$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json) Hash identifier: aWD0M9bcOh4jx2uPqVspUbRkGinYxYLn70+7vPXpzl0= Subject key identifier: 18:E3:A8:AF:C3:F2:FE:11:72:B5:60:F4:A4:D1:F0:CE:2F:AB:44:F2 Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Certificate serial: 0BFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft Manifest number: 0BE5 Signing time: Fri 16 May 2025 19:02:18 +0000 Manifest this update: Fri 16 May 2025 19:02:18 +0000 Manifest next update: Fri 23 May 2025 19:02:18 +0000 Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: cxZGtT0PQu92u5fGa9fufO/sWpdldeiBLnOBkeIZRVA=) 2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: LcxIbKxK3jutvAgu3ThkdTt7YT68VEQAWEq5z0WaOxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 19:02:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3071 (0xbff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Validity Not Before: May 16 19:02:18 2025 GMT Not After : May 23 19:02:18 2025 GMT Subject: CN=68278bba-71bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:f4:fb:18:8f:64:80:38:98:9e:ad:cd:90:f8: 5f:ed:db:b5:8b:a9:ae:d0:5a:df:93:f6:89:84:5e: ce:2a:80:3a:c0:1d:af:ba:db:cc:99:cc:d3:6c:81: 79:7a:ae:62:3d:42:b3:2e:37:a7:87:ec:16:c1:b4: 2d:1a:20:2a:d4:9e:8d:66:f3:bd:f1:13:fa:ed:82: 45:8a:c6:13:d8:67:09:32:01:f5:86:a4:c3:6a:22: 67:1b:c3:39:73:72:31:27:11:76:76:9a:63:23:78: af:d1:28:bc:dd:78:d1:48:26:9c:0d:c6:a6:0d:c9: db:49:39:d4:2a:55:03:30:67:53:fc:9f:75:8c:db: 86:8d:2d:43:6c:d1:ed:fb:0e:3a:07:a5:26:80:b2: 14:a2:8a:03:ce:82:c9:d9:9d:63:ac:9d:49:b0:55: b4:cf:78:c8:d2:cb:91:98:c3:d3:81:f9:70:69:2b: 7a:ea:f6:38:63:69:8b:45:de:19:9e:ff:b0:47:6a: 1f:48:de:41:e3:73:2f:46:b9:ed:24:79:c1:5e:3d: 9f:59:4a:bd:58:59:84:79:ee:d7:92:49:84:84:fd: 83:a0:f6:a0:d6:39:39:a3:3b:85:fe:be:c5:a0:59: fe:d3:d3:71:57:e7:04:ad:49:77:7c:30:ac:6e:aa: f9:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:E3:A8:AF:C3:F2:FE:11:72:B5:60:F4:A4:D1:F0:CE:2F:AB:44:F2 X509v3 Authority Key Identifier: keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:f5:ce:ce:36:93:d1:60:de:47:56:75:9a:96:ce:7f:6b:5b: 42:93:ff:66:b8:2f:3c:39:f7:5b:3c:06:f5:c7:00:7c:7e:bb: 12:10:6b:49:be:7b:28:72:71:25:a9:a5:a6:54:08:6b:93:ab: ce:2d:24:38:43:7c:04:fb:e8:48:da:d7:f0:ec:d9:1e:9c:25: e3:c3:e2:81:47:be:ea:d0:fa:93:9f:03:f1:d7:18:86:f5:30: 5a:96:4e:94:59:20:60:b0:b8:99:1d:23:31:e9:e4:69:cf:f5: dc:59:fa:e3:6a:49:b0:ab:f4:f2:5f:54:f8:a7:5a:91:2d:6d: 53:db:18:84:3d:f5:01:3b:f5:da:5c:4c:a3:34:39:be:1c:c2: 08:10:35:d2:4e:1b:80:b0:74:6b:de:a3:a5:71:73:0b:ec:2f: b5:f7:b2:e6:0b:77:02:2c:b8:ca:31:2b:cc:77:51:ab:86:51: e0:87:62:63:39:e7:18:ca:17:b7:82:ec:6c:7c:69:1a:b9:e8: 12:2a:f9:ea:38:27:d5:08:60:98:9f:ac:7b:8d:8d:ae:90:df: e1:89:eb:f7:44:09:be:1f:dd:1f:db:4e:6a:86:f2:f3:89:72: a5:23:ca:64:66:8a:ea:65:d4:ee:4d:76:02:a3:56:2c:1f:a6: 01:18:3d:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC MjU1N0Y0M0YwHhcNMjUwNTE2MTkwMjE4WhcNMjUwNTIzMTkwMjE4WjAYMRYwFAYD VQQDEw02ODI3OGJiYS03MWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzPT7GI9kgDiYnq3NkPhf7du1i6mu0Frfk/aJhF7OKoA6wB2vutvMmczTbIF5 eq5iPUKzLjenh+wWwbQtGiAq1J6NZvO98RP67YJFisYT2GcJMgH1hqTDaiJnG8M5 c3IxJxF2dppjI3iv0Si83XjRSCacDcamDcnbSTnUKlUDMGdT/J91jNuGjS1DbNHt +w46B6UmgLIUoooDzoLJ2Z1jrJ1JsFW0z3jI0suRmMPTgflwaSt66vY4Y2mLRd4Z nv+wR2ofSN5B43MvRrntJHnBXj2fWUq9WFmEee7XkkmEhP2DoPag1jk5ozuF/r7F oFn+09NxV+cErUl3fDCsbqr5swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBjjqK/D 8v4RcrVg9KTR8M4vq0TyMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4 NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5 RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAl9c7ONpPRYN5HVnWals5/a1tCk/9muC88OfdbPAb1xwB8frsSEGtJ vnsocnElqaWmVAhrk6vOLSQ4Q3wE++hI2tfw7NkenCXjw+KBR77q0PqTnwPx1xiG 9TBalk6UWSBgsLiZHSMx6eRpz/XcWfrjakmwq/TyX1T4p1qRLW1T2xiEPfUBO/Xa XEyjNDm+HMIIEDXSThuAsHRr3qOlcXML7C+197LmC3cCLLjKMSvMd1GrhlHgh2Jj OecYyhe3guxsfGkauegSKvnqOCfVCGCYn6x7jY2ukN/hiev3RAm+H90f205qhvLz iXKlI8pkZorqZdTuTXYCo1YsH6YBGD3f -----END CERTIFICATE-----Generated at Sat May 17 07:00:55 2025 by rpki-client