$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4D54/D2877DB6E9EB11EFA4542B18C4F9AE02/r3YSV94snaXzPnHGQZ4meoYt-2I.mft File: r3YSV94snaXzPnHGQZ4meoYt-2I.mft (raw, json) Hash identifier: wWEp5us9rDf5UFg17s9wTzATJDoVjOPG9KvCbidFCNk= Subject key identifier: BD:73:90:F0:80:B4:86:83:9A:1E:9F:D4:FE:91:BA:8D:34:93:D4:70 Authority key identifier: AF:76:12:57:DE:2C:9D:A5:F3:3E:71:C6:41:9E:26:7A:86:2D:FB:62 Certificate issuer: /CN=A91F4D54/serialNumber=AF761257DE2C9DA5F33E71C6419E267A862DFB62 Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3YSV94snaXzPnHGQZ4meoYt-2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F4D54/D2877DB6E9EB11EFA4542B18C4F9AE02/r3YSV94snaXzPnHGQZ4meoYt-2I.mft Manifest number: 28 Signing time: Fri 25 Apr 2025 06:45:44 +0000 Manifest this update: Fri 25 Apr 2025 06:45:44 +0000 Manifest next update: Fri 02 May 2025 06:45:44 +0000 Files and hashes: 1: r3YSV94snaXzPnHGQZ4meoYt-2I.crl (hash: K8e8FU/xO3J8/248OfixrUOFqTpgJlrnrKHHD1jRSWE=) 2: 61AAFCCAE9EC11EFB6D6D21BC4F9AE02.roa (hash: EzMoudDWuTdlnNruCHKgAEy3hjxWEtpDs8wnwjR1b6o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F4D54/D2877DB6E9EB11EFA4542B18C4F9AE02/r3YSV94snaXzPnHGQZ4meoYt-2I.crl rsync://rpki.apnic.net/member_repository/A91F4D54/D2877DB6E9EB11EFA4542B18C4F9AE02/r3YSV94snaXzPnHGQZ4meoYt-2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3YSV94snaXzPnHGQZ4meoYt-2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:45:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F4D54, serialNumber=AF761257DE2C9DA5F33E71C6419E267A862DFB62 Validity Not Before: Apr 25 06:45:44 2025 GMT Not After : May 2 06:45:44 2025 GMT Subject: CN=680b2f98-dc8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6a:ce:58:37:3c:b2:5f:ea:ed:a8:62:4c:8d: df:a5:f1:1f:f5:f4:a0:24:97:35:7a:5a:1a:3f:40: a9:f8:58:e7:09:49:f6:e1:dd:d8:98:5f:9c:3d:27: a5:77:ad:5d:3f:8c:09:38:b7:7f:d0:b9:82:6d:53: 51:db:6c:ff:a3:90:d9:a1:cc:75:38:62:b1:77:25: e0:bb:db:2f:9f:7b:f6:9a:c0:17:12:4d:6c:44:63: 7b:7d:ac:ec:63:4d:90:f0:74:5b:57:9d:32:a0:8c: 31:25:a5:34:d4:72:3b:21:c5:f1:b4:a4:36:11:d4: 24:1b:f9:8d:ff:65:e2:60:bc:bc:d7:35:5f:06:fd: 01:bc:e0:a8:86:ed:c3:19:1c:69:aa:05:24:93:f3: 9f:a1:be:a8:b0:fe:b4:7c:03:c5:fe:42:de:51:54: a7:00:18:ee:da:b3:00:20:57:45:63:73:15:0f:ce: 56:4a:ad:6f:2b:fd:d8:ed:dd:9d:5b:fb:54:af:f1: 7d:b7:48:a2:1e:48:d1:4e:93:a5:93:9b:c5:2e:e0: 08:68:8e:cf:78:58:18:3c:a0:ae:9a:fd:4a:cf:65: 6b:35:06:81:00:04:58:7c:8e:fc:41:d1:b5:1a:3e: dd:52:43:ea:d3:3e:5f:ac:e1:2a:48:37:f1:14:59: 85:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:73:90:F0:80:B4:86:83:9A:1E:9F:D4:FE:91:BA:8D:34:93:D4:70 X509v3 Authority Key Identifier: keyid:AF:76:12:57:DE:2C:9D:A5:F3:3E:71:C6:41:9E:26:7A:86:2D:FB:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F4D54/D2877DB6E9EB11EFA4542B18C4F9AE02/r3YSV94snaXzPnHGQZ4meoYt-2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3YSV94snaXzPnHGQZ4meoYt-2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4D54/D2877DB6E9EB11EFA4542B18C4F9AE02/r3YSV94snaXzPnHGQZ4meoYt-2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:34:7c:76:30:14:75:76:a4:c7:0d:c8:d3:16:e6:f3:ef:e7: ec:21:00:de:26:e9:b0:5a:e3:a4:c8:df:54:0b:95:d2:88:fa: 8e:26:ce:e8:42:61:24:b0:a8:32:6d:9b:6a:ac:c1:0a:5e:a9: 7b:22:cf:d9:fd:63:7f:59:f3:55:de:cc:3e:d0:54:3b:45:ad: 46:c0:b2:16:2a:d5:67:65:48:31:2a:14:6c:df:c7:ed:d0:7c: d0:40:fb:29:cb:3d:fc:10:7d:0b:8d:84:9f:50:e5:0f:0f:00: f1:8f:73:25:87:71:9a:3e:9e:e2:1b:44:10:fe:6b:05:bd:b8: db:d5:72:92:ce:f7:f0:ae:4f:46:c1:d5:4b:c3:e4:2e:01:bd: 08:4e:4f:3b:ed:97:31:cc:26:32:9f:0f:4a:cc:87:a0:fb:78: bb:25:29:7a:e2:f1:e9:7d:08:fa:97:5f:59:2e:1a:84:49:c4: b0:98:6f:e5:f1:fe:70:60:9d:62:75:9c:56:13:22:32:46:b5: d2:56:a2:22:7a:be:49:36:db:07:dc:6a:1c:85:a2:ac:87:47: b4:01:5e:5d:90:f8:7e:d4:8b:f9:9d:7a:7c:cb:b8:85:05:bd: 67:10:41:06:19:8a:8c:63:7b:fa:a4:83:47:71:af:8e:96:44: 98:89:db:94 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG NEQ1NDExMC8GA1UEBRMoQUY3NjEyNTdERTJDOURBNUYzM0U3MUM2NDE5RTI2N0E4 NjJERkI2MjAeFw0yNTA0MjUwNjQ1NDRaFw0yNTA1MDIwNjQ1NDRaMBgxFjAUBgNV BAMTDTY4MGIyZjk4LWRjOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCdas5YNzyyX+rtqGJMjd+l8R/19KAklzV6Who/QKn4WOcJSfbh3diYX5w9J6V3 rV0/jAk4t3/QuYJtU1HbbP+jkNmhzHU4YrF3JeC72y+fe/aawBcSTWxEY3t9rOxj TZDwdFtXnTKgjDElpTTUcjshxfG0pDYR1CQb+Y3/ZeJgvLzXNV8G/QG84KiG7cMZ HGmqBSST85+hvqiw/rR8A8X+Qt5RVKcAGO7aswAgV0VjcxUPzlZKrW8r/djt3Z1b +1Sv8X23SKIeSNFOk6WTm8Uu4Ahojs94WBg8oK6a/UrPZWs1BoEABFh8jvxB0bUa Pt1SQ+rTPl+s4SpIN/EUWYXtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvXOQ8IC0 hoOaHp/U/pG6jTST1HAwHwYDVR0jBBgwFoAUr3YSV94snaXzPnHGQZ4meoYt+2Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0RDU0L0QyODc3REI2RTlF QjExRUZBNDU0MkIxOEM0RjlBRTAyL3IzWVNWOTRzbmFYelBuSEdRWjRtZW9ZdC0y SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcjNZU1Y5NHNuYVh6UG5IR1FaNG1lb1l0LTJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0 RDU0L0QyODc3REI2RTlFQjExRUZBNDU0MkIxOEM0RjlBRTAyL3IzWVNWOTRzbmFY elBuSEdRWjRtZW9ZdC0ySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF40fHYwFHV2pMcNyNMW5vPv5+whAN4m6bBa46TI31QLldKI+o4mzuhC YSSwqDJtm2qswQpeqXsiz9n9Y39Z81XezD7QVDtFrUbAshYq1WdlSDEqFGzfx+3Q fNBA+ynLPfwQfQuNhJ9Q5Q8PAPGPcyWHcZo+nuIbRBD+awW9uNvVcpLO9/CuT0bB 1UvD5C4BvQhOTzvtlzHMJjKfD0rMh6D7eLslKXri8el9CPqXX1kuGoRJxLCYb+Xx /nBgnWJ1nFYTIjJGtdJWoiJ6vkk22wfcahyFoqyHR7QBXl2Q+H7Ui/mdenzLuIUF vWcQQQYZioxje/qkg0dxr46WRJiJ25Q= -----END CERTIFICATE-----Generated at Sat Apr 26 15:01:16 2025 by rpki-client