$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC64D/B2EF3E3495D611EB98215C18C4F9AE02/3xHpJo0GrlO6-3QTvTT_OHjk7tA.mft File: 3xHpJo0GrlO6-3QTvTT_OHjk7tA.mft (raw, json) Hash identifier: TF5exIs5DcMmKDQ+pjTOMtf4qB90wntKr6OV429qbeA= Subject key identifier: 22:C4:6C:68:E4:88:BB:F7:55:5A:00:AA:5E:39:BA:45:B6:99:CB:0C Authority key identifier: DF:11:E9:26:8D:06:AE:53:BA:FB:74:13:BD:34:FF:38:78:E4:EE:D0 Certificate issuer: /CN=A91BC64D/serialNumber=DF11E9268D06AE53BAFB7413BD34FF3878E4EED0 Certificate serial: 0623 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xHpJo0GrlO6-3QTvTT_OHjk7tA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC64D/B2EF3E3495D611EB98215C18C4F9AE02/3xHpJo0GrlO6-3QTvTT_OHjk7tA.mft Manifest number: 0618 Signing time: Wed 02 Apr 2025 22:47:15 +0000 Manifest this update: Wed 02 Apr 2025 22:47:14 +0000 Manifest next update: Wed 09 Apr 2025 22:47:14 +0000 Files and hashes: 1: 3xHpJo0GrlO6-3QTvTT_OHjk7tA.crl (hash: jduxjSLIi4Vy5MBZLaBOiqk8j7O5pvzq0AuuOg1eZBY=) 2: FC583AC6CC8511EC8D238672C4F9AE02.roa (hash: 4nQWYZbXWSJ3PqE4ZBiXzBzUwOjlbjDx0Oq7v5W8vCQ=) 3: FD987A54CC8511EC8D238672C4F9AE02.roa (hash: MzEQJvzOJlRcf4tMcorSrwSuzHCC7BZBlDirsliZQdI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC64D/B2EF3E3495D611EB98215C18C4F9AE02/3xHpJo0GrlO6-3QTvTT_OHjk7tA.crl rsync://rpki.apnic.net/member_repository/A91BC64D/B2EF3E3495D611EB98215C18C4F9AE02/3xHpJo0GrlO6-3QTvTT_OHjk7tA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xHpJo0GrlO6-3QTvTT_OHjk7tA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 22:47:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1571 (0x623) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC64D Validity Not Before: Apr 2 22:47:14 2025 GMT Not After : Apr 9 22:47:14 2025 GMT Subject: CN=67edbe72-edeb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:6c:5a:d3:79:70:44:43:e5:c5:f6:6a:df:19: af:43:c0:ff:e0:54:c9:99:0e:2d:b5:65:0b:13:b0: f3:51:c5:44:e9:4f:61:3f:a1:15:6e:23:98:e4:74: f3:1a:57:4c:e3:b9:a6:06:a8:35:c5:5c:3a:de:89: bb:11:eb:ae:9c:7c:95:13:6b:e4:d7:c7:4d:e1:5d: bf:79:7a:b0:8e:12:8a:86:15:b5:13:80:70:9e:d4: d1:2b:fe:89:25:c2:c0:93:f8:5f:02:76:9d:24:6c: 1c:69:ea:6f:ba:a3:d7:e7:36:2b:88:f5:64:1d:0e: 65:de:b6:1e:3b:ed:b7:c9:e6:fa:6d:a9:88:73:2e: 58:e6:39:f5:bc:64:6f:49:11:b7:6d:b8:6f:96:99: ba:11:5c:a8:4b:27:76:ce:00:6f:8a:24:82:1d:64: 84:86:05:5b:7e:11:51:0f:65:49:bb:04:1a:e9:61: 78:60:26:6d:91:70:3a:7e:b5:4b:fe:94:e8:04:61: c6:f8:4d:4b:53:5f:42:96:f6:2b:04:29:d2:57:52: 41:d2:8c:47:af:02:83:2d:cd:f2:90:c6:7e:8b:9e: 7e:7c:fc:79:e7:45:c4:27:89:71:c5:e9:3e:ad:ad: fd:5e:e8:43:13:8b:ca:13:a0:fc:26:5f:ca:15:01: a8:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:C4:6C:68:E4:88:BB:F7:55:5A:00:AA:5E:39:BA:45:B6:99:CB:0C X509v3 Authority Key Identifier: keyid:DF:11:E9:26:8D:06:AE:53:BA:FB:74:13:BD:34:FF:38:78:E4:EE:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC64D/B2EF3E3495D611EB98215C18C4F9AE02/3xHpJo0GrlO6-3QTvTT_OHjk7tA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xHpJo0GrlO6-3QTvTT_OHjk7tA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC64D/B2EF3E3495D611EB98215C18C4F9AE02/3xHpJo0GrlO6-3QTvTT_OHjk7tA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption da:05:03:c0:29:f9:e2:01:24:76:9e:af:ea:e2:a1:96:bc:c7: 56:29:c1:4e:38:53:25:6a:1d:93:48:2c:ec:8a:fd:f9:99:9a: 0f:74:3e:c7:ec:5e:11:37:70:82:a8:5d:8a:bf:7e:c5:77:9a: 40:c8:c9:63:24:22:d0:7b:ea:cc:50:b1:e0:ae:3c:ae:0e:b9: da:fd:e4:38:20:6f:5b:ed:b1:86:16:76:fe:34:fc:99:8c:04: 82:fe:38:0b:25:52:58:b0:a6:ff:a4:1b:dc:e5:db:d7:17:77: 62:80:60:0f:52:2c:28:ab:9a:c9:d5:5d:81:ab:31:53:e9:9f: 9e:d7:d9:93:a2:e6:1e:11:14:31:8a:48:f3:89:85:2f:ea:f6: 59:c6:76:8a:19:af:d3:d2:9d:7c:f1:76:cc:df:c8:27:2d:3b: 74:6c:91:f5:ec:d1:1d:68:6f:aa:4d:79:9f:4c:2c:a8:fd:fa: b6:f3:8d:5d:73:da:ae:0d:13:a2:bf:1f:48:10:0e:61:eb:0a: 21:4c:7c:60:75:e7:b4:c6:2d:c4:cf:75:7e:2a:de:1d:e6:e8: 1d:d8:ea:69:4f:fa:3c:17:f2:5d:e8:0e:ee:e3:2f:a1:fc:b9: d2:55:ca:50:8a:39:4b:4d:ec:ce:7a:93:e0:b0:e2:81:02:47: bf:46:6e:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM2NEQxMTAvBgNVBAUTKERGMTFFOTI2OEQwNkFFNTNCQUZCNzQxM0JEMzRGRjM4 NzhFNEVFRDAwHhcNMjUwNDAyMjI0NzE0WhcNMjUwNDA5MjI0NzE0WjAYMRYwFAYD VQQDEw02N2VkYmU3Mi1lZGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtWxa03lwREPlxfZq3xmvQ8D/4FTJmQ4ttWULE7DzUcVE6U9hP6EVbiOY5HTz GldM47mmBqg1xVw63om7EeuunHyVE2vk18dN4V2/eXqwjhKKhhW1E4BwntTRK/6J JcLAk/hfAnadJGwcaepvuqPX5zYriPVkHQ5l3rYeO+23yeb6bamIcy5Y5jn1vGRv SRG3bbhvlpm6EVyoSyd2zgBviiSCHWSEhgVbfhFRD2VJuwQa6WF4YCZtkXA6frVL /pToBGHG+E1LU19ClvYrBCnSV1JB0oxHrwKDLc3ykMZ+i55+fPx550XEJ4lxxek+ ra39XuhDE4vKE6D8Jl/KFQGoywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCLEbGjk iLv3VVoAql45ukW2mcsMMB8GA1UdIwQYMBaAFN8R6SaNBq5Tuvt0E700/zh45O7Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzY0RC9CMkVGM0UzNDk1 RDYxMUVCOTgyMTVDMThDNEY5QUUwMi8zeEhwSm8wR3JsTzYtM1FUdlRUX09Iams3 dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN4SHBKbzBHcmxPNi0zUVR2VFRfT0hqazd0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QzY0RC9CMkVGM0UzNDk1RDYxMUVCOTgyMTVDMThDNEY5QUUwMi8zeEhwSm8wR3Js TzYtM1FUdlRUX09Iams3dEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDaBQPAKfniASR2nq/q4qGWvMdWKcFOOFMlah2TSCzsiv35mZoPdD7H 7F4RN3CCqF2Kv37Fd5pAyMljJCLQe+rMULHgrjyuDrna/eQ4IG9b7bGGFnb+NPyZ jASC/jgLJVJYsKb/pBvc5dvXF3digGAPUiwoq5rJ1V2BqzFT6Z+e19mTouYeERQx ikjziYUv6vZZxnaKGa/T0p188XbM38gnLTt0bJH17NEdaG+qTXmfTCyo/fq2841d c9quDROivx9IEA5h6wohTHxgdee0xi3Ez3V+Kt4d5ugd2OppT/o8F/Jd6A7u4y+h /LnSVcpQijlLTezOepPgsOKBAke/Rm6H -----END CERTIFICATE-----Generated at Fri Apr 4 18:35:52 2025 by rpki-client