$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: ptBzI2CW6HYGFUiapTtSthzYUy3D1CiB02qqc8i2+fU= Subject key identifier: 09:0E:77:72:EF:94:C6:35:E5:53:2B:5F:D7:F9:36:BF:AB:9F:6E:D9 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C11 Signing time: Fri 30 May 2025 18:52:28 +0000 Manifest this update: Fri 30 May 2025 18:52:27 +0000 Manifest next update: Fri 06 Jun 2025 18:52:27 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: gUlS8uC065box7ONesyo4xXymbahwT4ZjNflKI6SnHQ=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:52:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3096 (0xc18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: May 30 18:52:27 2025 GMT Not After : Jun 6 18:52:27 2025 GMT Subject: CN=6839fe6c-ee51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:50:1b:27:de:ff:9a:07:37:6b:65:de:ce:99: e2:fb:49:35:44:c6:ec:cb:15:dd:e4:a2:28:65:da: 1b:07:22:08:6e:ea:72:38:b8:14:37:f5:b7:a7:56: 55:0e:3b:5a:40:fc:20:2e:a5:47:e2:6b:1d:7c:6d: 72:ce:ed:5c:2a:e6:86:a3:36:26:bf:4f:34:a9:78: 57:93:ac:d8:5d:e9:8d:6e:e2:35:8b:65:00:a8:0a: 5c:19:61:8d:6d:0b:90:07:30:7e:32:55:42:c5:00: 70:d0:0a:d1:78:e6:2c:52:77:b2:15:3b:e9:e1:cb: 4c:ce:af:29:12:fc:a9:0f:be:86:44:07:1f:61:a1: a0:ba:f4:dc:38:de:72:3c:e6:74:cb:6c:4a:3f:e3: 63:44:55:53:79:4d:db:0e:50:ab:ae:51:33:0b:c8: 9a:dc:86:ac:12:a0:84:89:e7:f9:fb:7c:f0:24:3b: 81:50:5a:b9:81:52:ba:0f:6c:57:01:7d:61:58:7b: 32:6a:d7:1c:92:70:63:4f:68:c5:64:17:f0:ac:e8: 98:34:bc:64:12:a6:33:92:8e:15:05:6d:d1:a2:75: be:48:d4:2e:eb:45:36:d1:1d:c6:43:f5:e5:22:f2: fe:23:40:b7:b2:29:7a:ed:64:e6:17:af:2d:94:58: 01:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:0E:77:72:EF:94:C6:35:E5:53:2B:5F:D7:F9:36:BF:AB:9F:6E:D9 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:e8:7f:c0:fd:84:50:b6:01:e2:d6:83:be:b7:e8:f3:61:46: d3:4a:c7:60:c3:7e:21:fa:49:cf:c4:e4:72:db:ae:18:b3:3d: 27:5f:2c:da:52:31:47:ea:7c:db:03:59:7b:e9:6a:e3:4e:0b: 2a:ba:f9:e7:5d:25:46:2f:ec:f6:6b:11:17:4c:98:10:3a:68: cf:dc:46:41:a3:46:17:9a:e4:89:2f:9d:d0:16:fc:31:b6:51: 75:4f:f8:f7:bc:d8:00:da:3a:b6:83:24:39:d3:fb:87:33:be: fc:5a:81:f4:53:49:fe:b3:07:7e:e5:16:4f:96:a2:45:1b:9d: 6e:48:13:3d:55:42:90:83:fa:7c:b1:3d:7d:02:71:43:6c:b7: ea:d3:e8:fc:36:ff:23:d0:32:ee:6e:ff:8b:9d:b2:35:83:d0: c0:5f:47:33:47:fc:12:dc:35:3b:14:0c:2f:bc:66:af:df:9c: d9:b9:4c:cb:dc:db:ef:11:af:fa:99:4a:b1:a9:f9:41:d7:14: 23:db:89:bd:52:6c:57:2f:4c:18:8c:f2:60:e1:59:c5:78:77: b5:83:75:6f:e7:7d:d0:a2:39:c0:2c:68:bc:3b:a3:37:98:0c: b4:25:c5:02:be:b4:d5:a4:df:27:66:fd:6f:0f:ad:7e:f3:92: fa:92:7f:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDBgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwNTMwMTg1MjI3WhcNMjUwNjA2MTg1MjI3WjAYMRYwFAYD VQQDEw02ODM5ZmU2Yy1lZTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArVAbJ97/mgc3a2Xezpni+0k1RMbsyxXd5KIoZdobByIIbupyOLgUN/W3p1ZV DjtaQPwgLqVH4msdfG1yzu1cKuaGozYmv080qXhXk6zYXemNbuI1i2UAqApcGWGN bQuQBzB+MlVCxQBw0ArReOYsUneyFTvp4ctMzq8pEvypD76GRAcfYaGguvTcON5y POZ0y2xKP+NjRFVTeU3bDlCrrlEzC8ia3IasEqCEief5+3zwJDuBUFq5gVK6D2xX AX1hWHsyatccknBjT2jFZBfwrOiYNLxkEqYzko4VBW3RonW+SNQu60U20R3GQ/Xl IvL+I0C3sil67WTmF68tlFgBjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAkOd3Lv lMY15VMrX9f5Nr+rn27ZMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBR6H/A/YRQtgHi1oO+t+jzYUbTSsdgw34h+knPxORy264Ysz0nXyza UjFH6nzbA1l76WrjTgsquvnnXSVGL+z2axEXTJgQOmjP3EZBo0YXmuSJL53QFvwx tlF1T/j3vNgA2jq2gyQ50/uHM778WoH0U0n+swd+5RZPlqJFG51uSBM9VUKQg/p8 sT19AnFDbLfq0+j8Nv8j0DLubv+LnbI1g9DAX0czR/wS3DU7FAwvvGav35zZuUzL 3NvvEa/6mUqxqflB1xQj24m9UmxXL0wYjPJg4VnFeHe1g3Vv533QojnALGi8O6M3 mAy0JcUCvrTVpN8nZv1vD61+85L6kn9s -----END CERTIFICATE-----Generated at Sat May 31 16:03:37 2025 by rpki-client