$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: Mf8BM9oDecUpfCw2P3eQaw8SphI1IZP5wYAlePHvjeA= Subject key identifier: C5:C2:D2:5E:05:E3:7B:10:79:C6:BE:7A:03:32:DC:6A:AF:49:D2:84 Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 0947 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 0941 Signing time: Mon 28 Apr 2025 20:40:34 +0000 Manifest this update: Mon 28 Apr 2025 20:40:34 +0000 Manifest next update: Mon 05 May 2025 20:40:34 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: /j879uy2e496pAOBCCe+jtGwxI6Dcmsh9RNt2aR1ZJY=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: S4ZaaJwKZSnUQdUJjzEBewIqlA4hqhU0xKL1nfod00M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 20:40:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2375 (0x947) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: Apr 28 20:40:34 2025 GMT Not After : May 5 20:40:34 2025 GMT Subject: CN=680fe7c2-31ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2b:4f:78:36:83:40:64:74:8f:2c:aa:58:74: cd:ff:15:39:05:68:fa:35:41:b3:e5:1f:ff:ac:f8: 59:db:09:6f:a8:45:f4:a1:83:43:f4:c6:12:80:ff: 3c:bb:26:32:d0:2a:8e:34:9b:5b:d5:2e:f9:67:ea: 68:12:df:49:6e:b2:d4:bf:08:86:53:01:aa:19:40: 7a:9d:67:6c:a1:76:46:20:2a:5a:e2:dd:6b:09:e9: 4d:f1:43:cd:4a:c9:49:d4:75:9d:7d:39:23:59:e8: 60:df:62:93:c5:0f:48:94:31:5d:45:c9:cd:8a:f3: 89:74:12:e9:95:8d:c5:a0:4c:01:4a:2c:02:0c:f9: 6a:70:af:65:7c:70:f0:8b:e9:3d:3c:98:79:d3:3c: 19:00:05:79:63:1a:4c:44:1b:99:e4:78:45:88:bc: 5f:f8:e6:bf:62:3f:51:2d:57:2c:6f:ba:40:21:f3: 57:40:68:4c:da:6e:7d:9f:d1:67:f2:8c:3b:33:9a: 17:1d:fe:34:2a:e2:4a:f9:cd:f3:17:ef:1f:d0:60: ba:2f:07:38:38:91:10:4f:69:2b:82:cd:c5:33:9b: ef:7e:75:82:43:cd:96:49:9b:4e:87:15:0e:d7:28: 90:45:50:f9:18:9c:9d:3b:90:43:db:3c:00:0d:a2: 39:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:C2:D2:5E:05:E3:7B:10:79:C6:BE:7A:03:32:DC:6A:AF:49:D2:84 X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:25:08:ea:7a:fa:c9:20:53:a9:dd:3b:cc:cb:44:67:53:b0: 99:20:38:99:0c:e0:33:89:17:e3:ec:7f:d0:9e:18:54:e0:a5: f3:ba:48:dd:18:62:08:35:ce:fa:97:01:9f:5e:a1:44:ad:c9: d4:75:7f:ab:c3:c1:73:b2:6f:5b:6a:93:33:78:9e:ce:0e:cf: e8:15:3b:0c:17:e0:ad:4c:db:20:ac:fb:63:b3:5a:ef:0d:b5: be:72:29:93:cb:50:81:90:fd:27:26:b6:b9:73:89:78:91:a6: 77:b0:b5:be:79:2d:e0:d5:0e:23:e0:4d:93:1d:08:9d:2c:26: 74:95:93:a7:2c:0c:5e:71:94:7d:4b:de:fd:14:e9:95:c9:05: 63:b9:ef:6e:92:37:c3:45:ee:7a:28:fc:c2:b3:4b:90:11:b7: 74:f6:d5:ca:bf:16:2c:e7:4d:fb:39:41:c2:be:ce:52:ac:46: 6d:4d:c2:ef:ca:d7:03:ac:18:46:be:af:71:40:f3:6d:65:04: 21:bc:38:a9:5f:ad:1a:60:79:9a:44:c3:c9:58:26:7a:1b:a4: 74:65:83:f1:6d:1b:1d:02:3d:9e:7b:81:40:20:61:2e:71:96: 87:30:7c:4f:e0:b2:ac:5f:92:7f:08:fc:07:39:b8:bd:a6:3f: 8e:4c:91:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUwNDI4MjA0MDM0WhcNMjUwNTA1MjA0MDM0WjAYMRYwFAYD VQQDEw02ODBmZTdjMi0zMWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqitPeDaDQGR0jyyqWHTN/xU5BWj6NUGz5R//rPhZ2wlvqEX0oYND9MYSgP88 uyYy0CqONJtb1S75Z+poEt9JbrLUvwiGUwGqGUB6nWdsoXZGICpa4t1rCelN8UPN SslJ1HWdfTkjWehg32KTxQ9IlDFdRcnNivOJdBLplY3FoEwBSiwCDPlqcK9lfHDw i+k9PJh50zwZAAV5YxpMRBuZ5HhFiLxf+Oa/Yj9RLVcsb7pAIfNXQGhM2m59n9Fn 8ow7M5oXHf40KuJK+c3zF+8f0GC6Lwc4OJEQT2krgs3FM5vvfnWCQ82WSZtOhxUO 1yiQRVD5GJydO5BD2zwADaI5BwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMXC0l4F 43sQeca+egMy3GqvSdKEMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkJQjqevrJIFOp3TvMy0RnU7CZIDiZDOAziRfj7H/QnhhU4KXzukjd GGIINc76lwGfXqFErcnUdX+rw8Fzsm9bapMzeJ7ODs/oFTsMF+CtTNsgrPtjs1rv DbW+cimTy1CBkP0nJra5c4l4kaZ3sLW+eS3g1Q4j4E2THQidLCZ0lZOnLAxecZR9 S979FOmVyQVjue9ukjfDRe56KPzCs0uQEbd09tXKvxYs5037OUHCvs5SrEZtTcLv ytcDrBhGvq9xQPNtZQQhvDipX60aYHmaRMPJWCZ6G6R0ZYPxbRsdAj2ee4FAIGEu cZaHMHxP4LKsX5J/CPwHObi9pj+OTJFn -----END CERTIFICATE-----Generated at Tue Apr 29 00:33:18 2025 by rpki-client