$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft File: dd3NDNRiWKwZGsOQoskl2MA1qFc.mft (raw, json) Hash identifier: rQQdv8fFCE5n2pw/9Jn2tuwHQOma5M1EvTO8VMGG3jY= Subject key identifier: 7F:1F:44:3F:D6:F7:0B:97:C5:9B:EE:93:77:8E:82:22:C0:6C:A0:5F Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Certificate serial: 0E7C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft Manifest number: 0E74 Signing time: Fri 30 May 2025 17:53:14 +0000 Manifest this update: Fri 30 May 2025 17:53:13 +0000 Manifest next update: Fri 06 Jun 2025 17:53:13 +0000 Files and hashes: 1: dd3NDNRiWKwZGsOQoskl2MA1qFc.crl (hash: Z6sd3PMlwK6+Bs46+zfof9eamv50bKW9wS9dOlEcLUc=) 2: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (hash: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:53:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3708 (0xe7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E04F, serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Validity Not Before: May 30 17:53:13 2025 GMT Not After : Jun 6 17:53:13 2025 GMT Subject: CN=6839f089-aa50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ad:8f:f8:7c:da:54:d8:e2:18:be:da:48:9a: 70:74:b9:45:96:0f:06:86:dc:1a:39:9f:77:bb:e9: 14:7e:a7:3d:4b:11:5b:4e:10:65:ee:af:2c:eb:12: 72:5c:5d:1f:b5:fc:ea:8e:43:81:e8:f4:4d:59:df: 75:5b:78:a3:14:bf:05:d2:fa:d6:b2:f2:bc:0f:04: 4a:f4:24:1d:5d:15:ca:09:d8:53:02:1d:ab:ca:21: c9:69:a4:a4:5b:75:c3:e8:27:dd:f4:5b:35:20:5c: 04:6c:33:d8:af:3d:8e:56:59:26:b3:49:f1:d7:36: 6b:2a:eb:9d:00:56:62:d1:8c:ed:a5:eb:84:40:af: a4:2c:59:b6:6c:74:ce:c8:9a:96:82:6a:0c:7a:12: 57:c8:ee:55:a0:5c:c6:4e:8d:b0:8e:1b:7c:69:e2: d2:a4:2d:b5:71:7f:fa:ac:56:8e:6c:8c:82:90:70: ca:15:ea:0e:fd:55:73:d8:e5:a5:a0:3e:dd:0d:36: 57:5c:7d:0f:e6:59:9b:e7:04:af:d2:9a:95:f0:39: 59:31:0b:93:ce:0a:f4:ac:18:d0:bb:fc:4e:b3:3e: 08:ab:8f:7b:39:4e:43:9a:23:ca:37:dc:44:e3:66: 7e:29:16:5c:58:e3:98:7d:5d:e4:ce:e6:0b:47:6f: 10:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:1F:44:3F:D6:F7:0B:97:C5:9B:EE:93:77:8E:82:22:C0:6C:A0:5F X509v3 Authority Key Identifier: keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:85:68:1d:b9:a0:1d:89:cc:1a:da:f3:0b:bd:b2:12:9e:37: 98:8e:c5:38:6e:83:b1:6f:54:a5:d9:89:d3:27:ce:f9:80:ae: ed:85:f4:be:b0:7d:86:76:72:7e:1b:4d:16:75:df:ea:01:40: 7e:b4:d6:e5:1a:0f:3d:c1:cf:aa:1d:1d:42:ec:4e:4d:26:f0: 71:02:6b:3f:5d:98:15:bc:6a:67:c2:f0:87:0e:80:96:41:25: 33:25:ee:39:e7:32:0b:03:b0:94:3b:d6:d9:b6:69:89:e1:d1: 8c:91:55:14:0a:64:7c:41:c2:70:8d:92:aa:4b:e5:c1:99:13: db:5b:66:17:0f:e0:b7:ae:55:7b:7a:ad:8f:20:18:61:48:0e: 82:b7:cb:cf:35:6f:ab:bb:85:42:f2:46:a9:53:ac:35:35:5d: 0f:9c:63:95:27:1a:98:a0:a4:ca:96:ef:bc:11:26:69:8b:d6: 93:b4:4a:62:59:ac:7c:4d:77:bb:cf:a9:23:77:5e:21:91:39: cf:1f:d7:b0:70:87:a7:03:f8:95:0a:87:a1:9b:2b:cc:90:7f: 3d:e1:73:14:fc:ce:24:21:ce:f4:db:47:b5:19:a4:68:a0:db: 02:5b:84:1b:0c:00:27:4c:56:9e:ee:34:8f:61:62:56:a9:e4: f3:87:80:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4 QzAzNUE4NTcwHhcNMjUwNTMwMTc1MzEzWhcNMjUwNjA2MTc1MzEzWjAYMRYwFAYD VQQDEw02ODM5ZjA4OS1hYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAna2P+HzaVNjiGL7aSJpwdLlFlg8GhtwaOZ93u+kUfqc9SxFbThBl7q8s6xJy XF0ftfzqjkOB6PRNWd91W3ijFL8F0vrWsvK8DwRK9CQdXRXKCdhTAh2ryiHJaaSk W3XD6Cfd9Fs1IFwEbDPYrz2OVlkms0nx1zZrKuudAFZi0YztpeuEQK+kLFm2bHTO yJqWgmoMehJXyO5VoFzGTo2wjht8aeLSpC21cX/6rFaObIyCkHDKFeoO/VVz2OWl oD7dDTZXXH0P5lmb5wSv0pqV8DlZMQuTzgr0rBjQu/xOsz4Iq497OU5DmiPKN9xE 42Z+KRZcWOOYfV3kzuYLR28QMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH8fRD/W 9wuXxZvuk3eOgiLAbKBfMB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3 MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTA0Ri80MTg1MzdGNDk3MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdL d1pHc09Rb3NrbDJNQTFxRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBahWgduaAdicwa2vMLvbISnjeYjsU4boOxb1Sl2YnTJ875gK7thfS+ sH2GdnJ+G00Wdd/qAUB+tNblGg89wc+qHR1C7E5NJvBxAms/XZgVvGpnwvCHDoCW QSUzJe455zILA7CUO9bZtmmJ4dGMkVUUCmR8QcJwjZKqS+XBmRPbW2YXD+C3rlV7 eq2PIBhhSA6Ct8vPNW+ru4VC8kapU6w1NV0PnGOVJxqYoKTKlu+8ESZpi9aTtEpi Wax8TXe7z6kjd14hkTnPH9ewcIenA/iVCoehmyvMkH894XMU/M4kIc7020e1GaRo oNsCW4QbDAAnTFae7jSPYWJWqeTzh4Cj -----END CERTIFICATE-----Generated at Sat May 31 17:01:21 2025 by rpki-client