$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: JK5gcnqWXTXBSIWCtRW5dnGKv3DxCaK1ASx+clUOukc= Subject key identifier: 5E:0D:88:32:B6:A2:5F:0B:EE:8F:1A:27:01:A8:9D:DE:80:95:50:12 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C19 Signing time: Sat 14 Jun 2025 18:32:42 +0000 Manifest this update: Sat 14 Jun 2025 18:32:42 +0000 Manifest next update: Sat 21 Jun 2025 18:32:42 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: cKouBJGX/dTUvVYJUjKt2EnqTrUVjyp7jfp0HojpPP0=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 18:32:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3104 (0xc20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Jun 14 18:32:42 2025 GMT Not After : Jun 21 18:32:42 2025 GMT Subject: CN=684dc04a-c353 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ea:3e:49:2b:9f:68:b2:c4:38:6e:b1:ca:0f: b3:7e:5c:3c:dd:c0:5b:48:b4:26:91:15:30:74:02: 4d:50:d9:b3:eb:c1:29:da:4b:aa:b8:13:41:0f:45: d3:99:49:68:76:2e:78:db:66:58:25:fe:da:28:cc: 0f:37:89:0f:a3:89:39:ce:77:13:1c:3d:e1:2d:ab: aa:43:8b:6a:69:3f:e0:6f:3f:ad:88:14:58:63:dd: cf:38:e0:e1:21:cb:2b:46:11:4e:d4:b7:dd:77:e3: 53:33:4a:1a:6b:93:72:09:21:e7:da:65:ce:67:ee: 09:5e:83:93:ec:4c:96:be:43:1b:c7:41:1f:cf:76: 2b:63:aa:42:96:1b:64:f0:ca:80:a6:3c:cb:b4:a9: 7c:96:86:10:1d:bf:86:2b:63:22:58:9d:cf:e6:0a: d4:e8:94:2e:32:a4:84:7a:96:1a:98:8b:63:0e:bb: 54:8c:8d:c0:82:5f:ef:44:9c:3d:2a:1e:78:fb:67: 49:3c:fa:cf:8b:be:7f:a9:93:f4:8e:69:2b:69:8f: fc:42:30:08:ab:b7:f6:db:fb:be:75:c9:af:35:37: 73:f7:f9:c6:81:cd:cf:75:7e:1a:e2:fe:ba:ba:66: ba:46:64:cb:e8:59:5f:7e:05:03:f1:0e:f2:dd:58: fe:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:0D:88:32:B6:A2:5F:0B:EE:8F:1A:27:01:A8:9D:DE:80:95:50:12 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:c8:24:d1:79:ec:86:5b:c4:a0:e3:f2:0d:ca:1a:b0:92:34: 79:d5:08:4b:f9:9d:36:18:eb:bf:90:74:a5:a9:cb:94:f7:2b: 05:02:02:01:93:42:3e:30:d1:e8:ee:ca:2d:ed:73:ae:4b:61: 15:66:a7:03:62:3a:be:2b:f3:64:8b:6c:4c:31:bf:c8:d6:af: 30:9f:0d:87:0f:c8:ad:91:10:fa:d0:fd:5e:18:23:56:72:fd: 6b:32:7f:ef:71:1c:77:eb:ef:54:69:4b:cd:2b:17:39:8c:dd: 54:2c:a2:f4:33:35:01:7d:7e:df:5d:bd:6b:c2:9a:7b:ec:a3: de:c3:db:d6:66:ea:2f:d7:9a:ab:0e:3b:e1:26:04:05:85:ef: 37:d7:67:c6:56:f8:b8:3c:16:dc:e8:15:14:fd:8d:f1:34:81: 35:6c:ef:bd:ce:db:8e:b2:d0:64:b0:2a:0b:79:19:40:73:74: 2f:18:9d:c6:2a:36:f4:7d:a9:fb:a4:bb:5e:b5:d9:a1:18:a5: bd:ff:fc:d3:aa:06:29:5a:3d:e4:32:61:14:25:00:71:53:af: 79:4b:52:31:a7:d9:41:15:fd:4f:6c:e8:68:df:f0:4c:76:22: 0b:6f:01:05:72:15:35:ca:e9:7b:b0:fe:ee:bd:35:f1:13:d8: bd:5c:06:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwNjE0MTgzMjQyWhcNMjUwNjIxMTgzMjQyWjAYMRYwFAYD VQQDEw02ODRkYzA0YS1jMzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1+o+SSufaLLEOG6xyg+zflw83cBbSLQmkRUwdAJNUNmz68Ep2kuquBNBD0XT mUlodi5422ZYJf7aKMwPN4kPo4k5zncTHD3hLauqQ4tqaT/gbz+tiBRYY93POODh IcsrRhFO1Lfdd+NTM0oaa5NyCSHn2mXOZ+4JXoOT7EyWvkMbx0Efz3YrY6pClhtk 8MqApjzLtKl8loYQHb+GK2MiWJ3P5grU6JQuMqSEepYamItjDrtUjI3Agl/vRJw9 Kh54+2dJPPrPi75/qZP0jmkraY/8QjAIq7f22/u+dcmvNTdz9/nGgc3PdX4a4v66 uma6RmTL6FlffgUD8Q7y3Vj+swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF4NiDK2 ol8L7o8aJwGond6AlVASMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACyCTReeyGW8Sg4/INyhqwkjR51QhL+Z02GOu/kHSlqcuU9ysFAgIB k0I+MNHo7sot7XOuS2EVZqcDYjq+K/Nki2xMMb/I1q8wnw2HD8itkRD60P1eGCNW cv1rMn/vcRx36+9UaUvNKxc5jN1ULKL0MzUBfX7fXb1rwpp77KPew9vWZuov15qr DjvhJgQFhe8312fGVvi4PBbc6BUU/Y3xNIE1bO+9ztuOstBksCoLeRlAc3QvGJ3G Kjb0fan7pLtetdmhGKW9//zTqgYpWj3kMmEUJQBxU695S1Ixp9lBFf1PbOho3/BM diILbwEFchU1yul7sP7uvTXxE9i9XAbQ -----END CERTIFICATE-----Generated at Sun Jun 15 09:50:04 2025 by rpki-client