$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft File: 3W8BT4rUXahdDhbys3aHZ5REhbM.mft (raw, json) Hash identifier: zlhiUgK5QcB8OrU82iZqM7vVDKlHxXz7P/cJK/C2w3o= Subject key identifier: 9D:43:ED:D9:C9:69:CB:53:E1:7E:8D:72:CD:6C:89:1C:8D:66:11:4D Authority key identifier: DD:6F:01:4F:8A:D4:5D:A8:5D:0E:16:F2:B3:76:87:67:94:44:85:B3 Certificate issuer: /CN=A91E8458/serialNumber=DD6F014F8AD45DA85D0E16F2B3768767944485B3 Certificate serial: 07CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft Manifest number: 07C7 Signing time: Fri 30 May 2025 21:20:32 +0000 Manifest this update: Fri 30 May 2025 21:20:31 +0000 Manifest next update: Fri 06 Jun 2025 21:20:31 +0000 Files and hashes: 1: 3W8BT4rUXahdDhbys3aHZ5REhbM.crl (hash: jtB58pCmfQkCUVz5c4LpQvKzaTPJVOt9pdwLgYvUwhI=) 2: FAE7339CF7B911EA91318653C4F9AE02.roa (hash: AWPlkT/VPOlTrND3SaqX87pYECk2GQcIiP0u70mzoFk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.crl rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:20:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1997 (0x7cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8458, serialNumber=DD6F014F8AD45DA85D0E16F2B3768767944485B3 Validity Not Before: May 30 21:20:31 2025 GMT Not After : Jun 6 21:20:31 2025 GMT Subject: CN=683a2120-ce20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2a:c3:e9:2d:85:89:8e:8f:06:72:a7:3c:72: 95:29:94:f6:96:97:52:b7:94:2a:0c:ab:95:25:34: 5e:7e:46:4b:4b:fd:9c:16:d6:3d:ab:3d:49:30:df: ba:08:42:47:d5:86:ec:1b:27:45:c8:d2:da:88:de: bc:6c:57:22:ac:be:3d:18:6e:ad:9a:2a:dd:49:c6: 0f:ba:4f:20:b1:d8:8d:eb:1f:87:f3:8f:10:ed:02: c5:9e:db:94:1a:62:19:03:6e:ba:17:ea:ff:7f:6c: 8d:d8:ae:01:25:cc:f5:e9:10:5f:d1:b6:9d:f1:8d: 73:76:5d:11:2a:96:88:46:0e:ac:f8:6c:cb:28:4e: 8a:fd:ca:d7:49:53:c9:ea:db:c7:1c:c0:c4:60:b0: e7:ec:8f:79:e7:c4:de:31:a6:5b:df:14:b8:2f:93: 76:6c:6d:27:b6:13:12:fa:c2:42:d7:c8:24:07:55: f2:52:a6:b2:f9:80:82:fe:21:af:f0:5c:8c:a8:a2: 53:b0:31:cb:d6:ed:d5:76:57:5f:d4:2d:c1:34:f9: dd:4a:d4:f0:5c:de:79:91:57:ab:a9:8d:d2:c5:64: 02:cd:0d:4b:97:ed:15:82:6b:84:1d:80:3b:4c:47: 43:12:0a:3b:f1:2f:1d:d7:da:e0:44:c2:59:a0:bb: 2b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:43:ED:D9:C9:69:CB:53:E1:7E:8D:72:CD:6C:89:1C:8D:66:11:4D X509v3 Authority Key Identifier: keyid:DD:6F:01:4F:8A:D4:5D:A8:5D:0E:16:F2:B3:76:87:67:94:44:85:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:8a:f7:0f:bb:ff:a5:c6:7f:d5:a7:92:57:f6:76:24:a9:89: 4b:51:24:03:63:56:cf:30:70:b5:63:8b:62:08:4c:65:40:4e: bb:91:8c:e7:43:e6:ce:e9:a7:cb:1d:e3:ab:db:1b:b1:46:05: 28:57:21:f8:37:4a:04:50:76:4b:f0:10:9d:41:2e:5a:8c:09: 99:89:2b:b9:c8:69:56:de:44:2e:64:00:8d:57:6b:e3:f3:5f: de:98:5f:b8:5a:63:46:a6:6b:14:74:5d:96:97:ec:55:db:97: 30:08:b2:5f:e1:ec:c3:ca:00:e7:e1:8e:68:0a:cd:1f:bd:28: ee:f3:dc:0c:56:d6:5e:9b:b8:99:a2:c3:e8:c7:c4:98:97:12: 94:a9:73:b3:25:2c:03:f3:e4:bc:63:3e:a3:08:c2:39:70:ac: f0:08:ac:5a:7a:ab:72:75:31:ac:e4:42:78:d5:1f:50:22:21: 13:e3:68:28:c8:44:bc:50:a3:5a:49:d0:bf:8e:7a:d9:98:e6: ae:a2:71:43:1d:c1:e7:47:77:f1:96:1d:63:04:47:9b:85:9f: 23:df:d3:1a:6d:89:e8:e3:1b:48:6f:8a:a4:56:9e:cc:fe:83: cc:0e:01:79:f0:e0:55:fd:8d:21:2a:8d:b2:f4:98:d2:c1:de: 31:60:3d:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB80wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg0NTgxMTAvBgNVBAUTKERENkYwMTRGOEFENDVEQTg1RDBFMTZGMkIzNzY4NzY3 OTQ0NDg1QjMwHhcNMjUwNTMwMjEyMDMxWhcNMjUwNjA2MjEyMDMxWjAYMRYwFAYD VQQDEw02ODNhMjEyMC1jZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzCrD6S2FiY6PBnKnPHKVKZT2lpdSt5QqDKuVJTRefkZLS/2cFtY9qz1JMN+6 CEJH1YbsGydFyNLaiN68bFcirL49GG6tmirdScYPuk8gsdiN6x+H848Q7QLFntuU GmIZA266F+r/f2yN2K4BJcz16RBf0bad8Y1zdl0RKpaIRg6s+GzLKE6K/crXSVPJ 6tvHHMDEYLDn7I9558TeMaZb3xS4L5N2bG0nthMS+sJC18gkB1XyUqay+YCC/iGv 8FyMqKJTsDHL1u3Vdldf1C3BNPndStTwXN55kVerqY3SxWQCzQ1Ll+0VgmuEHYA7 TEdDEgo78S8d19rgRMJZoLsrpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ1D7dnJ actT4X6Ncs1siRyNZhFNMB8GA1UdIwQYMBaAFN1vAU+K1F2oXQ4W8rN2h2eURIWz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODQ1OC9GOEFGMTIwMkY2 MTUxMUVBODM3NzAwNkNDNEY5QUUwMi8zVzhCVDRyVVhhaGREaGJ5czNhSFo1UkVo Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNXOEJUNHJVWGFoZERoYnlzM2FIWjVSRWhiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODQ1OC9GOEFGMTIwMkY2MTUxMUVBODM3NzAwNkNDNEY5QUUwMi8zVzhCVDRyVVhh aGREaGJ5czNhSFo1UkVoYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeivcPu/+lxn/Vp5JX9nYkqYlLUSQDY1bPMHC1Y4tiCExlQE67kYzn Q+bO6afLHeOr2xuxRgUoVyH4N0oEUHZL8BCdQS5ajAmZiSu5yGlW3kQuZACNV2vj 81/emF+4WmNGpmsUdF2Wl+xV25cwCLJf4ezDygDn4Y5oCs0fvSju89wMVtZem7iZ osPox8SYlxKUqXOzJSwD8+S8Yz6jCMI5cKzwCKxaeqtydTGs5EJ41R9QIiET42go yES8UKNaSdC/jnrZmOauonFDHcHnR3fxlh1jBEebhZ8j39MabYno4xtIb4qkVp7M /oPMDgF58OBV/Y0hKo2y9JjSwd4xYD0R -----END CERTIFICATE-----Generated at Sat May 31 17:32:50 2025 by rpki-client