$ rpki-client -vvf rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft File: 2DvcT6zNnbegvEa0JE6jEHBgS5c.mft (raw, json) Hash identifier: N+ohsPrF/xYsc6XIAWTCfNYi4jLJ3OfEP0wJN2RDCEk= Subject key identifier: 3F:F6:F8:DF:BE:0A:4A:4B:F3:1F:1D:B0:9A:48:05:A1:C0:EB:B4:3A Authority key identifier: D8:3B:DC:4F:AC:CD:9D:B7:A0:BC:46:B4:24:4E:A3:10:70:60:4B:97 Certificate issuer: /CN=A914F870/serialNumber=D83BDC4FACCD9DB7A0BC46B4244EA31070604B97 Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DvcT6zNnbegvEa0JE6jEHBgS5c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft Manifest number: 3A Signing time: Sun 11 May 2025 06:17:29 +0000 Manifest this update: Sun 11 May 2025 06:17:28 +0000 Manifest next update: Sun 18 May 2025 06:17:28 +0000 Files and hashes: 1: 2DvcT6zNnbegvEa0JE6jEHBgS5c.crl (hash: Y4SnPqbD34K0Q8G1p5ht7t6wGIaEGNRLXhyuGlIc3gM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.crl rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DvcT6zNnbegvEa0JE6jEHBgS5c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:17:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F870, serialNumber=D83BDC4FACCD9DB7A0BC46B4244EA31070604B97 Validity Not Before: May 11 06:17:28 2025 GMT Not After : May 18 06:17:28 2025 GMT Subject: CN=682040f8-fae2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:08:ec:62:81:e3:4a:cd:7c:e6:b4:6c:8c:a5: 8b:1f:b3:68:92:a6:a1:65:78:74:d3:6c:35:5c:7e: cb:b3:79:ed:20:66:77:aa:56:3b:2f:80:a1:a6:ff: 4c:2d:fb:28:1d:ce:31:99:25:bf:43:c1:d2:7d:d9: 97:41:c4:4c:75:3b:32:29:f9:4c:84:b7:af:7b:6f: 66:9e:14:37:fe:d1:0c:01:8b:b8:ef:b7:5f:7c:dc: 86:dd:3a:88:ed:29:e2:b3:27:1e:8b:43:a0:52:c3: 58:40:cf:5a:d3:b1:dc:11:85:d9:0e:21:82:17:68: 35:5d:1d:cb:38:65:30:fe:b7:9c:aa:26:11:e5:0c: a2:eb:e9:fd:94:de:e3:bc:ee:28:ed:5e:5e:a3:73: e5:bf:f6:c8:48:dd:d9:5f:6f:d7:4d:2d:c0:36:96: f5:2b:50:47:33:0c:91:55:b0:9b:47:e6:6c:43:42: 2d:15:c6:3b:c9:a4:67:93:fa:23:6c:0e:bd:9d:3c: 37:ef:7c:8e:fd:c7:cb:f6:3e:02:0c:91:2f:d9:a0: f7:0f:c0:91:99:74:44:8f:fb:b1:29:b0:81:51:14: 4e:46:b2:32:10:52:fd:20:0d:3d:89:28:e9:b7:64: b8:04:83:32:a5:e0:6f:33:13:5d:b7:bd:62:59:34: 9b:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:F6:F8:DF:BE:0A:4A:4B:F3:1F:1D:B0:9A:48:05:A1:C0:EB:B4:3A X509v3 Authority Key Identifier: keyid:D8:3B:DC:4F:AC:CD:9D:B7:A0:BC:46:B4:24:4E:A3:10:70:60:4B:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DvcT6zNnbegvEa0JE6jEHBgS5c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F870/D2E24C98D7E211EFAF0B3B7DC4F9AE02/2DvcT6zNnbegvEa0JE6jEHBgS5c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:cd:3b:f0:bd:ae:7f:e9:ab:90:d6:76:58:83:e8:a3:c2:2e: 36:79:07:8c:06:f6:d9:7a:33:b7:f1:35:78:f7:78:a9:e8:f1: 43:ac:0d:a7:d8:1d:7e:3a:90:e2:31:da:ca:b8:e4:1b:05:14: bf:34:0a:23:da:ab:c2:20:c0:50:30:d4:6d:5b:2a:5b:6d:44: d5:3c:6c:c9:2e:68:ba:ea:61:d4:64:9a:64:a3:42:00:66:4f: 1a:b3:a5:dd:6d:45:67:0a:8a:53:c6:c9:0a:96:78:16:e4:c7: 33:b5:c6:94:8c:45:a3:fc:64:6f:36:47:1c:3c:02:d2:33:d0: 62:44:37:2a:f8:ae:a6:3d:e9:1b:e6:47:84:eb:45:4a:0c:59: d0:15:a3:64:ee:fc:83:f1:b6:1a:52:c9:8f:41:0d:d3:63:54: 8a:32:48:84:5d:68:fc:01:6a:7a:a1:f7:85:a4:e2:0e:54:93: 0b:a9:f2:1d:67:cd:23:5b:71:26:d7:4d:f2:e0:b0:4b:0a:64: d2:b7:3e:b9:48:43:cf:55:54:3f:63:31:e0:1b:5b:53:1c:c7: 93:43:55:0a:92:68:eb:0e:f7:db:59:63:8b:36:67:aa:5b:29: 80:33:70:93:da:3d:6f:ba:e2:35:0d:41:d5:0f:54:19:81:65: 12:89:64:7e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Rjg3MDExMC8GA1UEBRMoRDgzQkRDNEZBQ0NEOURCN0EwQkM0NkI0MjQ0RUEzMTA3 MDYwNEI5NzAeFw0yNTA1MTEwNjE3MjhaFw0yNTA1MTgwNjE3MjhaMBgxFjAUBgNV BAMTDTY4MjA0MGY4LWZhZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkCOxigeNKzXzmtGyMpYsfs2iSpqFleHTTbDVcfsuzee0gZneqVjsvgKGm/0wt +ygdzjGZJb9DwdJ92ZdBxEx1OzIp+UyEt697b2aeFDf+0QwBi7jvt1983IbdOojt KeKzJx6LQ6BSw1hAz1rTsdwRhdkOIYIXaDVdHcs4ZTD+t5yqJhHlDKLr6f2U3uO8 7ijtXl6jc+W/9shI3dlfb9dNLcA2lvUrUEczDJFVsJtH5mxDQi0VxjvJpGeT+iNs Dr2dPDfvfI79x8v2PgIMkS/ZoPcPwJGZdESP+7EpsIFRFE5GsjIQUv0gDT2JKOm3 ZLgEgzKl4G8zE123vWJZNJuXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUP/b4374K SkvzHx2wmkgFocDrtDowHwYDVR0jBBgwFoAU2DvcT6zNnbegvEa0JE6jEHBgS5cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRGODcwL0QyRTI0Qzk4RDdF MjExRUZBRjBCM0I3REM0RjlBRTAyLzJEdmNUNnpObmJlZ3ZFYTBKRTZqRUhCZ1M1 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMkR2Y1Q2ek5uYmVndkVhMEpFNmpFSEJnUzVjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRG ODcwL0QyRTI0Qzk4RDdFMjExRUZBRjBCM0I3REM0RjlBRTAyLzJEdmNUNnpObmJl Z3ZFYTBKRTZqRUhCZ1M1Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB3NO/C9rn/pq5DWdliD6KPCLjZ5B4wG9tl6M7fxNXj3eKno8UOsDafY HX46kOIx2sq45BsFFL80CiPaq8IgwFAw1G1bKlttRNU8bMkuaLrqYdRkmmSjQgBm Txqzpd1tRWcKilPGyQqWeBbkxzO1xpSMRaP8ZG82Rxw8AtIz0GJENyr4rqY96Rvm R4TrRUoMWdAVo2Tu/IPxthpSyY9BDdNjVIoySIRdaPwBanqh94Wk4g5Ukwup8h1n zSNbcSbXTfLgsEsKZNK3PrlIQ89VVD9jMeAbW1Mcx5NDVQqSaOsO99tZY4s2Z6pb KYAzcJPaPW+64jUNQdUPVBmBZRKJZH4= -----END CERTIFICATE-----Generated at Mon May 12 21:41:51 2025 by rpki-client