$ rpki-client -vvf rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft File: I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft (raw, json) Hash identifier: kyqOsAYeXkAl3Qn022HEG7051PyL80+SjflSPAnrrrg= Subject key identifier: 71:21:89:E0:B4:51:D4:B6:D8:12:9A:3B:30:02:C7:B7:FF:25:8D:34 Authority key identifier: 23:ED:EB:74:FD:23:40:E4:7F:01:BC:8B:F7:84:3B:76:91:DC:06:15 Certificate issuer: /CN=A91E22E5/serialNumber=23EDEB74FD2340E47F01BC8BF7843B7691DC0615 Certificate serial: 0207 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-3rdP0jQOR_AbyL94Q7dpHcBhU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft Manifest number: 0204 Signing time: Fri 25 Apr 2025 01:47:34 +0000 Manifest this update: Fri 25 Apr 2025 01:47:34 +0000 Manifest next update: Fri 02 May 2025 01:47:34 +0000 Files and hashes: 1: I-3rdP0jQOR_AbyL94Q7dpHcBhU.crl (hash: psqmN2MCpFQpXsyH3+mrwDgLLfsvHeJycfh8kRGlaic=) 2: 623705DA339111ED9249064BC4F9AE02.roa (hash: oE8Ftzk8b1pgimy4jf77z4BKi4j6G1jlmkYSbgOmtg8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.crl rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-3rdP0jQOR_AbyL94Q7dpHcBhU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:47:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 519 (0x207) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E22E5, serialNumber=23EDEB74FD2340E47F01BC8BF7843B7691DC0615 Validity Not Before: Apr 25 01:47:34 2025 GMT Not After : May 2 01:47:34 2025 GMT Subject: CN=680ae9b6-a66e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b5:70:8d:ec:54:de:9e:99:47:b1:e7:52:6e: 0f:5d:64:77:e0:64:35:70:8c:24:c0:d3:24:8c:f2: 64:8d:3c:d2:3e:40:2d:42:bd:98:e4:9d:1e:12:bb: 7b:fa:c4:db:cc:63:41:d0:37:75:da:ba:2f:fb:fc: 87:de:9f:03:a8:ed:ee:0e:27:13:14:36:b4:cb:0d: 5b:9f:a9:72:54:5c:fe:ab:ae:c2:5a:c6:72:a3:f6: 69:9d:60:4a:cd:6a:b3:25:c9:d1:29:3e:48:ac:d2: 6f:c1:14:6a:5f:d0:aa:ad:5b:c5:89:5e:0f:60:14: 6d:6e:cd:f2:57:1c:37:9c:18:d2:aa:78:af:10:bb: 03:8d:f6:55:ed:5b:2f:67:9b:58:39:0d:e3:eb:56: 78:c1:8c:5b:69:16:7e:c0:98:85:6f:b2:c2:ae:01: 1f:3a:24:42:b6:8b:fb:e8:79:c8:7c:18:5c:ba:4b: 9f:9c:9d:08:7d:a3:88:3c:2e:d8:0e:82:06:6f:8e: 57:76:89:83:65:72:f9:e2:26:04:61:15:77:ef:6f: a9:d3:77:9c:bb:53:56:de:74:bf:f5:c8:e2:40:cb: 31:9a:b6:24:ec:1f:db:08:89:8f:2a:84:63:87:83: be:37:d7:a0:f4:d2:50:9d:d0:9f:a3:ac:38:82:ee: 83:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:21:89:E0:B4:51:D4:B6:D8:12:9A:3B:30:02:C7:B7:FF:25:8D:34 X509v3 Authority Key Identifier: keyid:23:ED:EB:74:FD:23:40:E4:7F:01:BC:8B:F7:84:3B:76:91:DC:06:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-3rdP0jQOR_AbyL94Q7dpHcBhU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:4d:58:2f:f6:1b:7c:84:d7:b4:54:f0:55:8d:91:f0:6a:e3: b6:ce:81:e9:b8:32:23:9d:d6:a1:ee:38:2e:51:39:25:f2:8f: 2e:78:87:4d:07:cc:c9:0f:86:ed:bb:27:eb:15:bd:67:69:2b: 36:e1:23:ce:94:68:38:b8:b6:15:97:c4:12:88:48:7d:ff:43: c0:90:2f:f3:dd:bb:8b:e5:58:e3:bb:7c:9a:46:a6:10:fe:38: 8e:b8:24:a4:0f:6c:11:23:7c:e8:ca:e6:5f:70:15:67:51:8c: 6d:fc:ec:4c:7f:9d:ac:62:48:29:9b:ed:20:e2:2d:59:96:4c: 99:aa:fb:2b:b5:69:7f:f6:c9:c3:31:2d:22:6e:04:53:61:66: 86:f5:95:6e:ad:f6:cf:f7:9c:93:d9:7e:eb:3f:b0:eb:11:df: c8:f4:20:a4:4d:6d:a4:a6:af:f5:70:d4:f6:ed:9f:09:de:3b: 70:1e:56:a5:43:fa:b9:cb:60:e3:81:49:ba:0d:a3:d3:56:61: 8f:65:3a:0c:ca:46:1f:aa:cf:55:9d:83:2d:2f:dc:33:28:17: 3d:50:16:c8:6a:ad:f9:0d:a9:ff:d5:32:3d:99:08:65:5e:13: 9c:aa:0a:d4:98:d9:c7:70:1f:ff:80:6e:05:3b:5e:42:77:8c: 9a:64:f6:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTIyRTUxMTAvBgNVBAUTKDIzRURFQjc0RkQyMzQwRTQ3RjAxQkM4QkY3ODQzQjc2 OTFEQzA2MTUwHhcNMjUwNDI1MDE0NzM0WhcNMjUwNTAyMDE0NzM0WjAYMRYwFAYD VQQDEw02ODBhZTliNi1hNjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvbVwjexU3p6ZR7HnUm4PXWR34GQ1cIwkwNMkjPJkjTzSPkAtQr2Y5J0eErt7 +sTbzGNB0Dd12rov+/yH3p8DqO3uDicTFDa0yw1bn6lyVFz+q67CWsZyo/ZpnWBK zWqzJcnRKT5IrNJvwRRqX9CqrVvFiV4PYBRtbs3yVxw3nBjSqnivELsDjfZV7Vsv Z5tYOQ3j61Z4wYxbaRZ+wJiFb7LCrgEfOiRCtov76HnIfBhcukufnJ0IfaOIPC7Y DoIGb45XdomDZXL54iYEYRV372+p03ecu1NW3nS/9cjiQMsxmrYk7B/bCImPKoRj h4O+N9eg9NJQndCfo6w4gu6DowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHEhieC0 UdS22BKaOzACx7f/JY00MB8GA1UdIwQYMBaAFCPt63T9I0DkfwG8i/eEO3aR3AYV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjJFNS9GNUUzNEU2NDMz OEQxMUVEOTdFM0UyNUZDNEY5QUUwMi9JLTNyZFAwalFPUl9BYnlMOTRRN2RwSGNC aFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ktM3JkUDBqUU9SX0FieUw5NFE3ZHBIY0JoVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjJFNS9GNUUzNEU2NDMzOEQxMUVEOTdFM0UyNUZDNEY5QUUwMi9JLTNyZFAwalFP Ul9BYnlMOTRRN2RwSGNCaFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvTVgv9ht8hNe0VPBVjZHwauO2zoHpuDIjndah7jguUTkl8o8ueIdN B8zJD4btuyfrFb1naSs24SPOlGg4uLYVl8QSiEh9/0PAkC/z3buL5Vjju3yaRqYQ /jiOuCSkD2wRI3zoyuZfcBVnUYxt/OxMf52sYkgpm+0g4i1ZlkyZqvsrtWl/9snD MS0ibgRTYWaG9ZVurfbP95yT2X7rP7DrEd/I9CCkTW2kpq/1cNT27Z8J3jtwHlal Q/q5y2DjgUm6DaPTVmGPZToMykYfqs9VnYMtL9wzKBc9UBbIaq35Dan/1TI9mQhl XhOcqgrUmNnHcB//gG4FO15Cd4yaZPZh -----END CERTIFICATE-----Generated at Sat Apr 26 04:51:22 2025 by rpki-client