$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: g6ot5E2O1+zfUS9G4u+bKkZu9ti3kiEikPt6UcESrjk= Subject key identifier: 02:45:F4:78:AA:5B:79:5F:12:A5:67:66:26:01:29:CB:5E:03:4E:12 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C00 Signing time: Thu 24 Apr 2025 18:38:23 +0000 Manifest this update: Thu 24 Apr 2025 18:38:23 +0000 Manifest next update: Thu 01 May 2025 18:38:23 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: QZxIhMTW1TrL96kW3N08UZim+lajLeqD0Zfm8G5GyOo=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:38:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3079 (0xc07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Apr 24 18:38:23 2025 GMT Not After : May 1 18:38:23 2025 GMT Subject: CN=680a851f-5d5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:8e:29:e9:45:16:5c:da:bc:4b:fc:7d:9e:a2: 71:fa:be:60:c2:6d:0d:cc:94:91:a9:80:44:c7:92: 22:2a:d0:f6:4c:72:5a:3e:ff:e2:89:6b:be:f9:dd: 99:e5:c7:e8:a2:b0:37:dd:d9:66:3e:a1:de:1a:bc: 64:aa:83:f3:d3:94:0e:f7:60:5c:9e:82:39:ab:37: 00:07:08:75:df:ee:82:34:ee:4c:2c:27:86:80:e0: 43:38:77:ef:8c:70:a1:59:1b:f0:2e:18:df:b6:cd: 33:f7:e8:be:7f:3a:f0:f1:03:22:8c:3b:ca:a0:51: 8f:10:44:ea:8a:69:72:1f:59:98:96:8e:bb:71:95: ea:c7:43:22:6b:83:dc:96:a6:73:dd:60:d8:8c:7a: 5f:b4:e2:2b:7a:0d:fe:96:75:0e:09:fe:a7:3d:66: 01:58:98:50:84:24:27:a5:72:9f:56:53:5d:a6:45: 66:0b:bd:48:81:8e:90:3e:5c:0a:3a:23:06:11:e0: fb:a4:f9:90:74:71:9e:b2:62:fb:3d:15:e3:8c:e2: d8:46:d7:d4:0a:2d:63:c9:d8:70:16:1b:21:d6:70: c2:b1:e0:e3:4e:ab:b5:9d:f6:24:0f:ef:5c:70:32: 4f:1f:11:5b:97:5b:c6:4e:6e:e9:a2:d2:d0:36:09: 22:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:45:F4:78:AA:5B:79:5F:12:A5:67:66:26:01:29:CB:5E:03:4E:12 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:b0:a6:4e:91:4e:d3:8e:87:e2:77:19:13:cd:c1:95:0e:07: 70:26:e3:84:5e:1e:11:2d:eb:59:22:9b:9b:3f:2e:74:30:59: 0f:d6:60:c7:b1:8a:59:e2:18:16:49:c0:37:21:a2:23:2b:c8: 24:44:2f:c2:68:1a:71:b0:6c:67:40:7f:38:d7:b2:63:ae:aa: e5:f5:d7:26:1b:68:51:0a:1e:ed:c8:e6:a4:e4:ab:e1:3d:25: 9d:b2:23:d1:3f:69:fb:c3:88:71:2d:e7:6a:10:c9:b6:93:55: 7a:55:69:44:8a:27:f2:57:fb:a5:7a:5f:b6:2f:76:09:bb:94: d9:ff:2e:3c:80:f7:6b:0b:ff:14:38:3a:4c:2c:08:b5:35:fe: 9f:d0:52:4a:62:5f:31:6a:2e:20:74:cd:4c:f1:57:7a:d9:ed: 9d:5d:5f:21:e8:4b:b9:62:cd:e6:1d:9a:92:14:b5:ae:0b:8e: 81:f7:17:86:14:99:77:dc:4a:34:08:bc:7b:ca:62:31:59:70: ac:30:6b:c9:33:26:e9:58:9e:a7:d1:0d:ab:b5:52:6a:90:ac: 7c:c8:a3:72:e7:2d:c7:d2:3a:f4:24:24:b3:fd:76:56:79:85: 44:d8:56:a5:a1:99:9c:a8:ab:00:88:e2:f0:4c:5e:d4:af:b9: 9e:66:5c:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwNDI0MTgzODIzWhcNMjUwNTAxMTgzODIzWjAYMRYwFAYD VQQDEw02ODBhODUxZi01ZDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt44p6UUWXNq8S/x9nqJx+r5gwm0NzJSRqYBEx5IiKtD2THJaPv/iiWu++d2Z 5cfoorA33dlmPqHeGrxkqoPz05QO92BcnoI5qzcABwh13+6CNO5MLCeGgOBDOHfv jHChWRvwLhjfts0z9+i+fzrw8QMijDvKoFGPEETqimlyH1mYlo67cZXqx0Mia4Pc lqZz3WDYjHpftOIreg3+lnUOCf6nPWYBWJhQhCQnpXKfVlNdpkVmC71IgY6QPlwK OiMGEeD7pPmQdHGesmL7PRXjjOLYRtfUCi1jydhwFhsh1nDCseDjTqu1nfYkD+9c cDJPHxFbl1vGTm7potLQNgkiIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAJF9Hiq W3lfEqVnZiYBKcteA04SMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnsKZOkU7TjofidxkTzcGVDgdwJuOEXh4RLetZIpubPy50MFkP1mDH sYpZ4hgWScA3IaIjK8gkRC/CaBpxsGxnQH8417Jjrqrl9dcmG2hRCh7tyOak5Kvh PSWdsiPRP2n7w4hxLedqEMm2k1V6VWlEiifyV/ulel+2L3YJu5TZ/y48gPdrC/8U ODpMLAi1Nf6f0FJKYl8xai4gdM1M8Vd62e2dXV8h6Eu5Ys3mHZqSFLWuC46B9xeG FJl33Eo0CLx7ymIxWXCsMGvJMybpWJ6n0Q2rtVJqkKx8yKNy5y3H0jr0JCSz/XZW eYVE2FaloZmcqKsAiOLwTF7Ur7meZlz4 -----END CERTIFICATE-----Generated at Sat Apr 26 03:59:04 2025 by rpki-client