$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft File: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json) Hash identifier: /kyYoXaYTxg6mYI9qWYuD8y3pbwonobFh3u5Kc5l7DU= Subject key identifier: 06:8D:03:AB:50:27:F5:8C:59:50:CF:14:F4:85:F1:1C:7E:1A:B8:6E Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft Manifest number: 0A04 Signing time: Thu 24 Apr 2025 19:52:16 +0000 Manifest this update: Thu 24 Apr 2025 19:52:16 +0000 Manifest next update: Thu 01 May 2025 19:52:16 +0000 Files and hashes: 1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: nWBne4MzDwPR6JHd5jGYqh/2hENTZkvIIZw3yW5BHCw=) 2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: qbK0SRsjZmgPEhHCvpQ8WHXr9ovPv+iMo1ylb0vxYmI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:52:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Validity Not Before: Apr 24 19:52:16 2025 GMT Not After : May 1 19:52:16 2025 GMT Subject: CN=680a9670-e6ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cb:01:ea:d4:73:55:4d:f0:54:29:53:9a:3d: 1b:5b:53:d9:08:0d:b9:b0:97:ca:e0:b8:aa:fd:60: 8d:ea:bf:f4:fb:41:17:d5:92:85:ae:ae:a0:18:54: b0:fc:45:20:5c:0f:38:85:b4:f7:68:df:bb:f2:7a: 0b:a4:41:14:68:9f:38:0f:b8:a3:fc:2a:d6:63:f3: d7:cc:a3:7e:81:00:35:cc:66:b7:56:f1:90:59:f9: 07:87:43:ef:db:36:c2:63:37:60:66:76:5b:7d:11: c3:0b:4d:31:dd:7c:80:56:bb:9c:6a:04:07:08:09: 62:6e:0f:3d:10:61:ef:48:45:45:47:ba:d1:02:0b: ce:0e:9a:ba:3d:74:0e:06:5a:42:6b:5f:b2:ce:0e: 7c:a2:11:74:8c:a5:2d:d9:5a:f9:94:c6:bb:f2:ae: 45:a1:01:cb:10:6a:c1:a5:eb:fb:2d:bf:73:49:43: 18:be:27:1a:8d:39:17:36:f4:e1:48:81:b5:1c:3e: a9:f6:fc:31:20:17:d7:53:65:0c:b6:6b:3d:c1:b6: 6f:64:87:7e:8c:ab:65:9c:8a:71:68:71:1d:c5:7f: 02:a8:3f:ec:21:53:6b:28:67:07:4f:09:58:81:73: 1d:bd:25:71:50:bf:bd:ae:71:6f:2d:b8:72:ef:e1: 55:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:8D:03:AB:50:27:F5:8C:59:50:CF:14:F4:85:F1:1C:7E:1A:B8:6E X509v3 Authority Key Identifier: keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:af:8e:7e:38:93:b5:e8:e8:55:ea:1d:5b:c4:04:c9:2c:9d: 2d:dd:2d:f4:a5:c4:b1:2b:58:c4:a0:29:e2:56:60:82:fd:77: de:bc:67:6c:e0:81:4e:fa:a9:61:c6:8c:90:e2:9a:54:d7:de: 10:b8:e6:84:ad:ac:4c:ef:8b:f5:cc:ff:41:88:71:9a:ee:8d: 44:d6:95:29:8c:bf:c3:b5:be:40:12:3f:23:64:6a:e7:e9:fb: d4:6a:3f:5e:39:5f:2e:3f:28:c1:d8:11:b8:c6:f1:85:c9:d0: 8b:6f:10:0b:67:50:31:32:44:5c:23:63:ba:dc:ca:78:ff:1d: 24:35:ea:5d:5b:09:a7:18:2a:45:f9:39:06:28:47:bc:9d:0c: 0f:b5:9e:3f:d8:57:97:18:49:5d:18:2f:4d:f4:e8:7d:49:20: 0a:e9:9b:7f:05:ae:67:ac:d6:11:62:cc:c8:79:cd:80:bc:56: d6:0b:2a:b0:0b:d3:b9:65:18:31:c2:1d:21:89:4f:73:2f:a4: 57:32:a1:d7:fb:0a:45:c6:64:f2:d1:54:97:2c:76:1f:13:88: 28:25:5b:a9:d2:78:c2:d6:05:91:c3:c4:64:11:a9:7b:f0:f4: e8:25:0d:ea:60:5e:9c:1b:25:60:de:b7:bb:4f:c9:18:dc:b3: 55:a0:87:0e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RjFDOTExMC8GA1UEBRMoREU0Q0U5NjBBMzkzMEFCNEMyMjdGQ0U4Rjg1N0MwODQx OTdGMDhEMDAeFw0yNTA0MjQxOTUyMTZaFw0yNTA1MDExOTUyMTZaMBgxFjAUBgNV BAMTDTY4MGE5NjcwLWU2ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDIywHq1HNVTfBUKVOaPRtbU9kIDbmwl8rguKr9YI3qv/T7QRfVkoWurqAYVLD8 RSBcDziFtPdo37vyegukQRRonzgPuKP8KtZj89fMo36BADXMZrdW8ZBZ+QeHQ+/b NsJjN2Bmdlt9EcMLTTHdfIBWu5xqBAcICWJuDz0QYe9IRUVHutECC84Omro9dA4G WkJrX7LODnyiEXSMpS3ZWvmUxrvyrkWhAcsQasGl6/stv3NJQxi+JxqNORc29OFI gbUcPqn2/DEgF9dTZQy2az3Btm9kh36Mq2WcinFocR3FfwKoP+whU2soZwdPCViB cx29JXFQv72ucW8tuHLv4VXbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBo0Dq1An 9YxZUM8U9IXxHH4auG4wHwYDVR0jBBgwFoAU3kzpYKOTCrTCJ/zo+FfAhBl/CNAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMUM5LzZBNTdBQjhDN0Y5 NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NO QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2t6cFlLT1RDclRDSl96by1GZkFoQmxfQ05BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThG MUM5LzZBNTdBQjhDN0Y5NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JU Q0pfem8tRmZBaEJsX0NOQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGOvjn44k7Xo6FXqHVvEBMksnS3dLfSlxLErWMSgKeJWYIL9d968Z2zg gU76qWHGjJDimlTX3hC45oStrEzvi/XM/0GIcZrujUTWlSmMv8O1vkASPyNkaufp +9RqP145Xy4/KMHYEbjG8YXJ0ItvEAtnUDEyRFwjY7rcynj/HSQ16l1bCacYKkX5 OQYoR7ydDA+1nj/YV5cYSV0YL0306H1JIArpm38Frmes1hFizMh5zYC8VtYLKrAL 07llGDHCHSGJT3MvpFcyodf7CkXGZPLRVJcsdh8TiCglW6nSeMLWBZHDxGQRqXvw 9OglDepgXpwbJWDet7tPyRjcs1Wghw4= -----END CERTIFICATE-----Generated at Sat Apr 26 07:53:25 2025 by rpki-client