$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft File: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft (raw, json) Hash identifier: 8mAd2gr3mAKoumNcr/JImDmFC78ZLpZ2SA8Wu/h+pr0= Subject key identifier: A9:2C:A3:60:8C:4E:60:0A:BE:48:C7:CB:A8:1D:E8:D7:5D:4E:EF:96 Authority key identifier: DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 Certificate issuer: /CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Certificate serial: 0BFC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft Manifest number: 0BED Signing time: Fri 30 May 2025 19:00:16 +0000 Manifest this update: Fri 30 May 2025 19:00:15 +0000 Manifest next update: Fri 06 Jun 2025 19:00:15 +0000 Files and hashes: 1: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl (hash: d23/7ydv6qBbtGcIzTBtFwpeg5ukinQaJMbcOEvOQac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3068 (0xbfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BAAD, serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Validity Not Before: May 30 19:00:15 2025 GMT Not After : Jun 6 19:00:15 2025 GMT Subject: CN=683a0040-d152 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:2e:af:76:46:0e:81:ea:4d:ba:df:a8:fb:44: b8:90:87:ee:49:f2:a4:47:4c:8d:f4:78:cb:58:16: 96:ac:05:f8:96:20:8c:96:61:b8:6a:b4:39:4b:42: 30:e9:8f:ad:96:19:e9:39:33:8b:da:e7:e9:ca:7a: fc:c9:45:5a:e2:eb:6b:43:39:21:d7:7d:fb:10:c4: 4c:c2:aa:71:d8:6c:9d:69:05:1b:74:32:49:17:39: 8f:6f:45:ba:ae:9c:e2:b8:a0:66:ed:2c:da:d9:5e: 13:c9:d8:00:15:3d:c2:8b:39:52:49:e5:e1:e5:3f: 4c:82:20:c6:99:bb:b7:30:24:96:21:13:03:79:5c: 9f:25:77:aa:bc:54:06:8a:1c:03:ec:1a:10:5c:a5: 3c:95:13:6d:fe:52:90:40:b2:2f:5b:78:8e:2d:44: fd:05:f5:b9:74:25:0f:96:a8:bf:fc:93:22:71:3c: 73:69:43:36:fb:74:29:2c:22:66:56:99:ad:c2:36: bd:47:ca:8e:85:5e:d7:fe:55:71:5d:12:19:05:f5: 26:c1:21:64:56:7f:fc:eb:ad:3a:c9:dd:9c:a4:60: 10:da:5a:f4:75:0b:47:43:24:25:a6:d7:4e:85:c6: aa:c1:b0:eb:d2:ff:77:28:7e:b1:29:7e:47:af:24: a4:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:2C:A3:60:8C:4E:60:0A:BE:48:C7:CB:A8:1D:E8:D7:5D:4E:EF:96 X509v3 Authority Key Identifier: keyid:DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:98:ea:65:0a:2e:39:0e:90:0d:4c:01:b8:ad:07:1d:6e:be: 7b:c3:74:fc:42:88:33:e9:a6:26:69:0b:1c:69:3f:72:54:7d: 29:4a:04:35:51:cf:6e:73:34:16:d2:b6:da:81:26:ac:c6:0e: 35:af:5c:f6:8c:8e:f7:80:1d:87:11:46:fe:f9:85:e7:64:f7: 68:79:b8:44:94:b8:ef:b2:de:2f:ed:d3:9a:a8:7c:51:32:20: 7b:cc:09:4c:e0:47:08:47:df:db:06:c0:ff:52:c5:ba:3b:c1: 00:ae:71:40:be:68:ee:a8:ae:54:f0:d0:52:19:d5:35:7e:8e: f5:91:fa:1e:9b:f9:ec:60:fd:7b:86:87:ff:75:5c:38:03:2b: 05:de:03:c8:76:e3:96:e7:19:bf:06:96:93:0b:de:c0:5a:3c: 55:a5:ba:40:67:d4:c8:4d:1b:44:6e:18:ac:60:00:dc:4c:b7: ed:bb:14:0b:14:62:2d:01:d8:7c:f9:e8:9f:6d:11:ab:10:25: 35:ab:84:a7:32:c3:44:30:6d:b3:91:b3:c0:31:a2:a5:21:55: a5:ad:6d:f3:4b:40:5e:39:99:2a:eb:49:9d:26:5d:b3:85:9e: a8:1a:83:e1:a6:fa:82:0f:d4:85:23:3b:38:a4:f4:b3:b5:8d: 74:d2:3c:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJBQUQxMTAvBgNVBAUTKERERjg4NDkxMUFEM0YyOENDOUQ5NkE4QzI0QTkzOUE2 NUY4QjI1NzYwHhcNMjUwNTMwMTkwMDE1WhcNMjUwNjA2MTkwMDE1WjAYMRYwFAYD VQQDEw02ODNhMDA0MC1kMTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9i6vdkYOgepNut+o+0S4kIfuSfKkR0yN9HjLWBaWrAX4liCMlmG4arQ5S0Iw 6Y+tlhnpOTOL2ufpynr8yUVa4utrQzkh1337EMRMwqpx2GydaQUbdDJJFzmPb0W6 rpziuKBm7Sza2V4TydgAFT3CizlSSeXh5T9MgiDGmbu3MCSWIRMDeVyfJXeqvFQG ihwD7BoQXKU8lRNt/lKQQLIvW3iOLUT9BfW5dCUPlqi//JMicTxzaUM2+3QpLCJm Vpmtwja9R8qOhV7X/lVxXRIZBfUmwSFkVn/86606yd2cpGAQ2lr0dQtHQyQlptdO hcaqwbDr0v93KH6xKX5HrySkFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKkso2CM TmAKvkjHy6gd6NddTu+WMB8GA1UdIwQYMBaAFN34hJEa0/KMydlqjCSpOaZfiyV2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBRC81MjFBRERDODE4 NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhvekoyV3FNSktrNXBsLUxK WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNmaUVrUnJUOG96SjJXcU1KS2s1cGwtTEpYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkFBRC81MjFBRERDODE4NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhv ekoyV3FNSktrNXBsLUxKWFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAymOplCi45DpANTAG4rQcdbr57w3T8Qogz6aYmaQscaT9yVH0pSgQ1 Uc9uczQW0rbagSasxg41r1z2jI73gB2HEUb++YXnZPdoebhElLjvst4v7dOaqHxR MiB7zAlM4EcIR9/bBsD/UsW6O8EArnFAvmjuqK5U8NBSGdU1fo71kfoem/nsYP17 hof/dVw4AysF3gPIduOW5xm/BpaTC97AWjxVpbpAZ9TITRtEbhisYADcTLftuxQL FGItAdh8+eifbRGrECU1q4SnMsNEMG2zkbPAMaKlIVWlrW3zS0BeOZkq60mdJl2z hZ6oGoPhpvqCD9SFIzs4pPSztY100jyq -----END CERTIFICATE-----Generated at Sat May 31 17:00:18 2025 by rpki-client