$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: lXv//Jd6XyVHGPZpjciakV45N4W9k2Y9YPVltIIWc6g= Subject key identifier: 2C:9A:46:DE:7B:7E:F1:A7:98:DD:E7:08:8F:44:56:95:E1:78:47:AC Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0BFE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0BF7 Signing time: Sun 06 Apr 2025 18:32:40 +0000 Manifest this update: Sun 06 Apr 2025 18:32:40 +0000 Manifest next update: Sun 13 Apr 2025 18:32:40 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: vpmQwvxMIv1/UVcpNSM7gvNn3zuab89nyl0BG6ihAeE=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 18:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3070 (0xbfe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB Validity Not Before: Apr 6 18:32:40 2025 GMT Not After : Apr 13 18:32:40 2025 GMT Subject: CN=67f2c8c8-bfaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d8:12:ee:ca:fe:00:40:bb:53:de:ec:4a:ab: c3:4b:f0:11:19:c5:59:9f:73:25:29:74:ad:3c:6c: 04:e3:a1:1b:6c:58:ff:13:90:f3:80:6a:7e:9b:1f: 7b:b8:d2:f0:85:b8:0f:59:b6:88:03:9d:c0:8e:44: bf:84:7c:a5:28:63:c7:76:9d:76:0d:30:74:09:fa: fd:b1:b2:44:41:d2:b3:7f:0f:c7:6a:7e:02:f8:d3: 0b:17:09:a6:50:76:5f:ef:4a:cf:ae:4a:4b:99:21: 9f:83:da:ea:ed:68:46:83:b2:87:f2:64:fe:46:f8: d8:18:c4:3c:de:9b:07:89:0d:12:41:0b:e7:59:c2: bd:18:25:c7:32:63:ee:58:d5:69:26:7b:c3:19:23: 24:68:13:af:de:74:78:64:0e:0a:8a:2d:4b:d5:7c: bb:25:68:50:0e:87:33:e9:26:1b:b2:3d:66:9c:d0: 6d:de:fa:aa:b5:6c:bd:4e:d9:88:c6:13:c3:2f:0d: 39:ed:80:b4:8c:dd:b0:6d:d1:7d:25:a7:fb:bf:6a: f0:bd:88:47:42:a1:14:ea:d1:1a:df:6e:ed:cd:f9: 33:08:f0:4c:ef:1b:8d:99:9d:b2:ff:0d:78:4c:93: ad:b9:9e:8d:a6:ec:1c:1a:9f:4f:2e:af:22:05:c7: 6c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:9A:46:DE:7B:7E:F1:A7:98:DD:E7:08:8F:44:56:95:E1:78:47:AC X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:0f:ce:19:dd:32:e3:7b:08:d5:15:e7:54:14:e6:47:97:3f: eb:81:cf:a2:81:34:16:fa:1d:9f:5d:12:33:fb:93:88:f8:aa: fd:75:0d:d6:e8:a0:76:dc:4e:81:1b:5a:08:1c:98:d2:cb:73: b4:23:09:92:9e:a0:f4:d1:c4:a7:2e:46:f8:65:ef:10:92:2d: e6:2b:c3:c1:80:e8:a7:6a:82:76:46:db:cf:b3:83:39:df:d3: 31:6d:d1:9b:7e:04:e2:0c:8c:79:3f:63:40:90:18:af:89:23: 9d:d0:45:b8:c6:8a:d1:95:db:2d:e0:9f:95:f8:02:e7:41:61: 6b:da:7c:9e:7f:c3:99:36:0d:51:4f:ae:9d:8c:db:25:48:65: 4e:9c:02:07:7a:e8:2c:7d:18:c2:6b:56:d3:bc:bf:1d:d9:e2: c1:20:97:3c:fc:af:94:a6:70:ba:6f:d3:76:f6:47:e6:1e:b1: 14:54:27:5c:1d:47:a3:38:c3:22:ca:35:99:63:38:9d:10:9e: 2d:ec:14:74:78:4b:bb:6d:1d:19:03:74:c1:9b:52:9e:56:68: 79:64:be:ce:30:7e:2d:43:e5:9c:11:31:e3:35:02:b7:a6:e3: fb:cd:88:0c:ee:1f:5d:e9:e8:74:bf:a9:f3:ad:ce:0a:7c:37: 53:de:32:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwNDA2MTgzMjQwWhcNMjUwNDEzMTgzMjQwWjAYMRYwFAYD VQQDEw02N2YyYzhjOC1iZmFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAstgS7sr+AEC7U97sSqvDS/ARGcVZn3MlKXStPGwE46EbbFj/E5DzgGp+mx97 uNLwhbgPWbaIA53AjkS/hHylKGPHdp12DTB0Cfr9sbJEQdKzfw/Han4C+NMLFwmm UHZf70rPrkpLmSGfg9rq7WhGg7KH8mT+RvjYGMQ83psHiQ0SQQvnWcK9GCXHMmPu WNVpJnvDGSMkaBOv3nR4ZA4Kii1L1Xy7JWhQDocz6SYbsj1mnNBt3vqqtWy9TtmI xhPDLw057YC0jN2wbdF9Jaf7v2rwvYhHQqEU6tEa327tzfkzCPBM7xuNmZ2y/w14 TJOtuZ6NpuwcGp9PLq8iBcdslQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCyaRt57 fvGnmN3nCI9EVpXheEesMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAD84Z3TLjewjVFedUFOZHlz/rgc+igTQW+h2fXRIz+5OI+Kr9dQ3W 6KB23E6BG1oIHJjSy3O0IwmSnqD00cSnLkb4Ze8Qki3mK8PBgOinaoJ2RtvPs4M5 39MxbdGbfgTiDIx5P2NAkBiviSOd0EW4xorRldst4J+V+ALnQWFr2nyef8OZNg1R T66djNslSGVOnAIHeugsfRjCa1bTvL8d2eLBIJc8/K+UpnC6b9N29kfmHrEUVCdc HUejOMMiyjWZYzidEJ4t7BR0eEu7bR0ZA3TBm1KeVmh5ZL7OMH4tQ+WcETHjNQK3 puP7zYgM7h9d6eh0v6nzrc4KfDdT3jJk -----END CERTIFICATE-----Generated at Mon Apr 7 01:37:57 2025 by rpki-client