$ rpki-client -vvf rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft File: u3QQVrccdV0D-5zyFKQSTKTzdgw.mft (raw, json) Hash identifier: UFsxG+X3x4QopNOrvjgv1bUZsE7XlMavmoRWN2lRrlY= Subject key identifier: BF:C8:2A:91:AF:F5:3C:07:84:16:F0:0B:D7:13:1C:E9:DB:DB:8D:76 Authority key identifier: BB:74:10:56:B7:1C:75:5D:03:FB:9C:F2:14:A4:12:4C:A4:F3:76:0C Certificate issuer: /CN=A916A0AA/serialNumber=BB741056B71C755D03FB9CF214A4124CA4F3760C Certificate serial: 0C04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3QQVrccdV0D-5zyFKQSTKTzdgw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft Manifest number: 0BFB Signing time: Thu 24 Apr 2025 18:37:32 +0000 Manifest this update: Thu 24 Apr 2025 18:37:32 +0000 Manifest next update: Thu 01 May 2025 18:37:32 +0000 Files and hashes: 1: u3QQVrccdV0D-5zyFKQSTKTzdgw.crl (hash: 20i0x3iCJuSsOG1tOobijjR1JwPWT41gtLo84glXIw0=) 2: 5AD6AAFE0F1111EA932F3E45C4F9AE02.roa (hash: fVpTiz95zT96q52Sv8C+QJmIZKHHi2b0N2xlEcRtgMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.crl rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3QQVrccdV0D-5zyFKQSTKTzdgw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:37:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3076 (0xc04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A0AA, serialNumber=BB741056B71C755D03FB9CF214A4124CA4F3760C Validity Not Before: Apr 24 18:37:32 2025 GMT Not After : May 1 18:37:32 2025 GMT Subject: CN=680a84ec-66b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:16:49:e7:57:eb:da:79:05:84:9c:7e:11:04: e9:ae:ca:8b:e1:4e:c2:02:d9:b7:44:90:78:eb:44: f5:85:a8:43:94:ee:c0:17:b0:c5:7d:93:71:35:6a: ea:a7:5c:88:ed:1c:20:0e:6c:f5:8a:89:d8:62:a1: 86:8c:31:28:f4:65:8a:ed:0f:e5:9a:83:bd:89:53: 44:09:1b:22:d9:88:cb:ac:1a:06:c9:c5:ea:ce:2a: 8f:3b:d7:cb:6f:6e:67:77:24:7e:57:51:b8:5a:74: c9:19:95:d8:52:37:24:52:b2:e4:f4:6b:a8:a9:11: 5c:4e:95:bd:af:5d:07:a5:d2:e2:3d:d7:e1:b6:0a: 5e:2c:84:eb:80:ed:3d:31:e9:e2:0f:eb:c6:42:e0: cf:e2:56:01:bf:44:c3:2d:0d:ce:61:1e:16:50:99: 06:27:bd:30:6c:6e:45:bb:d8:e1:98:bc:d1:18:8d: 01:c9:00:5e:84:6a:f0:b4:e9:bd:f7:f5:2a:f8:3b: 0d:5c:72:82:72:fd:b2:66:17:bf:0e:40:27:f0:23: ff:c2:90:0d:12:83:a4:79:59:f8:8e:d4:6e:c1:18: 4b:16:dc:51:b9:98:3d:53:d1:63:e3:4d:2d:71:f7: f0:50:08:c0:66:cd:3b:83:82:70:e7:d6:1f:6e:26: 01:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:C8:2A:91:AF:F5:3C:07:84:16:F0:0B:D7:13:1C:E9:DB:DB:8D:76 X509v3 Authority Key Identifier: keyid:BB:74:10:56:B7:1C:75:5D:03:FB:9C:F2:14:A4:12:4C:A4:F3:76:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3QQVrccdV0D-5zyFKQSTKTzdgw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:2d:6b:1a:ca:1a:f6:40:1f:23:3c:48:37:bf:1b:31:91:8a: 66:f9:23:3b:39:02:b3:7a:c9:16:4d:39:22:56:1e:ae:84:45: d0:32:20:cf:68:d4:db:72:ec:07:08:d7:2a:3c:fe:a6:ec:45: 7c:e8:41:3e:3e:64:12:80:30:85:41:47:59:1b:3a:39:34:c4: c5:5d:ab:d9:90:ed:45:53:08:ac:6e:6e:c4:74:b5:a5:6d:6a: 4c:96:7e:1a:61:49:96:b6:cc:06:1a:94:e6:7e:7f:3e:0d:80: 13:ac:22:c5:25:f8:d0:6d:58:8e:29:6b:4c:0e:b4:b6:6e:78: 3a:f3:c9:4a:3f:be:9a:12:b6:e4:0d:b6:3b:ed:b0:26:cb:9f: 46:be:29:d0:a7:9a:a2:99:4a:9f:44:34:65:9e:b4:d8:c7:55: e9:c1:f7:bf:5f:67:7d:77:08:3f:4e:55:5c:7b:04:d7:d9:ed: 18:bf:0c:2f:41:bb:9e:7d:ca:19:04:11:c9:f8:ec:08:db:cd: 4b:48:be:83:4a:fa:15:c1:93:4e:85:9f:20:2a:64:f7:60:8e: b1:f8:62:26:f3:90:6b:a9:fe:ca:18:82:70:79:52:2d:3b:05: 5b:30:d5:f7:0b:50:b1:f5:a4:22:0c:79:a2:1a:93:82:45:88: 79:53:78:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkEwQUExMTAvBgNVBAUTKEJCNzQxMDU2QjcxQzc1NUQwM0ZCOUNGMjE0QTQxMjRD QTRGMzc2MEMwHhcNMjUwNDI0MTgzNzMyWhcNMjUwNTAxMTgzNzMyWjAYMRYwFAYD VQQDEw02ODBhODRlYy02NmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvRZJ51fr2nkFhJx+EQTprsqL4U7CAtm3RJB460T1hahDlO7AF7DFfZNxNWrq p1yI7RwgDmz1ionYYqGGjDEo9GWK7Q/lmoO9iVNECRsi2YjLrBoGycXqziqPO9fL b25ndyR+V1G4WnTJGZXYUjckUrLk9GuoqRFcTpW9r10HpdLiPdfhtgpeLITrgO09 MeniD+vGQuDP4lYBv0TDLQ3OYR4WUJkGJ70wbG5Fu9jhmLzRGI0ByQBehGrwtOm9 9/Uq+DsNXHKCcv2yZhe/DkAn8CP/wpANEoOkeVn4jtRuwRhLFtxRuZg9U9Fj400t cffwUAjAZs07g4Jw59YfbiYB0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL/IKpGv 9TwHhBbwC9cTHOnb2412MB8GA1UdIwQYMBaAFLt0EFa3HHVdA/uc8hSkEkyk83YM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTBBQS82QTRGRkM3QTBG MTAxMUVBQTk2OUZFNDNDNEY5QUUwMi91M1FRVnJjY2RWMEQtNXp5RktRU1RLVHpk Z3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UzUVFWcmNjZFYwRC01enlGS1FTVEtUemRndy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QTBBQS82QTRGRkM3QTBGMTAxMUVBQTk2OUZFNDNDNEY5QUUwMi91M1FRVnJjY2RW MEQtNXp5RktRU1RLVHpkZ3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmLWsayhr2QB8jPEg3vxsxkYpm+SM7OQKzeskWTTkiVh6uhEXQMiDP aNTbcuwHCNcqPP6m7EV86EE+PmQSgDCFQUdZGzo5NMTFXavZkO1FUwisbm7EdLWl bWpMln4aYUmWtswGGpTmfn8+DYATrCLFJfjQbViOKWtMDrS2bng688lKP76aErbk DbY77bAmy59GvinQp5qimUqfRDRlnrTYx1Xpwfe/X2d9dwg/TlVcewTX2e0Yvwwv QbuefcoZBBHJ+OwI281LSL6DSvoVwZNOhZ8gKmT3YI6x+GIm85Brqf7KGIJweVIt OwVbMNX3C1Cx9aQiDHmiGpOCRYh5U3jJ -----END CERTIFICATE-----Generated at Sat Apr 26 05:27:01 2025 by rpki-client