$ rpki-client -vvf rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft File: 3FfpX2KSEzop44hINlCWI10ZN8o.mft (raw, json) Hash identifier: vMDBgAD7psmLMAdwgJKUJ/gB5DQFgPNxyjBGLFqdW0g= Subject key identifier: B4:37:D3:00:C4:11:D4:FD:E9:F0:1C:AA:6E:E5:19:EA:6A:76:A8:78 Authority key identifier: DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA Certificate issuer: /CN=A914E1E3/serialNumber=DC57E95F6292133A29E38848365096235D1937CA Certificate serial: 1CF6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft Manifest number: 1CEC Signing time: Wed 14 May 2025 16:15:09 +0000 Manifest this update: Wed 14 May 2025 16:15:08 +0000 Manifest next update: Wed 21 May 2025 16:15:08 +0000 Files and hashes: 1: 3FfpX2KSEzop44hINlCWI10ZN8o.crl (hash: l2jA4aWP+umotG0oUqws1t40wJeZsXXv8KyaXAHcGM0=) 2: 3C1382D0BEA211E68902BC3DC4F9AE02.roa (hash: fz4f6MmX7R6kRL2gcaEtaQrQoy9cdumfsJWJxUL1YME=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 16:15:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7414 (0x1cf6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E1E3, serialNumber=DC57E95F6292133A29E38848365096235D1937CA Validity Not Before: May 14 16:15:08 2025 GMT Not After : May 21 16:15:08 2025 GMT Subject: CN=6824c18c-43ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e7:6f:88:bc:c6:91:db:6b:8a:1a:b1:cb:32: 01:0f:f5:e8:87:0e:b1:1a:d4:a6:32:fb:9f:01:a7: ec:f1:fb:46:07:8b:2c:46:48:79:2e:8d:fa:ab:d0: 16:6b:84:41:89:63:45:48:83:f3:c3:b0:13:ab:22: 33:5d:5c:a4:fa:6b:79:e4:4c:b6:21:3e:ce:69:a3: 74:07:a7:cb:cd:3e:1c:80:25:4d:d2:0d:41:0d:3a: 5a:75:7a:04:d0:35:41:67:39:3c:94:8d:68:a9:1c: 71:89:96:c9:b6:ec:57:e0:81:bf:70:40:ce:d0:d3: 1d:83:a6:79:3f:7a:a7:de:80:e0:56:15:cc:d2:d8: f8:95:e1:b2:e0:95:ce:8d:0d:8d:69:3f:99:9a:2b: 07:2e:f9:2b:54:6d:f6:2e:ce:e6:85:24:37:91:3b: 6c:b3:eb:e5:fa:1c:59:91:5e:fa:ac:9c:47:da:7c: 9d:cd:e9:c8:d2:61:6e:38:e8:c5:28:9f:76:f2:77: ec:53:97:33:dd:ab:c0:60:20:55:14:57:9a:17:82: bf:86:b8:5c:d5:47:5d:60:e6:73:10:3f:74:32:d0: e0:aa:cb:0a:fa:31:d2:3e:2a:e3:a0:87:33:f8:e7: c1:85:6d:fc:57:49:53:e4:20:7d:4a:ef:65:d4:bf: 4c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:37:D3:00:C4:11:D4:FD:E9:F0:1C:AA:6E:E5:19:EA:6A:76:A8:78 X509v3 Authority Key Identifier: keyid:DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:ef:46:11:b7:d1:2a:6a:57:6a:c3:50:b9:15:c9:8d:5c:4c: 9c:bd:13:6d:90:98:14:21:a8:cb:35:61:6e:ef:a2:97:fa:5a: 2d:84:58:4d:b2:b4:e6:79:91:34:4f:a7:5a:8c:2d:65:0c:0a: e3:b8:db:75:d8:b8:23:7d:57:08:3b:3b:98:49:6f:2e:d1:9e: 91:7c:ae:79:c3:5b:e0:53:d4:a6:5c:be:c0:cb:4b:9f:76:0a: 43:b2:13:4d:5a:51:aa:fc:38:90:95:44:55:9b:6c:42:89:31: 47:96:5c:b8:5d:be:e6:1d:d1:92:f9:f6:9d:09:0b:32:0b:fb: f6:9e:87:94:f3:4d:de:02:dd:37:24:76:66:4b:10:a3:16:a8: 16:9b:d8:a3:e1:d3:50:ba:bc:8a:71:df:7e:be:6d:30:1c:3e: 5e:1f:ba:25:f5:74:e4:d2:a8:47:20:df:4d:48:0f:3f:35:d6: 42:8e:18:eb:b1:62:8a:2a:96:4d:79:2e:91:e5:14:d5:c5:5d: 30:15:d7:87:79:5a:21:f5:6a:43:fb:d0:ac:f5:fd:b2:c1:92: 1a:79:05:b8:ac:a9:6f:50:1f:28:73:0f:20:0b:37:bd:1f:a8: ca:7e:3e:b8:a4:52:3b:f9:e8:e5:d9:21:55:99:71:4c:df:35: 5d:7f:88:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUxRTMxMTAvBgNVBAUTKERDNTdFOTVGNjI5MjEzM0EyOUUzODg0ODM2NTA5NjIz NUQxOTM3Q0EwHhcNMjUwNTE0MTYxNTA4WhcNMjUwNTIxMTYxNTA4WjAYMRYwFAYD VQQDEw02ODI0YzE4Yy00M2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3edviLzGkdtrihqxyzIBD/Xohw6xGtSmMvufAafs8ftGB4ssRkh5Lo36q9AW a4RBiWNFSIPzw7ATqyIzXVyk+mt55Ey2IT7OaaN0B6fLzT4cgCVN0g1BDTpadXoE 0DVBZzk8lI1oqRxxiZbJtuxX4IG/cEDO0NMdg6Z5P3qn3oDgVhXM0tj4leGy4JXO jQ2NaT+ZmisHLvkrVG32Ls7mhSQ3kTtss+vl+hxZkV76rJxH2nydzenI0mFuOOjF KJ928nfsU5cz3avAYCBVFFeaF4K/hrhc1UddYOZzED90MtDgqssK+jHSPirjoIcz +OfBhW38V0lT5CB9Su9l1L9MawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLQ30wDE EdT96fAcqm7lGepqdqh4MB8GA1UdIwQYMBaAFNxX6V9ikhM6KeOISDZQliNdGTfK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTFFMy8wMjFBRTkyQUJE RTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6b3A0NGhJTmxDV0kxMFpO OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZnBYMktTRXpvcDQ0aElObENXSTEwWk44by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTFFMy8wMjFBRTkyQUJERTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6 b3A0NGhJTmxDV0kxMFpOOG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCu70YRt9Eqaldqw1C5FcmNXEycvRNtkJgUIajLNWFu76KX+lothFhN srTmeZE0T6dajC1lDArjuNt12LgjfVcIOzuYSW8u0Z6RfK55w1vgU9SmXL7Ay0uf dgpDshNNWlGq/DiQlURVm2xCiTFHlly4Xb7mHdGS+fadCQsyC/v2noeU803eAt03 JHZmSxCjFqgWm9ij4dNQuryKcd9+vm0wHD5eH7ol9XTk0qhHIN9NSA8/NdZCjhjr sWKKKpZNeS6R5RTVxV0wFdeHeVoh9WpD+9Cs9f2ywZIaeQW4rKlvUB8ocw8gCze9 H6jKfj64pFI7+ejl2SFVmXFM3zVdf4im -----END CERTIFICATE-----Generated at Fri May 16 00:33:51 2025 by rpki-client