$ rpki-client -vvf rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft File: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft (raw, json) Hash identifier: bcri1OahGi+cYKVGuIhlsnlUIl0Vq28BYqpV0POrbXU= Subject key identifier: 5A:8C:63:B9:FB:C9:93:E1:65:2F:BC:77:69:CF:97:BD:97:99:4E:B9 Authority key identifier: E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30 Certificate issuer: /CN=A917F0AF/serialNumber=E114378DA934861469F495D97598E0F00289C330 Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft Manifest number: 3A Signing time: Fri 25 Apr 2025 06:31:34 +0000 Manifest this update: Fri 25 Apr 2025 06:31:33 +0000 Manifest next update: Fri 02 May 2025 06:31:33 +0000 Files and hashes: 1: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl (hash: rS3amQZdRdhWSRNMYl6iriwDFAW7NoWP8fqKg7i5/Aw=) 2: 27E5184CCC6211EFA20BEE1BC4F9AE02.roa (hash: Nfq9gOVsvHp+sAvDqwlNp+Rm9HqcCv4rXARNazxofGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:31:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F0AF, serialNumber=E114378DA934861469F495D97598E0F00289C330 Validity Not Before: Apr 25 06:31:33 2025 GMT Not After : May 2 06:31:33 2025 GMT Subject: CN=680b2c45-71bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:9c:4a:77:46:bf:96:e8:7d:e8:8f:be:5a:f3: a5:2b:c2:96:15:33:95:03:54:2b:08:30:d9:b0:b8: e2:17:e4:49:2f:ef:ec:5c:6d:c3:4b:e2:79:39:72: 8e:92:4a:90:c3:74:27:a3:37:0a:e6:8f:c0:a5:ba: b6:0f:27:00:43:67:0a:6a:dd:e5:d6:b3:5a:93:87: f5:20:47:65:c4:6f:7d:33:25:e2:89:e6:0b:0d:98: 3c:41:a3:0f:9c:0f:13:33:d8:88:a9:b9:91:72:7d: 7a:0d:3f:3e:c3:8e:d6:a2:61:9f:59:1f:20:c9:eb: 18:5e:31:be:4f:f9:f9:2c:49:ab:c1:bf:8b:37:a9: bd:3c:82:55:51:39:e7:23:21:78:19:f2:c4:8c:15: 00:c0:5d:1a:fd:dc:90:6b:8e:c0:61:2c:ac:03:0f: 69:64:92:66:c9:0b:22:be:c7:b4:08:ec:59:d4:47: c7:b5:5f:6a:68:3c:58:06:49:53:25:54:e8:75:e7: aa:21:9c:a5:2f:fa:f1:21:82:35:df:be:20:3c:00: 26:2e:d1:4f:be:4e:5f:84:02:eb:fb:d9:eb:82:dc: a5:19:6b:bd:27:a5:a6:9d:82:5e:65:b5:e6:4d:d2: c7:99:40:7e:da:ed:06:00:60:1f:ad:e0:7b:22:fa: f5:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:8C:63:B9:FB:C9:93:E1:65:2F:BC:77:69:CF:97:BD:97:99:4E:B9 X509v3 Authority Key Identifier: keyid:E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c9:d3:43:f9:a4:99:d6:3d:2e:56:5c:58:8d:67:2a:0e:4b:5b: 9e:d6:b3:3c:cc:68:54:03:98:41:f9:54:fd:76:5c:48:3c:3c: 80:e8:c4:11:e1:01:a7:72:af:88:3a:0c:9e:b0:e2:49:9a:a3: f3:8c:65:00:84:dc:ec:da:f5:71:39:19:4c:8d:6e:ea:1e:2c: 87:16:67:26:03:29:91:23:9c:1d:21:b5:de:d3:1c:0a:99:ee: b4:e2:78:71:c5:d0:b8:a3:82:cb:48:86:0f:eb:10:12:01:72: 76:5b:a1:c2:a6:1f:06:3a:8a:8f:f4:07:1d:10:67:a7:c0:81: 9c:00:13:0d:d6:fe:eb:4c:81:6e:c7:97:c6:a7:86:ef:89:b2: 5e:a9:48:3b:5b:e4:e7:bd:4c:a3:08:79:30:78:55:d2:b6:d8: a5:f6:c4:c6:24:45:6d:a7:f1:77:fd:9a:90:b7:ac:3c:dc:8b: a4:c6:c7:c1:6a:e3:60:51:3f:d5:79:31:d7:90:89:ae:51:89: 68:b9:06:dc:4d:c6:28:52:8c:1f:87:9c:fa:0a:76:fa:2f:c3: 8e:b4:a8:e4:fc:7d:8e:e5:e9:be:69:42:fa:80:8d:5d:e1:6d: c7:c9:fe:95:48:a3:97:5f:14:68:b5:7f:07:64:e5:ba:a1:22: ce:04:5a:c2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RjBBRjExMC8GA1UEBRMoRTExNDM3OERBOTM0ODYxNDY5RjQ5NUQ5NzU5OEUwRjAw Mjg5QzMzMDAeFw0yNTA0MjUwNjMxMzNaFw0yNTA1MDIwNjMxMzNaMBgxFjAUBgNV BAMTDTY4MGIyYzQ1LTcxYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDknEp3Rr+W6H3oj75a86UrwpYVM5UDVCsIMNmwuOIX5Ekv7+xcbcNL4nk5co6S SpDDdCejNwrmj8ClurYPJwBDZwpq3eXWs1qTh/UgR2XEb30zJeKJ5gsNmDxBow+c DxMz2IipuZFyfXoNPz7DjtaiYZ9ZHyDJ6xheMb5P+fksSavBv4s3qb08glVROecj IXgZ8sSMFQDAXRr93JBrjsBhLKwDD2lkkmbJCyK+x7QI7FnUR8e1X2poPFgGSVMl VOh156ohnKUv+vEhgjXfviA8ACYu0U++Tl+EAuv72euC3KUZa70npaadgl5lteZN 0seZQH7a7QYAYB+t4Hsi+vXHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWoxjufvJ k+FlL7x3ac+XvZeZTrkwHwYDVR0jBBgwFoAU4RQ3jak0hhRp9JXZdZjg8AKJwzAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGMEFGLzJEN0E3RTBFQ0M0 RjExRUZBODlBOEYxNEM0RjlBRTAyLzRSUTNqYWswaGhScDlKWFpkWmpnOEFLSnd6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFJRM2phazBoaFJwOUpYWmRaamc4QUtKd3pBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdG MEFGLzJEN0E3RTBFQ0M0RjExRUZBODlBOEYxNEM0RjlBRTAyLzRSUTNqYWswaGhS cDlKWFpkWmpnOEFLSnd6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMnTQ/mkmdY9LlZcWI1nKg5LW57WszzMaFQDmEH5VP12XEg8PIDoxBHh Aadyr4g6DJ6w4kmao/OMZQCE3Oza9XE5GUyNbuoeLIcWZyYDKZEjnB0htd7THAqZ 7rTieHHF0LijgstIhg/rEBIBcnZbocKmHwY6io/0Bx0QZ6fAgZwAEw3W/utMgW7H l8anhu+Jsl6pSDtb5Oe9TKMIeTB4VdK22KX2xMYkRW2n8Xf9mpC3rDzci6TGx8Fq 42BRP9V5MdeQia5RiWi5BtxNxihSjB+HnPoKdvovw460qOT8fY7l6b5pQvqAjV3h bcfJ/pVIo5dfFGi1fwdk5bqhIs4EWsI= -----END CERTIFICATE-----Generated at Sat Apr 26 05:15:12 2025 by rpki-client