$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B32/AC36B36851F111EEA7DC2666C4F9AE02/3vCat-atSADQZ9cCq_MCJincVuA.mft File: 3vCat-atSADQZ9cCq_MCJincVuA.mft (raw, json) Hash identifier: caQjzD3rmtht1cOBXRgs0G/MkkMALTaEGOSaHsTsKOk= Subject key identifier: F1:2C:2C:97:5D:E3:BD:48:91:EC:C1:DF:E8:78:15:C1:67:F5:A4:FA Authority key identifier: DE:F0:9A:B7:E6:AD:48:00:D0:67:D7:02:AB:F3:02:26:29:DC:56:E0 Certificate issuer: /CN=A91B7B32/serialNumber=DEF09AB7E6AD4800D067D702ABF3022629DC56E0 Certificate serial: 0126 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3vCat-atSADQZ9cCq_MCJincVuA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B32/AC36B36851F111EEA7DC2666C4F9AE02/3vCat-atSADQZ9cCq_MCJincVuA.mft Manifest number: 0124 Signing time: Sat 05 Apr 2025 04:00:08 +0000 Manifest this update: Sat 05 Apr 2025 04:00:07 +0000 Manifest next update: Sat 12 Apr 2025 04:00:07 +0000 Files and hashes: 1: 3vCat-atSADQZ9cCq_MCJincVuA.crl (hash: p/0MmDOHJmsFZCeQu683JAIyUxXoniyXfisxeRoo9Uc=) 2: 2B7210D251F211EEA079D567C4F9AE02.roa (hash: 62+q+uvhfjJ30zAscNkGLPxXNqqCO9Ks9yOvU1E/mYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B32/AC36B36851F111EEA7DC2666C4F9AE02/3vCat-atSADQZ9cCq_MCJincVuA.crl rsync://rpki.apnic.net/member_repository/A91B7B32/AC36B36851F111EEA7DC2666C4F9AE02/3vCat-atSADQZ9cCq_MCJincVuA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3vCat-atSADQZ9cCq_MCJincVuA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 294 (0x126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B32 Validity Not Before: Apr 5 04:00:07 2025 GMT Not After : Apr 12 04:00:07 2025 GMT Subject: CN=67f0aac8-6fd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3e:cb:9b:ed:fe:a9:83:02:ab:51:ac:95:75: 9a:e6:c3:55:fb:98:39:bc:bf:ee:63:95:e2:f0:81: a6:4e:50:d2:0f:06:9d:2c:d8:04:17:1c:5e:65:93: 0c:ab:3f:cb:ee:85:88:40:4e:16:a2:2b:09:11:94: 4e:15:8c:26:79:13:e2:29:93:15:34:b3:fc:66:7b: 9a:36:df:2f:46:88:5e:ad:de:96:ee:a2:99:a3:aa: 17:80:f0:19:3b:a1:26:8a:26:01:c0:e7:cc:77:7e: 8d:52:f9:45:cf:cc:2d:e7:ce:9a:52:3f:5a:17:60: 9e:6d:8d:dc:a3:1b:38:a9:2e:d5:d6:1e:03:c1:9d: b8:a8:42:25:cf:73:b2:84:a4:d6:69:1a:27:3b:c5: 58:bc:b6:4f:b3:1e:8d:27:49:1d:91:ab:15:b5:b1: 18:f4:7f:1d:d7:d6:6e:7d:ff:f5:4c:d2:54:c3:5d: aa:94:6e:dd:04:75:57:bd:0f:c6:89:84:26:e2:55: 9a:3f:ee:8d:f9:fd:76:52:70:3f:f2:9c:ad:ad:4f: 85:b9:80:c5:84:8a:ba:bf:65:83:68:ad:d2:fb:37: 58:5b:94:ee:79:aa:b7:60:d8:89:fc:5d:6f:44:1e: ca:8c:26:a5:ad:f6:87:5e:75:bd:46:bf:86:78:48: ca:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:2C:2C:97:5D:E3:BD:48:91:EC:C1:DF:E8:78:15:C1:67:F5:A4:FA X509v3 Authority Key Identifier: keyid:DE:F0:9A:B7:E6:AD:48:00:D0:67:D7:02:AB:F3:02:26:29:DC:56:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B32/AC36B36851F111EEA7DC2666C4F9AE02/3vCat-atSADQZ9cCq_MCJincVuA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3vCat-atSADQZ9cCq_MCJincVuA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B32/AC36B36851F111EEA7DC2666C4F9AE02/3vCat-atSADQZ9cCq_MCJincVuA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:bf:18:1a:fc:eb:96:57:32:e8:ff:41:95:ac:4b:e7:43:2f: bc:33:be:6d:3d:c4:dc:f1:16:92:5f:dc:42:6d:d2:9f:60:11: a9:63:11:01:7c:ae:4c:03:e0:7a:e9:10:d7:d3:f4:d8:f9:27: 34:be:3e:20:42:1c:7c:17:20:e6:b6:e4:8e:ff:cc:52:18:54: 37:de:34:32:1c:4c:64:81:9b:22:f5:c3:84:a5:9f:ce:80:7f: 57:79:ae:24:d3:be:09:a4:43:47:ef:be:d2:be:fc:2f:7e:74: 42:3d:2f:8e:21:69:f9:28:fc:b9:9d:21:9c:b5:8e:e5:15:69: f7:21:4a:f6:15:b6:1a:cb:01:cb:63:59:e5:2b:37:f8:7f:52: c0:01:5c:ce:7a:1a:b8:a5:ba:fa:84:68:98:66:33:3f:66:e0: be:38:08:9f:ca:8e:fe:a0:ad:d5:00:e7:ce:72:f8:65:47:06: 54:0e:c2:09:68:bd:f1:cc:d2:fe:4c:c6:04:37:cb:9a:d2:87: 4b:7e:86:f5:5c:fe:e6:90:f7:ba:78:d0:2d:ba:98:6b:a3:92: 00:31:0c:40:7d:c9:ad:ad:de:be:49:09:49:ee:4d:a1:39:12: a8:a0:ca:fd:d5:50:21:b0:76:7b:74:61:74:bb:e6:a5:d3:0b: 28:bc:f5:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCMzIxMTAvBgNVBAUTKERFRjA5QUI3RTZBRDQ4MDBEMDY3RDcwMkFCRjMwMjI2 MjlEQzU2RTAwHhcNMjUwNDA1MDQwMDA3WhcNMjUwNDEyMDQwMDA3WjAYMRYwFAYD VQQDEw02N2YwYWFjOC02ZmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuj7Lm+3+qYMCq1GslXWa5sNV+5g5vL/uY5Xi8IGmTlDSDwadLNgEFxxeZZMM qz/L7oWIQE4WoisJEZROFYwmeRPiKZMVNLP8ZnuaNt8vRoherd6W7qKZo6oXgPAZ O6EmiiYBwOfMd36NUvlFz8wt586aUj9aF2CebY3coxs4qS7V1h4DwZ24qEIlz3Oy hKTWaRonO8VYvLZPsx6NJ0kdkasVtbEY9H8d19Zuff/1TNJUw12qlG7dBHVXvQ/G iYQm4lWaP+6N+f12UnA/8pytrU+FuYDFhIq6v2WDaK3S+zdYW5Tueaq3YNiJ/F1v RB7KjCalrfaHXnW9Rr+GeEjKMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPEsLJdd 471IkezB3+h4FcFn9aT6MB8GA1UdIwQYMBaAFN7wmrfmrUgA0GfXAqvzAiYp3Fbg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0IzMi9BQzM2QjM2ODUx RjExMUVFQTdEQzI2NjZDNEY5QUUwMi8zdkNhdC1hdFNBRFFaOWNDcV9NQ0ppbmNW dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN2Q2F0LWF0U0FEUVo5Y0NxX01DSmluY1Z1QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0IzMi9BQzM2QjM2ODUxRjExMUVFQTdEQzI2NjZDNEY5QUUwMi8zdkNhdC1hdFNB RFFaOWNDcV9NQ0ppbmNWdUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBvxga/OuWVzLo/0GVrEvnQy+8M75tPcTc8RaSX9xCbdKfYBGpYxEB fK5MA+B66RDX0/TY+Sc0vj4gQhx8FyDmtuSO/8xSGFQ33jQyHExkgZsi9cOEpZ/O gH9Xea4k074JpENH777SvvwvfnRCPS+OIWn5KPy5nSGctY7lFWn3IUr2FbYaywHL Y1nlKzf4f1LAAVzOehq4pbr6hGiYZjM/ZuC+OAifyo7+oK3VAOfOcvhlRwZUDsIJ aL3xzNL+TMYEN8ua0odLfob1XP7mkPe6eNAtuphro5IAMQxAfcmtrd6+SQlJ7k2h ORKooMr91VAhsHZ7dGF0u+al0wsovPX1 -----END CERTIFICATE-----Generated at Sat Apr 5 13:25:17 2025 by rpki-client