$ rpki-client -vvf rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft File: S3Z_4wTU8n9REYZLp0O5R5zhSns.mft (raw, json) Hash identifier: fpM21uuNp2ewxYE0EVc2UAHEqKTF2And5b3dtlMsREA= Subject key identifier: 0C:22:B6:66:CE:4C:10:99:D0:50:72:51:5A:0D:8D:89:15:80:F4:18 Authority key identifier: 4B:76:7F:E3:04:D4:F2:7F:51:11:86:4B:A7:43:B9:47:9C:E1:4A:7B Certificate issuer: /CN=A91D53AC/serialNumber=4B767FE304D4F27F5111864BA743B9479CE14A7B Certificate serial: 3477 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft Manifest number: 3474 Signing time: Sun 20 Apr 2025 14:50:26 +0000 Manifest this update: Sun 20 Apr 2025 14:50:26 +0000 Manifest next update: Sun 27 Apr 2025 14:50:26 +0000 Files and hashes: 1: S3Z_4wTU8n9REYZLp0O5R5zhSns.crl (hash: fujIneiwpMPcB4RimhP6lWP1g5UuUD/GBUziL0TARC0=) 2: 0C9FD154619611EEADD97F70C4F9AE02.roa (hash: 6tys2kBORt2e9LfTgwSygjIdDqVtnmqGXLJS1SjEsWs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.crl rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 14:50:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13431 (0x3477) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D53AC, serialNumber=4B767FE304D4F27F5111864BA743B9479CE14A7B Validity Not Before: Apr 20 14:50:26 2025 GMT Not After : Apr 27 14:50:26 2025 GMT Subject: CN=680509b2-8580 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d6:3c:d1:6d:50:a3:c0:09:ba:43:01:ad:4f: 74:f8:10:6c:f7:48:79:13:8f:a4:af:03:ec:d6:04: e0:5a:e7:22:a3:65:e9:e5:74:56:b4:d0:d8:a7:9b: bf:d6:98:ec:2a:e6:a3:01:fb:f8:8e:b8:db:c4:de: 3b:49:68:be:1e:c3:d6:38:4c:61:f2:c6:c9:fa:03: 1a:cc:62:3a:0f:9a:92:89:40:6b:c9:42:2b:37:ac: 43:7b:4c:f6:8d:64:34:6f:a1:84:36:c7:88:69:be: b8:a8:5e:7a:e4:de:92:13:9c:63:2f:e8:4a:a0:20: a7:bb:0e:f6:36:75:97:e4:ca:d1:d6:98:e1:77:2e: 1a:42:21:86:64:9f:ae:72:7a:9f:34:62:6f:0c:dc: a0:86:2d:5a:4b:56:dc:cc:69:92:55:bf:45:78:72: 6b:b8:35:83:9b:5c:33:31:90:f4:92:1d:99:a0:ba: a0:3d:23:12:df:d9:ba:c5:8b:50:0f:a4:b8:dc:aa: ed:3f:26:57:4e:bf:3a:45:38:09:20:dc:37:05:16: 92:20:d0:80:f4:4d:1f:f1:b8:2a:95:44:c3:fb:b2: e9:15:1a:79:c3:d2:9d:2e:b4:3f:56:d3:da:14:f3: 9c:9e:07:a0:34:68:bd:b9:a1:ce:be:13:93:4f:97: ac:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:22:B6:66:CE:4C:10:99:D0:50:72:51:5A:0D:8D:89:15:80:F4:18 X509v3 Authority Key Identifier: keyid:4B:76:7F:E3:04:D4:F2:7F:51:11:86:4B:A7:43:B9:47:9C:E1:4A:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:75:75:48:54:00:27:d1:b1:06:3b:20:23:fc:1c:b5:44:5b: da:61:f4:58:d5:da:d5:ab:b4:bd:3f:bd:8c:d1:67:27:17:44: 07:05:f7:11:14:15:61:f3:9a:27:f5:7e:3b:5a:4a:74:cc:24: 24:9f:cc:4e:48:0c:47:61:05:23:31:e1:89:a7:cb:88:ed:02: df:a4:bb:a7:47:b1:04:49:83:a2:e0:ac:1d:7e:1e:54:01:de: 84:1a:f0:fa:80:af:e3:85:c4:6e:d4:89:86:8a:e5:45:00:04: 65:14:fe:12:81:db:a0:49:01:02:57:6d:a4:ac:99:5b:32:b8: b1:37:21:d9:61:55:45:9f:90:7e:c7:ba:84:72:6e:7b:a4:d3: bf:f4:eb:fc:9f:fa:53:6d:d8:b3:71:26:77:2f:3d:21:98:38: cb:28:46:2c:e4:22:c6:07:e9:ec:5e:99:f0:51:18:fe:ce:23: f0:a2:5f:d7:b4:ad:20:92:28:e2:af:85:4a:de:9e:96:48:5a: c2:79:b7:6b:d2:02:cb:0d:0d:f7:3f:50:1c:0a:dc:b1:6b:53: b4:c8:47:53:aa:f6:74:3a:30:1f:13:a1:fc:d0:87:38:f3:58: b4:39:70:17:fd:20:0b:77:ba:64:bb:92:d2:d3:33:63:8d:c0: 0f:17:78:fd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUzQUMxMTAvBgNVBAUTKDRCNzY3RkUzMDRENEYyN0Y1MTExODY0QkE3NDNCOTQ3 OUNFMTRBN0IwHhcNMjUwNDIwMTQ1MDI2WhcNMjUwNDI3MTQ1MDI2WjAYMRYwFAYD VQQDEw02ODA1MDliMi04NTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvdY80W1Qo8AJukMBrU90+BBs90h5E4+krwPs1gTgWucio2Xp5XRWtNDYp5u/ 1pjsKuajAfv4jrjbxN47SWi+HsPWOExh8sbJ+gMazGI6D5qSiUBryUIrN6xDe0z2 jWQ0b6GENseIab64qF565N6SE5xjL+hKoCCnuw72NnWX5MrR1pjhdy4aQiGGZJ+u cnqfNGJvDNyghi1aS1bczGmSVb9FeHJruDWDm1wzMZD0kh2ZoLqgPSMS39m6xYtQ D6S43KrtPyZXTr86RTgJINw3BRaSINCA9E0f8bgqlUTD+7LpFRp5w9KdLrQ/VtPa FPOcngegNGi9uaHOvhOTT5esFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAwitmbO TBCZ0FByUVoNjYkVgPQYMB8GA1UdIwQYMBaAFEt2f+ME1PJ/URGGS6dDuUec4Up7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTNBQy8wMzE2OEM0RTFE OTcxMUUyOEI2QzAwODAwOEIwMkNEMi9TM1pfNHdUVThuOVJFWVpMcDBPNVI1emhT bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzWl80d1RVOG45UkVZWkxwME81UjV6aFNucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTNBQy8wMzE2OEM0RTFEOTcxMUUyOEI2QzAwODAwOEIwMkNEMi9TM1pfNHdUVThu OVJFWVpMcDBPNVI1emhTbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpdXVIVAAn0bEGOyAj/By1RFvaYfRY1drVq7S9P72M0WcnF0QHBfcR FBVh85on9X47Wkp0zCQkn8xOSAxHYQUjMeGJp8uI7QLfpLunR7EESYOi4Kwdfh5U Ad6EGvD6gK/jhcRu1ImGiuVFAARlFP4SgdugSQECV22krJlbMrixNyHZYVVFn5B+ x7qEcm57pNO/9Ov8n/pTbdizcSZ3Lz0hmDjLKEYs5CLGB+nsXpnwURj+ziPwol/X tK0gkijir4VK3p6WSFrCebdr0gLLDQ33P1AcCtyxa1O0yEdTqvZ0OjAfE6H80Ic4 81i0OXAX/SALd7pku5LS0zNjjcAPF3j9 -----END CERTIFICATE-----Generated at Tue Apr 22 12:37:30 2025 by rpki-client