$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft File: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json) Hash identifier: /ZgBSQB2yFb8k+VGP51FuZg1l5tOtLGx0kVp+ye4x44= Subject key identifier: 20:BC:75:34:5C:61:2D:8B:10:EF:58:75:71:BD:9F:3B:8E:2E:47:37 Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Certificate serial: 1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft Manifest number: 09E8 Signing time: Fri 28 Mar 2025 20:16:00 +0000 Manifest this update: Fri 28 Mar 2025 20:15:59 +0000 Manifest next update: Fri 04 Apr 2025 20:15:59 +0000 Files and hashes: 1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: tF2HGYogt8cKEwbf3va0AO3Jrw8mndgU3N+JQqW93ks=) 2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: qbK0SRsjZmgPEhHCvpQ8WHXr9ovPv+iMo1ylb0vxYmI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:15:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29 (0x1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F1C9 Validity Not Before: Mar 28 20:15:59 2025 GMT Not After : Apr 4 20:15:59 2025 GMT Subject: CN=67e70380-674c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:83:3d:25:e9:df:08:8e:d3:cc:c9:ea:e3:bb: d5:38:83:f3:af:5b:2e:43:a0:f5:98:1b:e5:2f:30: 93:98:31:95:71:da:d3:d8:fd:de:cc:7b:b3:5c:c6: 8e:e2:52:be:ea:8b:f4:6c:ae:c7:d2:e6:6a:08:1b: 56:59:c9:bc:87:64:c1:ff:6a:f4:41:58:2d:d3:6c: f5:f8:da:9e:dc:b9:32:8e:c0:6a:70:a7:c2:1a:05: 8b:f8:f2:0b:fe:74:93:97:70:d0:37:58:a6:8a:56: a1:59:89:33:7f:23:d4:8c:4f:fe:e3:77:1d:ee:a1: aa:6d:26:88:67:e4:9c:77:d2:78:1d:80:79:27:d0: 15:47:f9:cb:06:fc:c6:dd:11:04:ef:fa:14:d0:24: db:fe:50:56:23:30:84:90:7b:1c:7a:a2:ca:67:5b: 1c:b7:f2:c6:ae:c3:84:e8:98:a7:af:8a:18:f3:33: 39:29:ec:50:1f:a6:6d:d7:d6:96:40:8d:43:f3:b4: cf:9b:cb:d2:9c:a1:03:46:34:4e:48:5a:d7:f3:6e: 2b:d7:82:02:1a:ed:57:4f:03:23:2b:95:41:01:42: 6e:1b:b7:51:b1:72:c0:ea:2b:35:e2:97:14:38:78: 83:c8:dc:cd:08:ef:62:a1:84:2a:a7:13:1e:a8:b4: 6f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:BC:75:34:5C:61:2D:8B:10:EF:58:75:71:BD:9F:3B:8E:2E:47:37 X509v3 Authority Key Identifier: keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:9c:84:d8:15:e4:bb:90:8f:5c:08:b8:5f:39:e6:e3:db:40: 2e:64:05:76:37:f7:a0:e0:74:01:9a:7e:0f:b1:0f:98:16:e7: d8:78:40:5f:9c:31:79:bb:41:7e:61:3d:05:b1:6d:03:11:d4: b9:0e:6e:3c:0f:eb:72:1c:61:5e:ec:35:7f:9c:03:21:29:4b: 12:bd:8d:85:e4:a1:4c:81:12:90:5a:88:66:46:75:3a:a2:44: fb:b3:49:5d:0b:dd:2d:7e:ce:f4:e8:b6:9a:85:26:28:5b:7d: 83:99:6f:05:b2:ec:5b:f8:73:09:8b:33:bf:38:ed:d7:b1:3f: 82:1a:85:2e:3b:19:d5:d5:02:3a:3b:b6:f6:dc:e8:db:48:f2: e6:78:53:bf:21:45:1a:f9:a9:72:71:f1:d0:dc:27:26:76:88: a2:4a:35:9e:14:9a:a7:70:a0:00:71:ef:4e:d6:b6:cf:4a:fe: e7:27:fa:7d:08:2e:50:c0:0c:42:38:38:2d:3c:61:28:90:e3: c6:01:0e:70:8e:d6:ff:8a:ab:48:c4:58:05:5e:a7:63:93:65: 5e:00:6f:ee:be:d9:37:20:b9:64:bd:80:fc:fe:c0:41:e4:1d: 25:9a:25:c0:d3:3a:39:18:16:d9:c0:75:50:e3:4e:22:43:c9: 5c:8a:0f:39 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RjFDOTExMC8GA1UEBRMoREU0Q0U5NjBBMzkzMEFCNEMyMjdGQ0U4Rjg1N0MwODQx OTdGMDhEMDAeFw0yNTAzMjgyMDE1NTlaFw0yNTA0MDQyMDE1NTlaMBgxFjAUBgNV BAMTDTY3ZTcwMzgwLTY3NGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4gz0l6d8IjtPMyerju9U4g/OvWy5DoPWYG+UvMJOYMZVx2tPY/d7Me7Ncxo7i Ur7qi/RsrsfS5moIG1ZZybyHZMH/avRBWC3TbPX42p7cuTKOwGpwp8IaBYv48gv+ dJOXcNA3WKaKVqFZiTN/I9SMT/7jdx3uoaptJohn5Jx30ngdgHkn0BVH+csG/Mbd EQTv+hTQJNv+UFYjMISQexx6ospnWxy38sauw4TomKevihjzMzkp7FAfpm3X1pZA jUPztM+by9KcoQNGNE5IWtfzbivXggIa7VdPAyMrlUEBQm4bt1GxcsDqKzXilxQ4 eIPI3M0I72KhhCqnEx6otG/BAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUILx1NFxh LYsQ71h1cb2fO44uRzcwHwYDVR0jBBgwFoAU3kzpYKOTCrTCJ/zo+FfAhBl/CNAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMUM5LzZBNTdBQjhDN0Y5 NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NO QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2t6cFlLT1RDclRDSl96by1GZkFoQmxfQ05BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThG MUM5LzZBNTdBQjhDN0Y5NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JU Q0pfem8tRmZBaEJsX0NOQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMSchNgV5LuQj1wIuF855uPbQC5kBXY396DgdAGafg+xD5gW59h4QF+c MXm7QX5hPQWxbQMR1LkObjwP63IcYV7sNX+cAyEpSxK9jYXkoUyBEpBaiGZGdTqi RPuzSV0L3S1+zvTotpqFJihbfYOZbwWy7Fv4cwmLM7847dexP4IahS47GdXVAjo7 tvbc6NtI8uZ4U78hRRr5qXJx8dDcJyZ2iKJKNZ4UmqdwoABx707Wts9K/ucn+n0I LlDADEI4OC08YSiQ48YBDnCO1v+Kq0jEWAVep2OTZV4Ab+6+2TcguWS9gPz+wEHk HSWaJcDTOjkYFtnAdVDjTiJDyVyKDzk= -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:22 2025 by rpki-client