$ rpki-client -vvf rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft File: S3IqOmeTvzLJvPUuTncuCm86Yxk.mft (raw, json) Hash identifier: OjO22CpIWEqhzdjGpzhDfGwGbcDjuj1Ej6yw6HxLCb4= Subject key identifier: D7:00:28:E7:B8:9E:13:AD:4E:60:0A:49:85:6F:01:E0:25:70:52:8B Authority key identifier: 4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 Certificate issuer: /CN=A917A67E/serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Certificate serial: 0159 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft Manifest number: 0156 Signing time: Fri 25 Apr 2025 03:15:07 +0000 Manifest this update: Fri 25 Apr 2025 03:15:07 +0000 Manifest next update: Fri 02 May 2025 03:15:07 +0000 Files and hashes: 1: S3IqOmeTvzLJvPUuTncuCm86Yxk.crl (hash: 49nNBHCpnTghfnMJQ52FkfISP8Zs09sr3iJ2JcOy41Y=) 2: E3901F981BD711EEB9597921C4F9AE02.roa (hash: gXQtBkkUAb9x4NlHq240u/Z9LPp8ccDpu+5MVL1TOAI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:15:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 345 (0x159) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A67E, serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Validity Not Before: Apr 25 03:15:07 2025 GMT Not After : May 2 03:15:07 2025 GMT Subject: CN=680afe3b-1a74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:e2:c1:fb:56:f9:9e:e1:21:42:a3:01:34:cf: db:89:96:b1:fc:c8:d9:f4:15:f6:63:51:f2:f1:ba: 9e:d7:ad:ea:e0:3c:be:cf:72:8d:0a:88:e1:6a:2b: f2:d5:f8:a2:87:c0:38:a0:c1:5f:0e:6d:30:df:53: f1:2a:c3:90:ef:51:6f:46:cf:37:93:a5:09:0d:c6: 38:65:61:bf:c1:e0:e3:19:80:0b:98:ac:90:8a:11: 20:11:05:b6:3e:60:a2:2d:f8:a3:be:cc:f5:27:eb: 12:6d:18:57:fb:7d:32:ea:60:8f:58:62:68:e0:93: 0d:54:06:e0:35:d6:a0:0d:f3:db:ea:b0:a5:36:67: c9:3d:ff:cb:f3:5e:3b:5c:63:62:4d:70:8d:0c:1b: d6:3a:ed:ed:2e:33:63:1e:02:a7:e6:9d:2d:85:62: b2:52:ae:c4:9c:a8:c7:b0:c0:78:6c:b8:b7:bf:73: 32:28:d2:92:1d:66:a2:41:10:2b:e7:db:6f:5b:c5: f3:9f:1e:82:2a:f2:a6:cc:57:02:33:35:fa:35:9f: 07:09:fb:73:38:6a:47:4a:10:0f:51:f7:70:9e:cb: 8f:dd:59:5a:ad:7a:eb:1e:0c:82:c4:72:33:b5:6c: 75:27:0e:a9:6b:ab:03:d4:65:94:6a:df:f1:c0:f1: 4b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:00:28:E7:B8:9E:13:AD:4E:60:0A:49:85:6F:01:E0:25:70:52:8B X509v3 Authority Key Identifier: keyid:4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:31:69:5b:55:ea:d4:ad:e5:ac:43:00:dc:2c:49:a4:0e:53: 79:8c:57:c6:2c:dc:96:45:15:71:70:88:9a:98:07:e8:2e:3b: 92:d1:69:0d:33:6c:61:f5:f8:ab:7b:88:b2:3f:f8:0d:13:6f: 83:64:e9:41:89:d5:34:46:ba:f0:c6:bb:1f:ad:86:50:f7:22: fa:bb:75:ad:54:94:0c:1c:58:35:fa:ac:79:71:b8:58:02:c6: fd:51:c7:c5:54:74:30:07:28:97:73:e5:45:8b:4b:01:c8:06: 39:5c:33:3d:ba:6e:b4:93:97:28:ff:40:61:9c:0a:dc:08:cf: e3:97:d4:38:28:84:76:b8:c0:df:42:da:9c:be:1c:5d:55:74: 28:db:bf:19:c5:83:94:c7:9e:50:21:13:60:fe:45:43:b6:ba: 66:24:7a:02:24:13:2e:a4:70:2a:21:9c:d4:eb:89:36:98:42: 58:e8:29:06:b4:68:42:e9:da:06:be:3f:9d:91:16:e3:86:dc: 16:00:31:7b:54:b8:e2:2d:6c:40:2e:04:ba:1e:3e:fb:fe:ed: f8:52:62:c6:53:14:41:ee:46:81:cb:8e:48:ae:4b:6c:e8:5b: 1b:21:7a:83:09:de:17:0e:70:c7:5c:5f:69:f9:1f:e1:8a:8e: 73:bf:d4:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E2N0UxMTAvBgNVBAUTKDRCNzIyQTNBNjc5M0JGMzJDOUJDRjUyRTRFNzcyRTBB NkYzQTYzMTkwHhcNMjUwNDI1MDMxNTA3WhcNMjUwNTAyMDMxNTA3WjAYMRYwFAYD VQQDEw02ODBhZmUzYi0xYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4+LB+1b5nuEhQqMBNM/biZax/MjZ9BX2Y1Hy8bqe163q4Dy+z3KNCojhaivy 1fiih8A4oMFfDm0w31PxKsOQ71FvRs83k6UJDcY4ZWG/weDjGYALmKyQihEgEQW2 PmCiLfijvsz1J+sSbRhX+30y6mCPWGJo4JMNVAbgNdagDfPb6rClNmfJPf/L8147 XGNiTXCNDBvWOu3tLjNjHgKn5p0thWKyUq7EnKjHsMB4bLi3v3MyKNKSHWaiQRAr 59tvW8Xznx6CKvKmzFcCMzX6NZ8HCftzOGpHShAPUfdwnsuP3VlarXrrHgyCxHIz tWx1Jw6pa6sD1GWUat/xwPFLjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNcAKOe4 nhOtTmAKSYVvAeAlcFKLMB8GA1UdIwQYMBaAFEtyKjpnk78yybz1Lk53LgpvOmMZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTY3RS82N0I0Q0I4NDFC RDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6TEp2UFV1VG5jdUNtODZZ eGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzSXFPbWVUdnpMSnZQVXVUbmN1Q204Nll4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTY3RS82N0I0Q0I4NDFCRDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6 TEp2UFV1VG5jdUNtODZZeGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKMWlbVerUreWsQwDcLEmkDlN5jFfGLNyWRRVxcIiamAfoLjuS0WkN M2xh9fire4iyP/gNE2+DZOlBidU0RrrwxrsfrYZQ9yL6u3WtVJQMHFg1+qx5cbhY Asb9UcfFVHQwByiXc+VFi0sByAY5XDM9um60k5co/0BhnArcCM/jl9Q4KIR2uMDf QtqcvhxdVXQo278ZxYOUx55QIRNg/kVDtrpmJHoCJBMupHAqIZzU64k2mEJY6CkG tGhC6doGvj+dkRbjhtwWADF7VLjiLWxALgS6Hj77/u34UmLGUxRB7kaBy45Irkts 6FsbIXqDCd4XDnDHXF9p+R/hio5zv9St -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:51 2025 by rpki-client