$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft File: dd3NDNRiWKwZGsOQoskl2MA1qFc.mft (raw, json) Hash identifier: DjGfZ9Yttbm8rbm8kvTB0qwuJB0BWNckQwVcd5RT2SU= Subject key identifier: 09:E1:08:2D:AA:0B:6C:AD:15:27:E3:F9:5E:33:B9:C7:82:1E:B8:BF Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Certificate serial: 0E84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft Manifest number: 0E7C Signing time: Sat 14 Jun 2025 17:37:17 +0000 Manifest this update: Sat 14 Jun 2025 17:37:16 +0000 Manifest next update: Sat 21 Jun 2025 17:37:16 +0000 Files and hashes: 1: dd3NDNRiWKwZGsOQoskl2MA1qFc.crl (hash: GYMOvEQw8qiAAv/baGI0TN/Op9/ic4tkuB3ZP89ob+4=) 2: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (hash: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:37:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3716 (0xe84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E04F, serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Validity Not Before: Jun 14 17:37:16 2025 GMT Not After : Jun 21 17:37:16 2025 GMT Subject: CN=684db34c-2d2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e2:4a:1b:c2:f5:7a:db:e9:48:6c:cb:2f:5c: 50:01:70:54:98:53:6d:8f:14:e8:f2:50:bb:31:05: ac:60:38:4f:0c:ae:49:f9:96:fa:41:55:f3:4a:8c: 3f:be:de:a5:f6:a7:6a:0c:69:f5:a0:ca:60:93:5b: 9e:0d:06:23:9e:f3:fb:15:63:a8:01:8c:00:77:bf: dc:d3:b9:0c:f0:48:bc:7c:98:32:a7:44:22:8a:3e: d0:86:22:a7:ca:a4:0b:c5:f1:c5:25:ae:89:94:56: f2:a9:1f:8c:aa:a3:59:e4:53:0a:2c:eb:53:3c:dc: 93:3e:06:1b:53:1f:79:5f:d7:43:79:6b:9f:c9:51: db:c4:b6:f5:6c:5f:8f:10:80:7a:db:6a:e9:b9:00: f7:7c:0f:1e:bf:3f:14:fb:58:c4:da:b8:3d:eb:a9: 23:04:93:6e:c3:4b:aa:3e:47:d4:c4:0c:87:93:2b: 38:22:6b:2c:03:1a:b0:d8:1d:6a:d0:72:04:47:1f: 4c:3c:3c:6c:c5:b6:9a:64:24:26:7c:ea:e6:da:11: 9c:5a:62:b6:7c:f5:40:19:4a:d0:fc:13:36:44:40: 7e:8c:ae:80:34:48:09:01:42:6c:50:ac:b3:80:8f: 68:8b:a0:2f:d1:89:ba:65:4d:cb:80:a7:0f:0f:33: 60:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E1:08:2D:AA:0B:6C:AD:15:27:E3:F9:5E:33:B9:C7:82:1E:B8:BF X509v3 Authority Key Identifier: keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:00:e2:a7:33:fe:88:68:2b:44:3a:23:f6:fd:b1:cb:5c:d8: 92:fc:29:9a:f5:36:ac:2b:af:94:ec:08:72:77:f2:06:ed:d8: 3d:8b:c0:78:f7:bd:f8:15:c5:db:d5:90:a6:02:4c:0e:36:a5: 8a:2b:68:51:c1:51:00:82:95:39:fe:90:59:4d:d9:95:6a:e3: 51:bd:95:2d:7b:5a:e4:b4:a4:d3:91:4a:58:52:6f:ef:c1:bc: 94:da:6d:77:9a:2e:0d:d0:66:dd:3f:e4:61:7c:6b:bd:12:92: 97:42:87:24:17:d5:a8:d3:3d:0d:c4:35:ae:85:8a:66:8c:eb: f5:ef:c3:76:c1:42:46:ee:23:ec:26:fb:cb:5d:49:07:bc:13: 65:e3:de:c1:04:cd:9e:92:e7:bb:d3:da:28:b7:5e:f0:1c:2b: 86:75:8a:56:dc:f3:38:bb:97:53:88:d4:1c:8d:68:c0:f2:4a: 0b:69:48:06:b1:5f:06:67:e5:02:f5:8f:56:cb:3e:07:28:fa: 08:59:9a:6b:04:cd:cc:eb:5b:68:b9:0c:a0:06:1a:b3:c5:fd: e7:4c:65:a2:02:ff:cc:c4:fd:ef:27:be:ce:05:87:05:98:ea: f4:c9:ab:56:bb:3e:29:25:f9:98:0d:52:10:2b:d1:a7:c3:c9: 31:79:82:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4 QzAzNUE4NTcwHhcNMjUwNjE0MTczNzE2WhcNMjUwNjIxMTczNzE2WjAYMRYwFAYD VQQDEw02ODRkYjM0Yy0yZDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw+JKG8L1etvpSGzLL1xQAXBUmFNtjxTo8lC7MQWsYDhPDK5J+Zb6QVXzSow/ vt6l9qdqDGn1oMpgk1ueDQYjnvP7FWOoAYwAd7/c07kM8Ei8fJgyp0Qiij7QhiKn yqQLxfHFJa6JlFbyqR+MqqNZ5FMKLOtTPNyTPgYbUx95X9dDeWufyVHbxLb1bF+P EIB622rpuQD3fA8evz8U+1jE2rg966kjBJNuw0uqPkfUxAyHkys4ImssAxqw2B1q 0HIERx9MPDxsxbaaZCQmfOrm2hGcWmK2fPVAGUrQ/BM2REB+jK6ANEgJAUJsUKyz gI9oi6Av0Ym6ZU3LgKcPDzNgswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAnhCC2q C2ytFSfj+V4zuceCHri/MB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3 MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTA0Ri80MTg1MzdGNDk3MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdL d1pHc09Rb3NrbDJNQTFxRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3AOKnM/6IaCtEOiP2/bHLXNiS/Cma9TasK6+U7Ahyd/IG7dg9i8B4 9734FcXb1ZCmAkwONqWKK2hRwVEAgpU5/pBZTdmVauNRvZUte1rktKTTkUpYUm/v wbyU2m13mi4N0GbdP+RhfGu9EpKXQockF9Wo0z0NxDWuhYpmjOv178N2wUJG7iPs JvvLXUkHvBNl497BBM2ekue709oot17wHCuGdYpW3PM4u5dTiNQcjWjA8koLaUgG sV8GZ+UC9Y9Wyz4HKPoIWZprBM3M61touQygBhqzxf3nTGWiAv/MxP3vJ77OBYcF mOr0yatWuz4pJfmYDVIQK9Gnw8kxeYIU -----END CERTIFICATE-----Generated at Sun Jun 15 08:30:49 2025 by rpki-client