$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: w1HrFyZV4mYkuh8pPMgf1OGsenXk9yUZ+TOYlWuvAS0= Subject key identifier: 8E:06:AF:9A:78:23:83:BF:4B:61:F0:28:61:9B:90:72:C2:D5:CC:6F Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 0945 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 093F Signing time: Thu 24 Apr 2025 20:07:41 +0000 Manifest this update: Thu 24 Apr 2025 20:07:40 +0000 Manifest next update: Thu 01 May 2025 20:07:40 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: 8JGvxVHxWFPMtqq29CfuBlR9qegWubzy7OGungGkntU=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: S4ZaaJwKZSnUQdUJjzEBewIqlA4hqhU0xKL1nfod00M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:07:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2373 (0x945) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: Apr 24 20:07:40 2025 GMT Not After : May 1 20:07:40 2025 GMT Subject: CN=680a9a0d-ffe8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:89:fc:26:1d:2c:e3:30:d8:2e:6c:45:dd:f4: cb:3c:48:c4:5a:d5:f4:f7:95:03:0b:0f:6f:e5:21: b7:bf:c7:af:da:90:1f:39:3f:27:ae:b9:8c:01:ec: 9c:b6:d1:a4:0c:b4:fd:e2:5e:89:4c:03:3a:1b:09: 70:6d:c1:d4:3e:3a:63:37:56:2b:52:cb:a9:c9:d0: 4e:38:4c:9b:84:05:0c:09:0f:a5:54:38:a0:29:22: 71:34:a4:4a:0f:02:f3:03:6b:25:ef:2d:39:62:b9: d3:3b:84:2f:f1:0a:71:75:38:59:1a:b5:99:41:c0: 60:b2:81:bf:8f:92:62:f5:df:03:c0:64:61:7b:d5: 62:f2:f0:47:b7:35:39:5e:a6:72:94:f9:6e:71:67: 4c:57:43:cb:d5:48:45:95:47:89:1c:01:7e:68:d6: 77:69:d5:ea:ab:4b:40:e5:e5:03:96:dd:c9:1d:8b: d4:1d:2b:6e:b6:c4:85:71:4f:7a:c0:71:8c:cf:4f: ea:22:6c:20:08:58:e4:ce:63:f4:2f:a6:69:6f:9e: 54:67:91:e3:ac:02:57:87:a8:b8:af:eb:9a:7b:8b: e2:eb:26:51:f3:ef:7a:83:93:82:41:8f:0c:a2:db: 2e:ac:56:c1:e1:76:f4:3f:55:41:38:10:f7:40:38: d3:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:06:AF:9A:78:23:83:BF:4B:61:F0:28:61:9B:90:72:C2:D5:CC:6F X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:47:6f:8d:d9:35:47:ac:f2:ee:78:db:4e:c7:0d:8a:a3:05: 5c:4d:ef:0a:28:3b:7d:4d:02:d9:57:56:4a:d6:f7:05:bc:9d: c3:69:97:3f:a6:16:9e:17:fd:02:79:0f:31:38:97:28:e6:09: 57:62:c8:6d:91:fe:1b:0e:1a:71:f4:8b:91:a5:bb:c1:3c:05: e6:7d:d1:f0:93:bb:86:7b:2a:10:9a:81:3b:f4:30:67:c3:48: 1f:be:8e:90:cd:e5:a3:db:d8:43:df:b5:f4:91:5f:ad:8e:ce: c5:b4:27:2f:89:12:fb:d0:06:29:7e:63:1f:e3:58:99:5b:dd: 0b:13:e2:5f:bd:13:15:b7:18:91:d2:9d:b3:88:fc:44:07:c3: 32:17:64:19:7b:0e:79:47:2d:66:75:dd:19:77:a2:6b:c4:fa: 48:a5:8f:de:37:f1:52:5d:e9:bc:50:05:cb:71:d2:d7:8e:db: 9d:d4:26:56:f4:89:5c:c2:d8:ea:88:ce:96:b5:fe:9c:48:0f: d7:7e:b3:a6:13:d6:2d:10:e0:52:0e:14:32:65:57:c4:51:00: 18:fb:bc:1f:bc:56:8f:e0:2c:91:92:ad:99:39:3d:2d:42:74: 78:cb:33:2d:2c:f0:aa:3f:27:9a:5e:1a:29:19:d4:59:8e:b4: e3:85:4e:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUwNDI0MjAwNzQwWhcNMjUwNTAxMjAwNzQwWjAYMRYwFAYD VQQDEw02ODBhOWEwZC1mZmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy4n8Jh0s4zDYLmxF3fTLPEjEWtX095UDCw9v5SG3v8ev2pAfOT8nrrmMAeyc ttGkDLT94l6JTAM6GwlwbcHUPjpjN1YrUsupydBOOEybhAUMCQ+lVDigKSJxNKRK DwLzA2sl7y05YrnTO4Qv8QpxdThZGrWZQcBgsoG/j5Ji9d8DwGRhe9Vi8vBHtzU5 XqZylPlucWdMV0PL1UhFlUeJHAF+aNZ3adXqq0tA5eUDlt3JHYvUHStutsSFcU96 wHGMz0/qImwgCFjkzmP0L6Zpb55UZ5HjrAJXh6i4r+uae4vi6yZR8+96g5OCQY8M otsurFbB4Xb0P1VBOBD3QDjTawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI4Gr5p4 I4O/S2HwKGGbkHLC1cxvMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOR2+N2TVHrPLueNtOxw2KowVcTe8KKDt9TQLZV1ZK1vcFvJ3DaZc/ phaeF/0CeQ8xOJco5glXYshtkf4bDhpx9IuRpbvBPAXmfdHwk7uGeyoQmoE79DBn w0gfvo6QzeWj29hD37X0kV+tjs7FtCcviRL70AYpfmMf41iZW90LE+JfvRMVtxiR 0p2ziPxEB8MyF2QZew55Ry1mdd0Zd6JrxPpIpY/eN/FSXem8UAXLcdLXjtud1CZW 9IlcwtjqiM6Wtf6cSA/XfrOmE9YtEOBSDhQyZVfEUQAY+7wfvFaP4CyRkq2ZOT0t QnR4yzMtLPCqPyeaXhopGdRZjrTjhU60 -----END CERTIFICATE-----Generated at Sat Apr 26 12:58:47 2025 by rpki-client