$ rpki-client -vvf rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft File: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft (raw, json) Hash identifier: 0QdUO1f+o3o8f9OtTcIBsH4GxilCyvQOtQceXqiqVCo= Subject key identifier: AB:B4:7E:1C:96:FF:78:A7:BE:9F:DA:34:E2:42:79:89:C8:A0:A2:E9 Authority key identifier: DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F Certificate issuer: /CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Certificate serial: 04AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft Manifest number: 04A8 Signing time: Sun 06 Apr 2025 23:33:11 +0000 Manifest this update: Sun 06 Apr 2025 23:33:11 +0000 Manifest next update: Sun 13 Apr 2025 23:33:11 +0000 Files and hashes: 1: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl (hash: 1Nr+16KcPCb3XpRkwrqRIGCCSivCxo1iBuNbMz4xh3U=) 2: D3D1604C2B6711EC8CD1C61FC4F9AE02.roa (hash: K+U5H/gEB39S0MtkniCqyAbmgU8k6WO9RKiUyR91DCc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 23:33:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1198 (0x4ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AFE7 Validity Not Before: Apr 6 23:33:11 2025 GMT Not After : Apr 13 23:33:11 2025 GMT Subject: CN=67f30f37-2c11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ec:44:ff:ef:19:d1:04:eb:86:e0:f7:3a:ad: 4e:53:5c:c4:45:5d:5c:e3:e9:eb:c7:4a:c9:6d:3e: 42:eb:76:87:e7:c3:54:1a:80:fb:b8:5a:b1:27:f4: ab:d7:21:00:44:8d:91:02:3d:02:6c:6b:97:a1:09: b6:2d:1d:37:a1:70:38:ce:1c:b3:93:b9:00:f0:16: 57:e1:e9:49:b7:67:38:17:ae:fa:4b:e5:92:12:ad: 8e:36:d2:c8:71:aa:20:63:d3:35:e0:67:96:75:dc: dd:0c:a6:f0:7e:c9:57:c9:4e:06:36:a8:71:9f:41: ad:02:e7:81:d8:11:00:2c:b2:d3:1e:03:ec:5b:8a: ee:81:02:49:61:db:96:70:2a:d1:0f:63:de:9d:ab: 70:96:22:6a:b2:bf:40:ea:56:55:38:88:87:ec:95: f0:a8:f1:2b:2a:da:57:3d:28:00:b4:cf:5d:ea:e2: fc:2b:76:d4:97:74:7e:cb:90:d3:1b:b1:30:38:a2: 07:79:52:dd:46:c7:0f:90:cc:54:26:e5:e9:df:a3: a6:cc:1b:a8:cd:2a:de:b7:01:68:f8:c7:cc:c7:fb: 54:d6:84:fa:52:c1:01:14:30:46:51:fb:b4:49:fd: 30:fb:9b:21:49:40:11:91:c0:7a:81:ac:db:48:84: 10:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B4:7E:1C:96:FF:78:A7:BE:9F:DA:34:E2:42:79:89:C8:A0:A2:E9 X509v3 Authority Key Identifier: keyid:DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:4e:8d:7c:b7:ad:4a:58:7d:35:35:37:67:fd:7e:92:a8:bd: db:91:15:e8:98:3e:4e:ac:8f:10:e1:e4:aa:0f:e4:2f:71:00: 7b:e6:a3:d4:fa:42:25:e2:9c:e6:08:4b:2b:ad:79:07:73:59: 1e:97:20:33:2e:ef:ea:b0:30:54:c0:e6:f0:fd:85:7d:19:d5: e7:64:52:0d:a9:cd:d0:30:76:de:ad:20:a9:6c:99:28:09:da: cb:25:d6:8a:8c:91:ae:c5:6f:a7:b4:84:3a:b5:78:b1:23:a6: f7:f8:f1:4f:53:05:12:30:60:91:2f:b0:a8:00:4a:bf:60:c8: 91:15:28:ee:33:17:8c:80:3f:72:9f:87:ad:15:cf:23:60:94: 89:37:1e:e5:e3:4c:42:30:b8:9c:0e:a0:e3:dd:1b:43:01:4a: 77:26:95:78:a8:22:b8:6b:b4:7a:82:ae:65:3b:73:d6:ae:81: 31:b1:6f:ad:01:07:e8:8e:f2:98:72:75:d1:ef:78:cc:5f:5a: 9a:2c:12:b0:df:aa:28:d5:b3:a1:3a:bb:1c:20:15:da:f2:60: 96:6c:d3:2c:ad:9d:44:00:99:40:e9:54:a8:90:66:19:b6:45: a4:33:77:8a:9c:5b:94:d1:9f:06:f8:1e:80:c6:15:60:2d:ab: a2:16:1f:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FGRTcxMTAvBgNVBAUTKERDQzA3QTlEOEZGRTM3OEREREFGM0NEMEU0MUE5RUY2 RkREMzE0OEYwHhcNMjUwNDA2MjMzMzExWhcNMjUwNDEzMjMzMzExWjAYMRYwFAYD VQQDEw02N2YzMGYzNy0yYzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1exE/+8Z0QTrhuD3Oq1OU1zERV1c4+nrx0rJbT5C63aH58NUGoD7uFqxJ/Sr 1yEARI2RAj0CbGuXoQm2LR03oXA4zhyzk7kA8BZX4elJt2c4F676S+WSEq2ONtLI caogY9M14GeWddzdDKbwfslXyU4GNqhxn0GtAueB2BEALLLTHgPsW4rugQJJYduW cCrRD2PenatwliJqsr9A6lZVOIiH7JXwqPErKtpXPSgAtM9d6uL8K3bUl3R+y5DT G7EwOKIHeVLdRscPkMxUJuXp36OmzBuozSretwFo+MfMx/tU1oT6UsEBFDBGUfu0 Sf0w+5shSUARkcB6gazbSIQQ0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKu0fhyW /3invp/aNOJCeYnIoKLpMB8GA1UdIwQYMBaAFNzAep2P/jeN3a880OQanvb90xSP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUZFNy9GOEI2NTM3NDI5 MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40M2RyenpRNUJxZTl2M1RG STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNNQjZuWV8tTjQzZHJ6elE1QnFlOXYzVEZJOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUZFNy9GOEI2NTM3NDI5MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40 M2RyenpRNUJxZTl2M1RGSTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoTo18t61KWH01NTdn/X6SqL3bkRXomD5OrI8Q4eSqD+QvcQB75qPU +kIl4pzmCEsrrXkHc1kelyAzLu/qsDBUwObw/YV9GdXnZFINqc3QMHberSCpbJko CdrLJdaKjJGuxW+ntIQ6tXixI6b3+PFPUwUSMGCRL7CoAEq/YMiRFSjuMxeMgD9y n4etFc8jYJSJNx7l40xCMLicDqDj3RtDAUp3JpV4qCK4a7R6gq5lO3PWroExsW+t AQfojvKYcnXR73jMX1qaLBKw36oo1bOhOrscIBXa8mCWbNMsrZ1EAJlA6VSokGYZ tkWkM3eKnFuU0Z8G+B6AxhVgLauiFh9j -----END CERTIFICATE-----Generated at Tue Apr 8 15:47:30 2025 by rpki-client