$ rpki-client -vvf rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft File: tQk3XiWpXStZwZWBw8Y1topJES0.mft (raw, json) Hash identifier: iyOVVq6dJtzgapTbVquaGI5lYcLNFG/JbAvuiVzubh8= Subject key identifier: 55:27:F8:D6:C2:CF:D5:A2:39:24:D7:D0:72:E3:59:04:60:FD:89:49 Authority key identifier: B5:09:37:5E:25:A9:5D:2B:59:C1:95:81:C3:C6:35:B6:8A:49:11:2D Certificate issuer: /CN=A917E754/serialNumber=B509375E25A95D2B59C19581C3C635B68A49112D Certificate serial: 3480 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tQk3XiWpXStZwZWBw8Y1topJES0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft Manifest number: 3479 Signing time: Thu 24 Apr 2025 15:19:33 +0000 Manifest this update: Thu 24 Apr 2025 15:19:32 +0000 Manifest next update: Thu 01 May 2025 15:19:32 +0000 Files and hashes: 1: tQk3XiWpXStZwZWBw8Y1topJES0.crl (hash: eZqfodr2dZMeQACXK4iHC0/webIiqMVhtxq/BKOcKd0=) 2: 2F79F386050511EA87CC7D42C4F9AE02.roa (hash: 1r2fILVlnPF9g9/RvWkB32IMvkecllavKDmXeDe08HY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.crl rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tQk3XiWpXStZwZWBw8Y1topJES0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:19:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13440 (0x3480) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E754, serialNumber=B509375E25A95D2B59C19581C3C635B68A49112D Validity Not Before: Apr 24 15:19:32 2025 GMT Not After : May 1 15:19:32 2025 GMT Subject: CN=680a5685-8765 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:08:f8:79:f8:d8:61:02:dd:9e:01:a3:1d:e7: fe:eb:a2:96:94:f2:c7:d2:b0:7e:c8:b5:27:92:bc: e6:a8:42:c4:ce:2c:11:61:50:77:ce:a1:2c:3b:49: 40:21:72:cc:f7:c1:e9:4c:0c:7a:2b:ce:6c:ec:2b: f5:8d:ec:38:12:9d:cb:37:d5:c8:35:f6:22:d7:ba: 9e:ea:c1:b6:ae:75:3f:aa:1a:b5:6c:57:c7:7a:74: 4d:05:fd:3b:37:39:b4:44:22:4e:50:41:15:6a:1b: 93:7b:20:a7:14:71:7c:73:ff:1c:54:50:3b:9e:e1: cc:c6:b4:85:4d:af:5b:d2:d3:90:c7:07:99:61:12: c8:8a:73:89:10:9f:5d:6d:07:5c:2c:52:a6:61:68: 23:f9:34:9e:3c:6b:2d:63:29:fa:6d:12:30:d5:1c: ad:86:80:1f:14:8f:91:4b:3a:5f:a9:d7:78:67:aa: c8:0f:b4:ea:7a:0c:38:a2:e6:6b:e3:56:48:25:a8: f2:18:f4:aa:92:e4:ca:8d:cd:46:34:a9:60:e0:f8: 2f:71:11:24:da:c9:ff:6c:5a:c6:d7:5d:3a:7f:82: 41:eb:05:a1:cc:82:ea:1a:bd:22:c1:29:79:fd:4b: 81:39:58:e6:a4:78:75:52:ff:0b:95:02:08:1d:ae: 33:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:27:F8:D6:C2:CF:D5:A2:39:24:D7:D0:72:E3:59:04:60:FD:89:49 X509v3 Authority Key Identifier: keyid:B5:09:37:5E:25:A9:5D:2B:59:C1:95:81:C3:C6:35:B6:8A:49:11:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tQk3XiWpXStZwZWBw8Y1topJES0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:31:1e:a3:b7:f0:3c:fc:62:d3:da:14:39:f1:5c:1d:fb:91: 7a:2e:e7:d8:a7:0c:4f:2b:31:29:db:c8:0a:8d:7d:8c:05:cb: 84:0e:3b:bf:bb:28:a8:f4:72:15:94:2e:16:21:22:b2:8a:33: 7f:71:03:94:05:96:a7:38:1e:c8:da:89:c5:9f:f4:e4:2f:90: a1:cf:73:e7:65:1d:a8:c2:f1:d7:83:d5:b9:28:f7:ec:49:70: 98:ed:60:58:f4:cd:70:8e:fd:29:41:3e:7a:14:63:fd:16:69: e2:83:72:2b:7b:7e:e2:12:cd:41:04:07:4d:34:a0:be:22:c0: 6b:93:96:db:f0:78:8d:09:89:01:fa:65:e7:06:04:e6:e2:90: 74:40:cb:08:c7:e0:1d:f2:92:bd:d4:13:8d:21:e0:66:a5:8c: 66:c8:f3:e3:d6:b5:99:db:d9:32:5a:15:27:13:a6:8a:6d:51: bc:b3:0b:3a:a2:4e:ca:c1:e7:3f:00:12:f9:89:d5:62:44:d7: 0a:af:e2:39:33:9e:cd:a9:e8:e6:83:ba:4d:a1:80:f3:07:2d: bb:9e:95:6d:c0:7d:de:72:16:aa:17:28:6a:54:b9:fb:ec:14: 88:a3:61:46:5e:77:7a:d2:2b:6c:c4:08:6d:c4:f1:77:61:31: 30:d7:e7:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U3NTQxMTAvBgNVBAUTKEI1MDkzNzVFMjVBOTVEMkI1OUMxOTU4MUMzQzYzNUI2 OEE0OTExMkQwHhcNMjUwNDI0MTUxOTMyWhcNMjUwNTAxMTUxOTMyWjAYMRYwFAYD VQQDEw02ODBhNTY4NS04NzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuQj4efjYYQLdngGjHef+66KWlPLH0rB+yLUnkrzmqELEziwRYVB3zqEsO0lA IXLM98HpTAx6K85s7Cv1jew4Ep3LN9XINfYi17qe6sG2rnU/qhq1bFfHenRNBf07 Nzm0RCJOUEEVahuTeyCnFHF8c/8cVFA7nuHMxrSFTa9b0tOQxweZYRLIinOJEJ9d bQdcLFKmYWgj+TSePGstYyn6bRIw1RythoAfFI+RSzpfqdd4Z6rID7Tqegw4ouZr 41ZIJajyGPSqkuTKjc1GNKlg4PgvcREk2sn/bFrG1106f4JB6wWhzILqGr0iwSl5 /UuBOVjmpHh1Uv8LlQIIHa4zWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFUn+NbC z9WiOSTX0HLjWQRg/YlJMB8GA1UdIwQYMBaAFLUJN14lqV0rWcGVgcPGNbaKSREt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTc1NC9BQ0QxRDc3MDFE QUIxMUUyQkEyODA2QUEwOEIwMkNEMi90UWszWGlXcFhTdFp3WldCdzhZMXRvcEpF UzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RRazNYaVdwWFN0WndaV0J3OFkxdG9wSkVTMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTc1NC9BQ0QxRDc3MDFEQUIxMUUyQkEyODA2QUEwOEIwMkNEMi90UWszWGlXcFhT dFp3WldCdzhZMXRvcEpFUzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClMR6jt/A8/GLT2hQ58Vwd+5F6LufYpwxPKzEp28gKjX2MBcuEDju/ uyio9HIVlC4WISKyijN/cQOUBZanOB7I2onFn/TkL5Chz3PnZR2owvHXg9W5KPfs SXCY7WBY9M1wjv0pQT56FGP9Fmnig3Ire37iEs1BBAdNNKC+IsBrk5bb8HiNCYkB +mXnBgTm4pB0QMsIx+Ad8pK91BONIeBmpYxmyPPj1rWZ29kyWhUnE6aKbVG8sws6 ok7Kwec/ABL5idViRNcKr+I5M57Nqejmg7pNoYDzBy27npVtwH3echaqFyhqVLn7 7BSIo2FGXnd60itsxAhtxPF3YTEw1+fo -----END CERTIFICATE-----Generated at Sat Apr 26 13:41:18 2025 by rpki-client