$ rpki-client -vvf rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft File: 3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft (raw, json) Hash identifier: ORL1AlsSZyiGlVvdhyWWNMNSwjo5mh2HXTQ5GpvbnEE= Subject key identifier: 14:EB:DA:68:2C:EA:51:75:2E:53:5D:5D:F3:F0:DD:87:2F:91:E1:E7 Authority key identifier: DC:61:7C:FA:ED:F8:BF:B0:A3:EC:F7:D6:71:42:E6:C1:D5:26:43:5C Certificate issuer: /CN=A9199AFB/serialNumber=DC617CFAEDF8BFB0A3ECF7D67142E6C1D526435C Certificate serial: 0301 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GF8-u34v7Cj7PfWcULmwdUmQ1w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft Manifest number: 02FD Signing time: Sat 31 May 2025 01:27:09 +0000 Manifest this update: Sat 31 May 2025 01:27:08 +0000 Manifest next update: Sat 07 Jun 2025 01:27:08 +0000 Files and hashes: 1: 3GF8-u34v7Cj7PfWcULmwdUmQ1w.crl (hash: OCmLHrXmHAFdprB2XdbXPDQHXYI2OuJwP2DsFrCzHh4=) 2: 9E9EC628D9C511EC81B54F47C4F9AE02.roa (hash: eVqCt6jrx+C1JB/X7OKow2VBehCM/YMsmg/5OjY9iwk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.crl rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GF8-u34v7Cj7PfWcULmwdUmQ1w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:27:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 769 (0x301) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9199AFB, serialNumber=DC617CFAEDF8BFB0A3ECF7D67142E6C1D526435C Validity Not Before: May 31 01:27:08 2025 GMT Not After : Jun 7 01:27:08 2025 GMT Subject: CN=683a5aec-e621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:91:a4:75:11:54:8f:9b:05:24:f6:63:6a:b6: 86:e9:ee:2b:56:c3:37:a8:ce:cf:fb:b1:45:16:d9: 50:2c:81:f0:a9:b5:93:ad:f6:27:11:22:f6:d2:54: d2:92:6e:51:8f:06:15:45:8e:f3:3d:20:bd:4c:4f: 3a:dc:7a:5d:be:98:b1:3f:1e:9c:1e:5b:57:05:7d: 37:6c:ce:ab:c2:47:f6:0e:ba:03:10:14:e3:cf:d1: d2:73:36:00:5e:0f:52:6f:12:2d:57:6d:fc:3b:41: 71:27:96:52:6a:d8:86:c5:2d:30:3e:04:8e:70:20: 23:4e:ad:70:35:92:6a:6f:05:c8:e9:8e:cc:e6:5a: 22:64:63:03:cb:d2:bb:01:6f:57:e2:6d:c1:ad:1a: 39:17:b6:67:0d:cc:93:35:d5:68:9c:18:5f:d8:66: 33:15:aa:b5:45:48:86:2d:b4:8b:af:7d:78:dd:b7: 12:93:1c:3e:90:39:b8:02:56:79:3e:12:d8:dd:d4: 54:3a:96:1b:53:96:94:1a:f5:c1:65:9c:d8:98:ff: bf:a1:bd:53:a2:80:0f:c6:77:5e:d6:17:60:4e:d4: 04:9b:b5:9e:07:e2:6d:e2:03:91:3c:f5:27:9a:43: 24:b5:9b:80:f0:89:b0:7d:cd:f4:fd:7e:fa:2d:44: 94:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:EB:DA:68:2C:EA:51:75:2E:53:5D:5D:F3:F0:DD:87:2F:91:E1:E7 X509v3 Authority Key Identifier: keyid:DC:61:7C:FA:ED:F8:BF:B0:A3:EC:F7:D6:71:42:E6:C1:D5:26:43:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GF8-u34v7Cj7PfWcULmwdUmQ1w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:42:5c:46:bc:01:74:88:fa:ef:4f:7c:23:1a:cc:f6:80:80: 8a:73:b2:bb:cd:41:d1:5b:71:d9:19:39:cd:90:e8:6b:37:7f: b2:ae:bd:c8:71:43:0d:3b:38:c8:48:7f:ac:35:21:13:7f:e1: a4:25:0a:5b:01:cd:36:b2:43:bb:28:42:3e:90:2b:b0:6e:70: 1b:38:6b:e3:2a:82:81:84:d6:9b:f4:02:55:e8:6b:f4:80:3f: 7c:f4:b4:29:43:bf:fb:d6:66:04:4a:93:48:84:69:01:91:97: 83:91:f4:fa:4b:03:9f:6f:ea:88:78:d6:15:d1:fa:d9:06:7e: e2:70:d8:8a:fd:61:c7:60:dc:16:e5:bf:e0:aa:ca:f3:a4:65: 96:d0:6f:ff:f5:9e:95:b1:21:c2:70:a1:e7:24:19:d9:a8:e5: 9c:6e:90:cf:e9:43:e1:10:63:52:94:59:bc:7e:74:de:15:86: 58:75:b9:fb:c2:54:8b:1d:ab:fa:0e:d2:90:9a:89:c1:68:72: 69:91:85:51:38:44:b0:5b:63:64:c3:2c:d7:48:99:d6:24:8a: 5a:f7:dc:86:3f:64:f2:f0:9f:7d:1f:2b:a9:ee:ea:54:88:19: f6:30:e3:93:a9:a0:3d:0e:18:f2:3b:a2:36:cd:ea:cd:2d:95: b9:36:29:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAwEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTlBRkIxMTAvBgNVBAUTKERDNjE3Q0ZBRURGOEJGQjBBM0VDRjdENjcxNDJFNkMx RDUyNjQzNUMwHhcNMjUwNTMxMDEyNzA4WhcNMjUwNjA3MDEyNzA4WjAYMRYwFAYD VQQDEw02ODNhNWFlYy1lNjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2pGkdRFUj5sFJPZjaraG6e4rVsM3qM7P+7FFFtlQLIHwqbWTrfYnESL20lTS km5RjwYVRY7zPSC9TE863HpdvpixPx6cHltXBX03bM6rwkf2DroDEBTjz9HSczYA Xg9SbxItV238O0FxJ5ZSatiGxS0wPgSOcCAjTq1wNZJqbwXI6Y7M5loiZGMDy9K7 AW9X4m3BrRo5F7ZnDcyTNdVonBhf2GYzFaq1RUiGLbSLr3143bcSkxw+kDm4AlZ5 PhLY3dRUOpYbU5aUGvXBZZzYmP+/ob1TooAPxnde1hdgTtQEm7WeB+Jt4gORPPUn mkMktZuA8Imwfc30/X76LUSUBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBTr2mgs 6lF1LlNdXfPw3YcvkeHnMB8GA1UdIwQYMBaAFNxhfPrt+L+wo+z31nFC5sHVJkNc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OUFGQi80NDM0RDU5MEQ5 QzIxMUVDODg3Rjk4NDZDNEY5QUUwMi8zR0Y4LXUzNHY3Q2o3UGZXY1VMbXdkVW1R MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNHRjgtdTM0djdDajdQZldjVUxtd2RVbVExdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OUFGQi80NDM0RDU5MEQ5QzIxMUVDODg3Rjk4NDZDNEY5QUUwMi8zR0Y4LXUzNHY3 Q2o3UGZXY1VMbXdkVW1RMXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPQlxGvAF0iPrvT3wjGsz2gICKc7K7zUHRW3HZGTnNkOhrN3+yrr3I cUMNOzjISH+sNSETf+GkJQpbAc02skO7KEI+kCuwbnAbOGvjKoKBhNab9AJV6Gv0 gD989LQpQ7/71mYESpNIhGkBkZeDkfT6SwOfb+qIeNYV0frZBn7icNiK/WHHYNwW 5b/gqsrzpGWW0G//9Z6VsSHCcKHnJBnZqOWcbpDP6UPhEGNSlFm8fnTeFYZYdbn7 wlSLHav6DtKQmonBaHJpkYVROESwW2NkwyzXSJnWJIpa99yGP2Ty8J99Hyup7upU iBn2MOOTqaA9DhjyO6I2zerNLZW5Ninf -----END CERTIFICATE-----Generated at Sat May 31 17:16:13 2025 by rpki-client