$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft File: 3COmnqHvwaN5SSwT6awUfEn1rQQ.mft (raw, json) Hash identifier: xTkpfQFkmN4k+80poz5dTIWqgIDwib0bJRBW4C8FHGc= Subject key identifier: 43:C1:F0:E2:28:BB:94:09:91:D8:80:C1:6A:61:AF:1D:C0:CF:D7:1B Authority key identifier: DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 Certificate issuer: /CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Certificate serial: 01D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft Manifest number: 01A7 Signing time: Sat 31 May 2025 03:26:49 +0000 Manifest this update: Sat 31 May 2025 03:26:49 +0000 Manifest next update: Sat 07 Jun 2025 03:26:49 +0000 Files and hashes: 1: 3COmnqHvwaN5SSwT6awUfEn1rQQ.crl (hash: HHoBFVTkuR5MQZZHHXi/rrGGI81HUt/ofE9y/c27UuI=) 2: CBF7E2CE2D3611EEA81A490BC4F9AE02.roa (hash: q2jyIpsgOSZMDylILKfsOrMIus5pnrAFZdrI/kJzgvw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:26:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 468 (0x1d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB4C2, serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Validity Not Before: May 31 03:26:49 2025 GMT Not After : Jun 7 03:26:49 2025 GMT Subject: CN=683a76f9-992b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:21:e4:70:27:ec:8e:dc:60:09:a1:0e:68:2d: 95:01:6b:01:1b:20:6b:70:bd:17:42:83:fe:10:22: fa:df:1a:a0:fe:5c:a5:6a:5e:4e:a0:48:9b:9b:86: d4:ed:18:51:93:c6:7f:ef:ba:11:2e:d7:5a:7f:cc: 69:42:48:e1:e9:7a:a2:3d:b2:20:94:89:43:de:87: 0e:26:68:bb:16:63:5e:ed:e4:86:78:6b:47:e6:20: 76:4d:1b:a5:bc:df:b4:62:69:de:7f:07:f8:3a:4e: ec:68:ee:87:f4:db:36:4d:56:3b:e5:0b:a5:2a:a9: 86:64:96:1f:d2:db:d0:80:6e:41:37:fa:cf:c8:d0: 43:d6:0c:6b:5a:df:44:eb:62:6a:6e:ca:73:08:72: 5d:61:49:1d:30:74:5b:01:3c:15:c4:98:85:56:e0: c6:31:c0:34:13:61:85:10:b6:c7:9e:b3:3d:b7:d2: ab:fc:80:8a:1f:35:8c:d7:71:e5:82:d7:f4:d2:0b: 9a:69:a0:8a:0d:b7:03:7e:2d:91:e7:f7:f3:1c:02: e0:19:57:32:09:43:d7:a1:19:c0:87:23:59:4e:1a: e9:e3:81:96:02:b2:47:ec:8b:9d:5d:91:0f:f9:2a: 47:f6:5e:cd:b1:4e:3c:2d:72:d1:40:70:3b:c2:85: 33:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:C1:F0:E2:28:BB:94:09:91:D8:80:C1:6A:61:AF:1D:C0:CF:D7:1B X509v3 Authority Key Identifier: keyid:DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:03:dc:1d:0e:10:b7:fe:8a:dc:4d:84:cf:ac:10:fa:f4:cb: 2b:0d:e7:30:cd:1d:29:39:7b:ac:8a:13:e3:e2:59:77:2a:27: ce:f6:a1:9c:a3:47:89:9d:5a:a0:66:37:c4:0d:43:fb:49:f6: ef:53:0b:f9:e9:22:e1:f2:5e:fc:1b:24:56:5b:cd:56:59:7d: 47:65:87:23:c9:5d:1a:b3:75:2b:5e:b7:d4:3d:e7:b7:d5:33: 5a:0a:37:16:ef:3d:d2:34:4e:0e:19:63:79:89:db:d7:7d:00: 3d:a6:9b:39:58:14:64:82:9b:83:c7:9e:a2:5c:85:9a:40:fb: f8:98:86:d5:40:38:d9:31:f7:94:e3:63:ff:07:d5:78:a1:6e: 11:36:0c:57:3f:fe:57:4b:e7:0e:dc:bd:d9:68:97:c2:13:5b: a4:61:4b:11:5c:d1:c3:f3:eb:be:4e:a8:6e:9b:ab:5f:ad:7d: f7:a5:0a:6c:b1:30:ec:f1:4b:0b:b3:9d:4a:4e:f9:26:3b:52: 51:62:33:e5:47:ef:81:a2:df:27:a1:ff:6b:7a:53:e6:35:0e: 34:7e:ff:11:f9:5c:f0:e7:7f:12:13:76:52:40:2e:d0:6d:6f: df:bc:f3:84:69:3e:85:53:b4:5e:f3:73:99:21:2f:b2:87:d3: d6:00:28:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0QzIxMTAvBgNVBAUTKERDMjNBNjlFQTFFRkMxQTM3OTQ5MkMxM0U5QUMxNDdD NDlGNUFEMDQwHhcNMjUwNTMxMDMyNjQ5WhcNMjUwNjA3MDMyNjQ5WjAYMRYwFAYD VQQDEw02ODNhNzZmOS05OTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxiHkcCfsjtxgCaEOaC2VAWsBGyBrcL0XQoP+ECL63xqg/lylal5OoEibm4bU 7RhRk8Z/77oRLtdaf8xpQkjh6XqiPbIglIlD3ocOJmi7FmNe7eSGeGtH5iB2TRul vN+0Ymnefwf4Ok7saO6H9Ns2TVY75QulKqmGZJYf0tvQgG5BN/rPyNBD1gxrWt9E 62JqbspzCHJdYUkdMHRbATwVxJiFVuDGMcA0E2GFELbHnrM9t9Kr/ICKHzWM13Hl gtf00guaaaCKDbcDfi2R5/fzHALgGVcyCUPXoRnAhyNZThrp44GWArJH7IudXZEP +SpH9l7NsU48LXLRQHA7woUzcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEPB8OIo u5QJkdiAwWphrx3Az9cbMB8GA1UdIwQYMBaAFNwjpp6h78GjeUksE+msFHxJ9a0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjRDMi9CMTdFOTVENjAz NzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndhTjVTU3dUNmF3VWZFbjFy UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNDT21ucUh2d2FONVNTd1Q2YXdVZkVuMXJRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjRDMi9CMTdFOTVENjAzNzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndh TjVTU3dUNmF3VWZFbjFyUVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDA9wdDhC3/orcTYTPrBD69MsrDecwzR0pOXusihPj4ll3KifO9qGc o0eJnVqgZjfEDUP7SfbvUwv56SLh8l78GyRWW81WWX1HZYcjyV0as3UrXrfUPee3 1TNaCjcW7z3SNE4OGWN5idvXfQA9pps5WBRkgpuDx56iXIWaQPv4mIbVQDjZMfeU 42P/B9V4oW4RNgxXP/5XS+cO3L3ZaJfCE1ukYUsRXNHD8+u+Tqhum6tfrX33pQps sTDs8UsLs51KTvkmO1JRYjPlR++Bot8nof9relPmNQ40fv8R+Vzw538SE3ZSQC7Q bW/fvPOEaT6FU7Re83OZIS+yh9PWACgd -----END CERTIFICATE-----Generated at Sat May 31 17:20:33 2025 by rpki-client