$ rpki-client -vvf rpki.apnic.net/member_repository/A91476FE/90FE4720083711F09DB91B70C4F9AE02/_3wGiSUYZz7M4Ea2pxfzU85TxQk.mft File: _3wGiSUYZz7M4Ea2pxfzU85TxQk.mft (raw, json) Hash identifier: qI++6zsPtvLehioEga0KHfWrIZzXtdpMI+31JIXaDo0= Subject key identifier: 5E:2B:FC:1C:B0:54:1B:CE:71:65:A2:6E:1E:4F:F7:2C:44:4B:F4:3B Authority key identifier: FF:7C:06:89:25:18:67:3E:CC:E0:46:B6:A7:17:F3:53:CE:53:C5:09 Certificate issuer: /CN=A91476FE/serialNumber=FF7C06892518673ECCE046B6A717F353CE53C509 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3wGiSUYZz7M4Ea2pxfzU85TxQk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91476FE/90FE4720083711F09DB91B70C4F9AE02/_3wGiSUYZz7M4Ea2pxfzU85TxQk.mft Manifest number: 26 Signing time: Sat 31 May 2025 07:23:57 +0000 Manifest this update: Sat 31 May 2025 07:23:56 +0000 Manifest next update: Sat 07 Jun 2025 07:23:56 +0000 Files and hashes: 1: _3wGiSUYZz7M4Ea2pxfzU85TxQk.crl (hash: J3GurFhiG1aYxgTuynnAXF6OjSVJKOSOauI7DBJgy9k=) 2: CC704C6639B711F09D08292CC4F9AE02.roa (hash: y5V35SrRErfwFP7aZue+NHYx98PUihA9AmJYTkLiSE4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91476FE/90FE4720083711F09DB91B70C4F9AE02/_3wGiSUYZz7M4Ea2pxfzU85TxQk.crl rsync://rpki.apnic.net/member_repository/A91476FE/90FE4720083711F09DB91B70C4F9AE02/_3wGiSUYZz7M4Ea2pxfzU85TxQk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3wGiSUYZz7M4Ea2pxfzU85TxQk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:23:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91476FE, serialNumber=FF7C06892518673ECCE046B6A717F353CE53C509 Validity Not Before: May 31 07:23:56 2025 GMT Not After : Jun 7 07:23:56 2025 GMT Subject: CN=683aae8c-d563 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e4:ae:fa:c8:29:63:a3:aa:aa:3e:03:79:1e: d1:53:60:a2:41:cd:95:62:0c:94:e9:74:f1:d2:f3: 72:01:0b:bb:9c:96:17:66:54:2f:31:31:9a:68:7c: 82:c0:a1:c1:20:2d:7f:5f:38:23:cb:ea:df:81:c3: 88:3e:6b:d3:11:f5:1e:b2:11:1d:ec:1a:63:0a:9e: 35:7a:0f:49:bf:0a:ed:24:4e:95:57:36:cc:0c:22: eb:0f:71:a8:79:46:85:28:f4:b1:bc:5d:9b:b7:57: 68:29:31:88:a6:5a:41:70:9d:dd:e3:aa:96:63:65: 43:ee:c4:b3:5e:62:96:58:ba:3a:5d:85:ab:c8:95: c4:46:17:49:28:fd:1e:93:41:f8:df:b8:37:c8:f8: e7:27:55:aa:0a:7f:a1:06:d2:0e:cf:2b:de:3e:dc: 38:81:b7:5c:40:bb:2e:b5:d5:a6:0a:17:a0:77:b0: 6e:08:9a:28:40:43:40:89:58:11:15:39:66:6f:db: c3:fc:b5:39:72:da:44:c5:e5:4b:d0:ad:14:17:54: f4:7e:51:07:43:91:06:74:bd:08:bf:78:e8:3c:61: 97:e2:93:bb:98:72:43:1c:5c:0e:00:0c:91:67:90: a7:fd:1c:81:53:d9:11:52:43:81:61:97:d0:b2:e5: 9e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:2B:FC:1C:B0:54:1B:CE:71:65:A2:6E:1E:4F:F7:2C:44:4B:F4:3B X509v3 Authority Key Identifier: keyid:FF:7C:06:89:25:18:67:3E:CC:E0:46:B6:A7:17:F3:53:CE:53:C5:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91476FE/90FE4720083711F09DB91B70C4F9AE02/_3wGiSUYZz7M4Ea2pxfzU85TxQk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3wGiSUYZz7M4Ea2pxfzU85TxQk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91476FE/90FE4720083711F09DB91B70C4F9AE02/_3wGiSUYZz7M4Ea2pxfzU85TxQk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:b5:6c:af:ef:e7:65:9e:a4:94:5f:c7:f3:3b:a9:bd:4b:90: f8:b9:bf:4e:4c:a8:61:55:46:c8:c4:2a:f2:bf:cd:75:4d:55: 4d:97:f0:d4:7b:db:e0:f8:0b:30:b8:2b:37:84:6d:5a:28:8d: 77:03:35:d6:b2:b1:4c:b2:5b:f0:da:17:97:f9:87:41:94:01: 7d:64:4b:6a:50:4c:6e:31:d4:f9:e9:05:59:95:30:31:ae:8f: a2:28:04:c6:8d:42:ac:73:02:18:50:91:3e:ad:b6:84:0f:e4: 91:43:ca:9d:ca:7f:47:21:25:77:d1:0a:1d:65:8f:ea:98:a7: 42:bf:e1:b0:e1:be:f8:d4:ac:32:56:9d:97:e0:f3:e4:8f:c3: 1e:6d:b9:a1:9c:e8:f5:f0:b6:de:4e:b2:30:43:5b:1d:be:bf: 82:70:e4:b4:a4:23:e4:5e:c6:b1:d2:86:12:b4:b5:e1:11:44: b7:44:e7:d9:1f:c3:2b:ce:b4:22:42:8f:7e:eb:88:06:ce:4d: 5c:a8:78:dc:bc:3d:aa:a9:36:29:7c:73:9e:96:81:24:e6:66: 63:d0:ac:4e:61:63:1b:f7:a2:73:19:64:d7:b2:f6:4a:bf:43: 01:6e:96:82:fc:3a:64:42:0f:6c:4b:e8:52:5d:cd:eb:b0:b2: 7a:68:68:67 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NzZGRTExMC8GA1UEBRMoRkY3QzA2ODkyNTE4NjczRUNDRTA0NkI2QTcxN0YzNTND RTUzQzUwOTAeFw0yNTA1MzEwNzIzNTZaFw0yNTA2MDcwNzIzNTZaMBgxFjAUBgNV BAMTDTY4M2FhZThjLWQ1NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDK5K76yCljo6qqPgN5HtFTYKJBzZViDJTpdPHS83IBC7uclhdmVC8xMZpofILA ocEgLX9fOCPL6t+Bw4g+a9MR9R6yER3sGmMKnjV6D0m/Cu0kTpVXNswMIusPcah5 RoUo9LG8XZu3V2gpMYimWkFwnd3jqpZjZUPuxLNeYpZYujpdhavIlcRGF0ko/R6T QfjfuDfI+OcnVaoKf6EG0g7PK94+3DiBt1xAuy611aYKF6B3sG4ImihAQ0CJWBEV OWZv28P8tTly2kTF5UvQrRQXVPR+UQdDkQZ0vQi/eOg8YZfik7uYckMcXA4ADJFn kKf9HIFT2RFSQ4Fhl9Cy5Z5xAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXiv8HLBU G85xZaJuHk/3LERL9DswHwYDVR0jBBgwFoAU/3wGiSUYZz7M4Ea2pxfzU85TxQkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3NkZFLzkwRkU0NzIwMDgz NzExRjA5REI5MUI3MEM0RjlBRTAyL18zd0dpU1VZWno3TTRFYTJweGZ6VTg1VHhR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvXzN3R2lTVVlaejdNNEVhMnB4ZnpVODVUeFFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 NkZFLzkwRkU0NzIwMDgzNzExRjA5REI5MUI3MEM0RjlBRTAyL18zd0dpU1VZWno3 TTRFYTJweGZ6VTg1VHhRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIO1bK/v52WepJRfx/M7qb1LkPi5v05MqGFVRsjEKvK/zXVNVU2X8NR7 2+D4CzC4KzeEbVoojXcDNdaysUyyW/DaF5f5h0GUAX1kS2pQTG4x1PnpBVmVMDGu j6IoBMaNQqxzAhhQkT6ttoQP5JFDyp3Kf0chJXfRCh1lj+qYp0K/4bDhvvjUrDJW nZfg8+SPwx5tuaGc6PXwtt5OsjBDWx2+v4Jw5LSkI+RexrHShhK0teERRLdE59kf wyvOtCJCj37riAbOTVyoeNy8PaqpNil8c56WgSTmZmPQrE5hYxv3onMZZNey9kq/ QwFuloL8OmRCD2xL6FJdzeuwsnpoaGc= -----END CERTIFICATE-----Generated at Sat May 31 17:11:19 2025 by rpki-client