$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json) Hash identifier: qQBI9+xswbqIZfqI66bzjudr3FR4+s3DfTf1cz5bEPU= Subject key identifier: 89:EE:79:A4:E1:B8:E8:D8:FC:8F:EA:1F:DD:B1:8B:31:74:C3:95:F9 Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Certificate serial: 0BF4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft Manifest number: 0BDA Signing time: Thu 24 Apr 2025 18:45:11 +0000 Manifest this update: Thu 24 Apr 2025 18:45:10 +0000 Manifest next update: Thu 01 May 2025 18:45:10 +0000 Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: E34sMag++x8c+z3RNVDP7uHXIoc7TIekzxS3roc/QD8=) 2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: LcxIbKxK3jutvAgu3ThkdTt7YT68VEQAWEq5z0WaOxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:45:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3060 (0xbf4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Validity Not Before: Apr 24 18:45:10 2025 GMT Not After : May 1 18:45:10 2025 GMT Subject: CN=680a86b6-f56b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1c:20:f9:d3:7e:ef:66:e5:64:ed:d1:c1:34: d5:f2:ad:20:6a:b4:02:f8:bf:02:af:3b:17:d8:f6: e3:17:fb:0b:86:45:09:8c:b0:07:99:b6:19:21:2e: 56:92:26:b7:09:24:7e:81:67:21:6a:16:b4:5d:13: e9:bb:48:b4:4e:5d:eb:eb:ea:39:f4:f3:55:89:af: 25:24:6f:24:27:48:c7:bc:dc:f9:0d:51:e2:86:95: 09:f2:af:2b:9e:3a:44:4e:c7:b1:f9:d0:07:34:b7: ee:82:73:d9:93:f3:a1:aa:a5:55:41:fc:ed:1f:18: 22:16:5d:ee:07:19:50:e0:c7:ab:73:41:43:11:a9: 4a:98:73:ae:8e:d6:84:f6:45:ac:8d:f3:68:ec:31: d1:35:bb:9c:14:c7:a3:5a:9a:1c:ec:ad:8a:a3:b7: 93:29:5a:12:8e:7a:b8:27:84:85:f9:e3:7e:ed:69: a7:1f:0a:74:cf:17:a5:a7:30:74:99:03:05:8e:fd: d7:27:c5:4e:34:69:4d:85:fb:01:2b:25:11:3d:ad: c2:f5:f9:c6:f0:9e:4e:71:82:af:d6:e5:1b:08:4b: c2:71:ad:4a:50:71:d0:d4:8e:31:5e:1a:7d:4c:a3: 05:eb:f1:cd:8b:c5:3e:8f:33:b6:ae:3b:67:18:bd: 2c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:EE:79:A4:E1:B8:E8:D8:FC:8F:EA:1F:DD:B1:8B:31:74:C3:95:F9 X509v3 Authority Key Identifier: keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:c4:1e:60:6b:54:69:5d:ef:98:bf:51:bd:71:b8:f5:51:08: f0:fc:f8:cb:f9:d5:9f:15:1e:8b:24:06:fc:a6:b7:fa:40:a2: cf:48:7d:0e:65:dc:2d:8d:1f:cc:2a:ff:de:69:7e:49:a9:b5: be:ea:52:60:b8:52:13:cb:6d:9c:75:06:3c:31:cf:22:ca:3f: 82:1f:e7:c9:f9:8a:a0:ee:35:70:27:78:e9:b8:22:7f:65:2f: bf:9a:b4:3c:0f:2f:02:1f:3e:8f:ca:45:07:53:12:e7:08:59: 83:9c:45:05:b7:d2:27:24:8e:7d:f3:f8:03:92:ac:e4:e6:f2: ef:f9:9f:86:b8:ff:2a:f9:2b:62:b2:40:fe:c6:66:bb:55:50: c1:f2:63:95:0e:af:97:cd:30:2a:a0:ca:8f:18:89:90:d9:93: 19:62:f6:17:58:68:25:4a:0f:44:c0:fd:0f:10:b8:7e:e5:8b: 27:1f:19:6f:55:ff:7f:ae:fa:70:30:ec:a9:34:e8:f9:9f:02: 8c:07:9c:b2:e8:32:b3:a4:e7:9d:28:c3:b0:86:ed:f4:22:53: 05:ab:e0:d7:7e:b1:69:1a:67:87:21:3d:1b:9d:85:3e:67:a7: b4:e9:1c:b6:b5:84:2c:cf:8e:9e:f3:72:4e:e5:17:7c:bf:69: 09:d5:dc:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC MjU1N0Y0M0YwHhcNMjUwNDI0MTg0NTEwWhcNMjUwNTAxMTg0NTEwWjAYMRYwFAYD VQQDEw02ODBhODZiNi1mNTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtxwg+dN+72blZO3RwTTV8q0garQC+L8CrzsX2PbjF/sLhkUJjLAHmbYZIS5W kia3CSR+gWchaha0XRPpu0i0Tl3r6+o59PNVia8lJG8kJ0jHvNz5DVHihpUJ8q8r njpETsex+dAHNLfugnPZk/OhqqVVQfztHxgiFl3uBxlQ4Merc0FDEalKmHOujtaE 9kWsjfNo7DHRNbucFMejWpoc7K2Ko7eTKVoSjnq4J4SF+eN+7WmnHwp0zxelpzB0 mQMFjv3XJ8VONGlNhfsBKyURPa3C9fnG8J5OcYKv1uUbCEvCca1KUHHQ1I4xXhp9 TKMF6/HNi8U+jzO2rjtnGL0sFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInueaTh uOjY/I/qH92xizF0w5X5MB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4 NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5 RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKxB5ga1RpXe+Yv1G9cbj1UQjw/PjL+dWfFR6LJAb8prf6QKLPSH0O ZdwtjR/MKv/eaX5JqbW+6lJguFITy22cdQY8Mc8iyj+CH+fJ+Yqg7jVwJ3jpuCJ/ ZS+/mrQ8Dy8CHz6PykUHUxLnCFmDnEUFt9InJI598/gDkqzk5vLv+Z+GuP8q+Sti skD+xma7VVDB8mOVDq+XzTAqoMqPGImQ2ZMZYvYXWGglSg9EwP0PELh+5YsnHxlv Vf9/rvpwMOypNOj5nwKMB5yy6DKzpOedKMOwhu30IlMFq+DXfrFpGmeHIT0bnYU+ Z6e06Ry2tYQsz46e83JO5Rd8v2kJ1dyb -----END CERTIFICATE-----Generated at Sat Apr 26 04:38:40 2025 by rpki-client