$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json) Hash identifier: VHkAlVqzb8U5xLALvCgz7J/YoNZhqLVTcdG28/yNSyU= Subject key identifier: 7A:CB:6E:93:A6:41:F7:DC:D5:9A:B8:6A:D6:FF:E1:8C:CB:4E:BB:39 Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Certificate serial: 0C05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft Manifest number: 0BEB Signing time: Fri 30 May 2025 19:00:27 +0000 Manifest this update: Fri 30 May 2025 19:00:27 +0000 Manifest next update: Fri 06 Jun 2025 19:00:27 +0000 Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: 12MZ+ZPngQCL8JZ0iLXYuKHmvKpGMup27sFzhfKJcNI=) 2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: LcxIbKxK3jutvAgu3ThkdTt7YT68VEQAWEq5z0WaOxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3077 (0xc05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Validity Not Before: May 30 19:00:27 2025 GMT Not After : Jun 6 19:00:27 2025 GMT Subject: CN=683a004b-463d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c6:42:f1:73:3a:e5:44:a3:11:06:53:db:f5: d3:1e:cd:c0:3b:04:c2:31:65:ec:87:f6:ca:63:8e: e1:99:89:5a:1b:f8:e3:86:6d:24:31:bc:0a:a6:05: 2b:22:58:44:2c:df:d8:f5:7b:86:a9:c7:39:6b:2d: 39:d9:99:1c:ed:5d:13:58:d6:98:9d:a4:94:57:c3: 87:1a:cf:a8:c0:8c:4d:f6:7c:a2:c9:1d:4b:1d:d1: 7d:1f:34:55:17:3c:23:e1:bc:10:7c:0e:2c:a5:74: c3:46:16:aa:f7:06:ef:fa:a7:8f:fb:c4:06:e4:1f: e7:0c:28:c2:9f:fe:48:aa:7a:89:c6:93:d3:21:5c: f3:14:3b:aa:9a:ed:da:e0:86:12:c9:94:eb:6e:5d: 9e:65:a2:fc:e0:e7:f8:df:a9:08:25:fd:09:01:93: 79:d8:d1:00:02:bf:04:f1:2d:c1:aa:80:1e:5d:4e: 85:84:cf:01:79:a4:a7:ad:f2:b2:0e:cc:2a:ab:3e: 50:77:3f:28:e3:94:0e:53:13:9a:55:a9:b2:87:fc: 9c:6f:96:1b:0f:c1:5c:4a:f8:b0:01:0c:4a:c2:c1: 34:ad:ac:e0:85:f8:f1:a2:62:a5:25:16:86:5d:3d: 08:7a:2f:f4:8d:be:98:a2:a8:4b:5e:e7:6f:99:9f: 53:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:CB:6E:93:A6:41:F7:DC:D5:9A:B8:6A:D6:FF:E1:8C:CB:4E:BB:39 X509v3 Authority Key Identifier: keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:8b:3d:00:16:0d:98:a3:d0:d5:bf:32:13:8f:5e:64:47:0f: a3:88:0f:31:df:c5:ce:57:6e:60:20:38:4f:0f:8d:b0:77:61: ac:af:13:cc:e9:6d:ad:07:8b:47:12:60:88:66:fa:b5:64:14: 5c:00:05:e5:0e:d8:3b:81:9a:29:a8:8a:95:15:da:42:3a:66: 2b:b8:09:ff:78:1c:63:d6:02:50:05:81:83:a3:ba:e5:80:c6: d9:6c:8b:c5:68:0c:40:ba:87:74:08:ae:83:18:1f:c4:49:ae: 7b:a9:e4:05:3d:53:d5:e5:a9:89:85:d6:9e:42:a1:d3:3e:5a: b3:3e:8b:e3:88:b3:30:8b:81:b9:48:97:20:83:4a:32:27:bd: af:17:05:3a:0f:f9:10:a5:ac:fb:9a:36:93:e6:6d:53:81:cb: a9:ef:68:f7:56:ce:99:db:35:e2:33:31:44:ec:90:40:eb:14: 56:6d:7d:b7:92:64:c0:4c:c9:64:93:35:35:11:dc:f7:8c:bc: 7f:ba:cf:1a:c3:96:1c:c4:2b:fa:1c:48:a3:65:62:d6:98:f3: a6:0b:f5:ae:18:c9:aa:1c:4e:a7:a5:8d:6d:6b:0f:e4:08:90: 67:41:8c:57:a8:0a:29:b2:9b:75:c7:f0:97:4f:e8:fa:6c:da: 90:4b:0a:f3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC MjU1N0Y0M0YwHhcNMjUwNTMwMTkwMDI3WhcNMjUwNjA2MTkwMDI3WjAYMRYwFAYD VQQDEw02ODNhMDA0Yi00NjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt8ZC8XM65USjEQZT2/XTHs3AOwTCMWXsh/bKY47hmYlaG/jjhm0kMbwKpgUr IlhELN/Y9XuGqcc5ay052Zkc7V0TWNaYnaSUV8OHGs+owIxN9nyiyR1LHdF9HzRV Fzwj4bwQfA4spXTDRhaq9wbv+qeP+8QG5B/nDCjCn/5IqnqJxpPTIVzzFDuqmu3a 4IYSyZTrbl2eZaL84Of436kIJf0JAZN52NEAAr8E8S3BqoAeXU6FhM8BeaSnrfKy Dswqqz5Qdz8o45QOUxOaVamyh/ycb5YbD8FcSviwAQxKwsE0razghfjxomKlJRaG XT0Iei/0jb6YoqhLXudvmZ9TDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHrLbpOm Qffc1Zq4atb/4YzLTrs5MB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4 NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5 RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqiz0AFg2Yo9DVvzITj15kRw+jiA8x38XOV25gIDhPD42wd2GsrxPM 6W2tB4tHEmCIZvq1ZBRcAAXlDtg7gZopqIqVFdpCOmYruAn/eBxj1gJQBYGDo7rl gMbZbIvFaAxAuod0CK6DGB/ESa57qeQFPVPV5amJhdaeQqHTPlqzPovjiLMwi4G5 SJcgg0oyJ72vFwU6D/kQpaz7mjaT5m1Tgcup72j3Vs6Z2zXiMzFE7JBA6xRWbX23 kmTATMlkkzU1Edz3jLx/us8aw5YcxCv6HEijZWLWmPOmC/WuGMmqHE6npY1taw/k CJBnQYxXqAopspt1x/CXT+j6bNqQSwrz -----END CERTIFICATE-----Generated at Sat May 31 17:53:07 2025 by rpki-client