$ rpki-client -vvf rpki.apnic.net/member_repository/A91D76BE/44C29E0E6B7711EA86594476C4F9AE02/3RGLuzSfLJtA3Zu3GlthxkvbPhE.mft File: 3RGLuzSfLJtA3Zu3GlthxkvbPhE.mft (raw, json) Hash identifier: zyzVKYcTWMyqjCK5AYU97Q59Le3ZHKch08Q2BqdyALw= Subject key identifier: 02:B8:0E:8C:DF:A2:69:52:EC:D2:FE:C7:72:D2:70:ED:B9:17:99:B9 Authority key identifier: DD:11:8B:BB:34:9F:2C:9B:40:DD:9B:B7:1A:5B:61:C6:4B:DB:3E:11 Certificate issuer: /CN=A91D76BE/serialNumber=DD118BBB349F2C9B40DD9BB71A5B61C64BDB3E11 Certificate serial: 0A2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3RGLuzSfLJtA3Zu3GlthxkvbPhE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D76BE/44C29E0E6B7711EA86594476C4F9AE02/3RGLuzSfLJtA3Zu3GlthxkvbPhE.mft Manifest number: 0A24 Signing time: Thu 24 Apr 2025 19:41:02 +0000 Manifest this update: Thu 24 Apr 2025 19:41:01 +0000 Manifest next update: Thu 01 May 2025 19:41:01 +0000 Files and hashes: 1: 3RGLuzSfLJtA3Zu3GlthxkvbPhE.crl (hash: DZigfD15dcT1PUboGAsECaYTxlPOrRpCURMNiFOavJA=) 2: 47772F946C2011EAA5965B3CC4F9AE02.roa (hash: VtwEbio1gRB7Ch5LlsoNkh9yhOMrAAqsTjIWAhPZFj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D76BE/44C29E0E6B7711EA86594476C4F9AE02/3RGLuzSfLJtA3Zu3GlthxkvbPhE.crl rsync://rpki.apnic.net/member_repository/A91D76BE/44C29E0E6B7711EA86594476C4F9AE02/3RGLuzSfLJtA3Zu3GlthxkvbPhE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3RGLuzSfLJtA3Zu3GlthxkvbPhE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:41:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2603 (0xa2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D76BE, serialNumber=DD118BBB349F2C9B40DD9BB71A5B61C64BDB3E11 Validity Not Before: Apr 24 19:41:01 2025 GMT Not After : May 1 19:41:01 2025 GMT Subject: CN=680a93ce-6a13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9d:67:69:59:94:73:b7:2a:d5:9c:ee:6f:03: 49:4f:2b:ce:45:83:59:b6:4b:80:db:9d:5e:fc:e0: 38:5c:ef:0b:e3:d8:cd:d8:31:9d:6f:1e:32:b3:e2: 84:02:77:09:1d:b7:b4:b6:c1:ea:55:ab:21:8f:bf: 24:fe:9f:0c:7a:cf:d4:11:98:e4:72:e7:34:d2:64: 5f:f2:32:78:d8:0d:0e:ae:3d:ca:b4:0d:45:fb:6c: ab:a5:79:f6:28:63:2a:2d:7e:3d:31:95:6a:ca:93: f2:ba:0b:1b:fa:52:c4:10:8b:23:1b:3e:d9:ce:83: 71:4e:ca:2d:a0:65:80:17:08:cb:4a:46:5f:f7:e3: a3:24:3f:9f:6d:d7:7b:b4:81:93:35:c9:11:53:9c: ea:c4:a3:f0:f9:30:7c:04:6e:82:e9:6e:ca:23:72: b0:67:01:f0:fc:6f:74:0d:5f:6c:71:c1:8c:1a:f3: f1:7c:93:85:00:fd:66:06:e6:71:60:13:28:28:d0: 99:4a:43:a9:55:44:ed:36:eb:0b:d5:7c:10:20:71: c9:4a:3c:09:71:b4:01:4d:4e:38:56:a1:ec:1b:77: d8:fa:30:79:5a:d5:fd:62:7f:c0:b6:83:91:09:49: 74:c3:e8:3b:6d:9a:dc:a6:4c:26:c8:8d:8d:fc:79: 46:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:B8:0E:8C:DF:A2:69:52:EC:D2:FE:C7:72:D2:70:ED:B9:17:99:B9 X509v3 Authority Key Identifier: keyid:DD:11:8B:BB:34:9F:2C:9B:40:DD:9B:B7:1A:5B:61:C6:4B:DB:3E:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D76BE/44C29E0E6B7711EA86594476C4F9AE02/3RGLuzSfLJtA3Zu3GlthxkvbPhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3RGLuzSfLJtA3Zu3GlthxkvbPhE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D76BE/44C29E0E6B7711EA86594476C4F9AE02/3RGLuzSfLJtA3Zu3GlthxkvbPhE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:51:47:fc:d2:75:9a:0a:15:b9:dc:2c:a2:b5:48:60:f0:19: a7:19:26:83:87:c3:6a:e0:25:f4:8a:9d:53:26:ed:a6:37:a1: 62:c5:56:2a:d5:62:6d:b4:9a:08:06:ac:53:40:4f:6e:41:7c: 67:70:d3:dc:6a:45:58:48:2a:c8:15:d4:fc:73:bf:98:1c:77: f0:c5:c1:56:2c:59:b7:40:6b:39:cf:37:09:ec:d1:d1:d7:cf: 00:fe:f7:97:e0:ff:aa:d4:e0:12:d3:c0:38:52:bc:fe:55:74: 5f:25:a8:22:33:40:16:48:7e:32:01:a3:b3:a0:67:55:b4:f8: bd:a7:12:df:db:32:e7:4e:36:5e:92:d0:e6:ac:99:e7:59:03: 00:fd:66:2f:3b:66:c2:5d:e1:75:99:98:09:61:b4:e7:c0:93: c3:bc:88:9a:0d:f6:dc:da:63:d5:fe:99:a9:ae:d6:7a:3c:0d: a8:3e:0a:bf:04:a3:5b:ba:01:4b:9f:46:7b:12:ed:67:62:14: ba:19:58:d6:42:8f:8b:b7:c2:35:a6:04:eb:54:e8:6d:d2:32: 97:4a:9e:5e:17:27:eb:a3:32:0e:e0:f0:21:4a:4a:fd:d8:68: 8d:c3:72:57:b1:4a:5d:30:c3:b2:9b:4d:cd:1a:cd:51:f8:8c: 4a:60:2b:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDc2QkUxMTAvBgNVBAUTKEREMTE4QkJCMzQ5RjJDOUI0MEREOUJCNzFBNUI2MUM2 NEJEQjNFMTEwHhcNMjUwNDI0MTk0MTAxWhcNMjUwNTAxMTk0MTAxWjAYMRYwFAYD VQQDEw02ODBhOTNjZS02YTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJ1naVmUc7cq1ZzubwNJTyvORYNZtkuA251e/OA4XO8L49jN2DGdbx4ys+KE AncJHbe0tsHqVashj78k/p8Mes/UEZjkcuc00mRf8jJ42A0Orj3KtA1F+2yrpXn2 KGMqLX49MZVqypPyugsb+lLEEIsjGz7ZzoNxTsotoGWAFwjLSkZf9+OjJD+fbdd7 tIGTNckRU5zqxKPw+TB8BG6C6W7KI3KwZwHw/G90DV9sccGMGvPxfJOFAP1mBuZx YBMoKNCZSkOpVUTtNusL1XwQIHHJSjwJcbQBTU44VqHsG3fY+jB5WtX9Yn/AtoOR CUl0w+g7bZrcpkwmyI2N/HlGYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAK4Dozf omlS7NL+x3LScO25F5m5MB8GA1UdIwQYMBaAFN0Ri7s0nyybQN2btxpbYcZL2z4R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzZCRS80NEMyOUUwRTZC NzcxMUVBODY1OTQ0NzZDNEY5QUUwMi8zUkdMdXpTZkxKdEEzWnUzR2x0aHhrdmJQ aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNSR0x1elNmTEp0QTNadTNHbHRoeGt2YlBoRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NzZCRS80NEMyOUUwRTZCNzcxMUVBODY1OTQ0NzZDNEY5QUUwMi8zUkdMdXpTZkxK dEEzWnUzR2x0aHhrdmJQaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5UUf80nWaChW53CyitUhg8BmnGSaDh8Nq4CX0ip1TJu2mN6FixVYq 1WJttJoIBqxTQE9uQXxncNPcakVYSCrIFdT8c7+YHHfwxcFWLFm3QGs5zzcJ7NHR 188A/veX4P+q1OAS08A4Urz+VXRfJagiM0AWSH4yAaOzoGdVtPi9pxLf2zLnTjZe ktDmrJnnWQMA/WYvO2bCXeF1mZgJYbTnwJPDvIiaDfbc2mPV/pmprtZ6PA2oPgq/ BKNbugFLn0Z7Eu1nYhS6GVjWQo+Lt8I1pgTrVOht0jKXSp5eFyfrozIO4PAhSkr9 2GiNw3JXsUpdMMOym03NGs1R+IxKYCtb -----END CERTIFICATE-----Generated at Sat Apr 26 04:34:14 2025 by rpki-client