$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: BoRzwJDF5phqh8kAJhpwP6wBe6uaBl8UL1ct08dFgYk= Subject key identifier: 21:7F:84:C2:9E:62:17:A3:1B:A3:6D:CB:3B:3F:43:F3:F6:BE:6E:35 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 0112 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 010F Signing time: Sun 11 May 2025 03:47:46 +0000 Manifest this update: Sun 11 May 2025 03:47:45 +0000 Manifest next update: Sun 18 May 2025 03:47:45 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: ecLJrOl6MsGjA0T8XPfPrQgPZpEy/kRtEGRuFMiIuf8=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:47:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 274 (0x112) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: May 11 03:47:45 2025 GMT Not After : May 18 03:47:45 2025 GMT Subject: CN=68201de1-5f25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f5:49:22:09:e4:44:d5:84:f8:cd:67:3a:5d: d0:20:3e:fa:54:f9:b3:0e:2f:c0:4e:ad:53:3a:6f: e9:11:48:3b:3f:11:52:8e:ca:28:f8:40:d2:eb:4b: 42:b2:f4:7e:8b:08:3e:1c:03:90:c2:75:df:f0:2d: 0a:72:1b:b6:1e:77:54:61:c4:cc:a7:5d:53:b1:23: 79:0f:a3:50:e6:4d:f5:c7:be:43:dd:f1:7d:97:4b: bb:11:d0:0b:e6:25:0d:0a:34:89:a0:66:31:d8:1d: ce:07:e8:69:6a:80:65:03:31:21:51:f7:47:1f:03: b6:59:68:b6:fd:f4:a3:6c:7d:22:72:96:08:32:1a: 41:58:bd:7d:15:5f:a6:92:1c:ed:97:15:5e:5c:da: b7:51:1b:8c:2c:ff:7f:fe:b0:da:69:af:a1:b9:4e: e9:75:ae:eb:db:7e:df:e1:7b:52:1c:59:4e:3d:1b: 96:c5:a6:a0:48:79:3e:16:74:cf:ae:31:f4:54:b0: 4e:65:df:2d:14:b9:98:42:7d:65:bf:22:17:ab:f7: a2:43:8a:89:fd:c3:c0:22:01:d7:88:d9:52:3e:d3: ac:51:7e:68:1b:65:3a:7a:e6:7b:33:0c:d4:e8:30: 96:35:99:cb:49:88:65:9a:73:39:74:5b:8e:66:82: d5:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:7F:84:C2:9E:62:17:A3:1B:A3:6D:CB:3B:3F:43:F3:F6:BE:6E:35 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:86:97:57:91:27:43:53:de:e9:79:20:40:37:63:c9:b4:3e: 1e:15:ae:87:b4:c9:a4:0f:cc:dc:de:b9:76:08:68:87:86:ef: 62:b8:a3:ec:ec:d1:60:71:31:58:66:5c:8d:05:c4:ce:1f:be: 82:ee:bc:f6:27:d3:ff:95:2e:98:8c:72:16:85:5a:70:c1:84: 0b:f4:47:ee:ef:94:b6:9f:b8:69:fc:36:84:7f:d7:0a:85:62: 39:9d:b6:60:3c:9d:19:dd:d0:de:47:4a:b6:be:4d:fa:54:30: 96:f0:5f:69:a8:ff:a5:71:1d:37:b2:7f:96:35:ec:45:a9:e7: 32:d1:37:33:9a:93:43:13:6e:2d:16:39:d4:43:9a:65:8f:48: 86:4d:76:f6:27:45:36:40:40:fd:d5:3c:c0:57:90:0e:ea:0d: 2a:76:8f:5a:2c:5c:17:65:b3:1c:86:0f:3d:89:0e:49:62:bc: d1:fb:2d:e6:41:15:ca:9d:bc:dc:25:c9:cd:51:58:43:3f:1d: cd:69:03:33:e2:20:c7:c2:70:3b:cb:dd:8b:48:42:69:cc:dd: 20:a2:e4:00:48:2a:d1:c0:16:15:ad:4e:81:ea:8f:bd:cd:02: 18:5a:f0:c0:5e:ec:40:15:40:26:75:be:d1:ef:67:12:45:35: 12:8c:fb:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwNTExMDM0NzQ1WhcNMjUwNTE4MDM0NzQ1WjAYMRYwFAYD VQQDEw02ODIwMWRlMS01ZjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvfVJIgnkRNWE+M1nOl3QID76VPmzDi/ATq1TOm/pEUg7PxFSjsoo+EDS60tC svR+iwg+HAOQwnXf8C0Kchu2HndUYcTMp11TsSN5D6NQ5k31x75D3fF9l0u7EdAL 5iUNCjSJoGYx2B3OB+hpaoBlAzEhUfdHHwO2WWi2/fSjbH0icpYIMhpBWL19FV+m khztlxVeXNq3URuMLP9//rDaaa+huU7pda7r237f4XtSHFlOPRuWxaagSHk+FnTP rjH0VLBOZd8tFLmYQn1lvyIXq/eiQ4qJ/cPAIgHXiNlSPtOsUX5oG2U6euZ7MwzU 6DCWNZnLSYhlmnM5dFuOZoLVkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCF/hMKe YhejG6Ntyzs/Q/P2vm41MB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC4hpdXkSdDU97peSBAN2PJtD4eFa6HtMmkD8zc3rl2CGiHhu9iuKPs 7NFgcTFYZlyNBcTOH76C7rz2J9P/lS6YjHIWhVpwwYQL9Efu75S2n7hp/DaEf9cK hWI5nbZgPJ0Z3dDeR0q2vk36VDCW8F9pqP+lcR03sn+WNexFqecy0TczmpNDE24t FjnUQ5plj0iGTXb2J0U2QED91TzAV5AO6g0qdo9aLFwXZbMchg89iQ5JYrzR+y3m QRXKnbzcJcnNUVhDPx3NaQMz4iDHwnA7y92LSEJpzN0gouQASCrRwBYVrU6B6o+9 zQIYWvDAXuxAFUAmdb7R72cSRTUSjPtg -----END CERTIFICATE-----Generated at Sun May 11 18:18:43 2025 by rpki-client