902 Wkm4CicUDE1MdkYN+mhGHNw1uvC3tFTGXuwPu+atlyn3sXkDXn2RDmtPn9kb9f1M nC2apen1igcNOPORsXWU/a1IoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFER1SqRq LkJjxS4YUhYXQt+XoXkfMB8GA1UdIwQYMBaAFNwDLF3QQu0+jeKnEPsmgYqVc0Jm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzhCNy82NjlCNDU1MjE3 NTkxMUVBOEI0QTgwNEZDNEY5QUUwMi8zQU1zWGRCQzdUNk40cWNRLXlhQmlwVnpR bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNBTXNYZEJDN1Q2TjRxY1EteWFCaXBWelFtWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzhCNy82NjlCNDU1MjE3NTkxMUVBOEI0QTgwNEZDNEY5QUUwMi8zQU1zWGRCQzdU Nk40cWNRLXlhQmlwVnpRbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3K+cDMESHPB590F9U67uKWrCsL0TDQlCUukkFOOOCPldBvZfp1LZX mrXNzayr9eUpYar3jkIpk9Kqls8JNsLhfDNa2yKK65qmDOASZw+iTG+YerWT3wej PZbiz5L8ovnUoTECy/8HElYEDQwwuZvNUd9LvnR02e1sqmtci5U5f4uCDPwFAgpG lkIDRxFODZIjr7wPxrfaA+KQm2qfWY46lr5l3RgODRAetXlHxKFF7Sjb5xoShqpe EliJAfEg8U3X3FYIHjAotOakSylpLWUZfRUPTHrvW+JlR3FQC+luV+1mpgks5plo 34NlGfEE5pHIPd6eS4WGglH0kjZzmGf7 -----END CERTIFICATE-----Generated at Sat Apr 26 17:19:09 2025 by rpki-client