$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft File: 3DHPX8nyg0g327s2g8uK9kKrSnw.mft (raw, json) Hash identifier: H1N8d8TB8Y3/5iOgBbRgm4DM7PdZJZ/35VWCHUe2iRo= Subject key identifier: 17:AE:61:EA:B3:3C:73:18:3A:A7:C6:D8:77:70:0E:63:FC:D0:2F:FF Authority key identifier: DC:31:CF:5F:C9:F2:83:48:37:DB:BB:36:83:CB:8A:F6:42:AB:4A:7C Certificate issuer: /CN=A91DF85B/serialNumber=DC31CF5FC9F2834837DBBB3683CB8AF642AB4A7C Certificate serial: 0137 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3DHPX8nyg0g327s2g8uK9kKrSnw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft Manifest number: 0135 Signing time: Sat 31 May 2025 04:06:15 +0000 Manifest this update: Sat 31 May 2025 04:06:15 +0000 Manifest next update: Sat 07 Jun 2025 04:06:15 +0000 Files and hashes: 1: 3DHPX8nyg0g327s2g8uK9kKrSnw.crl (hash: Cks/JA8qlYCGU4FBjBYhArQ2UNzDTeeaY6V61YRk2C0=) 2: EE28B64661D611EE9C66300EC4F9AE02.roa (hash: g/Vp4JxPAnFvSE7br/vqo4Gmy4ZBC5/7hAk3ouH5N3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.crl rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3DHPX8nyg0g327s2g8uK9kKrSnw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:06:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 311 (0x137) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF85B, serialNumber=DC31CF5FC9F2834837DBBB3683CB8AF642AB4A7C Validity Not Before: May 31 04:06:15 2025 GMT Not After : Jun 7 04:06:15 2025 GMT Subject: CN=683a8037-c8d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e0:fd:81:d1:f0:53:98:00:0b:13:85:9e:f1: 15:eb:8c:f3:8b:1c:fb:c0:29:c0:91:f8:59:a3:0e: f6:5e:5d:df:4f:27:c7:1e:2b:37:4d:93:02:d3:18: 84:eb:88:6d:d8:22:f7:2a:30:9b:47:fb:b1:9b:b5: d2:9b:d4:60:f5:51:08:84:e0:ee:62:28:ac:09:bc: 38:84:33:a3:8c:43:b7:c8:fd:d5:57:72:48:d9:4f: 07:52:e3:c7:b4:55:76:da:d9:80:a1:1e:21:49:25: f2:eb:14:7a:57:57:5a:31:43:d7:e2:bf:92:cc:0c: 0e:5b:c3:eb:33:9e:a7:c0:c6:34:0e:a3:02:ed:66: 34:c1:4b:94:d6:2b:2a:6b:99:97:7d:aa:0a:74:c0: b3:3a:55:ac:75:f3:42:ba:bd:c1:2b:78:77:df:3c: 87:b6:8d:d9:85:7d:42:51:88:78:2f:f3:ca:82:fd: 76:ed:f4:d6:df:df:65:a3:a0:fc:12:43:9e:0c:f9: 79:07:7b:e4:72:1f:2f:ae:db:1d:98:73:ff:aa:b5: a8:30:e6:92:30:6f:93:10:30:a3:c0:31:bc:ff:88: 91:ee:c6:22:a5:40:fd:bf:7f:ad:20:16:32:5d:26: 87:c2:d0:a5:4d:4c:50:21:74:e0:b5:a6:3f:d0:c8: c2:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:AE:61:EA:B3:3C:73:18:3A:A7:C6:D8:77:70:0E:63:FC:D0:2F:FF X509v3 Authority Key Identifier: keyid:DC:31:CF:5F:C9:F2:83:48:37:DB:BB:36:83:CB:8A:F6:42:AB:4A:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3DHPX8nyg0g327s2g8uK9kKrSnw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:d4:0a:34:b7:f1:29:06:7c:08:3b:a7:81:60:a1:42:e5:46: 95:fa:d0:67:0d:1f:20:d9:53:9d:fa:40:69:f2:7d:81:ec:e3: 8d:b2:2a:fa:c8:b4:3a:f9:98:8e:c7:71:5d:7d:9a:39:38:fc: 9c:96:61:8b:de:1f:dd:5b:ad:73:45:27:12:87:48:00:94:34: e9:ea:e7:a5:9d:cd:ae:56:de:ba:26:77:46:64:a9:fe:1a:da: 12:86:a1:2e:5a:41:0a:7d:80:70:d1:3d:94:e6:0e:25:85:ec: 06:f0:54:3d:b9:50:1d:0c:b5:ed:6c:02:0f:0b:80:b1:3e:a1: be:66:51:b8:e0:49:e2:b6:2e:de:a4:25:2a:92:b7:b3:00:fd: fe:f9:17:9d:9a:3c:1c:a7:2e:67:5b:9f:1e:0e:66:cc:9b:01: e0:55:e8:0a:64:1d:f3:64:ae:a8:e5:25:6c:91:43:f8:04:2d: 05:95:2b:c1:fe:a3:69:1a:03:6f:07:f1:69:3f:d8:0c:94:a7: d2:9f:54:c3:6f:6a:c0:43:b2:63:2a:58:cb:35:cc:70:a5:fc: 79:e2:cd:63:ae:3d:09:94:e1:04:1d:d8:b7:fa:b0:1f:48:51: 87:66:87:be:b3:84:55:61:22:38:e5:43:63:f2:ac:79:25:25: 58:d2:9c:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY4NUIxMTAvBgNVBAUTKERDMzFDRjVGQzlGMjgzNDgzN0RCQkIzNjgzQ0I4QUY2 NDJBQjRBN0MwHhcNMjUwNTMxMDQwNjE1WhcNMjUwNjA3MDQwNjE1WjAYMRYwFAYD VQQDEw02ODNhODAzNy1jOGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2eD9gdHwU5gACxOFnvEV64zzixz7wCnAkfhZow72Xl3fTyfHHis3TZMC0xiE 64ht2CL3KjCbR/uxm7XSm9Rg9VEIhODuYiisCbw4hDOjjEO3yP3VV3JI2U8HUuPH tFV22tmAoR4hSSXy6xR6V1daMUPX4r+SzAwOW8PrM56nwMY0DqMC7WY0wUuU1isq a5mXfaoKdMCzOlWsdfNCur3BK3h33zyHto3ZhX1CUYh4L/PKgv127fTW399lo6D8 EkOeDPl5B3vkch8vrtsdmHP/qrWoMOaSMG+TEDCjwDG8/4iR7sYipUD9v3+tIBYy XSaHwtClTUxQIXTgtaY/0MjCDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBeuYeqz PHMYOqfG2HdwDmP80C//MB8GA1UdIwQYMBaAFNwxz1/J8oNIN9u7NoPLivZCq0p8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg1Qi9DNzEzQzJGRTYx RDUxMUVFQkFBMDRBNUVDNEY5QUUwMi8zREhQWDhueWcwZzMyN3MyZzh1SzlrS3JT bncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNESFBYOG55ZzBnMzI3czJnOHVLOWtLclNudy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Rjg1Qi9DNzEzQzJGRTYxRDUxMUVFQkFBMDRBNUVDNEY5QUUwMi8zREhQWDhueWcw ZzMyN3MyZzh1SzlrS3JTbncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAU1Ao0t/EpBnwIO6eBYKFC5UaV+tBnDR8g2VOd+kBp8n2B7OONsir6 yLQ6+ZiOx3FdfZo5OPyclmGL3h/dW61zRScSh0gAlDTp6uelnc2uVt66JndGZKn+ GtoShqEuWkEKfYBw0T2U5g4lhewG8FQ9uVAdDLXtbAIPC4CxPqG+ZlG44Eniti7e pCUqkrezAP3++Redmjwcpy5nW58eDmbMmwHgVegKZB3zZK6o5SVskUP4BC0FlSvB /qNpGgNvB/FpP9gMlKfSn1TDb2rAQ7JjKljLNcxwpfx54s1jrj0JlOEEHdi3+rAf SFGHZoe+s4RVYSI45UNj8qx5JSVY0pyp -----END CERTIFICATE-----Generated at Sat May 31 16:38:01 2025 by rpki-client