$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft File: A3iO4rrk2AXrzcpmGOLsGhilxOI.mft (raw, json) Hash identifier: In3iQf4KE99Qi5vzk5/I6By2VMxLHWx7g/719mE0ygk= Subject key identifier: 7B:7C:E0:21:8B:32:6A:29:25:5F:3A:BE:72:E8:9B:C6:D5:55:DC:6C Authority key identifier: 03:78:8E:E2:BA:E4:D8:05:EB:CD:CA:66:18:E2:EC:1A:18:A5:C4:E2 Certificate issuer: /CN=A915FDD9/serialNumber=03788EE2BAE4D805EBCDCA6618E2EC1A18A5C4E2 Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft Manifest number: 3C Signing time: Tue 13 May 2025 06:44:06 +0000 Manifest this update: Tue 13 May 2025 06:44:06 +0000 Manifest next update: Tue 20 May 2025 06:44:06 +0000 Files and hashes: 1: A3iO4rrk2AXrzcpmGOLsGhilxOI.crl (hash: 0nPPPRN4O4kGiNBNREcjk48lAqFawLa0xbsKKQcXUOU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.crl rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 06:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915FDD9, serialNumber=03788EE2BAE4D805EBCDCA6618E2EC1A18A5C4E2 Validity Not Before: May 13 06:44:06 2025 GMT Not After : May 20 06:44:06 2025 GMT Subject: CN=6822ea36-1290 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e3:c8:0d:bc:5a:d5:2b:e3:59:cb:c4:c9:69: ca:3c:25:05:a6:6b:fb:f5:e4:8b:60:15:3c:d0:2f: a3:6b:1f:35:87:84:79:27:08:a9:75:76:4e:79:28: 59:c4:51:d9:cf:77:3f:9d:02:b1:d9:96:2f:00:03: 64:9b:ee:89:94:84:4a:c6:84:73:f1:21:d9:63:6f: 9a:62:c8:78:3c:67:30:68:df:f5:a1:30:44:33:9c: 94:5d:1d:fd:1d:16:e7:f3:3b:fd:e5:86:23:8e:43: d8:e9:f2:ce:f9:36:e8:b5:06:a5:8d:d6:d9:48:8a: 84:f1:33:73:0e:dd:69:35:b2:e5:09:a9:d5:b3:1e: 5b:61:79:bf:fd:83:f4:13:7f:1e:59:e7:ab:47:36: d3:d6:14:2d:d3:0b:34:97:bc:87:a4:45:5b:fb:3b: 46:5e:fd:a5:cc:a9:e2:7d:44:11:d9:55:ca:72:d7: f4:b4:93:8a:eb:1e:a0:77:b7:f6:c6:c7:19:d1:b9: 26:3f:65:15:c4:06:b3:6d:cf:32:2e:03:9d:5c:97: f5:54:44:92:2b:2c:63:c5:b0:1b:2a:11:7d:61:4d: 0d:d8:06:35:4b:b1:a7:3c:8e:3c:0c:08:3b:05:4e: 29:2b:69:3c:84:e7:c1:c8:57:76:77:7d:43:30:23: f3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:7C:E0:21:8B:32:6A:29:25:5F:3A:BE:72:E8:9B:C6:D5:55:DC:6C X509v3 Authority Key Identifier: keyid:03:78:8E:E2:BA:E4:D8:05:EB:CD:CA:66:18:E2:EC:1A:18:A5:C4:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:46:b9:51:67:d7:45:87:70:83:f5:50:2a:67:31:65:ff:23: 9a:e0:da:39:49:31:bf:c5:4f:46:ae:f5:84:50:c9:3a:16:64: a2:cd:43:49:2d:e9:ec:e7:02:c4:ec:1a:4c:96:c6:65:f9:1c: 93:46:5c:49:a1:a6:40:6a:4a:6e:aa:ff:17:4f:48:f7:20:58: a1:2a:3e:54:75:29:3e:6d:d4:8c:be:70:04:df:43:dc:d3:69: d3:fa:20:d6:2d:54:cd:c7:eb:60:3f:82:a5:00:40:5a:1f:94: 8b:06:7c:2d:da:18:0b:a5:b9:1a:c0:c1:be:63:7c:b9:0b:15: 87:a9:33:c3:d5:76:c0:9e:3d:eb:70:1e:a5:02:e8:b6:1c:68: 61:ee:70:bd:ea:f6:a1:89:07:38:05:ca:9f:4c:ef:9c:f4:d5: da:89:04:0e:ab:69:f4:85:23:79:08:86:99:fb:b1:11:2d:4e: a7:3a:51:3c:d0:c2:ad:61:dc:21:ba:8a:d9:85:cb:d8:a0:f2: 0d:74:a7:ad:2a:26:be:b6:f8:8b:42:89:f2:38:15:75:58:7d: 2d:d3:7c:51:2f:22:ff:53:60:29:41:4e:85:c4:34:9b:bc:9f: ea:ec:99:ca:b5:b3:72:2c:dd:a2:19:66:7a:d9:2b:32:c0:3d: 1a:49:5d:df -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 RkREOTExMC8GA1UEBRMoMDM3ODhFRTJCQUU0RDgwNUVCQ0RDQTY2MThFMkVDMUEx OEE1QzRFMjAeFw0yNTA1MTMwNjQ0MDZaFw0yNTA1MjAwNjQ0MDZaMBgxFjAUBgNV BAMTDTY4MjJlYTM2LTEyOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCl48gNvFrVK+NZy8TJaco8JQWma/v15ItgFTzQL6NrHzWHhHknCKl1dk55KFnE UdnPdz+dArHZli8AA2Sb7omUhErGhHPxIdljb5piyHg8ZzBo3/WhMEQznJRdHf0d FufzO/3lhiOOQ9jp8s75Nui1BqWN1tlIioTxM3MO3Wk1suUJqdWzHltheb/9g/QT fx5Z56tHNtPWFC3TCzSXvIekRVv7O0Ze/aXMqeJ9RBHZVcpy1/S0k4rrHqB3t/bG xxnRuSY/ZRXEBrNtzzIuA51cl/VURJIrLGPFsBsqEX1hTQ3YBjVLsac8jjwMCDsF TikraTyE58HIV3Z3fUMwI/PrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUe3zgIYsy aiklXzq+cuibxtVV3GwwHwYDVR0jBBgwFoAUA3iO4rrk2AXrzcpmGOLsGhilxOIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0JFN0NBQzEyRDZE RTExRUZCMDQ3NEUxQkM0RjlBRTAyL0EzaU80cnJrMkFYcnpjcG1HT0xzR2hpbHhP SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQTNpTzRycmsyQVhyemNwbUdPTHNHaGlseE9JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVG REQ5L0JFN0NBQzEyRDZERTExRUZCMDQ3NEUxQkM0RjlBRTAyL0EzaU80cnJrMkFY cnpjcG1HT0xzR2hpbHhPSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHNGuVFn10WHcIP1UCpnMWX/I5rg2jlJMb/FT0au9YRQyToWZKLNQ0kt 6eznAsTsGkyWxmX5HJNGXEmhpkBqSm6q/xdPSPcgWKEqPlR1KT5t1Iy+cATfQ9zT adP6INYtVM3H62A/gqUAQFoflIsGfC3aGAuluRrAwb5jfLkLFYepM8PVdsCePetw HqUC6LYcaGHucL3q9qGJBzgFyp9M75z01dqJBA6rafSFI3kIhpn7sREtTqc6UTzQ wq1h3CG6itmFy9ig8g10p60qJr62+ItCifI4FXVYfS3TfFEvIv9TYClBToXENJu8 n+rsmcq1s3Is3aIZZnrZKzLAPRpJXd8= -----END CERTIFICATE-----Generated at Wed May 14 17:24:59 2025 by rpki-client