$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: wF1jOz2mS3lmSMWZxvJsEUt0Uw9/ZuYqfL9IVLcoW28= Subject key identifier: ED:E9:39:72:BA:64:7E:97:57:D7:4A:F6:9B:A0:97:D6:95:69:D1:56 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 011B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0118 Signing time: Sat 31 May 2025 04:28:11 +0000 Manifest this update: Sat 31 May 2025 04:28:10 +0000 Manifest next update: Sat 07 Jun 2025 04:28:10 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: f19yFi8kXbDDBZaum5H8dYqUrZf/9iuTf+kvnt3IDVg=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:28:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 283 (0x11b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: May 31 04:28:10 2025 GMT Not After : Jun 7 04:28:10 2025 GMT Subject: CN=683a855b-c958 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:8c:b5:e4:5e:67:2d:f8:48:dc:25:cc:bf:64: 06:a5:ad:34:76:f4:c3:3f:12:b2:2d:31:01:1f:61: 4f:4a:92:b3:8b:dd:ec:2f:cb:6b:7c:8c:c2:06:46: ff:36:2e:70:45:97:4a:43:7d:e0:19:fa:66:6c:57: 52:9c:5c:00:5a:61:ef:d6:1b:50:9e:11:1f:47:9b: 7e:ef:f0:68:98:53:a7:82:44:8d:69:7f:87:63:ce: 96:1c:c0:ed:71:01:73:0d:a2:fa:da:eb:e7:4c:f4: ff:0f:c3:b7:a0:21:9f:10:5c:78:8b:58:d5:74:ca: dc:b9:5e:8d:9c:2c:ad:42:e9:30:67:5e:6f:ac:17: 15:5e:bd:10:0c:85:87:54:9f:a8:cc:ce:83:a2:c7: 85:51:d7:7a:d4:0d:c6:41:55:ad:89:c9:a7:a2:c8: 34:3a:05:f9:e0:d3:c5:23:be:e3:4f:c4:60:83:6e: e3:f4:1a:1c:5c:83:88:80:63:15:01:9c:97:f1:a5: 7f:69:a9:3e:18:cd:aa:ae:2a:30:19:2d:5c:45:20: 1e:e0:ba:3a:12:16:93:6a:21:2c:aa:d8:00:ac:69: d8:7d:f7:0f:98:c7:1d:df:ff:6e:9e:43:c1:58:86: a2:25:ec:41:cd:e3:ff:04:0c:63:ac:2e:e7:e8:73: 0a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:E9:39:72:BA:64:7E:97:57:D7:4A:F6:9B:A0:97:D6:95:69:D1:56 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:c5:48:29:fb:15:84:23:42:9f:7c:69:c3:bc:9a:73:ac:67: c6:de:6d:c3:c9:da:85:b9:03:aa:71:20:80:22:17:f8:7a:df: bc:80:14:34:50:eb:34:da:cc:7d:46:5e:08:fe:bb:b9:0f:7b: dd:aa:f9:94:ed:95:ae:b5:33:74:eb:20:9e:89:a9:a7:91:11: d6:7d:fb:80:6a:45:e7:da:ef:9b:e5:c1:12:72:05:1b:8c:cd: 79:26:0e:3f:f2:88:34:9c:29:5e:de:79:04:3f:19:e0:e2:6b: 6e:a6:ca:73:30:c6:f6:1c:2c:45:cb:56:58:26:6d:e9:3e:03: d7:41:79:89:c4:f1:3a:44:e8:bf:f3:da:38:e8:8e:38:59:28: 18:bb:04:81:2c:0a:11:6b:74:4a:27:e1:e2:3d:c6:95:c9:ab: 54:71:0b:e1:bc:d2:c5:8b:7a:48:d3:a0:31:48:4d:4c:99:a5: 9a:91:bb:20:f9:34:1c:48:a0:fb:c4:77:e9:95:6e:67:8f:26: 8e:f0:57:0b:2d:f0:93:c3:88:f5:9c:a4:61:4c:6e:c1:e9:c5: 2e:be:42:77:5d:23:26:3c:41:91:de:21:29:76:1e:bf:bb:3d: 96:66:68:9f:20:53:1b:99:23:ab:4d:36:95:57:5d:7f:3f:27: 5d:ae:1b:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwNTMxMDQyODEwWhcNMjUwNjA3MDQyODEwWjAYMRYwFAYD VQQDEw02ODNhODU1Yi1jOTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyoy15F5nLfhI3CXMv2QGpa00dvTDPxKyLTEBH2FPSpKzi93sL8trfIzCBkb/ Ni5wRZdKQ33gGfpmbFdSnFwAWmHv1htQnhEfR5t+7/BomFOngkSNaX+HY86WHMDt cQFzDaL62uvnTPT/D8O3oCGfEFx4i1jVdMrcuV6NnCytQukwZ15vrBcVXr0QDIWH VJ+ozM6DoseFUdd61A3GQVWticmnosg0OgX54NPFI77jT8Rgg27j9BocXIOIgGMV AZyX8aV/aak+GM2qriowGS1cRSAe4Lo6EhaTaiEsqtgArGnYffcPmMcd3/9unkPB WIaiJexBzeP/BAxjrC7n6HMKrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO3pOXK6 ZH6XV9dK9pugl9aVadFWMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuxUgp+xWEI0KffGnDvJpzrGfG3m3DydqFuQOqcSCAIhf4et+8gBQ0 UOs02sx9Rl4I/ru5D3vdqvmU7ZWutTN06yCeiamnkRHWffuAakXn2u+b5cEScgUb jM15Jg4/8og0nCle3nkEPxng4mtupspzMMb2HCxFy1ZYJm3pPgPXQXmJxPE6ROi/ 89o46I44WSgYuwSBLAoRa3RKJ+HiPcaVyatUcQvhvNLFi3pI06AxSE1MmaWakbsg +TQcSKD7xHfplW5njyaO8FcLLfCTw4j1nKRhTG7B6cUuvkJ3XSMmPEGR3iEpdh6/ uz2WZmifIFMbmSOrTTaVV11/PyddrhsR -----END CERTIFICATE-----Generated at Sat May 31 16:34:55 2025 by rpki-client