$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: TS5AOSnUgWVmjAYgHL+AockSgFKSW3/CcUf3WRrxw8I= Subject key identifier: FD:5F:BF:46:DB:71:4D:CF:E3:B9:5B:5B:C0:94:F8:B9:8A:DE:AE:BD Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0D97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0D5D Signing time: Thu 24 Apr 2025 17:59:27 +0000 Manifest this update: Thu 24 Apr 2025 17:59:27 +0000 Manifest next update: Thu 01 May 2025 17:59:27 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: J4LlZJeNLv2QVRcPWjsoDhKP5T1Fhj/rGD0BLQeI9yk=) 2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=) 3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:59:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3479 (0xd97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: Apr 24 17:59:27 2025 GMT Not After : May 1 17:59:27 2025 GMT Subject: CN=680a7bff-e9c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:9f:e2:f0:32:1b:3e:0b:7e:ce:ab:f0:22:55: cf:3a:2b:96:03:52:3d:d6:13:7b:1a:f1:9d:2b:50: f8:89:5c:52:72:f4:94:91:9b:3d:9e:37:6b:aa:23: b9:5b:64:20:52:4b:af:97:e9:5f:b9:c0:ca:58:92: c2:81:18:84:b9:07:21:70:22:e5:b0:73:f8:56:f9: 5a:c7:1a:33:5f:38:ae:09:e7:b7:df:98:cd:5f:23: 61:02:45:67:47:78:13:5b:0a:08:46:a1:30:2a:5e: 3d:01:66:e2:5f:1d:d2:22:13:73:d0:a1:9b:9d:30: a3:2a:cc:55:a9:c3:bf:bd:8b:0d:21:ec:fe:d6:48: 1c:60:c9:34:26:74:c9:5a:7f:9a:f4:aa:43:7f:3e: e1:52:48:fb:2f:aa:7e:61:74:3d:24:25:7f:7c:32: 5f:ed:2f:9b:4f:fe:a1:0e:c6:2e:12:e0:8a:55:3d: 1b:47:3e:12:b3:db:a8:ec:62:3a:46:13:bf:b7:80: 43:5a:ec:0c:0f:e6:9c:65:1c:e9:28:86:ed:24:8f: 30:87:e7:ce:4e:29:b0:99:95:0d:1b:ac:5c:35:93: db:d7:53:b2:7b:d7:4d:4e:3e:07:a3:d6:3b:97:81: 36:fc:fc:13:7c:4c:40:7c:4a:80:62:84:4a:4c:a8: 6b:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:5F:BF:46:DB:71:4D:CF:E3:B9:5B:5B:C0:94:F8:B9:8A:DE:AE:BD X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:4c:7f:db:f5:7f:0c:bb:e7:a9:8c:bf:89:35:9a:98:8f:17: b5:be:fc:4f:51:b9:2f:1b:86:ca:8f:a9:17:c1:91:5b:45:d5: f3:63:76:cb:f8:2f:0c:4c:c0:f4:e9:bd:fd:4b:2d:c5:70:2a: 06:4a:e6:16:8d:93:3f:c0:56:38:c3:75:b4:fc:51:4d:a7:ff: 76:8e:76:b5:98:13:3e:88:33:a5:36:d2:ca:e3:88:59:e1:aa: 3b:9f:c7:88:3e:22:95:a2:ea:e7:fd:83:8b:d3:f4:40:fc:f0: fa:70:39:0d:67:76:92:7f:63:ed:50:48:e5:bf:21:9d:54:9a: f8:33:18:67:03:df:eb:5a:62:f1:22:7f:e1:bd:d5:88:e2:81: 57:43:33:4a:a3:bf:be:50:23:80:f0:4a:d8:7b:7b:ad:3f:38: fa:1a:53:4d:21:28:0f:f9:da:2d:66:dd:1d:ba:9a:ae:54:82: f7:60:39:1b:53:d3:56:a5:4e:26:92:d2:99:6e:1a:c2:90:02: cd:1d:2f:c2:47:33:79:a2:79:e6:7c:a1:49:b4:28:9d:63:6f: 46:ef:ce:7c:3d:ec:8c:9a:ec:6f:3a:4e:66:27:c8:5e:29:85: 35:15:27:ad:f2:86:06:0a:1a:2e:e9:72:0d:f5:46:69:63:69: 9b:cb:b8:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUwNDI0MTc1OTI3WhcNMjUwNTAxMTc1OTI3WjAYMRYwFAYD VQQDEw02ODBhN2JmZi1lOWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJ/i8DIbPgt+zqvwIlXPOiuWA1I91hN7GvGdK1D4iVxScvSUkZs9njdrqiO5 W2QgUkuvl+lfucDKWJLCgRiEuQchcCLlsHP4VvlaxxozXziuCee335jNXyNhAkVn R3gTWwoIRqEwKl49AWbiXx3SIhNz0KGbnTCjKsxVqcO/vYsNIez+1kgcYMk0JnTJ Wn+a9KpDfz7hUkj7L6p+YXQ9JCV/fDJf7S+bT/6hDsYuEuCKVT0bRz4Ss9uo7GI6 RhO/t4BDWuwMD+acZRzpKIbtJI8wh+fOTimwmZUNG6xcNZPb11Oye9dNTj4Ho9Y7 l4E2/PwTfExAfEqAYoRKTKhrKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP1fv0bb cU3P47lbW8CU+LmK3q69MB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6TH/b9X8Mu+epjL+JNZqYjxe1vvxPUbkvG4bKj6kXwZFbRdXzY3bL +C8MTMD06b39Sy3FcCoGSuYWjZM/wFY4w3W0/FFNp/92jna1mBM+iDOlNtLK44hZ 4ao7n8eIPiKVourn/YOL0/RA/PD6cDkNZ3aSf2PtUEjlvyGdVJr4MxhnA9/rWmLx In/hvdWI4oFXQzNKo7++UCOA8ErYe3utPzj6GlNNISgP+dotZt0dupquVIL3YDkb U9NWpU4mktKZbhrCkALNHS/CRzN5onnmfKFJtCidY29G7858PeyMmuxvOk5mJ8he KYU1FSet8oYGChou6XIN9UZpY2mby7gm -----END CERTIFICATE-----Generated at Sat Apr 26 17:02:10 2025 by rpki-client