$ rpki-client -vvf rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft File: L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft (raw, json) Hash identifier: fTcz7bscktQ0ud/sXTCsVtfR5w6E0y7c0DETN1hJBFc= Subject key identifier: 67:99:AE:A3:56:F0:2E:8D:78:A8:7F:F9:01:08:6E:24:B4:23:F0:76 Authority key identifier: 2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34 Certificate issuer: /CN=A9183496/serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734 Certificate serial: 0BF2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft Manifest number: 0BEB Signing time: Fri 28 Mar 2025 18:55:19 +0000 Manifest this update: Fri 28 Mar 2025 18:55:18 +0000 Manifest next update: Fri 04 Apr 2025 18:55:18 +0000 Files and hashes: 1: L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl (hash: tt995P7f7A4QVZDNvCeBNfrPnQ/CGIytwkHW08LH5Fs=) 2: 68A35F78831411EC90E07C19C4F9AE02.roa (hash: t6T57kHu7uMYeuN0mVxzrvC/6xdds2/aDC5V7Z6/hHA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 18:55:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3058 (0xbf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9183496 Validity Not Before: Mar 28 18:55:18 2025 GMT Not After : Apr 4 18:55:18 2025 GMT Subject: CN=67e6f097-e07a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:aa:a0:35:c2:44:10:3a:26:e3:c0:9f:24:e5: 0d:09:30:76:1a:8e:d0:81:cf:df:fb:fa:00:03:9a: dd:c5:26:98:0f:95:e0:3a:eb:43:44:74:8d:85:78: c7:6c:0f:99:3d:6b:ed:93:83:8b:3e:e6:df:0d:24: 41:fa:47:27:36:14:86:37:46:d9:d4:97:06:1d:ca: 5f:54:a2:73:cd:22:d9:99:0e:d9:43:ce:b0:0d:8d: a7:fe:cf:93:42:53:bb:5f:ec:f9:43:a1:29:d4:ef: 5a:79:1e:ea:f6:5f:54:6f:d1:24:da:25:d4:e5:16: 66:2a:be:e2:f4:e2:0d:23:d5:d1:5a:25:95:64:ea: cd:c5:33:f3:26:ac:fc:fe:1e:39:72:ff:8b:2a:c6: 5e:93:88:76:8a:1c:b6:75:97:ed:00:6e:1d:b1:e7: 0b:bc:bb:57:de:51:87:e6:ba:9f:83:3d:a4:01:21: 46:ea:6a:04:25:25:6d:15:71:ce:ab:39:a6:e4:21: 1f:91:13:47:93:10:49:48:d5:30:4c:08:d6:6b:f1: 05:02:2b:c1:c7:a2:74:a8:55:4e:75:c0:4b:2b:eb: b4:f5:b5:78:3d:75:92:f4:46:e2:ec:6a:ee:d4:bd: c5:f2:31:cc:da:49:02:f3:72:ff:b3:bb:af:ec:44: ea:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:99:AE:A3:56:F0:2E:8D:78:A8:7F:F9:01:08:6E:24:B4:23:F0:76 X509v3 Authority Key Identifier: keyid:2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:2c:e4:73:87:dc:09:ea:40:82:24:c9:4c:ee:d4:6f:92:2c: 1f:ce:8c:58:08:83:54:bd:7f:ee:1b:77:72:3b:88:ee:8d:fb: 50:da:b0:a8:d6:02:50:b5:53:96:88:75:8d:16:c4:30:68:e4: e8:67:4d:36:72:1f:a9:b7:97:e9:af:92:37:3a:d3:e5:ed:38: df:86:61:bf:d0:c5:0c:03:41:02:4b:9d:3e:69:46:b6:62:d2: 72:71:9c:2c:74:e2:b9:a9:e9:2d:b0:eb:b0:9c:eb:01:aa:bc: 13:64:86:70:e7:73:a1:d8:fd:97:93:a8:27:96:83:15:eb:62: b6:8a:b3:cb:56:fe:a7:f0:c9:ec:4d:66:fd:37:6d:ac:68:b4: 02:0e:b5:d8:b1:dc:b9:5f:ee:22:35:96:6b:55:f1:94:e8:64: 56:d1:46:63:44:6c:06:c0:2a:65:9a:fb:71:26:3e:8d:93:01: 8d:36:f8:42:a1:f4:cb:5b:dd:9b:90:e8:51:6d:b8:71:f7:9e: 46:24:3d:f1:e8:dc:11:2a:ca:d2:c3:2b:03:5d:65:7e:9f:dd: cd:e5:20:6c:61:3c:b3:1b:7a:c9:da:8b:c9:b4:c8:8c:d9:04: bb:ff:79:c3:ad:55:e8:4a:b7:0f:e9:62:1e:94:05:a1:83:4b: 54:76:9c:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM0OTYxMTAvBgNVBAUTKDJGN0ExQzFERDI3RUE3ODE1OENFMjFBOTREQkJGQjkw NzJGQjE3MzQwHhcNMjUwMzI4MTg1NTE4WhcNMjUwNDA0MTg1NTE4WjAYMRYwFAYD VQQDEw02N2U2ZjA5Ny1lMDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnaqgNcJEEDom48CfJOUNCTB2Go7Qgc/f+/oAA5rdxSaYD5XgOutDRHSNhXjH bA+ZPWvtk4OLPubfDSRB+kcnNhSGN0bZ1JcGHcpfVKJzzSLZmQ7ZQ86wDY2n/s+T QlO7X+z5Q6Ep1O9aeR7q9l9Ub9Ek2iXU5RZmKr7i9OINI9XRWiWVZOrNxTPzJqz8 /h45cv+LKsZek4h2ihy2dZftAG4dsecLvLtX3lGH5rqfgz2kASFG6moEJSVtFXHO qzmm5CEfkRNHkxBJSNUwTAjWa/EFAivBx6J0qFVOdcBLK+u09bV4PXWS9Ebi7Gru 1L3F8jHM2kkC83L/s7uv7ETqRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGeZrqNW 8C6NeKh/+QEIbiS0I/B2MB8GA1UdIwQYMBaAFC96HB3SfqeBWM4hqU27+5By+xc0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzQ5Ni8yMzQxQTU2NjBG NkMxMUVBQTcwRjc5NUFDNEY5QUUwMi9MM29jSGRKLXA0Rll6aUdwVGJ2N2tITDdG elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0wzb2NIZEotcDRGWXppR3BUYnY3a0hMN0Z6US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MzQ5Ni8yMzQxQTU2NjBGNkMxMUVBQTcwRjc5NUFDNEY5QUUwMi9MM29jSGRKLXA0 Rll6aUdwVGJ2N2tITDdGelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArLORzh9wJ6kCCJMlM7tRvkiwfzoxYCINUvX/uG3dyO4jujftQ2rCo 1gJQtVOWiHWNFsQwaOToZ002ch+pt5fpr5I3OtPl7TjfhmG/0MUMA0ECS50+aUa2 YtJycZwsdOK5qektsOuwnOsBqrwTZIZw53Oh2P2Xk6gnloMV62K2irPLVv6n8Mns TWb9N22saLQCDrXYsdy5X+4iNZZrVfGU6GRW0UZjRGwGwCplmvtxJj6NkwGNNvhC ofTLW92bkOhRbbhx955GJD3x6NwRKsrSwysDXWV+n93N5SBsYTyzG3rJ2ovJtMiM 2QS7/3nDrVXoSrcP6WIelAWhg0tUdpw7 -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:22 2025 by rpki-client