$ rpki-client -vvf rpki.apnic.net/member_repository/A911B11E/06AF1FB2131811ECA1734356C4F9AE02/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.mft File: _3X-k_hGLLdjrVYZkrA9Fj0W7V8.mft (raw, json) Hash identifier: /prXnfYzujSW9kl50Aou3MhpqRBUYwHcyJM1Chpo4fo= Subject key identifier: 98:9D:28:AE:D6:2C:90:DF:EA:0C:7C:86:92:B7:71:BC:9C:91:EA:B0 Authority key identifier: FF:75:FE:93:F8:46:2C:B7:63:AD:56:19:92:B0:3D:16:3D:16:ED:5F Certificate issuer: /CN=A911B11E/serialNumber=FF75FE93F8462CB763AD561992B03D163D16ED5F Certificate serial: 04DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B11E/06AF1FB2131811ECA1734356C4F9AE02/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.mft Manifest number: 04D8 Signing time: Fri 04 Apr 2025 23:52:59 +0000 Manifest this update: Fri 04 Apr 2025 23:52:59 +0000 Manifest next update: Fri 11 Apr 2025 23:52:59 +0000 Files and hashes: 1: _3X-k_hGLLdjrVYZkrA9Fj0W7V8.crl (hash: 95gMFVxNX1EtkQCLJZH0sG2zGaX4FH/9EzmsmvLVo70=) 2: 22DA1C02131B11EC83377D59C4F9AE02.roa (hash: rWRqJhH4y787QjbpEE2hN3YZgixRs8J4MQqNG/pdZs8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B11E/06AF1FB2131811ECA1734356C4F9AE02/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.crl rsync://rpki.apnic.net/member_repository/A911B11E/06AF1FB2131811ECA1734356C4F9AE02/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:52:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1245 (0x4dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B11E Validity Not Before: Apr 4 23:52:59 2025 GMT Not After : Apr 11 23:52:59 2025 GMT Subject: CN=67f070db-f7a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:40:b8:8e:21:33:1d:6a:6b:f6:85:15:cc:05: 70:53:8a:70:9f:6e:fc:63:76:95:6a:97:31:09:eb: 22:4b:05:a1:bc:ae:6e:18:66:c1:cc:d0:39:f7:bb: c3:43:d6:6e:b3:5b:52:ba:49:13:22:ed:fa:a3:1e: b7:c0:dd:a6:77:54:ce:d3:d8:b9:66:3f:e1:59:ce: f9:2d:12:21:2b:f6:04:17:a3:e5:91:cf:68:e0:df: 62:2f:bf:a7:22:1f:80:67:19:54:c2:7f:00:31:41: dd:3e:ee:04:4c:86:03:75:d2:1e:05:34:0d:99:f4: 89:c8:bd:9c:77:65:f3:93:ce:72:ff:d1:4e:35:af: e2:cf:2c:54:80:92:22:ce:e0:5a:b2:1b:76:08:5b: e8:40:42:27:ba:94:d3:6e:ef:52:32:a2:b7:89:09: a6:28:01:94:45:e5:1a:43:ea:ca:49:a8:b9:c9:2e: 61:d3:e4:b7:17:05:00:a4:2e:f4:98:e0:e7:76:a0: 03:a8:12:31:d5:27:67:a0:d4:7d:8b:5a:dc:ce:b0: cb:5a:31:54:83:26:60:54:3b:93:e9:19:b0:fd:43: db:ca:8b:5b:81:1b:0a:16:a9:68:27:b0:55:8b:86: 22:b8:f1:72:5e:a4:51:ef:07:6f:d6:1e:2c:10:bd: c1:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:9D:28:AE:D6:2C:90:DF:EA:0C:7C:86:92:B7:71:BC:9C:91:EA:B0 X509v3 Authority Key Identifier: keyid:FF:75:FE:93:F8:46:2C:B7:63:AD:56:19:92:B0:3D:16:3D:16:ED:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B11E/06AF1FB2131811ECA1734356C4F9AE02/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B11E/06AF1FB2131811ECA1734356C4F9AE02/_3X-k_hGLLdjrVYZkrA9Fj0W7V8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:be:5d:15:ed:0e:be:ef:ed:ba:99:a0:b7:f3:7a:f4:b0:af: 1b:5f:e0:50:08:69:ea:f8:68:95:b8:59:aa:48:d3:c4:a3:42: 10:d4:58:3b:49:07:d7:6a:b8:17:5e:bb:23:7b:56:0f:0d:b4: b8:2a:5e:7b:3e:1c:c6:19:26:44:ec:97:85:98:9b:2e:c8:e9: d9:ee:01:de:de:7a:39:22:f6:a4:d1:21:1e:d2:2f:0b:c1:4c: eb:b3:62:4b:ff:db:50:25:87:7a:8f:84:a7:80:07:5b:38:3e: 16:10:5e:64:02:72:f5:0f:cc:87:a8:bd:4a:91:94:25:45:09: 21:8a:9f:7c:b2:6a:a7:7f:b5:86:dc:3f:5a:2e:51:71:ec:6d: d7:9a:a0:35:24:1c:2f:62:39:95:40:d4:53:26:14:54:fc:2b: 24:28:43:70:24:4f:a1:bd:fc:f5:34:10:75:cd:1a:72:20:96: 69:77:66:39:4a:61:d2:eb:fe:68:94:d2:5a:b2:9d:39:91:62: 6e:09:14:ea:9f:2c:d7:88:61:f2:e9:1a:6a:5a:2a:24:3a:63: b7:a7:fc:c0:a7:e9:d3:cb:9d:63:45:af:b9:0f:e1:03:d7:89: 46:bf:f0:45:b9:cd:3c:ab:65:90:13:80:3c:d7:ad:4f:ae:f4: f0:b7:a8:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUIxMUUxMTAvBgNVBAUTKEZGNzVGRTkzRjg0NjJDQjc2M0FENTYxOTkyQjAzRDE2 M0QxNkVENUYwHhcNMjUwNDA0MjM1MjU5WhcNMjUwNDExMjM1MjU5WjAYMRYwFAYD VQQDEw02N2YwNzBkYi1mN2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt0C4jiEzHWpr9oUVzAVwU4pwn278Y3aVapcxCesiSwWhvK5uGGbBzNA597vD Q9Zus1tSukkTIu36ox63wN2md1TO09i5Zj/hWc75LRIhK/YEF6Plkc9o4N9iL7+n Ih+AZxlUwn8AMUHdPu4ETIYDddIeBTQNmfSJyL2cd2Xzk85y/9FONa/izyxUgJIi zuBasht2CFvoQEInupTTbu9SMqK3iQmmKAGUReUaQ+rKSai5yS5h0+S3FwUApC70 mODndqADqBIx1SdnoNR9i1rczrDLWjFUgyZgVDuT6Rmw/UPbyotbgRsKFqloJ7BV i4YiuPFyXqRR7wdv1h4sEL3BjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJidKK7W LJDf6gx8hpK3cbyckeqwMB8GA1UdIwQYMBaAFP91/pP4Riy3Y61WGZKwPRY9Fu1f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjExRS8wNkFGMUZCMjEz MTgxMUVDQTE3MzQzNTZDNEY5QUUwMi9fM1gta19oR0xMZGpyVllaa3JBOUZqMFc3 VjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18zWC1rX2hHTExkanJWWVprckE5RmowVzdWOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjExRS8wNkFGMUZCMjEzMTgxMUVDQTE3MzQzNTZDNEY5QUUwMi9fM1gta19oR0xM ZGpyVllaa3JBOUZqMFc3VjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQvl0V7Q6+7+26maC383r0sK8bX+BQCGnq+GiVuFmqSNPEo0IQ1Fg7 SQfXargXXrsje1YPDbS4Kl57PhzGGSZE7JeFmJsuyOnZ7gHe3no5Ivak0SEe0i8L wUzrs2JL/9tQJYd6j4SngAdbOD4WEF5kAnL1D8yHqL1KkZQlRQkhip98smqnf7WG 3D9aLlFx7G3XmqA1JBwvYjmVQNRTJhRU/CskKENwJE+hvfz1NBB1zRpyIJZpd2Y5 SmHS6/5olNJasp05kWJuCRTqnyzXiGHy6RpqWiokOmO3p/zAp+nTy51jRa+5D+ED 14lGv/BFuc08q2WQE4A8161PrvTwt6it -----END CERTIFICATE-----Generated at Sun Apr 6 23:35:31 2025 by rpki-client