$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/3ETtNb69CygywHT8LEaqsM1oL94.mft File: 3ETtNb69CygywHT8LEaqsM1oL94.mft (raw, json) Hash identifier: BYSNvOKmz1w6faBzfyicE+vzIqsd+1TmcdmoB0k3RaY= Subject key identifier: 1B:5B:F3:4A:BD:F6:8D:84:1B:EC:2C:AB:DB:F1:AC:88:49:FA:BE:37 Authority key identifier: DC:44:ED:35:BE:BD:0B:28:32:C0:74:FC:2C:46:AA:B0:CD:68:2F:DE Certificate issuer: /CN=A9143B09/serialNumber=DC44ED35BEBD0B2832C074FC2C46AAB0CD682FDE Certificate serial: 1088 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3ETtNb69CygywHT8LEaqsM1oL94.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/3ETtNb69CygywHT8LEaqsM1oL94.mft Manifest number: 191B Signing time: Fri 30 May 2025 17:32:10 +0000 Manifest this update: Fri 30 May 2025 17:32:09 +0000 Manifest next update: Fri 06 Jun 2025 17:32:09 +0000 Files and hashes: 1: 3ETtNb69CygywHT8LEaqsM1oL94.crl (hash: LdrPWfP0WaXU40dmy5lpfNauv38+4zrDtmYgbO2/QuU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/3ETtNb69CygywHT8LEaqsM1oL94.crl rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/3ETtNb69CygywHT8LEaqsM1oL94.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3ETtNb69CygywHT8LEaqsM1oL94.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:32:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4232 (0x1088) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B09, serialNumber=DC44ED35BEBD0B2832C074FC2C46AAB0CD682FDE Validity Not Before: May 30 17:32:09 2025 GMT Not After : Jun 6 17:32:09 2025 GMT Subject: CN=6839eb9a-c7da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:6a:5b:91:43:a7:4e:02:82:76:17:64:15:b5: 2b:24:ef:63:7e:8c:c7:28:0f:85:81:05:a2:32:a5: ba:ae:1d:e6:9d:65:c5:5f:91:84:26:67:c9:ff:5f: 9d:64:ac:65:6b:14:f4:24:96:4b:d4:ff:16:81:e4: 3f:d1:10:7d:7c:09:23:8f:b5:d3:15:1e:b6:d7:39: a3:86:42:cd:aa:55:1b:d5:41:c1:21:b5:46:a0:4d: 2a:c9:20:3d:ca:68:f3:c5:ce:1c:01:05:6c:33:e9: e4:0b:ac:9b:21:3c:f1:73:88:16:49:1f:87:88:54: 82:a7:0e:3c:23:8e:f1:e7:a6:9b:98:c6:4c:d9:49: ed:13:6e:32:d6:90:fd:0e:81:3e:52:55:7e:82:62: ca:f9:fb:15:56:03:7b:94:9f:53:b6:43:cb:8d:43: d7:91:91:ac:eb:6e:58:94:8f:d6:4f:6c:f3:1c:00: 23:ab:95:8b:bb:c6:cc:28:8d:af:4b:79:04:fa:6c: 08:ea:78:fb:6a:f9:63:32:29:df:93:c1:b2:a6:b2: 15:e1:32:ad:b6:d9:7a:2b:3e:4a:c6:9e:c0:8a:8d: 85:69:4e:9d:ef:aa:41:ad:11:f0:07:d6:61:d6:74: de:41:0a:6c:ac:b4:d9:03:02:fe:f0:b6:cd:75:9e: 06:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:5B:F3:4A:BD:F6:8D:84:1B:EC:2C:AB:DB:F1:AC:88:49:FA:BE:37 X509v3 Authority Key Identifier: keyid:DC:44:ED:35:BE:BD:0B:28:32:C0:74:FC:2C:46:AA:B0:CD:68:2F:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/3ETtNb69CygywHT8LEaqsM1oL94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3ETtNb69CygywHT8LEaqsM1oL94.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/3ETtNb69CygywHT8LEaqsM1oL94.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:77:eb:8e:da:59:6b:0d:83:84:52:c0:e8:9c:62:75:b6:3e: 9c:a2:8e:7e:6f:d4:fc:46:65:9e:f5:5c:42:a3:35:ae:5b:b1: 9d:bd:48:84:5e:10:f4:be:cf:8b:22:00:22:77:c9:b0:dc:d1: 6f:14:af:86:95:f5:0b:15:1c:42:02:10:f7:1d:ee:1f:9a:d0: a8:35:da:45:f3:57:3d:f1:2a:12:7a:82:fc:eb:ed:00:02:7b: 17:5c:58:1a:ba:1b:b1:c5:9f:22:64:77:fc:80:cd:1f:6a:4e: e3:97:a3:7c:ae:b3:d0:01:31:e9:d4:04:ca:f0:f0:d8:f7:23: fa:f7:a5:99:3e:c1:b6:c9:13:ac:93:54:3f:25:09:3c:28:43: bb:87:9d:10:fc:ba:ac:0c:53:2d:77:02:da:53:8d:db:57:8c: f3:58:31:44:83:54:8a:87:f6:c3:b5:cf:52:26:2c:b6:c7:dc: 72:7b:c8:13:2a:ac:34:1a:57:03:c8:28:c4:f2:5c:6b:86:b9: 8a:66:ca:03:34:05:60:0a:3a:1b:d0:2d:17:63:06:4f:62:3c: ff:8f:51:99:d5:c6:ed:c3:7c:0d:f0:87:43:5c:5e:11:33:6a: d0:86:95:c9:b0:13:40:ea:8a:b4:df:18:8c:95:ec:69:3b:2c: d5:98:c4:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMDkxMTAvBgNVBAUTKERDNDRFRDM1QkVCRDBCMjgzMkMwNzRGQzJDNDZBQUIw Q0Q2ODJGREUwHhcNMjUwNTMwMTczMjA5WhcNMjUwNjA2MTczMjA5WjAYMRYwFAYD VQQDEw02ODM5ZWI5YS1jN2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GpbkUOnTgKCdhdkFbUrJO9jfozHKA+FgQWiMqW6rh3mnWXFX5GEJmfJ/1+d ZKxlaxT0JJZL1P8WgeQ/0RB9fAkjj7XTFR621zmjhkLNqlUb1UHBIbVGoE0qySA9 ymjzxc4cAQVsM+nkC6ybITzxc4gWSR+HiFSCpw48I47x56abmMZM2UntE24y1pD9 DoE+UlV+gmLK+fsVVgN7lJ9TtkPLjUPXkZGs625YlI/WT2zzHAAjq5WLu8bMKI2v S3kE+mwI6nj7avljMinfk8GyprIV4TKtttl6Kz5Kxp7Aio2FaU6d76pBrRHwB9Zh 1nTeQQpsrLTZAwL+8LbNdZ4GdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBtb80q9 9o2EG+wsq9vxrIhJ+r43MB8GA1UdIwQYMBaAFNxE7TW+vQsoMsB0/CxGqrDNaC/e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwOS8zQjM2N0JDRTMz QjcxMUU5QUQwRjU4N0FDNEY5QUUwMi8zRVR0TmI2OUN5Z3l3SFQ4TEVhcXNNMW9M OTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNFVHROYjY5Q3lneXdIVDhMRWFxc00xb0w5NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwOS8zQjM2N0JDRTMzQjcxMUU5QUQwRjU4N0FDNEY5QUUwMi8zRVR0TmI2OUN5 Z3l3SFQ4TEVhcXNNMW9MOTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0d+uO2llrDYOEUsDonGJ1tj6coo5+b9T8RmWe9VxCozWuW7GdvUiE XhD0vs+LIgAid8mw3NFvFK+GlfULFRxCAhD3He4fmtCoNdpF81c98SoSeoL86+0A AnsXXFgauhuxxZ8iZHf8gM0fak7jl6N8rrPQATHp1ATK8PDY9yP696WZPsG2yROs k1Q/JQk8KEO7h50Q/LqsDFMtdwLaU43bV4zzWDFEg1SKh/bDtc9SJiy2x9xye8gT Kqw0GlcDyCjE8lxrhrmKZsoDNAVgCjob0C0XYwZPYjz/j1GZ1cbtw3wN8IdDXF4R M2rQhpXJsBNA6oq03xiMlexpOyzVmMTu -----END CERTIFICATE-----Generated at Sat May 31 17:02:25 2025 by rpki-client