$ rpki-client -vvf rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft File: I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft (raw, json) Hash identifier: CvhewEuSszKqcAc30ZjkTzlwwLlrJAGC/CkK915ge98= Subject key identifier: 03:A5:B0:B4:44:C0:AB:7F:99:12:70:A0:B0:02:36:AB:C0:D5:B9:A1 Authority key identifier: 23:ED:EB:74:FD:23:40:E4:7F:01:BC:8B:F7:84:3B:76:91:DC:06:15 Certificate issuer: /CN=A91E22E5/serialNumber=23EDEB74FD2340E47F01BC8BF7843B7691DC0615 Certificate serial: 0200 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-3rdP0jQOR_AbyL94Q7dpHcBhU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft Manifest number: 01FD Signing time: Fri 11 Apr 2025 02:00:24 +0000 Manifest this update: Fri 11 Apr 2025 02:00:24 +0000 Manifest next update: Fri 18 Apr 2025 02:00:24 +0000 Files and hashes: 1: I-3rdP0jQOR_AbyL94Q7dpHcBhU.crl (hash: B91o+9/vSB4EB/096mdzicQ6M071ARWL2lXhpfg0d40=) 2: 623705DA339111ED9249064BC4F9AE02.roa (hash: oE8Ftzk8b1pgimy4jf77z4BKi4j6G1jlmkYSbgOmtg8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.crl rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-3rdP0jQOR_AbyL94Q7dpHcBhU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 02:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 512 (0x200) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E22E5, serialNumber=23EDEB74FD2340E47F01BC8BF7843B7691DC0615 Validity Not Before: Apr 11 02:00:24 2025 GMT Not After : Apr 18 02:00:24 2025 GMT Subject: CN=67f877b8-825e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ef:ed:5c:5b:66:f3:06:4b:c0:45:7b:b4:64: 3a:f4:a2:b1:c0:6b:d2:65:77:0b:3b:4f:93:e3:f8: 1f:77:c3:2f:ac:9f:28:33:d1:da:a0:a7:83:8c:29: 37:85:c8:15:69:8c:36:6e:aa:07:3f:7f:eb:ed:28: 5e:1c:a8:b7:91:19:f7:f2:93:cb:11:1a:f0:db:82: 70:0c:79:e2:d7:0d:f3:d8:6b:08:57:3d:aa:09:7f: 6a:d3:3a:8e:d8:c8:3e:f4:74:46:e6:1f:a9:b6:9a: 68:5a:05:a5:fd:50:b9:30:a1:f0:19:8a:f0:d2:eb: f3:18:6e:90:98:d6:18:9d:02:dd:0d:54:8f:54:ab: 7c:30:d3:44:17:d5:52:c7:38:87:4f:18:3f:38:f3: 5d:24:d3:03:4b:05:34:b3:b5:b2:fa:f2:ba:69:23: 6d:b0:b2:bf:c4:0b:21:79:22:57:2f:cf:3a:97:74: d7:a5:86:a9:ef:ae:e6:09:65:78:d2:3c:b3:0e:ba: 72:f9:c4:76:c6:24:0c:6d:07:f8:cf:b0:ac:e4:e8: 60:83:5e:35:62:4e:51:c4:1e:58:0a:19:bd:41:69: 4f:58:c7:44:9a:f3:fc:5c:c3:25:85:bd:eb:05:49: f8:72:30:40:a9:48:8b:2c:30:80:5d:c7:a5:83:62: 78:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:A5:B0:B4:44:C0:AB:7F:99:12:70:A0:B0:02:36:AB:C0:D5:B9:A1 X509v3 Authority Key Identifier: keyid:23:ED:EB:74:FD:23:40:E4:7F:01:BC:8B:F7:84:3B:76:91:DC:06:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-3rdP0jQOR_AbyL94Q7dpHcBhU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E22E5/F5E34E64338D11ED97E3E25FC4F9AE02/I-3rdP0jQOR_AbyL94Q7dpHcBhU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:c5:c5:76:66:61:0c:41:00:85:a4:d4:59:3c:c4:d1:39:93: ca:28:dc:16:e8:25:a1:61:3a:55:0d:8b:35:53:31:04:83:27: 37:43:28:70:00:64:67:e4:92:40:90:dd:53:58:6c:97:fd:0e: 33:6e:36:b1:31:e6:8d:9c:8e:5d:41:7d:a3:11:6d:63:52:60: 23:d7:7e:8e:67:ab:c2:38:fb:25:1d:0b:7b:7a:d6:9f:d6:5d: 5e:ff:f8:1d:06:fb:7c:a3:1b:ce:3c:aa:0c:4e:92:80:40:72: d2:2a:7c:f5:ed:96:5c:0a:e9:0e:00:fd:cf:93:81:66:b4:65: fc:ed:dc:65:3d:27:29:63:13:2d:5c:2d:17:c5:d5:d9:87:d1: 5f:b4:83:3c:f0:0f:b6:e5:c4:10:de:37:31:9a:bd:54:14:35: 66:71:94:73:0d:60:31:38:05:20:fb:ef:b0:48:99:d3:c4:0f: e3:d2:28:b2:d0:2a:b6:5d:63:00:77:3d:2b:77:fd:7c:e0:54: c8:fc:12:be:cc:ac:23:4a:c8:e7:b3:3d:e3:67:92:07:ab:0b: 60:9a:da:ba:6a:26:09:11:39:56:f8:67:a7:38:1b:bc:09:79: 29:3d:ce:d5:4e:3d:19:ec:4e:52:e5:c2:21:c9:1b:f5:7a:ab: e1:9c:9c:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTIyRTUxMTAvBgNVBAUTKDIzRURFQjc0RkQyMzQwRTQ3RjAxQkM4QkY3ODQzQjc2 OTFEQzA2MTUwHhcNMjUwNDExMDIwMDI0WhcNMjUwNDE4MDIwMDI0WjAYMRYwFAYD VQQDEw02N2Y4NzdiOC04MjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwu/tXFtm8wZLwEV7tGQ69KKxwGvSZXcLO0+T4/gfd8MvrJ8oM9HaoKeDjCk3 hcgVaYw2bqoHP3/r7SheHKi3kRn38pPLERrw24JwDHni1w3z2GsIVz2qCX9q0zqO 2Mg+9HRG5h+ptppoWgWl/VC5MKHwGYrw0uvzGG6QmNYYnQLdDVSPVKt8MNNEF9VS xziHTxg/OPNdJNMDSwU0s7Wy+vK6aSNtsLK/xAsheSJXL886l3TXpYap767mCWV4 0jyzDrpy+cR2xiQMbQf4z7Cs5Ohgg141Yk5RxB5YChm9QWlPWMdEmvP8XMMlhb3r BUn4cjBAqUiLLDCAXcelg2J4dQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAOlsLRE wKt/mRJwoLACNqvA1bmhMB8GA1UdIwQYMBaAFCPt63T9I0DkfwG8i/eEO3aR3AYV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjJFNS9GNUUzNEU2NDMz OEQxMUVEOTdFM0UyNUZDNEY5QUUwMi9JLTNyZFAwalFPUl9BYnlMOTRRN2RwSGNC aFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ktM3JkUDBqUU9SX0FieUw5NFE3ZHBIY0JoVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjJFNS9GNUUzNEU2NDMzOEQxMUVEOTdFM0UyNUZDNEY5QUUwMi9JLTNyZFAwalFP Ul9BYnlMOTRRN2RwSGNCaFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBExcV2ZmEMQQCFpNRZPMTROZPKKNwW6CWhYTpVDYs1UzEEgyc3Qyhw AGRn5JJAkN1TWGyX/Q4zbjaxMeaNnI5dQX2jEW1jUmAj136OZ6vCOPslHQt7etaf 1l1e//gdBvt8oxvOPKoMTpKAQHLSKnz17ZZcCukOAP3Pk4FmtGX87dxlPScpYxMt XC0XxdXZh9FftIM88A+25cQQ3jcxmr1UFDVmcZRzDWAxOAUg+++wSJnTxA/j0iiy 0Cq2XWMAdz0rd/184FTI/BK+zKwjSsjnsz3jZ5IHqwtgmtq6aiYJETlW+GenOBu8 CXkpPc7VTj0Z7E5S5cIhyRv1eqvhnJyA -----END CERTIFICATE-----Generated at Sat Apr 12 20:45:09 2025 by rpki-client