$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft File: 3rTAuQf6yhxdN3a9SUb0uqjKazA.mft (raw, json) Hash identifier: 3GFVARewO+oy+zowXtdeBJPEU8X0+FcP+Ql5evkYdis= Subject key identifier: 64:35:F1:1D:CC:D9:B7:6F:0F:57:4A:F9:27:9A:12:6D:77:E9:D1:3C Authority key identifier: DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 Certificate issuer: /CN=A91F3B5F/serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Certificate serial: 0D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft Manifest number: 0C Signing time: Fri 25 Apr 2025 07:06:33 +0000 Manifest this update: Fri 25 Apr 2025 07:06:32 +0000 Manifest next update: Fri 02 May 2025 07:06:32 +0000 Files and hashes: 1: 3rTAuQf6yhxdN3a9SUb0uqjKazA.crl (hash: lfdYKVZAeEoyQ0dZdsOIzI2MxPk6i29gVkxKCSrznIE=) 2: 0B65C980136D11F09F542C81C4F9AE02.roa (hash: VBqh2E7rkd2+euZfBVuvn8Wuy6ZridPl7cQmEbFqT/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:06:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B5F, serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Validity Not Before: Apr 25 07:06:32 2025 GMT Not After : May 2 07:06:32 2025 GMT Subject: CN=680b3479-fcf3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:48:e9:13:71:4a:61:c4:5c:0c:19:b0:4b:70: 32:56:1f:cd:5c:75:7e:83:a4:32:a8:6e:8a:4b:d3: 70:c1:df:a8:33:4a:a7:81:83:e3:4b:06:58:61:e6: 2d:4a:6f:b7:05:c7:78:f8:f1:07:9c:8d:c0:04:a1: ec:0a:e5:20:40:70:7a:6e:71:89:49:5b:d7:35:be: 57:85:c0:a7:e2:85:a5:9a:67:3b:49:73:e1:b5:a5: fe:a7:21:b8:8d:1d:20:03:71:05:68:11:96:9b:e7: 96:8c:1f:15:b9:59:26:35:f7:65:fd:19:d6:6c:6c: 6a:a4:f6:ea:18:bc:86:1e:28:d4:c7:03:87:73:db: 59:03:5f:cd:0a:11:b4:9c:f1:ed:d9:8d:83:1b:87: d6:0d:a0:5f:86:23:0e:a9:92:b2:50:df:a6:9a:3b: d8:0c:51:a3:e0:18:79:6e:c4:d1:9d:49:e8:70:dc: 30:71:6d:41:55:f6:fe:e2:61:60:22:0d:35:43:91: cf:45:e8:a0:ae:2b:31:70:f6:68:fe:68:2e:09:50: a3:ca:b3:12:86:f6:75:8d:cf:1f:2d:aa:41:89:34: 06:f1:89:dc:86:40:d1:99:6f:f8:e2:c1:ef:f8:31: 8d:b6:b8:cf:2c:c1:32:ac:63:e0:0d:2a:78:14:11: e5:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:35:F1:1D:CC:D9:B7:6F:0F:57:4A:F9:27:9A:12:6D:77:E9:D1:3C X509v3 Authority Key Identifier: keyid:DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:f9:63:c1:fe:20:0f:8a:95:27:aa:a4:dd:c8:0f:14:64:c5: 94:ab:5e:f7:2f:ea:43:ed:06:a3:cf:45:33:ef:d7:65:78:51: 10:00:89:92:83:6d:52:98:50:76:e7:e3:9d:bc:77:b1:0d:a4: 13:c7:dc:40:a4:af:0d:f4:cd:88:a4:68:a5:31:65:95:cc:9f: d9:54:14:fb:12:c7:5c:c0:dc:48:02:46:9a:73:e9:bb:1f:4c: fd:58:05:b1:03:fd:d4:aa:15:fa:56:e1:54:70:72:69:d1:3e: 86:b7:e8:33:c4:39:9f:63:f4:f6:ce:f4:d0:8b:5b:25:c9:42: 9b:e8:a9:06:8d:aa:d1:4f:e3:97:84:b1:75:72:9e:6f:63:07: fd:1a:cd:80:5f:3d:4e:33:ca:99:37:a2:ef:f5:e9:b8:fa:b0: e3:06:fe:c9:17:d8:a7:3f:12:e2:78:3d:35:9b:20:44:ba:fa: 49:3f:d7:93:96:e8:08:1b:26:a1:14:12:09:b6:d6:64:2a:3a: f9:63:99:1c:3a:70:70:d6:4b:cb:62:23:e1:0d:70:94:8c:d7: 28:58:0a:44:23:b2:f7:f9:6a:3b:69:79:75:69:b3:6f:4c:14: 82:c5:aa:e1:75:4a:b1:80:50:08:98:72:bb:61:ab:be:0a:58: 22:02:d7:32 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG M0I1RjExMC8GA1UEBRMoREVCNEMwQjkwN0ZBQ0ExQzVEMzc3NkJENDk0NkY0QkFB OENBNkIzMDAeFw0yNTA0MjUwNzA2MzJaFw0yNTA1MDIwNzA2MzJaMBgxFjAUBgNV BAMTDTY4MGIzNDc5LWZjZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD1SOkTcUphxFwMGbBLcDJWH81cdX6DpDKobopL03DB36gzSqeBg+NLBlhh5i1K b7cFx3j48QecjcAEoewK5SBAcHpucYlJW9c1vleFwKfihaWaZztJc+G1pf6nIbiN HSADcQVoEZab55aMHxW5WSY192X9GdZsbGqk9uoYvIYeKNTHA4dz21kDX80KEbSc 8e3ZjYMbh9YNoF+GIw6pkrJQ36aaO9gMUaPgGHluxNGdSehw3DBxbUFV9v7iYWAi DTVDkc9F6KCuKzFw9mj+aC4JUKPKsxKG9nWNzx8tqkGJNAbxidyGQNGZb/jiwe/4 MY22uM8swTKsY+ANKngUEeUPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZDXxHczZ t28PV0r5J5oSbXfp0TwwHwYDVR0jBBgwFoAU3rTAuQf6yhxdN3a9SUb0uqjKazAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQjVGL0IxNzBDOTEyMTM2 NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4ZE4zYTlTVWIwdXFqS2F6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM3JUQXVRZjZ5aHhkTjNhOVNVYjB1cWpLYXpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYz QjVGL0IxNzBDOTEyMTM2NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4 ZE4zYTlTVWIwdXFqS2F6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACX5Y8H+IA+KlSeqpN3IDxRkxZSrXvcv6kPtBqPPRTPv12V4URAAiZKD bVKYUHbn4528d7ENpBPH3ECkrw30zYikaKUxZZXMn9lUFPsSx1zA3EgCRppz6bsf TP1YBbED/dSqFfpW4VRwcmnRPoa36DPEOZ9j9PbO9NCLWyXJQpvoqQaNqtFP45eE sXVynm9jB/0azYBfPU4zypk3ou/16bj6sOMG/skX2Kc/EuJ4PTWbIES6+kk/15OW 6AgbJqEUEgm21mQqOvljmRw6cHDWS8tiI+ENcJSM1yhYCkQjsvf5ajtpeXVps29M FILFquF1SrGAUAiYcrthq74KWCIC1zI= -----END CERTIFICATE-----Generated at Sat Apr 26 13:57:52 2025 by rpki-client