$ rpki-client -vvf rpki.apnic.net/member_repository/A91317CB/CB73F7864AB311E8AD4D1E28C4F9AE02/3Fys5yJTQlYHBjKHYfkTyTZJius.mft File: 3Fys5yJTQlYHBjKHYfkTyTZJius.mft (raw, json) Hash identifier: OdX/H/L7bjiZ7Q+zKO1u3+/TRQSaHYoynASdD5Z9WI0= Subject key identifier: CA:18:89:34:68:53:E3:7D:35:68:BD:1C:56:F5:C9:AD:3A:0A:0A:4B Authority key identifier: DC:5C:AC:E7:22:53:42:56:07:06:32:87:61:F9:13:C9:36:49:8A:EB Certificate issuer: /CN=A91317CB/serialNumber=DC5CACE7225342560706328761F913C936498AEB Certificate serial: 1502 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Fys5yJTQlYHBjKHYfkTyTZJius.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91317CB/CB73F7864AB311E8AD4D1E28C4F9AE02/3Fys5yJTQlYHBjKHYfkTyTZJius.mft Manifest number: 14FA Signing time: Sun 20 Apr 2025 16:44:27 +0000 Manifest this update: Sun 20 Apr 2025 16:44:27 +0000 Manifest next update: Sun 27 Apr 2025 16:44:27 +0000 Files and hashes: 1: 3Fys5yJTQlYHBjKHYfkTyTZJius.crl (hash: MTF2oeDDVkl+DWHu8KDvZgL7gbvMtpI6TphL2fmk3PI=) 2: CBA65F7C4AB411E887FB7E29C4F9AE02.roa (hash: ZrtNu0pCM+YSuzrUqWxCD6BDNZGKsa/yqsobccT0UqY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91317CB/CB73F7864AB311E8AD4D1E28C4F9AE02/3Fys5yJTQlYHBjKHYfkTyTZJius.crl rsync://rpki.apnic.net/member_repository/A91317CB/CB73F7864AB311E8AD4D1E28C4F9AE02/3Fys5yJTQlYHBjKHYfkTyTZJius.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Fys5yJTQlYHBjKHYfkTyTZJius.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 16:44:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5378 (0x1502) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91317CB, serialNumber=DC5CACE7225342560706328761F913C936498AEB Validity Not Before: Apr 20 16:44:27 2025 GMT Not After : Apr 27 16:44:27 2025 GMT Subject: CN=6805246b-8417 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a2:bc:16:f7:9f:c5:b7:ae:de:83:89:25:89: f7:06:61:1d:89:32:63:01:0f:0b:18:7c:93:4c:23: 11:9f:71:22:77:15:f7:c0:ab:7b:ad:b9:a1:9c:2d: 8c:d8:ce:ba:32:f4:c7:b3:c6:6f:95:36:cf:66:25: 2f:93:a4:f8:20:31:ed:43:31:f7:3c:6c:d6:76:3f: c1:fe:e8:e6:37:c6:71:82:95:24:d4:8e:0e:c1:16: 4e:af:34:53:d8:0c:e5:4a:ad:a7:72:d5:18:4a:65: 62:7c:96:37:80:a7:8e:4c:d4:59:17:c5:50:cd:d8: 88:08:6a:60:a4:16:32:09:20:4c:84:3f:1a:4a:e4: 7c:9f:8e:ee:86:94:39:4b:84:fc:f4:9f:ed:51:56: f7:17:8a:eb:8f:5c:94:22:c6:6a:83:a7:87:1a:5b: 3e:71:a7:c5:aa:b2:46:c4:a7:2c:1a:36:c5:2d:f7: 2c:1c:b2:c0:ea:f2:de:d2:9e:d0:5a:f4:bb:3b:c7: bf:c2:cf:b3:00:3b:8b:0c:3a:cb:00:65:f4:39:1b: 28:7d:57:fa:ac:b0:f3:ed:ce:a4:54:6b:7b:e1:21: a9:37:23:f9:a0:19:9c:7f:6a:8e:ae:dd:2e:26:16: 72:fe:4d:81:5b:6e:b7:28:b1:d2:ac:b1:b8:d9:c5: 4d:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:18:89:34:68:53:E3:7D:35:68:BD:1C:56:F5:C9:AD:3A:0A:0A:4B X509v3 Authority Key Identifier: keyid:DC:5C:AC:E7:22:53:42:56:07:06:32:87:61:F9:13:C9:36:49:8A:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91317CB/CB73F7864AB311E8AD4D1E28C4F9AE02/3Fys5yJTQlYHBjKHYfkTyTZJius.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Fys5yJTQlYHBjKHYfkTyTZJius.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91317CB/CB73F7864AB311E8AD4D1E28C4F9AE02/3Fys5yJTQlYHBjKHYfkTyTZJius.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:e3:e1:3c:c4:34:4c:81:0e:fe:2d:2f:ed:1a:90:94:01:e6: 8d:65:81:c5:a5:9b:89:70:a2:9e:94:cd:0d:2d:98:ea:31:71: 14:8a:b0:0c:49:45:9f:1a:39:d6:b3:d1:4d:d5:7b:c3:08:88: 3d:65:c8:d0:6b:5b:27:de:28:b5:9b:a9:ae:4f:e4:a9:e6:08: d7:13:a2:5e:6b:03:02:df:45:30:c7:93:cb:2d:da:1e:05:d5: d0:a5:4b:8d:f4:b1:0a:33:73:80:d1:18:70:38:09:ea:25:dd: 7b:65:c0:dc:cc:ee:5a:21:ae:01:d6:0d:df:20:59:b1:d6:ad: 7e:d8:0a:b6:6d:95:cd:ef:5f:7f:30:5b:65:71:3c:ae:75:ac: 34:aa:9a:cc:07:2a:52:49:92:ff:ed:d4:89:e4:f9:16:ea:ba: d0:0f:dc:14:9b:4d:fe:ec:1f:2a:44:6d:de:c9:83:74:90:8d: 66:b3:d4:00:ac:77:3c:e0:43:19:31:db:5b:07:66:eb:8e:93: df:c5:e9:2b:61:6c:e6:a6:1f:89:e6:7e:18:ca:6d:09:c2:cb: be:78:6b:ab:4a:d1:3c:fa:b4:19:70:65:ec:28:c4:4a:68:ea: 2d:c8:fd:7c:77:bb:bd:a7:af:5f:e7:61:45:6f:25:cc:d2:a1: 1e:1c:c0:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE3Q0IxMTAvBgNVBAUTKERDNUNBQ0U3MjI1MzQyNTYwNzA2MzI4NzYxRjkxM0M5 MzY0OThBRUIwHhcNMjUwNDIwMTY0NDI3WhcNMjUwNDI3MTY0NDI3WjAYMRYwFAYD VQQDEw02ODA1MjQ2Yi04NDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx6K8Fvefxbeu3oOJJYn3BmEdiTJjAQ8LGHyTTCMRn3EidxX3wKt7rbmhnC2M 2M66MvTHs8ZvlTbPZiUvk6T4IDHtQzH3PGzWdj/B/ujmN8ZxgpUk1I4OwRZOrzRT 2AzlSq2nctUYSmVifJY3gKeOTNRZF8VQzdiICGpgpBYyCSBMhD8aSuR8n47uhpQ5 S4T89J/tUVb3F4rrj1yUIsZqg6eHGls+cafFqrJGxKcsGjbFLfcsHLLA6vLe0p7Q WvS7O8e/ws+zADuLDDrLAGX0ORsofVf6rLDz7c6kVGt74SGpNyP5oBmcf2qOrt0u JhZy/k2BW263KLHSrLG42cVNkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMoYiTRo U+N9NWi9HFb1ya06CgpLMB8GA1UdIwQYMBaAFNxcrOciU0JWBwYyh2H5E8k2SYrr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTdDQi9DQjczRjc4NjRB QjMxMUU4QUQ0RDFFMjhDNEY5QUUwMi8zRnlzNXlKVFFsWUhCaktIWWZrVHlUWkpp dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGeXM1eUpUUWxZSEJqS0hZZmtUeVRaSml1cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTdDQi9DQjczRjc4NjRBQjMxMUU4QUQ0RDFFMjhDNEY5QUUwMi8zRnlzNXlKVFFs WUhCaktIWWZrVHlUWkppdXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBH4+E8xDRMgQ7+LS/tGpCUAeaNZYHFpZuJcKKelM0NLZjqMXEUirAM SUWfGjnWs9FN1XvDCIg9ZcjQa1sn3ii1m6muT+Sp5gjXE6JeawMC30Uwx5PLLdoe BdXQpUuN9LEKM3OA0RhwOAnqJd17ZcDczO5aIa4B1g3fIFmx1q1+2Aq2bZXN719/ MFtlcTyudaw0qprMBypSSZL/7dSJ5PkW6rrQD9wUm03+7B8qRG3eyYN0kI1ms9QA rHc84EMZMdtbB2brjpPfxekrYWzmph+J5n4Yym0Jwsu+eGurStE8+rQZcGXsKMRK aOotyP18d7u9p69f52FFbyXM0qEeHMBZ -----END CERTIFICATE-----Generated at Mon Apr 21 04:48:44 2025 by rpki-client