$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft File: 3aSfQfYYpV-cp8_FW66nthbZV2I.mft (raw, json) Hash identifier: gzG10JA4Er+9OPvR0WHZdEdPlGlUzmCSpGRjgJvOH8I= Subject key identifier: 50:17:1D:9D:C0:F8:AE:89:72:1A:23:1A:3E:E5:AB:DC:30:83:5B:16 Authority key identifier: DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 Certificate issuer: /CN=A91A7273/serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Certificate serial: 39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft Manifest number: 39 Signing time: Sat 31 May 2025 07:06:42 +0000 Manifest this update: Sat 31 May 2025 07:06:41 +0000 Manifest next update: Sat 07 Jun 2025 07:06:41 +0000 Files and hashes: 1: 3aSfQfYYpV-cp8_FW66nthbZV2I.crl (hash: ExLf8eh9wq/v/wb36+n8gdgzbuOdtFsMqtEudkqQjEI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:06:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7273, serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Validity Not Before: May 31 07:06:41 2025 GMT Not After : Jun 7 07:06:41 2025 GMT Subject: CN=683aaa82-54eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:35:7a:ba:46:0f:57:88:ca:ad:90:d6:12:2e: bc:a7:6e:56:ec:44:e7:b5:5e:9e:ad:63:2a:83:20: 53:09:4a:19:d6:c7:08:d1:5a:b3:6f:93:bd:90:ef: 39:2c:cd:9b:3b:34:45:0d:90:55:03:e8:14:0a:2e: 80:b0:f1:aa:4d:b1:f9:39:e6:ac:e4:49:27:a5:71: 5f:1d:eb:2e:04:3e:0f:86:44:f5:b1:90:67:a9:1f: 1c:63:31:0d:b0:aa:67:21:85:53:56:fd:75:99:4f: fa:e1:94:12:ea:95:60:df:17:7f:ea:b6:c4:a2:21: b4:3b:58:42:e4:d3:4d:a5:ba:bb:d2:5f:eb:93:9e: 28:24:ee:9e:c3:a0:4b:56:b4:c2:e4:16:8c:9d:a6: 82:03:9f:33:c0:1d:f4:0a:31:32:48:50:a2:35:5c: 3e:8e:33:77:c8:58:f7:cc:d1:28:b5:c2:98:c5:04: 2c:fc:e2:6b:50:32:ba:9d:35:cd:7e:3b:53:57:1a: c6:29:ec:f9:52:7f:68:4a:c2:a9:36:54:a6:5a:cf: 66:92:e3:5a:dc:b1:b3:8a:72:5d:06:c1:92:3c:8e: d8:19:49:12:82:95:13:68:53:b8:22:ee:87:98:5f: a4:07:b2:bb:19:5f:ed:7a:00:be:a4:ee:6b:e1:f4: a6:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:17:1D:9D:C0:F8:AE:89:72:1A:23:1A:3E:E5:AB:DC:30:83:5B:16 X509v3 Authority Key Identifier: keyid:DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:c4:ff:01:d5:de:05:62:86:3b:1b:0c:2e:9f:31:4e:e5:77: 19:ea:aa:4c:85:68:77:e7:3e:8d:a2:ad:73:09:6a:ec:99:90: bc:9f:af:24:b7:02:3d:44:c0:29:ac:1c:24:d1:17:c2:2d:4d: 9e:0b:02:c0:a4:7c:74:91:99:22:53:cf:fd:d9:82:b4:70:1c: 87:7c:fc:ea:8d:cc:ec:e8:09:d3:81:ac:1f:1c:86:1b:dc:e8: 34:17:9c:58:79:05:5c:7c:97:6c:68:9a:a5:5f:2f:67:a2:08: 14:d5:97:28:5b:3e:b9:13:89:51:8f:25:37:a4:a3:bb:50:25: 4f:21:31:97:74:c2:3c:9c:18:d5:43:91:78:85:ae:0f:2d:db: 0d:34:eb:01:df:89:d0:24:8d:c3:30:71:c3:dc:c2:ef:f9:66: 22:b8:bd:1c:92:3e:ca:e0:0c:68:23:7e:21:a9:8d:84:34:58: 76:da:53:ef:9b:eb:86:33:70:e4:6d:ed:b7:f0:d0:47:c2:b0: 21:21:63:3c:1e:25:aa:4a:bf:6e:21:f0:94:43:ec:27:45:42: f9:ba:06:1b:a5:1b:86:35:d3:7c:d5:16:a7:74:b1:3c:60:75: 9c:1d:da:f7:12:a8:e5:db:e2:85:71:47:0d:0f:bf:a1:11:2e: e8:68:ac:f0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NzI3MzExMC8GA1UEBRMoRERBNDlGNDFGNjE4QTU1RjlDQTdDRkM1NUJBRUE3QjYx NkQ5NTc2MjAeFw0yNTA1MzEwNzA2NDFaFw0yNTA2MDcwNzA2NDFaMBgxFjAUBgNV BAMTDTY4M2FhYTgyLTU0ZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfNXq6Rg9XiMqtkNYSLrynblbsROe1Xp6tYyqDIFMJShnWxwjRWrNvk72Q7zks zZs7NEUNkFUD6BQKLoCw8apNsfk55qzkSSelcV8d6y4EPg+GRPWxkGepHxxjMQ2w qmchhVNW/XWZT/rhlBLqlWDfF3/qtsSiIbQ7WELk002lurvSX+uTnigk7p7DoEtW tMLkFoydpoIDnzPAHfQKMTJIUKI1XD6OM3fIWPfM0Si1wpjFBCz84mtQMrqdNc1+ O1NXGsYp7PlSf2hKwqk2VKZaz2aS41rcsbOKcl0GwZI8jtgZSRKClRNoU7gi7oeY X6QHsrsZX+16AL6k7mvh9KaXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUUBcdncD4 rolyGiMaPuWr3DCDWxYwHwYDVR0jBBgwFoAU3aSfQfYYpV+cp8/FW66nthbZV2Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3MjczL0ZDNTA1MDBFRTc3 MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYtY3A4X0ZXNjZudGhiWlYy SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2FTZlFmWVlwVi1jcDhfRlc2Nm50aGJaVjJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3 MjczL0ZDNTA1MDBFRTc3MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYt Y3A4X0ZXNjZudGhiWlYySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADXE/wHV3gVihjsbDC6fMU7ldxnqqkyFaHfnPo2irXMJauyZkLyfryS3 Aj1EwCmsHCTRF8ItTZ4LAsCkfHSRmSJTz/3ZgrRwHId8/OqNzOzoCdOBrB8chhvc 6DQXnFh5BVx8l2xomqVfL2eiCBTVlyhbPrkTiVGPJTeko7tQJU8hMZd0wjycGNVD kXiFrg8t2w006wHfidAkjcMwccPcwu/5ZiK4vRySPsrgDGgjfiGpjYQ0WHbaU++b 64YzcORt7bfw0EfCsCEhYzweJapKv24h8JRD7CdFQvm6BhulG4Y103zVFqd0sTxg dZwd2vcSqOXb4oVxRw0Pv6ERLuhorPA= -----END CERTIFICATE-----Generated at Sat May 31 16:39:43 2025 by rpki-client