$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft File: 5D3SMzFr8OKboG0g3sJdtMwRbgg.mft (raw, json) Hash identifier: QLLKlNBiJvCYWQjb5IfI7D7QF48fFMqS7yuUDlC1pWo= Subject key identifier: FE:CA:8D:80:61:2E:3D:40:13:EC:C4:BE:0D:75:C9:B0:3F:90:4D:D1 Authority key identifier: E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 Certificate issuer: /CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Certificate serial: 04A3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft Manifest number: 0498 Signing time: Tue 08 Apr 2025 23:42:44 +0000 Manifest this update: Tue 08 Apr 2025 23:42:43 +0000 Manifest next update: Tue 15 Apr 2025 23:42:43 +0000 Files and hashes: 1: 5D3SMzFr8OKboG0g3sJdtMwRbgg.crl (hash: A8SO3/M9rd8/AZNqUTx/oV6pxkeALBJ2TytzxiglfGg=) 2: 3A2A80AE3C8311ECA86D031EC4F9AE02.roa (hash: aUDrwRtGsUzrY00Rmj3XgznPDP2fmFZxHTp5GIqGdmE=) 3: ECC109EA3C8811EC889B9D78C4F9AE02.roa (hash: qsT6gdrcrYiz10awZz/5+uahx1IUYSEl585Lltn+07o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 23:42:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1187 (0x4a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1 Validity Not Before: Apr 8 23:42:43 2025 GMT Not After : Apr 15 23:42:43 2025 GMT Subject: CN=67f5b473-4b6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:91:5f:00:8b:d0:7f:b7:1a:d5:73:34:f7:94: ba:8a:19:c1:27:83:be:aa:6a:8e:60:52:fb:1d:3d: 48:b8:68:ad:07:f2:49:f7:45:26:75:74:05:3b:f6: 44:79:d7:04:a3:ad:9d:5f:d7:4b:0a:21:87:74:00: de:2e:82:b7:a6:fc:1a:a5:ea:c5:51:30:97:e3:6e: 14:16:33:e6:07:5e:af:6b:2c:09:29:28:59:ba:6b: 4c:4a:e0:9a:9e:82:50:53:cd:84:1d:ba:93:83:36: 79:c4:e0:51:83:cc:d3:df:bc:21:39:a0:33:ce:a5: 86:e8:68:dd:cd:f1:ee:dd:91:14:70:8b:b4:61:cc: 84:62:6b:91:f2:1b:3e:ff:70:4d:87:50:04:6c:9f: cd:05:ce:94:be:d6:4c:d3:3b:5e:10:e9:c5:e9:17: 63:83:17:3e:ef:e5:6e:37:da:20:71:b7:57:28:84: 94:ff:e8:0e:ef:70:e1:49:2c:3b:aa:09:32:f3:58: 76:6a:0e:cb:c8:25:4c:a5:c1:78:0f:4d:d4:f3:b2: 97:48:8d:99:2a:42:e0:4d:d4:3d:e5:63:d4:33:87: f4:f0:2b:a9:2d:7e:db:12:a8:7c:7b:a9:23:ce:f9: 45:fe:49:ca:a2:ea:d1:7b:5d:18:b5:cd:1a:bb:91: 94:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:CA:8D:80:61:2E:3D:40:13:EC:C4:BE:0D:75:C9:B0:3F:90:4D:D1 X509v3 Authority Key Identifier: keyid:E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:09:fc:74:8f:77:07:df:4a:af:56:0b:44:5c:27:42:0d:db: 38:5b:8a:ef:2f:98:aa:6e:2c:9c:90:9f:b3:50:6d:10:25:4d: 01:96:3b:80:15:51:2e:41:00:60:7f:19:71:94:3b:9d:83:04: d0:68:ca:3c:0b:20:85:d9:19:b2:e3:35:be:14:11:09:05:7d: 3d:c5:8f:d9:64:86:d8:95:7a:38:8f:23:2a:1c:b2:f9:55:9d: 61:64:64:7c:7d:a1:17:57:db:ca:d0:fb:67:79:e4:35:fc:8f: d0:de:8e:f6:fa:d1:01:7c:51:46:56:a1:96:e7:96:f5:c1:2f: b2:66:48:89:8e:9b:30:f7:b7:26:67:8c:f9:3b:8f:1f:7d:28: c2:36:7b:7d:62:6c:ce:c2:2b:a3:89:c4:ad:66:a9:92:97:2a: 8c:21:3d:57:4c:47:da:6d:14:d9:52:f0:ad:0a:8a:0f:54:48: 78:e8:fb:ab:63:ef:2a:d0:90:49:5e:82:71:c5:42:97:e0:f9: 2c:41:c2:96:26:c3:9c:1f:c2:77:85:f7:8c:ff:03:75:aa:67: 8c:b6:0f:d4:65:3c:c6:3c:e3:1d:93:27:cf:e7:82:f8:1d:24: 17:96:f6:7f:36:fa:e8:07:a2:48:48:5e:b9:aa:94:39:89:dc: ff:d5:41:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKEU0M0REMjMzMzE2QkYwRTI5QkEwNkQyMERFQzI1REI0 Q0MxMTZFMDgwHhcNMjUwNDA4MjM0MjQzWhcNMjUwNDE1MjM0MjQzWjAYMRYwFAYD VQQDEw02N2Y1YjQ3My00YjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9ZFfAIvQf7ca1XM095S6ihnBJ4O+qmqOYFL7HT1IuGitB/JJ90UmdXQFO/ZE edcEo62dX9dLCiGHdADeLoK3pvwaperFUTCX424UFjPmB16vaywJKShZumtMSuCa noJQU82EHbqTgzZ5xOBRg8zT37whOaAzzqWG6GjdzfHu3ZEUcIu0YcyEYmuR8hs+ /3BNh1AEbJ/NBc6UvtZM0zteEOnF6Rdjgxc+7+VuN9ogcbdXKISU/+gO73DhSSw7 qgky81h2ag7LyCVMpcF4D03U87KXSI2ZKkLgTdQ95WPUM4f08CupLX7bEqh8e6kj zvlF/knKourRe10Ytc0au5GUUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7KjYBh Lj1AE+zEvg11ybA/kE3RMB8GA1UdIwQYMBaAFOQ90jMxa/Dim6BtIN7CXbTMEW4I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zRTlBNEFFMDMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhPS2JvRzBnM3NKZHRNd1Ji Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVEM1NNekZyOE9LYm9HMGczc0pkdE13UmJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEFDMS8zRTlBNEFFMDMwOTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhP S2JvRzBnM3NKZHRNd1JiZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKCfx0j3cH30qvVgtEXCdCDds4W4rvL5iqbiyckJ+zUG0QJU0BljuA FVEuQQBgfxlxlDudgwTQaMo8CyCF2Rmy4zW+FBEJBX09xY/ZZIbYlXo4jyMqHLL5 VZ1hZGR8faEXV9vK0PtneeQ1/I/Q3o72+tEBfFFGVqGW55b1wS+yZkiJjpsw97cm Z4z5O48ffSjCNnt9YmzOwiujicStZqmSlyqMIT1XTEfabRTZUvCtCooPVEh46Pur Y+8q0JBJXoJxxUKX4PksQcKWJsOcH8J3hfeM/wN1qmeMtg/UZTzGPOMdkyfP54L4 HSQXlvZ/NvroB6JISF65qpQ5idz/1UFS -----END CERTIFICATE-----Generated at Thu Apr 10 23:57:48 2025 by rpki-client