$ rpki-client -vvf rpki.apnic.net/member_repository/A91813ED/677AAA3C5F3711EFBF369E58C4F9AE02/3yS01RxnhB3WAN0qYXhrzpiHhmc.mft File: 3yS01RxnhB3WAN0qYXhrzpiHhmc.mft (raw, json) Hash identifier: ZzMbiUZ1s/3tpf9pLtnQKBLedxU2guvyVTqFq2IaORw= Subject key identifier: 2F:FD:B1:D3:34:10:89:C1:AC:4D:3C:D8:36:E1:1B:28:53:E2:37:22 Authority key identifier: DF:24:B4:D5:1C:67:84:1D:D6:00:DD:2A:61:78:6B:CE:98:87:86:67 Certificate issuer: /CN=A91813ED/serialNumber=DF24B4D51C67841DD600DD2A61786BCE98878667 Certificate serial: 8A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3yS01RxnhB3WAN0qYXhrzpiHhmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91813ED/677AAA3C5F3711EFBF369E58C4F9AE02/3yS01RxnhB3WAN0qYXhrzpiHhmc.mft Manifest number: 89 Signing time: Tue 13 May 2025 05:42:32 +0000 Manifest this update: Tue 13 May 2025 05:42:31 +0000 Manifest next update: Tue 20 May 2025 05:42:31 +0000 Files and hashes: 1: 3yS01RxnhB3WAN0qYXhrzpiHhmc.crl (hash: A7Y6XeaubhYFKDBsqv2rjzpnhAvCt1bST1t4ur44EBU=) 2: B21985725F3711EFA108CA0CC4F9AE02.roa (hash: qWDPCZUNoXxLfCTQ51artmgIDTxez9EecMCL2qvkzMg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91813ED/677AAA3C5F3711EFBF369E58C4F9AE02/3yS01RxnhB3WAN0qYXhrzpiHhmc.crl rsync://rpki.apnic.net/member_repository/A91813ED/677AAA3C5F3711EFBF369E58C4F9AE02/3yS01RxnhB3WAN0qYXhrzpiHhmc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3yS01RxnhB3WAN0qYXhrzpiHhmc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 138 (0x8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91813ED, serialNumber=DF24B4D51C67841DD600DD2A61786BCE98878667 Validity Not Before: May 13 05:42:31 2025 GMT Not After : May 20 05:42:31 2025 GMT Subject: CN=6822dbc8-ad19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:73:4a:c9:32:e3:16:31:80:74:be:51:e3:da: ee:21:c7:87:84:5a:23:69:d9:6e:04:9e:87:c7:dc: 1d:12:32:c6:e5:1e:4e:9d:c8:19:f7:1b:65:c0:4a: 95:0d:5e:b3:09:76:52:16:1c:ff:c0:73:34:86:10: 84:08:c6:1c:ec:a3:b5:0f:bd:fe:16:ac:67:22:6a: d3:98:44:c7:bc:9a:20:a9:44:5e:e5:0f:d8:dd:58: 07:57:87:1b:e7:65:96:16:d9:5c:86:0d:60:d5:9e: 64:1c:0d:6d:34:cb:ca:36:f7:da:57:33:bf:05:c0: 9f:15:53:66:ac:05:bf:9e:f8:0f:32:0a:3e:0b:db: 3e:89:7f:77:64:20:b1:d0:9c:e7:65:52:84:6d:73: 4a:12:ba:e6:b3:ee:6a:c2:4a:fa:88:7a:04:0d:76: 9f:4f:46:c3:62:4b:22:2c:ca:92:1d:c8:2a:d4:84: 58:21:2b:9a:9c:9b:0c:9d:bf:d6:c7:ad:40:2d:4a: e4:e6:46:88:6f:35:e1:9b:cd:5d:c6:0e:90:35:7c: 6d:58:d9:dd:b7:a2:a4:b1:72:b5:c9:8d:e3:81:c0: 47:11:20:4a:f5:b9:f4:ff:96:01:bd:30:83:46:6f: 18:85:0e:02:05:4a:9e:b1:bc:c8:54:f4:ec:71:99: 3f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:FD:B1:D3:34:10:89:C1:AC:4D:3C:D8:36:E1:1B:28:53:E2:37:22 X509v3 Authority Key Identifier: keyid:DF:24:B4:D5:1C:67:84:1D:D6:00:DD:2A:61:78:6B:CE:98:87:86:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91813ED/677AAA3C5F3711EFBF369E58C4F9AE02/3yS01RxnhB3WAN0qYXhrzpiHhmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3yS01RxnhB3WAN0qYXhrzpiHhmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813ED/677AAA3C5F3711EFBF369E58C4F9AE02/3yS01RxnhB3WAN0qYXhrzpiHhmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:71:24:57:8e:7b:e3:7c:f5:53:fc:8c:b4:62:8d:e9:49:c4: 58:35:8c:bf:07:93:96:03:fc:fc:39:77:17:e0:34:b8:84:78: f8:14:92:e9:65:a5:50:91:84:35:1c:5a:67:da:3c:b3:db:92: 02:83:a5:ad:ba:89:3f:35:db:ec:e3:5a:22:c5:a9:59:c2:81: ff:bf:79:6f:0b:f1:15:b4:c4:32:d1:bb:8a:dc:38:81:1a:00: dc:c3:6b:6e:dc:f4:a2:b3:e4:f5:e9:f7:2b:85:3c:c0:19:54: 6f:42:33:4b:a3:9d:a5:cf:bd:e4:e2:fe:12:58:9e:bb:a5:94: b0:e4:6b:f0:83:b1:7e:f9:11:6d:cd:3c:78:a7:9d:35:e4:e0: 01:75:0f:89:97:79:81:52:01:1c:84:c7:8b:3f:e1:dd:1d:de: ed:15:3e:ff:bb:96:9e:83:c1:f0:21:d7:fb:2e:c3:1d:cd:a7: 50:6f:f4:de:ed:74:4b:f8:a2:08:58:06:3e:41:59:1b:da:26: 49:1b:e0:27:56:d7:ca:84:89:66:5c:7b:ff:b6:8f:23:a2:97: 54:d1:0e:a8:7a:22:3c:94:7f:41:58:48:ed:b3:8c:92:dc:90: f0:8f:75:ce:c0:04:51:9c:1d:34:18:94:2f:f1:d1:40:7a:f9: b3:ef:3f:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODEzRUQxMTAvBgNVBAUTKERGMjRCNEQ1MUM2Nzg0MURENjAwREQyQTYxNzg2QkNF OTg4Nzg2NjcwHhcNMjUwNTEzMDU0MjMxWhcNMjUwNTIwMDU0MjMxWjAYMRYwFAYD VQQDEw02ODIyZGJjOC1hZDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyXNKyTLjFjGAdL5R49ruIceHhFojadluBJ6Hx9wdEjLG5R5OncgZ9xtlwEqV DV6zCXZSFhz/wHM0hhCECMYc7KO1D73+FqxnImrTmETHvJogqURe5Q/Y3VgHV4cb 52WWFtlchg1g1Z5kHA1tNMvKNvfaVzO/BcCfFVNmrAW/nvgPMgo+C9s+iX93ZCCx 0JznZVKEbXNKErrms+5qwkr6iHoEDXafT0bDYksiLMqSHcgq1IRYISuanJsMnb/W x61ALUrk5kaIbzXhm81dxg6QNXxtWNndt6KksXK1yY3jgcBHESBK9bn0/5YBvTCD Rm8YhQ4CBUqesbzIVPTscZk/TwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC/9sdM0 EInBrE082DbhGyhT4jciMB8GA1UdIwQYMBaAFN8ktNUcZ4Qd1gDdKmF4a86Yh4Zn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNFRC82NzdBQUEzQzVG MzcxMUVGQkYzNjlFNThDNEY5QUUwMi8zeVMwMVJ4bmhCM1dBTjBxWVhocnpwaUho bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzN5UzAxUnhuaEIzV0FOMHFZWGhyenBpSGhtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MTNFRC82NzdBQUEzQzVGMzcxMUVGQkYzNjlFNThDNEY5QUUwMi8zeVMwMVJ4bmhC M1dBTjBxWVhocnpwaUhobWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZcSRXjnvjfPVT/Iy0Yo3pScRYNYy/B5OWA/z8OXcX4DS4hHj4FJLp ZaVQkYQ1HFpn2jyz25ICg6Wtuok/Ndvs41oixalZwoH/v3lvC/EVtMQy0buK3DiB GgDcw2tu3PSis+T16fcrhTzAGVRvQjNLo52lz73k4v4SWJ67pZSw5Gvwg7F++RFt zTx4p5015OABdQ+Jl3mBUgEchMeLP+HdHd7tFT7/u5aeg8HwIdf7LsMdzadQb/Te 7XRL+KIIWAY+QVkb2iZJG+AnVtfKhIlmXHv/to8jopdU0Q6oeiI8lH9BWEjts4yS 3JDwj3XOwARRnB00GJQv8dFAevmz7z+y -----END CERTIFICATE-----Generated at Tue May 13 12:09:48 2025 by rpki-client