$ rpki-client -vvf rpki.apnic.net/member_repository/A91B31CB/F44CCF7E89F011EFAD26B97AC4F9AE02/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.mft File: 3-Ss3KCmIkNlS9IJNoIFeOktJSQ.mft (raw, json) Hash identifier: A6nrggvXF7r8cJ+RdZmj2UBA+LjcdWnDWWKqAg6ChZU= Subject key identifier: 92:25:78:9D:E4:56:E1:41:39:97:1F:72:E7:21:94:7A:74:34:AA:0B Authority key identifier: DF:E4:AC:DC:A0:A6:22:43:65:4B:D2:09:36:82:05:78:E9:2D:25:24 Certificate issuer: /CN=A91B31CB/serialNumber=DFE4ACDCA0A62243654BD20936820578E92D2524 Certificate serial: 5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B31CB/F44CCF7E89F011EFAD26B97AC4F9AE02/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.mft Manifest number: 5D Signing time: Sat 05 Apr 2025 06:23:15 +0000 Manifest this update: Sat 05 Apr 2025 06:23:15 +0000 Manifest next update: Sat 12 Apr 2025 06:23:15 +0000 Files and hashes: 1: 3-Ss3KCmIkNlS9IJNoIFeOktJSQ.crl (hash: N4cktUxglIIb/3yPaCAceSS7dkb3/T7ZWUCWg7dQmkw=) 2: 67030B7889F111EFB3186A7BC4F9AE02.roa (hash: jpoA3nOwURms9S72GBWIhr5w5HiTb8jNg/HLvSF6ab8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B31CB/F44CCF7E89F011EFAD26B97AC4F9AE02/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.crl rsync://rpki.apnic.net/member_repository/A91B31CB/F44CCF7E89F011EFAD26B97AC4F9AE02/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 06:23:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B31CB Validity Not Before: Apr 5 06:23:15 2025 GMT Not After : Apr 12 06:23:15 2025 GMT Subject: CN=67f0cc53-baa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cd:10:5e:49:90:40:60:aa:45:41:7c:2a:68: de:7b:fc:f3:90:5a:9a:9e:7a:c3:62:47:ca:27:c1: d5:21:8a:af:7b:3c:95:8e:57:56:bc:7c:f6:39:2b: a8:50:e5:7c:11:4b:10:3b:93:2b:bc:71:69:22:13: 84:4e:e6:37:0f:f5:c1:a1:c1:9f:2d:02:25:d1:da: 7a:a1:e6:12:13:19:6a:aa:12:fe:7f:be:f0:1d:79: 7e:48:18:88:92:ee:cc:bf:04:49:c8:42:22:c1:9c: 45:20:76:c3:6b:bd:4d:f8:53:5f:12:17:50:87:f8: 01:1e:84:7d:c0:7a:03:2e:61:7e:39:b3:cf:be:07: ec:95:1f:ed:97:e5:30:ff:d8:f7:45:09:5e:66:5d: f5:42:4b:51:11:16:3c:42:b3:32:89:80:f5:8e:d7: fa:fe:58:d3:23:53:54:d1:8a:00:47:7a:8e:6c:90: 9a:05:45:2f:14:28:7f:fd:ec:f8:fa:49:7b:d7:3f: e1:ac:d2:19:c7:53:95:88:e6:05:33:77:2e:b5:76: c9:f8:69:87:da:30:e8:e4:52:72:26:b3:92:01:f2: 78:83:c1:44:27:cd:40:bb:5d:8f:79:56:3f:3f:7e: 5c:20:cb:5a:4c:98:10:17:24:f5:4c:2c:8d:f8:de: 78:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:25:78:9D:E4:56:E1:41:39:97:1F:72:E7:21:94:7A:74:34:AA:0B X509v3 Authority Key Identifier: keyid:DF:E4:AC:DC:A0:A6:22:43:65:4B:D2:09:36:82:05:78:E9:2D:25:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B31CB/F44CCF7E89F011EFAD26B97AC4F9AE02/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B31CB/F44CCF7E89F011EFAD26B97AC4F9AE02/3-Ss3KCmIkNlS9IJNoIFeOktJSQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:8f:ff:1d:0b:b2:13:16:55:cb:c2:5b:e9:73:a3:65:20:c5: 9d:1e:93:98:7c:39:31:1d:8c:13:97:e6:47:0b:6b:04:0e:87: bd:25:0c:7c:69:7a:b3:d7:c8:d8:a4:bb:dc:27:3e:a2:8b:2d: 12:f7:cd:1f:5b:6e:65:11:57:81:30:48:fa:52:39:41:86:2f: d3:e2:c7:8c:7e:a6:b3:00:3f:87:02:23:da:f3:b8:4d:13:07: 61:a1:68:04:ba:b1:f8:bf:12:66:fa:b0:82:c4:c1:ac:e9:62: 51:be:db:2f:18:be:b1:d1:10:30:cf:e9:63:6a:03:f0:1f:06: 8c:30:55:0d:1c:c8:5c:46:dd:e0:1e:82:86:3f:a1:cc:86:43: 3f:15:9b:80:54:0f:9c:f5:6d:16:de:af:0e:39:d6:27:54:a2: 7c:c1:b2:88:5e:e1:5d:78:0e:35:03:c0:d1:1b:16:86:21:cc: 1f:0f:09:c2:1f:12:ab:cb:09:99:1a:f6:44:d2:63:9f:7f:41: d8:1b:21:a7:ce:ac:cf:95:e6:4a:82:fc:b4:73:51:b9:42:8a: 99:ec:4b:bf:73:47:82:00:e9:7c:a5:40:2c:72:44:56:2b:b2: 9f:55:03:c4:65:19:f7:a9:61:24:6e:fb:ca:19:3d:0f:52:5e: 97:7e:9e:5a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MzFDQjExMC8GA1UEBRMoREZFNEFDRENBMEE2MjI0MzY1NEJEMjA5MzY4MjA1NzhF OTJEMjUyNDAeFw0yNTA0MDUwNjIzMTVaFw0yNTA0MTIwNjIzMTVaMBgxFjAUBgNV BAMTDTY3ZjBjYzUzLWJhYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDzRBeSZBAYKpFQXwqaN57/POQWpqeesNiR8onwdUhiq97PJWOV1a8fPY5K6hQ 5XwRSxA7kyu8cWkiE4RO5jcP9cGhwZ8tAiXR2nqh5hITGWqqEv5/vvAdeX5IGIiS 7sy/BEnIQiLBnEUgdsNrvU34U18SF1CH+AEehH3AegMuYX45s8++B+yVH+2X5TD/ 2PdFCV5mXfVCS1ERFjxCszKJgPWO1/r+WNMjU1TRigBHeo5skJoFRS8UKH/97Pj6 SXvXP+Gs0hnHU5WI5gUzdy61dsn4aYfaMOjkUnIms5IB8niDwUQnzUC7XY95Vj8/ flwgy1pMmBAXJPVMLI343nhjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkiV4neRW 4UE5lx9y5yGUenQ0qgswHwYDVR0jBBgwFoAU3+Ss3KCmIkNlS9IJNoIFeOktJSQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIzMUNCL0Y0NENDRjdFODlG MDExRUZBRDI2Qjk3QUM0RjlBRTAyLzMtU3MzS0NtSWtObFM5SUpOb0lGZU9rdEpT US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMy1TczNLQ21Ja05sUzlJSk5vSUZlT2t0SlNRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIz MUNCL0Y0NENDRjdFODlGMDExRUZBRDI2Qjk3QUM0RjlBRTAyLzMtU3MzS0NtSWtO bFM5SUpOb0lGZU9rdEpTUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACuP/x0LshMWVcvCW+lzo2UgxZ0ek5h8OTEdjBOX5kcLawQOh70lDHxp erPXyNiku9wnPqKLLRL3zR9bbmURV4EwSPpSOUGGL9Pix4x+prMAP4cCI9rzuE0T B2GhaAS6sfi/Emb6sILEwazpYlG+2y8YvrHREDDP6WNqA/AfBowwVQ0cyFxG3eAe goY/ocyGQz8Vm4BUD5z1bRberw451idUonzBsohe4V14DjUDwNEbFoYhzB8PCcIf EqvLCZka9kTSY59/QdgbIafOrM+V5kqC/LRzUblCipnsS79zR4IA6XylQCxyRFYr sp9VA8RlGfepYSRu+8oZPQ9SXpd+nlo= -----END CERTIFICATE-----Generated at Sat Apr 5 14:30:38 2025 by rpki-client